Re: Active Directory Controllers?

From: Paul McGuire (paulmcguire_at__no_spam_hotmail.com)
Date: 04/28/04 

Date: Tue, 27 Apr 2004 20:03:13 -0500

Sounds like you need to open the correct ports for AD Authinication. Start
with pinging by name. If this works than DNS is working. DNS locates the
DC. I am not sure which other ports are used. You should be able to find a
KB article on this. If you can map a drive by ip then you atleast know
netbios is open. a quick port scan on the firewalls will tell you what you
have open and what is closed or stealth.

HTH

Paul McGuire
"Matt" <matth+newsgroups@matthoppes.org> wrote in message
news:c6m4ik03h8@enews4.newsguy.com...
> Here's what our network looks like:
>
>
>
> FIREWALL 1:
> Outside: 63.174.x.x network (OUTSIDE)
> AD Controllers: 10.200.1.x network (DMZ)
> Clients: 172.16.1.x network (INTERNAL)
>
> FIREWALL 2:
> Outside: 63.174.x.x network (OUTSIDE)
> Clients: 10.200.1.x network (DMZ)
>
> We are trying to get the clients from behind firewall2 to behind the
> INTERNAL of firewall1. The issue is that right now they are able to
> authenticate and all is happy. They go from firewall2 to firewall 1
> across the outside interfaces and then through a map to the DMZ to get
> to the AD controllers.
>
> When I try to move the clients behind the INTERNAL on FIREWALL1 I get
> 'No domain controllers are available to service your login request'.
> I have a hosts file in place for the two domain controllers and have a
> map going across from 172.16.1.x to 10.200.1.x. I can ping the DCs.
> If I'm on a machine NOT on the domain I can connect to the DCs via
> filesharing and their 172.16.1.x map. however, if I try that same thing
> with a machine on the domain behind the INTERNAL I get the 'no domain
> controller' message.
>
> Any ideas?
>

Relevant Pages

  • Re: Windows Server 2003 domain trust issue
    ... at the start of play yesterday we were lacking DNS resolution in one ... That was tracked down to the Watchguard firewall at the remote end ... checking the status of the listed ports. ... Were the trusts created in BOTH directions? ...
    (microsoft.public.windows.server.dns)
  • Re: Trust relationship between domains
    ... Over 30 ports are needed to be opened, not including the high (>1024 RPC ... How to Configure a Firewall for Domains and Trusts ... Do the member servers of the outside domain need the ability to ldap against ... the domain controllers of the inside domain? ...
    (microsoft.public.windows.server.networking)
  • RE: win2k3 active directory - firewall ports
    ... win2k3 active directory - firewall ports ... The following are the required ports for AD the articles supporting are ... Windows Server 2003 and Windows 2000 Server ... For a mixed-mode domain that uses either Windows NT domain controllers ...
    (Focus-Microsoft)
  • Re: DNS and Domain problem
    ... > problems and they added themselves into DNS. ... > and seperated by a firewall. ... I'm able to ping from this server to ... ports that need to be allowed pass thru. ...
    (microsoft.public.win2000.dns)
  • Re: Windows Server 2003 domain trust issue
    ... That was tracked down to the Watchguard firewall at the remote ... DNS functioning (I should say that the odd thing is that there was already ... checking the status of the listed ports. ... Depending on how much you REALLY trust the other people, ...
    (microsoft.public.windows.server.dns)
Loading