windows 2008R2 domain controller

Posted on 2012-03-17
Medium Priority
Last Modified: 2012-03-19
I am having all the DC's and exchange are in the same VLAN, and I need to customize the number of dynamic ports on the DC's for internal firewall
When I issue the below commands:
netsh int ipv4 set dynamicport tcp start=49152 num=1000  
netsh int ipv4 set dynamicport udp start=49152 num=1000
  I am having a problem that the DNS service is stopped, and it will work after starting the service manually.
  Is there any reason for this?
 and is there any impact for limiting the number of dynamic ports in the DC?
Question by:mahmoud_2008
  • 2
LVL 57

Accepted Solution

Mike Kline earned 2000 total points
ID: 37734332
You just need to make sure to do it on every DC.  I've not seen it done using netsh.  At my last job we used  the registry entries as outlined here  http://support.microsoft.com/kb/224196

That is odd about the DNS service I may try to test tomorrow.



Author Comment

ID: 37734538
Thanks mkline for your response, if we limit the number of RPC dynamic ports on each DC for say 100 ports, will the clients in this case able to authenticate or not?
LVL 57

Expert Comment

by:Mike Kline
ID: 37734726
Yeah the clients should be able to authenticate.

Featured Post

Get 10% Off Your First Squarespace Website

Ready to showcase your work, publish content or promote your business online? With Squarespace’s award-winning templates and 24/7 customer service, getting started is simple. Head to Squarespace.com and use offer code ‘EXPERTS’ to get 10% off your first purchase.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
In this article, we will discuss how you can secure Active Directory using free tools, and how you can choose a safe and secure Active Directory security auditing tool.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

600 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question