I am having a hard time finding a list of what the settings for a Win2012 R2 DC should be. Here's my problem - running a "dcdiag /a" is reporting problems not finding the network path to a DC in a remote site. I know the remote DC is there; I can ping it; etc. So something in the firewall is blocking it, but it's unclear to me as to which rule specifically.
The DC shows it's connected to a domain, with the Windows firewall on. I imagine that it must be an outbound rule blocking me, but I see all "Active Directory (TCP and UDP out)" enabled; all "Core Networking" enabled; all "File and Printer Sharing" entries with a green check mark (Echo, NB, SMB). Shouldn't that be enough? I shouldn't need any of the "Network Discovery" rules enabled, should I? (correct me if I am wrong, but if I can't do a "\\<remote-DC>\C$", then the dcdiag diag will also fail?) What am I missing here? There are no hardware firewalls between me and the remote DC, and the remote DC has all firewalls turned off (for testing).
