Re: Domain Login over Firewall

From: S. Pidgorny [MVP] (slavickp_at_yahoo.com)
Date: 04/30/03

  • Next message: Tim: "Microsoft baseline security"
    Date: Wed, 30 Apr 2003 18:45:41 +1000
    
    

    Yes, that is possible. However, it defeats the purpose of the firewall or
    proves the design of your firewall complex wrong.
    The ports include DNS, LDAP and LDAP ping, CIFS, RPC to NetLogon, and NTP to
    potentially any DC.

    -- 
    Svyatoslav Pidgorny, MS MVP, MCSE
    -= F1 is the key =-
    "The Bellman of Ankh" <jim_hathaway@ntlworld.remove-to-reply.com> wrote in
    message news:sLEra.139$IL.99@newsfep1-gui.server.ntli.net...
    > Is it possible to connect a new computer account and then login to a
    windows
    > 2000 Active Directory Domain over a hardware firewall and if so what ports
    > need to opened?
    >
    >
    

  • Next message: Tim: "Microsoft baseline security"

    Relevant Pages

    • Re: Windows Server 2003 domain trust issue
      ... at the start of play yesterday we were lacking DNS resolution in one ... That was tracked down to the Watchguard firewall at the remote end ... checking the status of the listed ports. ... Were the trusts created in BOTH directions? ...
      (microsoft.public.windows.server.dns)
    • Re: DNS and Domain problem
      ... > problems and they added themselves into DNS. ... > and seperated by a firewall. ... I'm able to ping from this server to ... ports that need to be allowed pass thru. ...
      (microsoft.public.win2000.dns)
    • Re: Windows Server 2003 domain trust issue
      ... That was tracked down to the Watchguard firewall at the remote ... DNS functioning (I should say that the odd thing is that there was already ... checking the status of the listed ports. ... Depending on how much you REALLY trust the other people, ...
      (microsoft.public.windows.server.dns)
    • Re: slow login problems at branch office
      ... I tried all the ports you mentioned below and they all seemed to pass. ... 389/TCP/UDP LDAP ... 53/TCP/UDP DNS ... SP4 machines and based in the main site. ...
      (microsoft.public.win2000.active_directory)
    • Re: slow login problems at branch office
      ... Download PortQryUI and from the client side check to see if the ports are ... 389/TCP/UDP LDAP ... 53/TCP/UDP DNS ... SP4 machines and based in the main site. ...
      (microsoft.public.win2000.active_directory)