Exchange 2003 Front-end losing connection to DC
Hi I'm trying to setup Exchange 2003 front-end server on DMZ. It joins the domain at first, but after awhile it loses connection to internal domain controllers. The error is Windows cannot determine the user or computer name. (The specified domain either does not exist or could not be contacted. ). Group Policy processing aborted. The ports opened on the firewall are: 135 RPC (TCP) 137 NetBios (UDP) 138 Netlogon (UDP) 139 NetBios Session (TCP) 42WINS (TCP) 389 LDAP (TCP/UDP) 636 LDAP SSL (TCP) 3268 LDAP GC (TCP) 3269 LDAP GC SSL (TCP) 53 DNS (TCP/UDP) 88 Kerberos (TCP/UDP) 445 SMB (TCP) 1600 static RPC port (TCP) 500 IKE (UDP) How can I restore connection to domain controller? Please help! Thank you!
April 17th, 2007 4:41pm

The error message is related to Group Policy. To successfully process group policy a member machine must be able to contact the DC over the DCOM, LDAP, SMB and RPC ports. ICMP ping is also required. For more information see this article: http://support.microsoft.com/kb/832017 You will need to open up the high ports (i.e. 1024 and above) to allow DCOM and RPC communications (althoughI believe you can lock these down using static port assignments). Whichever way you do it you will be opening up a large number of ports through the firewall. An alternative (strongly recommended) is to use ISA for your OWA publishing and keep your Exchange servers within the internal network. Tony www.activedir.org
Free Windows Admin Tool Kit Click here and download it now
April 18th, 2007 12:01am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics