none
PCNS Ports RRS feed

  • Question

  • Hi all,

    I'm working with a customer on delivering password changes cross-forest, with changes originating in a source domain and being reset in a target domain that also contains my FIM server.  I added a new target to a pre-existing PCNS installation today, set the SPNs and opened up the usual ports (135, 5000-5100 and 57500-57520) but found the password changes weren't being delivered to FIM, with an RPC error being logged in event log.  When I looked at a network trace, I was surprised to find it using port 49200.

    I opened up this port and password changes are being delivered OK now, but I'm anxious to make sure that 49200 isn't just in a range of dynamic ports that I've otherwise not opened up.  Anybody have any advice, or what I can check?  We did find something suggesting that RPC can use a random port in the range 49152-65535 - would PCNS use that on Windows 2008?  Though the strange thing is that EVERY DC seemed to be using this port - not very dynamic at all!

    Thanks,

    Paul

    
    
    Thursday, May 23, 2013 3:26 PM

All replies