Hello,
Has anyone encountered issues with restricting the Active Directory dynamic ports for Netlogon and NTDS in Server 2012? I have followed the added the typical registry entries as described below but I still see my RDS gateway in the DMZ trying to communicate to my internal DC over other ephemeral ports (49158). I have rebooted the DC after the registry changes and still no effect. Are the reg entries the same in 2012? Any help would be appreciated. Thank you
Registry key 1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
Registry value: TCP/IP Port
Value type: REG_DWORD
Value data: 49152 (This value needs to be specified in decimal format)
Registry key 2
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
Registry value: DCTcpipPort
Value type: REG_DWORD
Value data: 49153 (This value needs to be specified in decimal format)
Eddie Espino | Secure Data Solutions | Miami, Florida | Microsoft Partner