I have a domain controller behind a firewall and I want to join machines in a DMZ to it. I found this article https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
but for group policy it just says "UDP Dynamic"
Do I really need to open EVERY UDP port to it through DMZ? Any way I can limit that range or no?
DC and clients are Server 2012R2.
Firewall between DC and DMZ is pfSense