Re: Port 1025 RPC /Lsass.exe

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Miha Pihler [MVP]" <mihap-news@xxxxxxxxxxx>
Date: Wed, 13 Sep 2006 20:40:31 +0200

Hi Craig,

Did you set up sites in your Active Directory?

Clients use DNS to locate all domain controllers in domain. After they have
list of all domain controllers they will try to use the ones that are in
same Site (e.g. same subnet) -- but you have to set this up under Active
Directory Sites and Services.
Next thing -- client will try to talk to the DC it chose. If it can't, it
will try to talk to any available DC in any site.

You can also test your client by running

echo %logonserver%

from command line to see which server authenticated the client. Is it the
one from same site as the client? Is it from another site?

--
Mike
Microsoft MVP - Windows Security

"Craig Barraclough" <CraigBarraclough@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in
message news:2E98932C-4C58-43C9-A290-201D85B1622D@xxxxxxxxxxxxxxxx

Hi
We have a branch office with approx 40 users. This branch office has a
2003
server domain controller. The other servers including 2 other 2003 domain
controllers and the exchange server at in our head office.
When monitoring our firewall traffic i have noticed that the majority of
client machines in the branch office (all XP machines) are establishing
connections to our primary domain controller ( Fsmo roles holder) on port
1025
I checked what is bound to that port and it appears lsass.exe is using
that
port.
Form what i have read this port is used by RPC as a random RPC port.
An article i read said that this may be used by active directory.
I was wondering if anyone knew why the clients in the branch office are
connecting to a dc in the head office and not the one in the branch
office?
The branch office server is a DC/GC/DNS and DHCP server.
One thing i have noticed is that our exchange server only has the 2 DC's
in
the head office set for directory access under the directory access tab in
the server properties. Could this be the reason?

Thanks

Craig

Prev by Date: File Server Suggestions
Next by Date: Re: File Server Suggestions
Previous by thread: File Server Suggestions
Next by thread: Routing and firewall on WinXP
Index(es):
- Date
- Thread

Relevant Pages

Re: Need access to Windows SBS 2003 from DOS client
... You have to change the Default domain controllers policy and LOWER the security level to allow DOS authentication with server 2003. ... The client and server can communicate, but the client gets an "Error ...
(microsoft.public.windows.server.networking)
Re: Users share only visible on server
... attached to 192.168.3/24 branch office network. ... Windows Small Business Server ... communication are not working from the remote office client. ...
(microsoft.public.windows.server.sbs)
RE: Event ID4-Kerberos
... (As you mentioned, the SBS server is the "only" server, do you mean ... 295017 How to Change a Computer Name or Join a Domain in Windows XP ... If there're multiple domain controllers, I recommend you to refer to KB ... Re-create the computer account for this client. ...
(microsoft.public.windows.server.sbs)
Re: Branch Office Authentication?
... > 2003 server to a branch office, ... membership by means of their IP address. ... - if the client does not know anything about the domain, ...
(microsoft.public.windows.server.security)
Re: Which replication topology?
... >A central subscriber and transactional replication will work for you. ... >branch office needs to see data in the central subscriber or branch office ... >b use a linked server to connect to the central subscriber of branch office ... I mean that in my solution each client from branch A who want to connect to ...
(microsoft.public.sqlserver.replication)