Cannot telnet to port after installing Active Directory and DNS Server

08
2013-11
  • Ahmad

    I have a machine running Windows Server 2008 R2 in my network on which we have installed Software AG products. To access these products, we open their console webpage in our web browsers, like this: http://172.19.50.121:8585 and http://172.19.50.121:5555. These are two separate applications, running on these ports.

    Before installing Active Directory and DNS Server on this machine, I was able to open these webpages from other machines within the network. But now I installed Active Directory and DNS Server on this machine, and I can no longer open these sites from outside the machine.

    I can however, open them from inside the machine, by opening the sites: http://localhost:8585 and http://localhost:5555.

    I think this has something to do with the DNS Server that got installed. I tried disabling the DNS Server service but that didn't resolve the issue.

    Can someone help me out here ?

    • Answers
  • shufler

    Check Windows Firewall, it sounds like there is a rule that has blocked these ports.


    • Related Question

    ldap - Active Directory with nodes in multiple IP Addresses
  • Stormshadow

    I have written some code to fetch user information from an Active Directory Server. Suppose the Active Directory Server has nodes, each of which is another Active Directory Installation in a different geographic location. Eg: one AD server in US and another in Australia with a root AD Server in US with the former two as nodes.

    Would the filter queries I write for searching users across geographic locations work if I run them on the root AD server ?. The query I use is

    (|(objectClass=user)(objectClass=person)(objectClass=inetOrgPerson))

    I cannot actually test this scenario but need to know the what will happen here.


    • Related Answers
  • geoffc

    In Active Directory there is no real partitioning of the directory. If you need to make a subset of users, that replicate differently you would need a new domain, with its own set of domain controllers.

    So that means your domain controller (What you call an Active Directory Server) in each geographic region probably has a full copy of all users. If it does not, then each geographical region is its own domain.

    Thus your query should work on any of the DC's, assuming it is a single domain. If not, then the query will try to traverse the domain structure and will need network access for an LDAP query to the other DC's.

    In your case it is actually is the search base, not the filter that you would need to worry about the most. That is, where does the search begin. Should there be geographically separate Domains, then you would want to search in the appropriate containers per location.