Windows 2003 AD 防火牆問題
防火牆關閉,使用者登入正常
防火牆打開,使用者無法登入
除了打開基本的 Port ,另外還有一些需要打開的
port 123:udp:*:enabled:NTP
port 135:tcp:*:enabled:RPC Endpoint Mapper
port 137:tcp:*:enabled:netbios-ns
port 138:tcp:*:enabled:netbios-dgm
port 139:tcp:*:enabled:netbios-ssn
port 389:tcp:*:enabled:LDAP
port 389:udp:*:enabled:LDAP
port 445:tcp:*:enabled:SMB
port 53:tcp:*:enabled:DNS
port 53:udp:*:enabled:DNS
port 593:udp:*:enabled:RPC
port 88:tcp:*:enabled:Kerberos
port 3268:tcp:*:enabled:Global Catalog LDAP
port 3269:tcp:*:enabled:Global Catalog LDAP GC SSL
port 53211:tcp:*:enabled:AD Replication (Note: use the port number selected in 1.b.i above)
port 53212:tcp:*:enabled:File Replication Service (Note: use the port number selected in 1.b.ii above)
參考資料:
2003 Server AD ,防火牆問題
http://ithelp.ithome.com.tw/question/10094240
How to configure Windows Server 2003 SP1 firewall for a Domain Controller
http://support.microsoft.com/kb/555381/en-us
How to configure a firewall for domains and trusts
http://support.microsoft.com/default.aspx?scid=kb;en-us;179442
各種網路Port的作用
http://forum.atifans.net/forum.php?mod=viewthread&tid=375&page=1
留言
張貼留言