Re: Redirect problems to remote client

• From: v-natliu@xxxxxxxxxxxxxxxxxxxx ("Nathan Liu [MSFT]")
• Date: Thu, 02 Feb 2006 08:52:25 GMT

Hi Paul,

Thanks for your kind update.

I'm glad to hear that things are working correctly for you now after we 
opened the TCP port 445. 

Additionally, please kindly note that the TCP port 139 is used for NetBIOS 
Session Services. Considering the current condition, if all things are 
working perfectly, we can don't open the TCP port 139. Thanks for the 
understanding. In addition, I am glad to provide the following related 
helpful information for your reference:

Net Logon
The Net Logon system service maintains a security channel between your 
computer and the domain controller to authenticate users and services. It 
passes the user's credentials to a domain controller and returns the domain 
security identifiers and user rights for the user. This is typically 
referred to as pass-through authentication. Net Logon is configured to 
start automatically only when a member computer or domain controller is 
joined to a domain. In the Windows 2000 Server and Windows Server 2003 
families, Net Logon publishes service resource locator records in the DNS. 
When this service runs, it relies on the Server service and on the Local 
Security Authority service to listen for incoming requests. On domain 
member computers, Net Logon uses RPC over named pipes. On domain 
controllers, it uses RPC over named pipes, RPC over TCP/IP, mailslots, and 
Lightweight Directory Access Protocol (LDAP). 

System service name: Netlogon Application protocol Protocol Ports 
NetBIOS Datagram Service UDP 138 
NetBIOS Name Resolution UDP 137 
NetBIOS Session Service TCP 139 
SMB TCP 445 


Group Policy
To successfully apply Group Policy, a client must be able to contact a 
domain controller over the DCOM, ICMP, LDAP, SMB, and RPC protocols. If any 
one of these protocols are unavailable or blocked between the client and a 
relevant domain controller, policy will not apply or refresh. For a 
cross-domain logon, where a computer is in one domain, and the user account 
is in another, these protocols may be required for the client, the resource 
domain, and the account domain to communicate. ICMP is used for slow link 
detection. For more information about slow link detection, click the 
following article number to view the article in the Microsoft Knowledge 
Base: 
227260 (http://support.microsoft.com/kb/227260/) How a slow link is 
detected for processing user profiles and Group Policy 

System service name: Group PolicyApplication protocol Protocol Ports 
DCOM TCP + UDP random port number between 1024 - 65534 
ICMP (ping) UCP 20 
LDAP TCP 389 
SMB TCP 445 
RPC TCP 135, random port number between 1024 - 65534 

More detailed information:
Service overview and network port requirements for the Windows Server system
http://support.microsoft.com/kb/832017

I appreciate your time and cooperation. 

Please do not hesitate to let me know if you have any further concerns, I 
am looking forward to hearing from you.


Have a nice day!

Best regards,

Nathan Liu (MSFT)
Microsoft CSS Online Newsgroup Support

Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues 
regarding other Microsoft products, you'd better post in the corresponding 
newsgroups so that they can be resolved in an efficient and timely manner. 
You can locate the newsgroup here: 
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx

When opening a new thread via the web interface, we recommend you check the 
"Notify me of replies" box to receive e-mail notifications when there are 
any updates in your thread. When responding to posts via your newsreader, 
please "Reply to Group" so that others may learn and benefit from your 
issue.

Microsoft engineers can only focus on one issue per thread. Although we 
provide other information for your reference, we recommend you post 
different incidents in different threads to keep the thread clean. In doing 
so, it will ensure your issues are resolved in a timely manner. 

For urgent issues, you may want to contact Microsoft CSS directly. Please 
check http://support.microsoft.com for regional support phone numbers.

Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.


.

• Follow-Ups:
  • Re: Redirect problems to remote client
    • From: "Nathan Liu [MSFT]"

• References:
  • Re: Redirect problems to remote client
    • From: Paul Proefrock
  • Re: Redirect problems to remote client
    • From: "Nathan Liu [MSFT]"

• Prev by Date: RE: http://companyweb/
• Next by Date: Re: SBS 2003 and Connection to Internet #3
• Previous by thread: Re: Redirect problems to remote client
• Next by thread: Re: Redirect problems to remote client
• Index(es):
  • Date
  • Thread

• Windows
• Science
• Usenet

• Archive
• About
• Privacy
• Search
• Imprint