Hi all

I have some question about restricting replication port or I can say changing replication port on Active Directory

As you know there are 2 articles from Microsoft about restricting replication port not on port 135 anymore but to another port. Do you have heard about this ? I want to ask more detail about these articles and also are these articles applicable to Windows Server 2003 also ? Second, if it's applicable is port 135 on router still need to be opened or not

FYI Active Directory use port 135 as default replication port, but nowadays there are a lot of virus work on port 135 so many enterprise company usually consider to close this port. If they close this port then Active Directory replication not run properly (sometimes you must do reset secure channel, etc). The only way for Active Directory replication port running well, though port 135 close, is by changing replication port to another number of port

Need advise from you al

Thank's a lo

warm regard
Surya W. Isjwar
System Architect - Astra Internationa
e-mail : surya.w.isjwara@ai.astra.co.id

Have you looked at the following document:

Active Directory in Networks Segmented by Firewalls
http://www.microsoft.com/downloads/d...846-43f0-4caf-
9767-a9166368434e&displaylang=en

It covers Windows Server 2003 and looks like it will help you.

Regards

Oli


"Surya W. Isjwara" <anonymous@discussions.microsoft.com> wrote in message
news:5B826580-8D58-422E-86EE-751C6C1C6797@microsoft.com...
heard about this ? I want to ask more detail about these articles and also
are these articles applicable to Windows Server 2003 also ? Second, if it's
applicable is port 135 on router still need to be opened or not ?
company usually consider to close this port. If they close this port then
Active Directory replication not run properly (sometimes you must do reset
secure channel, etc). The only way for Active Directory replication port
running well, though port 135 close, is by changing replication port to
another number of port.