Thanks Fabiano. I'll try it. We have the following servers. Windows 2000 -DC Windows 3000 server -DC's backup NT4 On 5/3/05, Fabiano <Fabiano@xxxxxxxxxxxx> wrote: > Hi Kirk, > > Windows 2000 AD Authentication uses LDAP, so u need to open another ports too, like LDAP: 389 UDP/TCP and 3268 TCP, kerberos: 88 UDP/TCP and maybe another ones, like 135 TCP (RPC Service). > What version of Windows r u using? > > > -----Original Message----- > From: Kirk [mailto:whereisgui@xxxxxxxxx] > Sent: terça-feira, 3 de maio de 2005 15:07 > To: netfilter@xxxxxxxxxxxxxxxxxxx > Subject: rules to allow a machine to join a windows domain > > Hello everyone, > > I need to start moving three windows servers behind a firewall. Could > someone tell me what ports I need to open so that the servers can join > a windows domain? > > I already allow access to DNS( udp 53, tcp 53) and WINS(tcp 137) > servers but the test server still can't join the domain. The error I > get is "a domain controller could not be contacted". > > I should point out that I'm able to connect to websites from the test > server and I can connect to the web server I installed for testing > incoming connections. Also, I'm able to join the domain when I take > the machine off the firewall. > > Any hints will be appreciated. > Thanks, > -K > >
