?
Solved

Minimum ports required for NETDOM to move workstations

Posted on 2013-05-15
3
Medium Priority
?
1,521 Views
Last Modified: 2013-05-16
Hello all-
I'm working in a very restrictive environment where I am to move workstations from one domain to another. Some important facts:
1. No migration tools can be used. Just a simple NETDOM script that will move the systems can be allowed
2. No trusts will be allowed. I am trying to get them to allow a 1-way (target forest will trust source) but that's a "maybe"
3. Source forest is 2008R2, target is Server 2012
4. Workstations are Win7 with just a few XP
5. Source and target environments will be separated by a firewall

So let's assume no trusts will be allowed. I'll use NETDOM in a script to move workstations from source to target that will contain the appropriate credentials in my script for both source and target forests. I'm thinking the ports that must be open between both environments are:
53 - DNS
135 - RPC Endpoint
389 - LDAP
445 - SMB
Obviously, DNS resolution between source and target must be in place. Am I missing anything here?
As always, thanks for the help.
Eric
0
Comment
Question by:Cymbaline65
  • 2
3 Comments
 
LVL 26

Expert Comment

by:Tony J
ID: 39170767
I'd suggest NetBIOS too.

There's a 'kind of list' here:

http://technet.microsoft.com/en-us/library/cc756944(v=WS.10).aspx

Not the most helpful, but I'd suggest you want the joining external domain ports.
0
 

Author Comment

by:Cymbaline65
ID: 39171485
Thanks for the response.
So include ports 137 and 139 too?
0
 
LVL 26

Accepted Solution

by:
Tony J earned 1400 total points
ID: 39171500
Yeah I would do.
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
IF you are either unfamiliar with rootkits, or want to know more about them, read on ....
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question