|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
Ports Required for client authentication to ADWE have several locations where currently we have our cisco asa devices set
to require the client to authenticate before we allow their source traffice to come up the vpn tunnel to our home office. This is great since their computers are in customer's locations. It however is giving me grief for logon scripts, initial GPO objects etc will not work since the machine cant talk to our domain controllers when the user is not logged in. I want to create a rule in our cisco device to allow this back channel communication. What ports do i need open for GPO, AD, LDAP, Kerberos, Login Scripts Etc? Any Advice would be greatly appreciated. check out:
http://support.microsoft.com/kb/832017 -- Show quoteHide quoteCheers, (HOPEFULLY THIS INFORMATION HELPS YOU!) # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services # BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx ------------------------------------------------------------------------------------------ * This posting is provided "AS IS" with no warranties and confers no rights! * Always test ANY suggestion in a test environment before implementing! ------------------------------------------------------------------------------------------ ################################################# ################################################# ------------------------------------------------------------------------------------------ "Rtaggart17" <Rtaggar***@discussions.microsoft.com> wrote in message news:FAC8CE67-99E3-47C9-A67C-BD00B78B5D14@microsoft.com... > WE have several locations where currently we have our cisco asa devices > set > to require the client to authenticate before we allow their source > traffice > to come up the vpn tunnel to our home office. This is great since their > computers are in customer's locations. It however is giving me grief for > logon scripts, initial GPO objects etc will not work since the machine > cant > talk to our domain controllers when the user is not logged in. I want to > create a rule in our cisco device to allow this back channel > communication. > What ports do i need open for GPO, AD, LDAP, Kerberos, Login Scripts Etc? > Any Advice would be greatly appreciated. and:
http://www.microsoft.com/downloads/details.aspx?familyid=C2EF3846-43F0-4CAF-9767-A9166368434E&displaylang=en -- Show quoteHide quoteCheers, (HOPEFULLY THIS INFORMATION HELPS YOU!) # Jorge de Almeida Pinto # MVP Identity & Access - Directory Services # BLOG (WEB-BASED)--> http://blogs.dirteam.com/blogs/jorge/default.aspx BLOG (RSS-FEEDS)--> http://blogs.dirteam.com/blogs/jorge/rss.aspx ------------------------------------------------------------------------------------------ * This posting is provided "AS IS" with no warranties and confers no rights! * Always test ANY suggestion in a test environment before implementing! ------------------------------------------------------------------------------------------ ################################################# ################################################# ------------------------------------------------------------------------------------------ "Rtaggart17" <Rtaggar***@discussions.microsoft.com> wrote in message news:FAC8CE67-99E3-47C9-A67C-BD00B78B5D14@microsoft.com... > WE have several locations where currently we have our cisco asa devices > set > to require the client to authenticate before we allow their source > traffice > to come up the vpn tunnel to our home office. This is great since their > computers are in customer's locations. It however is giving me grief for > logon scripts, initial GPO objects etc will not work since the machine > cant > talk to our domain controllers when the user is not logged in. I want to > create a rule in our cisco device to allow this back channel > communication. > What ports do i need open for GPO, AD, LDAP, Kerberos, Login Scripts Etc? > Any Advice would be greatly appreciated. 
Other interesting topics
User rights of logon server locally, start/stop services, kill pro
All domain Accounts being locked out How to Restrict End Users to Login from any one machine on network Group Policy encryption that cannot be restored No Updates are successful Windows Vista where in windows 2000 ? Admin account disappeared Re: automatic updates disabled "error 1058" |
|||||||||||||||||||||||
