Re: Problems with authentication in a DMZ
From: Miha Pihler (mihap-news_at_atlantis.si)
Date: 08/23/04
- Next message: paula: "help express"
- Previous message: Luis Canhoto: "Problems with authentication in a DMZ"
- In reply to: Luis Canhoto: "Problems with authentication in a DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 23 Aug 2004 15:57:41 +0200
Hi Luis,
Check to see if these ports are open between the member server and the AD
server. You could also check your firewall logs what is filtered out.
Service Port/protocol
RPC endpoint mapper 135/tcp, 135/udp
NetBIOS name service 137/tcp, 137/udp
NetBIOS datagram service 138/udp
NetBIOS session service 139/tcp
RPC dynamic assignment 1024-65535/tcp
SMB over IP (Microsoft-DS) 445/tcp, 445/udp
LDAP 389/tcp
LDAP over SSL 636/tcp
Global catalog LDAP 3268/tcp
Global catalog LDAP over SSL 3269/tcp
Kerberos 88/tcp, 88/udp
DNS 53/tcp, 53/udp
WINS resolution (if required) 1512/tcp, 1512/udp
WINS replication (if required) 42/tcp, 42/udp
Network time protocol (NTP) 123/udp
ICMP
Rule needs to permit TCP high ports (any port above 1023) for inbound
traffic. Then again, if your firewall permits this, there's very little
reason even to have a firewall.
Mike
"Luis Canhoto" <Luis Canhoto@discussions.microsoft.com> wrote in message
news:DF731D3D-E1D4-4A04-B3A5-827BC1B50D46@microsoft.com...
> Thanks in advance to any help I can get.
> A member server put in a DMZ canīt authenticate with a private 2003
domain.
> The server 'ping' by name and by IP the domain controller, but when a try
to
> logon in the domain, we return " no domain controller available ".
>
> Thanks
> Luis Canhoto
- Next message: paula: "help express"
- Previous message: Luis Canhoto: "Problems with authentication in a DMZ"
- In reply to: Luis Canhoto: "Problems with authentication in a DMZ"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
