For Active Directory to function correctly through a firewall, the Internet Control Message Protocol (ICMP) protocol must be allowed through the firewall from the clients to the domain controllers so that the clients can receive Group Policy information. You will need the following ports opened to create the trust and to perform the user/group administration after the trust is established.
Resource Material: Microsoft KB http://support.microsoft.com/default.aspx/kb/179442/
(migrated content from old site, need to relink pictures)
* NOTE: The port for WINS is optional. It is not required for a trust but only if YOUR Active Directory configuration is dependent on WINS still for resolution.
Published: 12/1/2008 8:54 PM
No comments:
Post a Comment