Maybe my English is a bit too literal because I find that paragraph extremely
convoluted and also incorrect.
To quote: "Additionally, configuring DFS Replication using the DFS
Management snap-in does not work when a firewall is enabled (see #1). You
must define a port exception OR disable the firewall, OR you can use
Dfsrdiag.exe to set the static RPC port for DFS Replication (see #2)."
#1 DFS Management snap-in DOES work when a firewall is enabled. However, you
must painstakingly locate each dependent service/port required and add it to
the Firewall exception.
#2 Define a port exception OR disable OR set a static port... Since the
objective is to make these two services work together lets subtact the "OR
disable." The sentence no reads as "define a port exception OR set the static
RPC port." Here SCW database, Google and the "The Filing Cabinet"
(http://blogs.technet.com/filecab/default.aspx) are our friend. They provided
workable, though still not entirely clear, explanations.
I guess what I am really asking for here is a clearly written document that
details how to configure Windows 2003 SP1 firewall for DFS Replication much
in the same way this document
(http://support.microsoft.com/default.aspx?scid=kb;en-us;555381) clearly
details configuring the firewall for a DC.
I do appreciate your effort at assistance, though, as I have successfully
made the two services fully operational together.
Thank you.
Charles.
Post by Jorge de Almeida Pinto [MVP]Firewalls. DFS Replication might not work across firewalls because it uses
the RPC dynamic endpoint mapper. Additionally, configuring DFS Replication
using the DFS Management snap-in does not work when a firewall is enabled.
You must define a port exception or disable the firewall, or you can use
Dfsrdiag.exe to set the static RPC port for DFS Replication.
as it says: just use the DFSRDIAG tool to configure the static port. Have
you tried that?
--
Cheers,
(HOPEFULLY THIS INFORMATION HELPS YOU!)
# Jorge de Almeida Pinto # MVP Windows Server - Directory Services
BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx
BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx
------------------------------------------------------------------------------------------
* This posting is provided "AS IS" with no warranties and confers no rights!
* Always test before implementing!
------------------------------------------------------------------------------------------
#################################################
#################################################
------------------------------------------------------------------------------------------
Post by Charles KIs there a clear definative "do this" and Windows Firewall and DFS-R will
work happily together?
My current Windows Firewall has entries for DFSR.exe, Dllhost.exe, RPC over
TCP & UDP Ports 135 and WMI (unsecapp.exe). And I'm still getting RPC cannot
find endpoint errors and replication fails.
FRS never had this many Firewall issues. I just don't want to run my servers
without Firewall protection.
Side note: In this TechNet document
(http://technet2.microsoft.com/WindowsServer/en/Library/1aa249c0-40f3-4974-b67f-e650b602415e1033.mspx?mfr=true)
there is a link to a DFS Replication Operation Guide that is supposed to
discuss DFS Replication and Windows Firewall, but the document doesn't exist.