Re: Domain Controller port numbers

Hi,

Here is a list of ports...

RPC endpoint mapper 135/tcp, 135/udp
Network basic input/output system (NetBIOS) name service 137/tcp, 137/udp
NetBIOS datagram service 138/udp
NetBIOS session service 139/tcp
RPC dynamic assignment 1024-65535/tcp
Server message block (SMB) over IP (Microsoft-DS) 445/tcp, 445/udp
Lightweight Directory Access Protocol (LDAP) 389/tcp
LDAP over SSL 636/tcp
Global catalog LDAP 3268/tcp
Global catalog LDAP over SSL 3269/tcp
Kerberos 88/tcp, 88/udp
Domain Name Service (DNS) 53/tcp1, 53/udp
Windows Internet Naming Service (WINS) resolution (if required) 1512/tcp,
1512/udp
WINS replication (if required) 42/tcp, 42/udp
and ICMP protocol.

Service overview and network port requirements for the Windows Server system
http://support.microsoft.com/default.aspx?scid=kb;en-us;832017&Product=winsvr2003

--
Mike
Microsoft MVP - Windows Security

<B Squared> wrote in message news:CbCdnWNJOsBLkR_eRVn-vg@xxxxxxxxxxxxxxxxxx
> I'm having a problem with our Windows Server 2003. This message
>
> Event ID: 1054
> User: NT AUTHORITY\SYSTEM
>
> Windows cannot obtain the domain controller name for your computer
> network. (The specified domain either does not exist or could not
> be contacted. ). Group Policy processing aborted.
>
>
> Is generated when Server 2003 boots, and tries to connect to our
> Domain Controller. It is almost certainly occuring because we have
> a particular port blocked on a firewall that exists between the
> Server and the Domain Controller. Knowing this, I openned all the
> ports I thought might be relevant.
>
> These are the ports I have open:
>
> smtp tcp 25
> bootps udp 37
> domain (dns) udp 53
> www tcp 80
> ident tcp 113
> netbios-ns udp 137
> netbios-dgm udp 138
> netbios-ssl tcp 139
> ldap tcp 389
> https tcp 443
> ms - ds tcp 445
>
> But obviously, there is one, or more, ports that must be openned.
> What other port[s] do we need to open to permit Windows Server 2003
> to contact a domain controller at boot time?
>
> Thanks in advance for any help.
>
> B Squared
>


.

Relevant Pages

  • Re: Stumper - running a Windows Server 2003 DC on the same subnet as w
    ... I am attempting to replace an older server running windows server 2000 standard edition configured with WIN2000DOMAIN and W2000D (netbios name). ... Build a completely new domain or just replace the old domain controller with a new one? ...
    (microsoft.public.windows.server.general)
  • Re: What are these ports?
    ... >>properly it keeps the connection around long enough to make sure the close ... I do have MS NTP client turned off. ... > Since I am not using NetBios why does it seem that the ports are open? ... You will still be using NetBIOS locally even if you aren't using it over the ...
    (microsoft.public.windowsxp.network_web)
  • RE: nc help needed.
    ... You can even get Netcat to listen on the NETBIOS ports that are probably ... user can run a program that will bind to the NETBIOS ports. ...
    (Security-Basics)
  • Re: Adding additionl DC to existing windows 2003 Domain
    ... Read the article Firewall Ports needed for Replication off of the articles ... additional Windows 2k3 dc to an existing domain which has one of there ... I have added the new windows 2003 server to the ... "Could not find the domain controller for this domain." ...
    (microsoft.public.windows.server.active_directory)
  • Re: Microsoft "Messenger Service"
    ... it is a NETBIOS functionality which means I must of had ... > one the Microsoft netbeui ports open. ... > home machine IP. ... > use NET SEND if the proper Microsoft ports 135-137 are not open. ...
    (comp.security.misc)