hidden hit counter
Help!

Ports Required for client authentication to AD

  
  
Post new topic   General Reply to Topic (not reply to a specific post)    Forums Home -> Security RSS
Next:  Win98 & P4 CPU speed question  
Author Message
Rtaggart17
External


Since: Feb 11, 2009
Posts: 1
PostPosted: Wed Feb 11, 2009 5:51 am    Post subject: Ports Required for client authentication to AD
Archived from groups: microsoft>public>win2000>security, others (more info?)
WE have several locations where currently we have our cisco asa devices set
to require the client to authenticate before we allow their source traffice
to come up the vpn tunnel to our home office. This is great since their
computers are in customer's locations. It however is giving me grief for
logon scripts, initial GPO objects etc will not work since the machine cant
talk to our domain controllers when the user is not logged in. I want to
create a rule in our cisco device to allow this back channel communication.
What ports do i need open for GPO, AD, LDAP, Kerberos, Login Scripts Etc?
Any Advice would be greatly appreciated.
Back to top
Jorge de Almeida Pinto [M
External


Since: Aug 22, 2006
Posts: 231
PostPosted: Wed Feb 11, 2009 7:10 pm    Post subject: Re: Ports Required for client authentication to AD [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
and:
http://www.microsoft.com/downloads/details.aspx?familyid=C2EF3846-43F0...AF-9767

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------

"Rtaggart17" <Rtaggart17.TakeThisOut@discussions.microsoft.com> wrote in message
news:FAC8CE67-99E3-47C9-A67C-BD00B78B5D14@microsoft.com...
> WE have several locations where currently we have our cisco asa devices
> set
> to require the client to authenticate before we allow their source
> traffice
> to come up the vpn tunnel to our home office. This is great since their
> computers are in customer's locations. It however is giving me grief for
> logon scripts, initial GPO objects etc will not work since the machine
> cant
> talk to our domain controllers when the user is not logged in. I want to
> create a rule in our cisco device to allow this back channel
> communication.
> What ports do i need open for GPO, AD, LDAP, Kerberos, Login Scripts Etc?
> Any Advice would be greatly appreciated.
Back to top
Jorge de Almeida Pinto [M
External


Since: Aug 22, 2006
Posts: 231
PostPosted: Wed Feb 11, 2009 7:10 pm    Post subject: Re: Ports Required for client authentication to AD [Login to view extended thread Info.]
Archived from groups: per prev. post (more info?)
check out:
http://support.microsoft.com/kb/832017

--

Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)

# Jorge de Almeida Pinto # MVP Identity & Access - Directory Services #

BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test ANY suggestion in a test environment before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------

"Rtaggart17" <Rtaggart17.DeleteThis@discussions.microsoft.com> wrote in message
news:FAC8CE67-99E3-47C9-A67C-BD00B78B5D14@microsoft.com...
> WE have several locations where currently we have our cisco asa devices
> set
> to require the client to authenticate before we allow their source
> traffice
> to come up the vpn tunnel to our home office. This is great since their
> computers are in customer's locations. It however is giving me grief for
> logon scripts, initial GPO objects etc will not work since the machine
> cant
> talk to our domain controllers when the user is not logged in. I want to
> create a rule in our cisco device to allow this back channel
> communication.
> What ports do i need open for GPO, AD, LDAP, Kerberos, Login Scripts Etc?
> Any Advice would be greatly appreciated.
Back to top
Display posts from previous:   
Post new topic   General Reply to Topic (not reply to a specific post)    Forums Home -> Security All times are: Eastern Time (US & Canada) (change)
Page 1 of 1

 
 You can post new topics in this forum
You can reply to topics in this forum
You can edit your posts in this forum
You can delete your posts in this forum
You can vote in polls in this forum