?
Solved

Smooth wall won't let my domain user connected to their profile.

Posted on 2013-01-25
3
Medium Priority
?
707 Views
Last Modified: 2013-01-28
Hello guys, I need some help, I just implemented a smooth wall fire wall at my office but when user login, they can't see the server the domain controler. I get the error that states that it had to load the last roaming profile. The firewall is doing dhcp. All computers could go out to the Internet with no problem.
0
Comment
Question by:papichulodr69
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 28

Accepted Solution

by:
Ryan McCauley earned 2000 total points
ID: 38825550
Can the clients connect to the domain controller properly, just not load their roaming profiles from wherever they're being stored? Is the firewall blocking the traffed between the clients and the server? If you can log in without an issue (try logging in on a workstation as a user that's never logged in there before to confirm - if you're using the same username/password, it can be logging in with cached credentials).

Once you're logged in, can you manually browse to the network location hosting your roaming profile? The user should be able to view the files related to their own profile - if you're not able to do this, then the ports related to Windows file sharing may be blocked by your new firewall.

For starters, here are the basic ports that your clients need to be able communicate over in order to run basic login and file share browsing:

http://msmvps.com/blogs/rexiology/archive/2006/04/05/89389.aspx

From the article:

TCP 135 : MS-RPC
TCP 1025 & 1026 : AD Login & replication
TCP 389 : LDAP
TCP & UDP 53 : DNS
TCP 445 : SMB , Microsoft-ds
TCP 139 : SMB
UDP 137 & 138 : NetBIOS related
UDP 88 : Kerberos v5

Can you confirm that clients are able to communicate over those ports?
0
 

Author Comment

by:papichulodr69
ID: 38826959
Ok i will check
0
 

Author Closing Comment

by:papichulodr69
ID: 38828028
I also forgot to add the internal DNS as the primary DNS server.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Background Information Recently I have fixed file server permission issues for one of my client. The client has 1800 users and one Windows Server 2008 R2 domain joined file server with 12 TB of data, 250+ shared folders and the folder structure i…
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
To efficiently enable the rotation of USB drives for backups, storage pools need to be created. This way no matter which USB drive is installed, the backups will successfully write without any administrative intervention. Multiple USB devices need t…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question