Setup Windows Firewall on a Domain Controller
July 14, 2009 · Print This Article
If you would like to enable Windows Firewall on a domain controller, you will want to consider the following exceptions to the firewall before going live. These exceptions are necessary if you want domain authentication and file and print sharing. I would also recommend enabling these ports so only the local network is the exception. Allowing “outside” access may be hazardous to your server’s health.
Enable program exceptions for lsass.exe and ntfrs.exe.exe which are found under %windir%\system32.
Enable port exceptions for ports 53 (TCP and UDP), 88 (TCP and UDP), 123 (UDP), 135 (TCP), 137 (TCP), 389 (UDP), 464 (TCP and UDP) and 636 (TCP).
Did this help, leave a comment…
[...] Read more: Setup Windows Firewall on a Domain Controller [...]