domain controllers are trying to communicate with linux hosts on 135, 137, 139 and 445. is this normal? if so, why is it normal?

hello! we have 2 domain controllers in 1 site trying to communicate with some linux hosts that are behind a firewall at another site.
ports 135, 137, 139 and 445
they are getting blocked by a firewall between the 2 networks, but im wondering why the windows domain controllers are trying to communicate with them in the first place
the hosts ARE listed in DNS (we are using active directory integrated DNS)
would that be why?
LVL 1
jsctechyAsked:
Who is Participating?

[Webinar] Streamline your web hosting managementRegister Today

x
 
R_EdwardsConnect With a Mentor Commented:
Jsctechy,
     You are very close, Windows has to has specific ports open to work as a domain controller, and because you have Linux Hosts and I figure you are authenticating from the Linux host to AD.
 here is a small explanation of the ports:

TCP 135 Replication RPC, EPM
     
TCP 137 NetBIOS Name resolution NetBIOS Name resolution
     
TCP 139 User and Computer Authentication, Replication DFSN, NetBIOS Session Service, NetLogon

TCP and UDP 445 Replication, User and Computer Authentication, Group Policy, Trusts SMB, CIFS, SMB2, DFSN, LSARPC, NbtSS, NetLogonR, SamR, SrvSvc

/r
-=Richard
0
 
Seth SimmonsSr. Systems AdministratorCommented:
are there any domain controllers gone but not cleaned up in AD that had IP address(es) now used by one of the linux systems?  just having an A record won't cause that traffic
0
All Courses

From novice to tech pro — start learning today.