Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

windows 2008R2 domain controller

Posted on 2012-03-17
3
Medium Priority
?
448 Views
Last Modified: 2012-03-19
Dear,
I am having all the DC's and exchange are in the same VLAN, and I need to customize the number of dynamic ports on the DC's for internal firewall
When I issue the below commands:
netsh int ipv4 set dynamicport tcp start=49152 num=1000  
netsh int ipv4 set dynamicport udp start=49152 num=1000
  I am having a problem that the DNS service is stopped, and it will work after starting the service manually.
  Is there any reason for this?
 and is there any impact for limiting the number of dynamic ports in the DC?
  Thanks
0
Comment
Question by:mahmoud_2008
  • 2
3 Comments
 
LVL 57

Accepted Solution

by:
Mike Kline earned 2000 total points
ID: 37734332
You just need to make sure to do it on every DC.  I've not seen it done using netsh.  At my last job we used  the registry entries as outlined here  http://support.microsoft.com/kb/224196

That is odd about the DNS service I may try to test tomorrow.

Thanks

Mike
0
 
LVL 1

Author Comment

by:mahmoud_2008
ID: 37734538
Thanks mkline for your response, if we limit the number of RPC dynamic ports on each DC for say 100 ports, will the clients in this case able to authenticate or not?
0
 
LVL 57

Expert Comment

by:Mike Kline
ID: 37734726
Yeah the clients should be able to authenticate.
0

Featured Post

Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Resolving an irritating Remote Desktop connection that stops your saved credentials from being used.
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question