Solved

opening tcp port on a windows 2003 server

Posted on 2013-01-29
6
507 Views
Last Modified: 2013-05-02
I have a windows 2003 server that is not responding on port 88. I have verified that the firewall is off and that the antivirus is disabled. after generating a report using netstat -ano I find that UDP port 88 is open and listening but TCP port 88 is not listed as an active connection. Is there a way to get the server to listen on TCP port 88 as well?

Thanks

Jim
0
Comment
Question by:jfholloway
  • 4
  • 2
6 Comments
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 38831821
The Server itself won't be listening on any port.  There has to be a service that listens.  What service are you running that listens on port 88 and are you sure it's running?
0
 

Author Comment

by:jfholloway
ID: 38832208
I need port 88 for Kerberos traffic between domain controllers. I see it is active on one DC but, not on the other which is causing replication issues. I see on the one DC that port 88's PID is 416 and that PID is associated with lsass.exe. I am not sure why one DC has a servcie that is actively listening but, the other doesn't has a service that is listening on that TCP port.

That does explain why I can telnet to the server that is listening on port 88 but, not to the one that doesn't.

Is there a way that I can fix this on the DC that isn't working?
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 38832318
When troubleshooting DC/AD issues, the best thing to do is run a DCDIAG.  That will usually steer you in the right direction.

Also, any error log information can give you an idea where to look.
0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 

Author Comment

by:jfholloway
ID: 38835668
I have 2 DC's in the domain and the one has tombstoned based on the dcdiag reports I collected last week. After I reset the secure channel password I was able to get DNS back online. Right now I can't replicate, dcpromo the server because it can't communicate with the other DC and I can't transfer(or seize) the FSMO roles from the bad DC to the good one because of communication errors which led me to isolate which ports were and weren't responding.
According to TCPview and netstat the bad server (service) is not listening on the required ports for A.D. and the KCC to communicate properly. I believe if I can get communication working on TCP ports 88, 123, 137, 138, 139 and 3268 I can possibly remove the lingering objects and continue replication.

Any suggestions on where I can look to see why the server service isn't listening on the needed ports?
0
 
LVL 34

Accepted Solution

by:
Paul MacDonald earned 500 total points
ID: 38835794
If there's no firewall or other impediment to communication, it seems likely the service isn't running.  Check that.  Check the error logs for any information that might offer insight.

If you can't get the problem DC to communicate, you can seize the roles it holds (the whole point of seizing is to recover from a failed DC).
0
 
LVL 34

Expert Comment

by:Paul MacDonald
ID: 39132737
Thank you for the points, but I'm curious about the "C" grade.  Was the answer not satisfactory?
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

INTRODUCTION The purpose of this document is to demonstrate the Installation and configuration of the Data Protection Manager product. Note that this demonstration was prepared on the basis of Windows OS is 2008 R2 and DPM 2010. DATA PROTECTI…
When you upgrade from Windows 8 to 8.1 or to Windows 10 or if you are like me you are on the Insider Program you may find yourself with many 450MB recovery partitions.  With a traditional disk that may not be a problem but with relatively smaller SS…
This video Micro Tutorial explains how to clone a hard drive using a commercial software product for Windows systems called Casper from Future Systems Solutions (FSS). Cloning makes an exact, complete copy of one hard disk drive (HDD) onto another d…
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…

920 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now