What ports/protocols need to be open on a windows 2003 file server so domain users can either: RDP onto it to get a GUI for administraition Map a network share on it Also on a domain controller: what port needs to be open to handle users logging in to a domain?

This article should be able to cover all of your questions surrounding port requirements. Service overview and network port requirements for the Windows Server System http://support.microsoft.com/kb/832017/en-us Visit: anITKB.com, an IT Knowledge Base.

This article should be able to cover all of your questions surrounding port requirements. Service overview and network port requirements for the Windows Server System http://support.microsoft.com/kb/832017/en-us Visit: anITKB.com, an IT Knowledge Base. Thanks.... but I'd rather speak to a human being rather than read the links to be honest, if only to confirm which ports are required. That said I'll have a good read through...

For questions #1 and #2 in the first section, the information is as follows (pulled from the link I gave you): RDP: Application protocol Protocol Ports Terminal Services TCP 3389 File Shares: Application protocol Protocol Ports NetBIOS Datagram Service UDP 138 NetBIOS Name Resolution UDP 137 NetBIOS Session Service TCP 139 SMB TCP 445 For Question #3 (listed as #1 in the second section): There are a few that are required for login such as TCP/UDP 53 for DNS (locating AD), TCP/UDP 123 for allowing the client to sync network time, TCP 135 -RPC Endpoint mapper, TCP 1024+ for dynamic high ports (you would have to lock down the dynamic ports otherwise, you'll turn the firewall into swiss cheese), TCP/UDP 88 - Kerberos, TCP/UDP 389 LDAP to DS, and TCP 3268 LDAP to GC, and TCP 445 - SMB. I dont beleive that I missed any. If you want to take care of the high dynamic ports, here is a link that you should read (sorry but I cant retype this for you) on how to resolve that concern: Restricting Active Directory replication traffic and client RPC traffic to a specific port http://support.microsoft.com/kb/224196 Visit: anITKB.com, an IT Knowledge Base.

For questions #1 and #2 in the first section, the information is as follows (pulled from the link I gave you): RDP: Application protocol Protocol Ports Terminal Services TCP 3389 File Shares: Application protocol Protocol Ports NetBIOS Datagram Service UDP 138 NetBIOS Name Resolution UDP 137 NetBIOS Session Service TCP 139 SMB TCP 445 For Question #3 (listed as #1 in the second section): There are a few that are required for login such as TCP/UDP 53 for DNS (locating AD), TCP/UDP 123 for allowing the client to sync network time, TCP 135 -RPC Endpoint mapper, TCP 1024+ for dynamic high ports (you would have to lock down the dynamic ports otherwise, you'll turn the firewall into swiss cheese), TCP/UDP 88 - Kerberos, TCP/UDP 389 LDAP to DS, and TCP 3268 LDAP to GC, and TCP 445 - SMB. I dont beleive that I missed any. If you want to take care of the high dynamic ports, here is a link that you should read (sorry but I cant retype this for you) on how to resolve that concern: Restricting Active Directory replication traffic and client RPC traffic to a specific port http://support.microsoft.com/kb/224196 Visit: anITKB.com, an IT Knowledge Base. Appreciated