[Likewise-open-discuss] Error: Manual configuration required [code0x00080043]

Lealcy Belegante Junior lealcy at gmail.com
Wed Apr 30 08:49:45 PDT 2008 

Windows Firewall is disabled on that domain server because of ipnat we use.
And the KB you indicated doesn't opened. Do you know some other trick whe
can try? Or some likewise-side workaround - like maybe no require that ports
open if they don't use then.

Thank you.

2008/4/30 Robert Auch <rauch at likewisesoftware.com>:

> According to the documentation at http://support.microsoft.com/kb/555381these ports are required for proper operation of any Windows 2003 Domain
> controller, no matter which client is joining.  (137 UDP is included in the
> "file and printer sharing" group).
>
> <quote>
> In the following, only items specifically related to correct functioning
> of a Domain Controller are listed; unlisted items can be set to any value
> desired.  For example, it may be useful to have the Allow Remote Desktop
> exception set to Enabled so the Domain Controller can be administered
> remotely, which is common in large installations where Domain Controllers
> are remotely located.
>
>    a. Windows Firewall: Protect all network connections - Enabled
>    b. Windows Firewall: Allow remote administration exception - Enabled
> (enables port 135 and 445 which are both required for Domain Controllers)
>    b. Windows Firewall: Allow file and printer sharing exception: -
> Enabled
>    c. Windows Firewall: Define port exceptions: - Enabled (in the list of
> port exceptions below, the * indicates incoming requests from any IP address
> will be accepted.  Other values are possible - see the text on the Setting
> tab in Group Policy Editor for details.  For example, localsubnet may be
> applicable in some circumstances).  The strings below are exactly what needs
> to be in the list of port exceptions.
>         123:udp:*:enabled:NTP
>         3268:tcp:*:enabled:Global Catalog LDAP
>         389:tcp:*:enabled:LDAP
>         389:udp:*:enabled:LDAP
>         53:tcp:*:enabled:DNS
>         53:udp:*:enabled:DNS
>         53211:tcp:*:enabled:AD Replication (Note: use the port number
> selected in 1.b.i above)
>         53212:tcp:*:enabled:File Replication Service (Note: use the port
> number selected in 1.b.ii above)
>         88:tcp:*:enabled:Kerberos
>         88:udp:*:enabled:Kerberos
> </quote>
>
> Because Windows clients can do a "net time /set" rather than NTP to sync
> their time, they're likely getting around NTP being blocked.  You may want
> to check the event logs on your clients to make sure that they are working
> 100%.
>
> Robert Auch
>
>
> From: likewise-open-discuss-bounces at lists.likewisesoftware.com [mailto:
> likewise-open-discuss-bounces at lists.likewisesoftware.com] On Behalf Of
> Lealcy Belegante Junior
> Sent: Tuesday, April 29, 2008 9:34 AM
> To: likewise-open-discuss at lists.likewisesoftware.com
> Subject: [Likewise-open-discuss] Error: Manual configuration required
> [code0x00080043]
>
> I received the error below when try to put my PC on the domain:
>
> --
>
> root at cpd05:/home/lbjunior# domainjoin-cli join prefeitura lbjunior mypass
> Joining to AD Domain:   prefeitura
> With Computer DNS Name: cpd05.prefeitura
>
>
> Error: Manual configuration required [code 0x00080043]
>
> The configuration stage 'open ports to DC' cannot be completed
> automatically.
> Please manually perform the following steps and rerun the domain join:
>
> Some required ports on the domain controller could not be contacted.
> Please
> update your firewall settings to ensure that the following ports are open
> to
> 'servaut.PREFEITURA':
>     88  UDP
>     137 UDP
>     389 UDP
>     464 UDP
>     123 UDP
>
> --
>
> A portscan to servaut.prefeitura show me that the only ports appears to be
> closed are 137 and 123. My domain server is a Windows Server 2003.
>
> My Windows XP machines connect to domain normally.
>
> Is this ports REALLY necessary open to the Linux connect to the domain
> against the other Windows XP clients that do not require this?
>
> Exist a workarround to this issue?
>
> Thank you all.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.likewisesoftware.com/pipermail/likewise-open-discuss/attachments/20080430/65264133/attachment-0001.htm

More information about the Likewise-open-discuss mailing list