Question : Windows 2008R2 static ports for ntds/rpc/ntfrs

On our past Windows 2003 domain controllers, we used the following registry settings to restrict the port usage on various AD-related services to a single, static port each:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters]
"DCTcpipPort"=dword:00001451
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
"TCP/IP Port"=dword:00001450
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NtFrs\Parameters]
"RPC TCP/IP Port Assignment"=dword:00001452

You can see that this limits ntfrs, ntds, and netlogon port usage each to their own static port.  We now need to do the same for our new Windows 2008R2 domain controllers we are bringing up.  However, I'm not seeing much on Microsoft's support site saying whether these registry settings will work.  It looks like the ntfrs setting might work, since that particular KB article has been updated to reflect 2008.  I can't find info on the other settings, though.

Does anyone have any info on assigning static ports for rpc-based services on 2008 AD servers?

Answer : Windows 2008R2 static ports for ntds/rpc/ntfrs

Random Solutions  
 
programming4us programming4us