none
TMG VPN lan to lan, problemi aggiungere server a dominio

    Domanda

  • Ciao a tutti e grazie in anticipo a chi decidesse di darmi un aiuto.

    Sto approcciando TMG per la prima volta ed in particolare sto cercando di collegare due LAN fra di loro con VPN attestata su 2 TMG Server.

    Il diagramma è come da immagine allegata:

    Il "SITE A" è il sito principale. Nella rete 192.168.69.0 ho il Domain Controller (192.168.69.10)

    Il "SITE B" è il sito remoto. Nella rete 192.168.66.0 ho installato un 2008 Server (192.168.66.10) e sto cercando di inserirlo a dominio.

    Le due reti "comunicano": la VPN è configurata ed attiva, i ping funzionano (in entrambi i sensi), le query DNS funzionano da DOM02 verso DOM01, posso accedere in RDP alle macchine del "SITE B" dal "SITE A" e viceversa.

    Il DOM01 ha come Gateway TMG01. Il DOM2 ha come gateway TMG02

    TMG01 è un membro del dominio. TMG02 NON è ancora membro del dominio.

    Il problema è appunto che, se cerco di aggiungere al dominio DOM02, l'operazione mi fallisce. Il DOM02 sente il dominio, mi richiede username e password per autorizzare il join, ma poi dopo parecchio tempo l'operazione fallisce con errore "Durante il tentativo di aggiungere il computer al dominio si è verificato il seguente errore: Il nome di rete specificato non è più disponibile"

    Sul TMG02 (nella sezione Registri e Rapporti") vedo tutto il traffico autorizzato, tranne per una richiesta sulla porta 88 con protocollo "Kerberos-Sec (TCP)" che a volte passa ed a volte mi viene rifiutata con errore "Un pacchetto non SYN non è stato elaborato. Il pacchetto è stato inviato da un'origine che non ha una connessione attendibile con il computer Forefront TMG.". IP CLIENT 192.168.66.10, IP DESTINAZIONE 192.168.69.10

    Nessun Blocco invece su TMG01

    Non riesco a capire come autorizzare quella richiesta Kerberos, che mi pare la causa del problema sul Join a dominio di DOM02.

    Grazie ancora,

    Mauro.

    giovedì 21 marzo 2013 12:05

Risposte

Tutte le risposte

  • Leggi bene questo post di Hicks

    http://tmgblog.richardhicks.com/2012/09/10/forefront-tmg-2010-protocols-and-ports-reference/

    ed anche questo thread

    http://forums.isaserver.org/m_2002108392/mpage_1/key_/tm.htm#2002108393

    che ti aiuta a capire in fondo come verificare se qualche porta è filtrata.


    Edoardo Benussi
    Microsoft MVP - Directory Services
    edo[at]mvps[dot]org

    giovedì 21 marzo 2013 13:06
  • Grazie 1000 Edoardo.

    Ho letto ed in realtà il secondo post è molto interessante in quanto mi ha fatto conoscere il "Port Query Tool" che ho provveduto a lanciare sul DOM02, facendo QUERY su DOM01 con la tipologia di Query settata su "Domains and trust".

    Il risultato lo incollo qui di seguito. In effetti ci sono delle porte in stato "LISTENING" e delle porte in stato "LISTENING or FILTERED". Guarda caso, la 88 UDP è proprio una "LISTENED or FILTERED".

    Ora, la domanda da profano è: come si disabilita questo FILTRO?

    Ho provato a disattivare (a scopo di test) tutti i "Filtri Applicazione" ed i "Filtri Web" su entrambi i TMG, ma il risultato non cambia:

     

    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 135 -p TCP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 135 (epmap service): LISTENING

    Using ephemeral source port
    Querying Endpoint Mapper Database...
    Server's response:

    UUID: 91ae6020-9e3c-11cf-8d7c-00aa00c091be
    ncacn_np:192.168.69.10[\\pipe\\cert]

    UUID: 91ae6020-9e3c-11cf-8d7c-00aa00c091be
    ncacn_ip_tcp:192.168.69.10[49219]

    UUID: 6b5bdd1e-528c-422c-af8c-a4079be4fe48 Remote Fw APIs
    ncacn_ip_tcp:192.168.69.10[49205]

    UUID: 12345678-1234-abcd-ef00-0123456789ab IPSec Policy agent endpoint
    ncacn_ip_tcp:192.168.69.10[49205]

    UUID: 367abb81-9844-35f1-ad32-98f038001003
    ncacn_ip_tcp:192.168.69.10[49203]

    UUID: 6bffd098-a112-3610-9833-46c3f874532d
    ncacn_ip_tcp:192.168.69.10[49200]

    UUID: 5b821720-f63b-11d0-aad2-00c04fc324db
    ncacn_ip_tcp:192.168.69.10[49200]

    UUID: f5cc59b4-4264-101a-8c59-08002b2f8426 NtFrs Service
    ncacn_ip_tcp:192.168.69.10[49196]

    UUID: d049b186-814f-11d1-9a3c-00c04fc9b232 NtFrs API
    ncacn_ip_tcp:192.168.69.10[49196]

    UUID: a00c021c-2be2-11d2-b678-0000f87a8f8e PERFMON SERVICE
    ncacn_ip_tcp:192.168.69.10[49196]

    UUID: 50abc2a4-574d-40b3-9d66-ee4fd5fba076
    ncacn_ip_tcp:192.168.69.10[49195]

    UUID: 3473dd4d-2e88-4006-9cba-22570909dd10 WinHttp Auto-Proxy Service
    ncacn_np:192.168.69.10[\\PIPE\\W32TIME_ALT]

    UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
    ncacn_np:192.168.69.10[\\pipe\\lsass]

    UUID: b25a52bf-e5dd-4f4a-aea6-8ca7272a0e86 KeyIso
    ncacn_np:192.168.69.10[\\PIPE\\protected_storage]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_np:192.168.69.10[\\pipe\\lsass]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_np:192.168.69.10[\\PIPE\\protected_storage]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_ip_tcp:192.168.69.10[49155]

    UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
    ncacn_http:192.168.69.10[49156]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_np:192.168.69.10[\\pipe\\lsass]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_np:192.168.69.10[\\PIPE\\protected_storage]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_ip_tcp:192.168.69.10[49155]

    UUID: f5cc5a18-4264-101a-8c59-08002b2f8426 MS NT Directory NSP Interface
    ncacn_http:192.168.69.10[49156]

    UUID: 12345778-1234-abcd-ef00-0123456789ab
    ncacn_np:192.168.69.10[\\pipe\\lsass]

    UUID: 12345778-1234-abcd-ef00-0123456789ab
    ncacn_np:192.168.69.10[\\PIPE\\protected_storage]

    UUID: 12345778-1234-abcd-ef00-0123456789ab
    ncacn_ip_tcp:192.168.69.10[49155]

    UUID: 12345778-1234-abcd-ef00-0123456789ab
    ncacn_http:192.168.69.10[49156]

    UUID: 12345778-1234-abcd-ef00-0123456789ac
    ncacn_np:192.168.69.10[\\pipe\\lsass]

    UUID: 12345778-1234-abcd-ef00-0123456789ac
    ncacn_np:192.168.69.10[\\PIPE\\protected_storage]

    UUID: 12345778-1234-abcd-ef00-0123456789ac
    ncacn_ip_tcp:192.168.69.10[49155]

    UUID: 12345778-1234-abcd-ef00-0123456789ac
    ncacn_http:192.168.69.10[49156]

    UUID: 12345778-1234-abcd-ef00-0123456789ac
    ncacn_ip_tcp:192.168.69.10[49157]

    UUID: 12345678-1234-abcd-ef00-01234567cffb
    ncacn_np:192.168.69.10[\\pipe\\lsass]

    UUID: 12345678-1234-abcd-ef00-01234567cffb
    ncacn_np:192.168.69.10[\\PIPE\\protected_storage]

    UUID: 12345678-1234-abcd-ef00-01234567cffb
    ncacn_ip_tcp:192.168.69.10[49155]

    UUID: 12345678-1234-abcd-ef00-01234567cffb
    ncacn_http:192.168.69.10[49156]

    UUID: 12345678-1234-abcd-ef00-01234567cffb
    ncacn_ip_tcp:192.168.69.10[49157]

    UUID: 1ff70682-0a51-30e8-076d-740be8cee98b
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: 378e52b0-c0a9-11cf-822d-00aa0051e40f
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: 86d35949-83c9-4044-b424-db363231fd0c
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: 86d35949-83c9-4044-b424-db363231fd0c
    ncacn_ip_tcp:192.168.69.10[49158]

    UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: 98716d03-89ac-44c7-bb8c-285824e51c4a XactSrv service
    ncacn_ip_tcp:192.168.69.10[49158]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_ip_tcp:192.168.69.10[49158]

    UUID: a398e520-d59a-4bdd-aa7a-3c1e0303a511 IKE/Authip API
    ncacn_np:192.168.69.10[\\PIPE\\srvsvc]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_ip_tcp:192.168.69.10[49158]

    UUID: 552d076a-cb29-4e44-8b6a-d15e59e2c0af IP Transition Configuration endpoint
    ncacn_np:192.168.69.10[\\PIPE\\srvsvc]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1
    ncacn_ip_tcp:192.168.69.10[49158]

    UUID: 30b044a5-a225-43f0-b3a4-e060df91f9c1
    ncacn_np:192.168.69.10[\\PIPE\\srvsvc]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_np:192.168.69.10[\\PIPE\\atsvc]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_ip_tcp:192.168.69.10[49158]

    UUID: c9ac6db5-82b7-4e55-ae8a-e464ed7b4277 Impl friendly name
    ncacn_np:192.168.69.10[\\PIPE\\srvsvc]

    UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
    ncacn_np:192.168.69.10[\\pipe\\eventlog]

    UUID: f6beaff7-1e19-4fbb-9f8f-b89e2018337c Event log TCPIP
    ncacn_ip_tcp:192.168.69.10[49153]

    UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
    ncacn_np:192.168.69.10[\\pipe\\eventlog]

    UUID: 30adc50c-5cbc-46ce-9a0e-91914789e23c NRP server endpoint
    ncacn_ip_tcp:192.168.69.10[49153]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
    ncacn_np:192.168.69.10[\\pipe\\eventlog]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d6 DHCPv6 Client LRPC Endpoint
    ncacn_ip_tcp:192.168.69.10[49153]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
    ncacn_np:192.168.69.10[\\pipe\\eventlog]

    UUID: 3c4728c5-f0ab-448b-bda1-6ce01eb0a6d5 DHCP Client LRPC Endpoint
    ncacn_ip_tcp:192.168.69.10[49153]

    UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d
    ncacn_np:192.168.69.10[\\PIPE\\InitShutdown]

    UUID: d95afe70-a6d5-4259-822e-2c84da1ddb0d
    ncacn_ip_tcp:192.168.69.10[49152]

    UUID: 76f226c3-ec14-4325-8a99-6a46348418af
    ncacn_np:192.168.69.10[\\PIPE\\InitShutdown]

    Total endpoints found: 65

     

    ==== End of RPC Endpoint Mapper query response ====
    portqry.exe -n 192.168.69.10 -e 135 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 389 -p BOTH ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to dom01.xxx.local

    querying...

    TCP port 389 (ldap service): LISTENING

    Using ephemeral source port
    Sending LDAP query to TCP port 389...

    LDAP query response:


    currentdate: 03/21/2013 14:35:27 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=xxx,DC=local
    dsServiceName: CN=NTDS Settings,CN=DOM01,CN=Servers,CN=xxx,CN=Sites,CN=Configuration,DC=xxx,DC=local
    namingContexts: DC=xxx,DC=local
    defaultNamingContext: DC=xxx,DC=local
    schemaNamingContext: CN=Schema,CN=Configuration,DC=xxx,DC=local
    configurationNamingContext: CN=Configuration,DC=xxx,DC=local
    rootDomainNamingContext: DC=xxx,DC=local
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 248124029
    supportedSASLMechanisms: GSSAPI
    dnsHostName: DOM01.xxx.local
    ldapServiceName: xxx.local:dom01$@XXX.LOCAL
    serverName: CN=DOM01,CN=Servers,CN=xxx,CN=Sites,CN=Configuration,DC=xxx,DC=local
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 2
    forestFunctionality: 2
    domainControllerFunctionality: 4


    ======== End of LDAP query response ========

    UDP port 389 (unknown service): LISTENING or FILTERED

    Using ephemeral source port
    Sending LDAP query to UDP port 389...

    LDAP query response:


    currentdate: 03/21/2013 14:35:32 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=xxx,DC=local
    dsServiceName: CN=NTDS Settings,CN=DOM01,CN=Servers,CN=xxx,CN=Sites,CN=Configuration,DC=xxx,DC=local
    namingContexts: DC=xxx,DC=local
    defaultNamingContext: DC=xxx,DC=local
    schemaNamingContext: CN=Schema,CN=Configuration,DC=xxx,DC=local
    configurationNamingContext: CN=Configuration,DC=xxx,DC=local
    rootDomainNamingContext: DC=xxx,DC=local
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 248124029
    supportedSASLMechanisms: GSSAPI
    dnsHostName: DOM01.xxx.local
    ldapServiceName: xxx.local:DOM01$@xxx.LOCAL
    serverName: CN=DOM01,CN=Servers,CN=xxx,CN=Sites,CN=Configuration,DC=xxx,DC=local
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 2
    forestFunctionality: 2
    domainControllerFunctionality: 4


    ======== End of LDAP query response ========

    UDP port 389 is LISTENING

    portqry.exe -n 192.168.69.10 -e 389 -p BOTH exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 636 -p TCP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 636 (ldaps service): LISTENING
    portqry.exe -n 192.168.69.10 -e 636 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 3268 -p TCP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 3268 (msft-gc service): LISTENING

    Using ephemeral source port
    Sending LDAP query to TCP port 3268...

    LDAP query response:


    currentdate: 03/21/2013 14:35:33 (unadjusted GMT)
    subschemaSubentry: CN=Aggregate,CN=Schema,CN=Configuration,DC=xxx,DC=local
    dsServiceName: CN=NTDS Settings,CN=DOM01,CN=Servers,CN=xxx,CN=Sites,CN=Configuration,DC=xxx,DC=local
    namingContexts: DC=xxx,DC=local
    defaultNamingContext: DC=xxx,DC=local
    schemaNamingContext: CN=Schema,CN=Configuration,DC=xxx,DC=local
    configurationNamingContext: CN=Configuration,DC=xxx,DC=local
    rootDomainNamingContext: DC=xxx,DC=local
    supportedControl: 1.2.840.113556.1.4.319
    supportedLDAPVersion: 3
    supportedLDAPPolicies: MaxPoolThreads
    highestCommittedUSN: 248124029
    supportedSASLMechanisms: GSSAPI
    dnsHostName: DOM01.xxx.local
    ldapServiceName: xxx.local:DOM01$@xxx.LOCAL
    serverName: CN=DOM01,CN=Servers,CN=xxx,CN=Sites,CN=Configuration,DC=xxx,DC=local
    supportedCapabilities: 1.2.840.113556.1.4.800
    isSynchronized: TRUE
    isGlobalCatalogReady: TRUE
    domainFunctionality: 2
    forestFunctionality: 2
    domainControllerFunctionality: 4


    ======== End of LDAP query response ========
    portqry.exe -n 192.168.69.10 -e 3268 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 3269 -p TCP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 3269 (msft-gc-ssl service): LISTENING
    portqry.exe -n 192.168.69.10 -e 3269 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 53 -p BOTH ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 53 (domain service): LISTENING

    UDP port 53 (domain service): LISTENING
    portqry.exe -n 192.168.69.10 -e 53 -p BOTH exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 88 -p BOTH ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 88 (kerberos service): LISTENING

    UDP port 88 (kerberos service): LISTENING or FILTERED
    portqry.exe -n 192.168.69.10 -e 88 -p BOTH exits with return code 0x00000002.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 445 -p TCP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 445 (microsoft-ds service): LISTENING
    portqry.exe -n 192.168.69.10 -e 445 -p TCP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 137 -p UDP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    UDP port 137 (netbios-ns service): LISTENING or FILTERED

    Using ephemeral source port
    Attempting NETBIOS adapter status query to UDP port 137...

    Server's response: MAC address 000c29f5dd55
    UDP port: LISTENING
    portqry.exe -n 192.168.69.10 -e 137 -p UDP exits with return code 0x00000000.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 138 -p UDP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    UDP port 138 (netbios-dgm service): LISTENING or FILTERED
    portqry.exe -n 192.168.69.10 -e 138 -p UDP exits with return code 0x00000002.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 139 -p TCP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 139 (netbios-ssn service): FILTERED
    portqry.exe -n 192.168.69.10 -e 139 -p TCP exits with return code 0x00000002.
    =============================================

     Starting portqry.exe -n 192.168.69.10 -e 42 -p TCP ...


    Querying target system called:

     192.168.69.10

    Attempting to resolve IP address to a name...


    IP address resolved to DOM01.xxx.local

    querying...

    TCP port 42 (nameserver service): NOT LISTENING
    portqry.exe -n 192.168.69.10 -e 42 -p TCP exits with return code 0x00000001.

    giovedì 21 marzo 2013 14:46
  • per caso hai l'RPC compliance abilitato ?

    vedi questo link

    http://www.buchatech.com/2011/02/allow-dpm-traffic-through-isa-2006-tmg-2010/


    Edoardo Benussi
    Microsoft MVP - Directory Services
    edo[at]mvps[dot]org

    lunedì 15 aprile 2013 12:08
  • Ciao Mauro,

    Ad oggi il tuo thread nel Forum di Sicurezza è ancora aperto per noi.

    Se i consigli ricevuti ti sono stati utili, ricorda di evidenziare la soluzione cliccando su "Segna come Risposta". Se invece hai trovato un'altra soluzione nel frattempo, ti saremmo grati di condividerla anche qui, a beneficio degli altri utenti che seguono il thread.

    Nel frattempo, una lettura potrebbe esserti utile per approfondire lo significato della risposta "Listening or Filtered":

    Using PORTQRY for troubleshooting

    Portqry Remarks

    Grazie,


    Anca Popa Follow ForumTechNetIt on Twitter

    Microsoft offre questo servizio gratuitamente, per aiutare gli utenti e aumentare il database dei prodotti e delle tecnologie. Il contenuto viene fornito “così come è” e non comporta alcuna responsabilità da parte dell'azienda.


    martedì 23 aprile 2013 09:19
  • Ciao Edoardo.

    Si, l'RPC compliance era abilitato, è abilitato di default come dice l'articolo che mi hai postato.

    Ho tolto la spunta, ed ora il traffico fra i due domain controller sembra essere "pulito", sono in replica.

    Grazie 1000,

    Mauro.

    giovedì 30 maggio 2013 09:33
  • grazie del feedback, ciao.


    Edoardo Benussi
    Microsoft MVP - Directory Services
    edo[at]mvps[dot]org

    giovedì 30 maggio 2013 09:45