|
Article ID: 1455
Last updated: 05 Apr, 2016
For the full details and original text, see http://windowsitpro.com/active-directory/q-how-do-i-enable-dfs-replication-between-hosts-separated-firewall. ProcedureDFS Replication (DFSR) normally uses the remote procedure call (RPC) dynamic Endpoint Mapper, which is difficult to support through a firewall. You can configure DFSR to use a static port instead of a dynamic one by using the dfsrdiag command, then restarting DFSR. Example: DfsrDiag staticRPC /port:<port number>
net stop dfsr net start dfsr You can verify the change by typing the command below and looking at the RpcPortAssignment value, which if it shows a value of 0 means it is using dynamic ports. (Anything other than 0 indicates the static port configured.) DfsrDiag DumpMachineCFG
To really double-check that the static port is being used, you can inspect the port listener. First, find the process ID of dfsrs.exe: tasklist | findstr dfsrs.exe
It might return something like this, for example: C:\>tasklist /svc | findstr dfsrs.exe
dfsrs.exe 1772 DFSR Now search a netstat -ano for the process ID, which will find the port being listened on. In this case, below, it shows port 5722, which was the static port configured: C:\>netstat -ano | findstr 1772
TCP 0.0.0.0:5722 0.0.0.0:0 LISTENING 1772 TCP 192.168.1.10:5722 192.168.1.12:63377 ESTABLISHED 1772 TCP 192.168.1.10:58823 192.168.1.11:135 SYN_SENT 1772 TCP [::]:5722 [::]:0 LISTENING 1772 TCP [fe80::4c46:84be:c9e0:2f2e%12]:61123 [fe80::4c46:84be:c9e0:2f2e%12]:38 9 ESTABLISHED 1772 TCP [fe80::4c46:84be:c9e0:2f2e%12]:61195 [fe80::4c46:84be:c9e0:2f2e%12]:38 9 ESTABLISHED 1772 TCP [fe80::4c46:84be:c9e0:2f2e%12]:63987 [fe80::4c46:84be:c9e0:2f2e%12]:49 155 ESTABLISHED 1772 UDP 127.0.0.1:58547 *:* 1772
Article ID: 1455
Last updated: 05 Apr, 2016
Revision: 3
Views: 11889
|
