Yes for NT4.0 the ports I listed are needed for domain use including name
resolution, logon, and authentication. It is much different for W2K. A
solution may be to try a vpn tunnel if you have a rras server on each end or
devices that use ipsec enpoints. -- Steve
"Steve Tunley" wrote in message
news:504F0E98-50C7-4EEF-9223-8B2F50A11015@microsoft.com...
> The problem we have is that the Windows 2000 Pro machines are on another
subnet connecting via ISDN - as soon as we open up the router for UDP ports
the line starts up periodically - RPC and netbios generate traffic between
the Domain controller and the PC?
>
> "Steven L Umbach" wrote:
>
> > Take a look at the link below. I believe the first four ports are
required to find
> > and change the password in a NT4.0 domain, basically rpc and nebios
ports. If you are
> > configuring a firewall, read the part to the link on dynamic rpc and how
to modify
> > the registry on a server to restrict the ports it uses in order to make
firewall
> > configuration more secure. --- Steve
> >
> > http://support.microsoft.com/default.aspx?scid=kb%3Ben-us%3B179442
> >
> > Windows NT
> > Client Port(s) Server Port Service
> > 1024-65535/TCP 135/TCP RPC *
> > 137/UDP 137/UDP NetBIOS Name
> > 138/UDP 138/UDP NetBIOS Netlogon and Browsing
> > 1024-65535/TCP 139/TCP NetBIOS Session
> >
> >
> > "Steve Tunley" wrote in message
> > news:1b22b01c44f94$8ae516c0$a101280a@phx.gbl...
> > > Does anyone now what port number and protocol is used for
> > > changing a users password via 2000 on an NT4 Domain?
> > > Steve
> >
> >
> >