opening tcp port on a windows 2003 server

The Server itself won't be listening on any port.  There has to be a service that listens.  What service are you running that listens on port 88 and are you sure it's running?

I need port 88 for Kerberos traffic between domain controllers. I see it is active on one DC but, not on the other which is causing replication issues. I see on the one DC that port 88's PID is 416 and that PID is associated with lsass.exe. I am not sure why one DC has a servcie that is actively listening but, the other doesn't has a service that is listening on that TCP port.

That does explain why I can telnet to the server that is listening on port 88 but, not to the one that doesn't.

Is there a way that I can fix this on the DC that isn't working?

When troubleshooting DC/AD issues, the best thing to do is run a DCDIAG.  That will usually steer you in the right direction.

Also, any error log information can give you an idea where to look.

I have 2 DC's in the domain and the one has tombstoned based on the dcdiag reports I collected last week. After I reset the secure channel password I was able to get DNS back online. Right now I can't replicate, dcpromo the server because it can't communicate with the other DC and I can't transfer(or seize) the FSMO roles from the bad DC to the good one because of communication errors which led me to isolate which ports were and weren't responding.
According to TCPview and netstat the bad server (service) is not listening on the required ports for A.D. and the KCC to communicate properly. I believe if I can get communication working on TCP ports 88, 123, 137, 138, 139 and 3268 I can possibly remove the lingering objects and continue replication.

Any suggestions on where I can look to see why the server service isn't listening on the needed ports?

Thank you for the points, but I'm curious about the "C" grade.  Was the answer not satisfactory?