Hi all,
We just started to tight up the access list for our 3rd party consultants VMs. But for some reason it looks like it can't authenticate to the DC server. We have 4 DC server below in organization:
1DC-FSMO roles
2DC
3DC
4DC
We only gave them rights to DC 3&4. And allowed the following ports:
135, 1024-65535
Ports:
LDAP TCP-in - 389
LDAP UDP in - 389
LDAP for Global Catalog TCP in - 3268
NetBIOS name Resolution UDP in - 138
SAM/LSA TCP in - 445
SAM/LSA UDP in - 445
Secure LDAP TCP in - 636
Secure LDAP for Global Catalog TCP in - 3269
W32Time NTP UDP in - 123
RPC - RPC Dynamic
RPC Endpoint Mapper
DNS - TCP and UDP 53
Kerberos V5 UDP in - 88
Netbios Datagram UDP in - 137
Also I can ping the DC server by name and IP's if i login as a local account.
We get the following error attached when i attempt to login to VM using my AD credentials. Any advise would be awesome!