W
Will
We assigned a static RPC port to the NTDS service in order to monitor
traffic through a firewall carefully. What we are noticing is that when a
user logs in, the netlogon service is now also using the same static port.
Does Netlogon just inherit whatever RPC port is used by NTDS?
To assign NTDS a static port, you use registry key:
HKLM\CurrentControlSet\Services\NTDS\Paramaters\TCP/IP Port
I was *not* able to successfully use the same strategy to assign a different
static port to Netlogon. We tried:
HKLM\CurrentControlSet\Services\Netlogon\Paramaters\TCP/IP Port
with a different TCP port number, but this registry setting appears to get
ignored. Instead, Netlogon service uses the TCP port defined as above for
NTDS.
Can someone explain that result?
traffic through a firewall carefully. What we are noticing is that when a
user logs in, the netlogon service is now also using the same static port.
Does Netlogon just inherit whatever RPC port is used by NTDS?
To assign NTDS a static port, you use registry key:
HKLM\CurrentControlSet\Services\NTDS\Paramaters\TCP/IP Port
I was *not* able to successfully use the same strategy to assign a different
static port to Netlogon. We tried:
HKLM\CurrentControlSet\Services\Netlogon\Paramaters\TCP/IP Port
with a different TCP port number, but this registry setting appears to get
ignored. Instead, Netlogon service uses the TCP port defined as above for
NTDS.
Can someone explain that result?