Re: Opening port 135

From: Amanda Wang [MSFT] (v-amanwa_at_online.microsoft.com)
Date: 03/17/05

• Next message: Jernej Vodopivec: "RE: Formating a primary partition without loosing logical partitions"
• Previous message: Amihai Bareket: "Setting special permission on files and folders from a script"
• In reply to: Aaron: "Re: Opening port 135"
• Next in thread: Aaron: "Re: Opening port 135"
• Reply: Aaron: "Re: Opening port 135"
• Messages sorted by: [ date ] [ thread ]

Date: Thu, 17 Mar 2005 07:59:22 GMT

Hi Aaron,

Thanks for your response and let me know your concern that you want to know
how to open a port in 2003.

Based on my experience, Windows Server 2003 doesn't have built-in firewall.
Therefore, all ports are opened.

1. If there are any firewall programs/devices between these servers, please
open port 135 (RPC) on the firewall.

Also verify that port 445 (direct SMB hosting) is open on the firewall.
Both 135 and 445 are required for the remote management:
840634 You receive an "Access denied" or "The network path was not found"
error
http://support.microsoft.com/?id=840634

If there is no firewall program/device, please try the portqry tool to test
if the RPC port 135 is open in the server:
310456 How to Use Portqry to Troubleshoot Active Directory Connectivity
Issues
http://support.microsoft.com/?id=310456

You can download the tool from here:
http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-
A2D5-AC828BDC6983&displaylang=en

Note: Windows Server 2003 SP1 beta includes firewall protection, see:
895085 You receive an "access is denied" error message on a Windows Server
http://support.microsoft.com/?id=895085

If the ports are open, please verify the following:

1. Make sure the user has enough permission on the remote servers.
a. If the servers are in the same domain, use a domain administrator
account to test the issue.
b. If the servers are in workgroup, create an identical user accounts (same
user name, same password) with administrator right in all the servers.
Login with this user, and test the issue.

3. Let us know the detailed error message when you try to connect remotely
to disk management.

And the following is the content in KB 873187:

The information in this article applies to:

 - Microsoft Windows XP Home Edition Service Pack 2 (SP2) (Version: (SP2))
 - Microsoft Windows XP Media Center Edition Service Pack 2 (SP2) (Version:
(SP2))
 - Microsoft Windows XP Professional Service Pack 2 (SP2) (Version: (SP2))
 - Microsoft Windows XP Tablet PC Edition Service Pack 2 (SP2) (Version:
(SP2))

SYMPTOMS
========

When the Windows Firewall is turned on and you connect to a remote computer
to run Disk Management you may receive one or more of the following error
messages:

        Not enough storage is available to complete this operation.

        The Disk Management console failed to connect to the remote computer
        because the Disk Management remoting service is not in the Windows
        Firewall exception list. Add the Disk Management remoting service
        (dmremote.exe) to the Windows Firewall exception list and try again.

        The Disk Management console failed to connect to the remote computer
        because the RPC port is not opened in the Windows Firewall. Open the
        port by adding the RPC port (TCP port 135) to the Windows Firewall
        exception list and then try again.

CAUSE
=====

This behavior occurs because Windows Firewall has blocked the request.

WORKAROUND
==========

To work around this problem, choose one or more of these methods depending
on the error message you received:

Method 1 add the remoting service exception to the Windows Firewall
-------------------------------------------------------------------

To add the remoting service exception to the Windows Firewall, follow these
steps:
1. Click "Start", click "Run", type "firewall.cpl" (without the
   quotation marks), and then click "OK".
2. In the "Windows Firewall" dialog box, click the "Exceptions" tab.
3. Click "Add Program".
4. In the "Add a Program" dialog box, click "Browse", locate and then
   click "\Windows\System32\dmremote.exe".
5. Click "Open", and then click "OK".

Method 2 add the RPC port exception to the Windows Firewall
-----------------------------------------------------------

To add the RPC port exception to the Windows Firewall, follow these steps:
1. Click "Start", click "Run", type "firewall.cpl" (without the
   quotation marks), and then click "OK".
2. In the "Windows Firewall" dialog box, click the "Exceptions" tab.
3. Click "Add Port".
4. In the "Add a Port" dialog box, in the "Name:" field, type "dmremote
   port" (without the quotation marks), in the "Port number:" field, type
   "135" (without the quotation marks), click "TCP", and then click "OK".

Method 3 not enough storage space is available to complete this operation
-------------------------------------------------------------------------

Before you use this method try both Method 1 and Method 2 in the workaround
section. If both Method 1 and Method 2 in this workaround section have not
resolved this problem, you may need to temporarily turn off the Windows
Firewall in order to use the remoting service.

Warning This workaround may make your computer or your network more
vulnerable to attack by malicious users or by malicious software such as
viruses. We do not recommend this workaround but are providing this
information so that you can implement this workaround at your own
discretion. Use this workaround at your own risk.
Note A firewall is designed to help protect your computer from attack by
malicious users or by malicious software such as viruses that use
unsolicited incoming network traffic to attack your computer. Before you
turn off your firewall, you must disconnect your computer from the Internet.

You must continue to leave your local network connection enabled to use the
remoting service, but you will be vulnerable to attack from any local
computers on your network by malicious users or by malicious software.

We strongly recommend that you do not use Method 3. We are providing this
information so that you can implement this workaround at your own
discretion.

Use this workaround at your own risk.

To turn off the Windows Firewall, follow these steps:
1. Click "Start", click "Run", type "firewall.cpl" (without the
   quotation marks), and then click "OK".
2. In the "Windows Firewall" dialog box, click "Off (not recommended)".
3. Click "OK".

To turn on the Windows Firewall, follow these steps:
1. Click "Start", click "Run", type "firewall.cpl" (without the
   quotation marks), and then click "OK".
2. In the "Windows Firewall" dialog box, click "On (recommended)".
3. Click "OK".

Hope this helps! Please feel free to post back if you have any other
questions or concerns on this issue.

Thanks & Regards

Amanda Wang [MSFT]

Microsoft Online Partner Support

Get Secure! - www.microsoft.com/security

====================================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

=====================================================================

• Next message: Jernej Vodopivec: "RE: Formating a primary partition without loosing logical partitions"
• Previous message: Amihai Bareket: "Setting special permission on files and folders from a script"
• In reply to: Aaron: "Re: Opening port 135"
• Next in thread: Aaron: "Re: Opening port 135"
• Reply: Aaron: "Re: Opening port 135"
• Messages sorted by: [ date ] [ thread ]

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint