Technical Web Log

Source: http://www.windowsnetworking.com/kbase/WindowsTips/WindowsServer2008/AdminTips/ActiveDirectory/WhatAllPortsAreRrequiredByDomainControllersAndClientComputers.html This article explains the key port requirement for Client computers and Domain Controllers communicating with each other. Active Directory communication takes place using several ports. These ports are required by both client computers and Domain Controllers. As an example, when a client computer tries to find a domain controller it always sends a DNS Query over Port 53 to find the name of the domain controller in the domain. The following is the list of services and their ports used for Active Directory communication: UDP Port 88 for Kerberos authentication UDP and TCP Port 135 for domain controllers-to-domain controller and client to domain controller operations. TCP Port 139 and UDP 138 for File Replication Service between domain controllers. UDP Port 389 for LDAP to handle normal queries from client...

Source: http://kpytko.pl/active-directory-domain-services/adding-additional-domain-controller-windows-server-2012/ Courtesy: Krzysztof Pytko Why do we need to add additional Domain Controller? This answer is very simple: “for services redundancy” or “for domain authentication improvement in remote Site”. In case of server failure, we still have another one which can provide necessary services in our network, which avoids business discontinuity. First of all, we need to install new box or virtual machine with a server operating system that is supported in domain environment. To check what Windows Server versions can be installed and promoted as Domain Controller, we need to check   Domain Functional Level . To determine Domain Functional Level, please follow my another article on the blog titled:   Determine DFL and FFL using PowerShell You may find one of these Domain Functional Levels supported by Windows Server 2012 Domain Controllers: Windows Server ...