It's been a few weeks, so time for another question on ports. MS's whitepaper that discusses how to setup AD to communicate through a firewall (the one that focuses primarily on DC to DC communication) lists the following ports needed to service "User Login and Authentication" and "Computer Login and Authentication":
445 TCP/UDP
88 TCP/UDP
389 UDP
53 TCP/UDP
(I would add ICMP for GPO processing.)
Most people who normally respond to "what ports are needed..." include 135.
I just ran a Netmon trace during a logon from an XP machine and do see some traffic hitting 135. I also see traffic hitting 137 and 139.
I'm not good at reading traces so I don't really know what's happening besides the basic traffic flow. Does anyone know what 135 (and 139 I
suppose) are being used for? And if they're blocked does it totally break everything or just limit certain functions? I am not worried about DC to DC communication. The scenario is member systems separated from DC's with a firewall and the network folks want to allow the absolute minimum ports.
Thx
