For more information, see Protocols in TLS/SSL (Schannel SSP). Displays the logical name of each service. Certificate Services is part of the core operating system. This system service contains a process manager and a configuration manager. Fügen Sie unter dem Internet Schlüssel die Werte Ports (MULTI_SZ), PortsInternetAvailable (REG_SZ) und UseInternetPorts (REG_SZ) hinzu. The following list provides an overview of the information that this article contains: Use this section to help identify the ports and protocols that a particular service uses. In diesen Fällen verlassen sich RPC-Clients darauf, dass die RPC-Endpunktzuordnung Ihnen mitteilt, welche … The Remote Procedure Call service coordinates requests by other system services that use RPC or DCOM to communicate with client computers. This service has the same firewall requirements as the File and Printer Sharing feature. If you use L2TP with IPsec, you must allow IPsec ESP (IP protocol 50), NAT-T (UDP on port 4500), and IPsec ISAKMP (UDP on port 500) through the router. The Browser service uses RPC over Named Pipes to compile. The NetMeeting Remote Desktop Sharing system service allows authorized users to use Windows NetMeeting to remotely access your Windows desktop from another personal computer over a corporate intranet. Other services rely on HTTP or on Hypertext Transfer Protocol Secure (HTTPS). Daher ist es wichtig, bei der Ausführung der folgenden Schritte sorgfältig vorzugehen. Remote Procedure Call (RPC) dynamic port allocation is used by server applications and remote administration applications such as Dynamic Host Configuration Protocol (DHCP) Manager, Windows Internet Name Service (WINS) Manager, and so on. You can use the Internet Information Services (IIS) Manager snap-in to configure the ports that are used by this service. System service name: Remote_Storage_User_Link. Net Logon is configured to start automatically only when a member computer or domain controller is joined to a domain. Use this section to quickly determine which services listen on a particular port. Die Ports zwischen 1024 und 49151 können von Programmen und Anwendungen recht frei vergeben werden. The File Replication service (FRS) is a file-based replication engine that automatically copies updates to files and folders between computers that are participating in a common FRS replica set. Kunden, die Firewalls verwenden, möchten möglicherweise steuern, welche Ports von RPC verwendet werden, sodass der Firewall-Router so konfiguriert werden kann, dass nur diese UDP-und TCP-Ports (Transmission Control Protocol) weitergeleitet werden. Windows XP implemented roaming user profile caching as part of the Winlogon process while Windows Vista, Windows Server 2008, and later operating systems use the User Profile Service. The DFSN service is required for Active Directory domain controllers to advertise the SYSVOL shared folder. By default, the License Logging service is disabled in Windows Server 2003. There may be additional things to consider for your particular environment. RPC does not use only the hard-coded ports that are listed in the table. Berücksichtigen Sie dies beim Einschränken des Portbereichs. Windows nutzt diese z.B. Additionally, unless a tunneling protocol is used to encapsulate traffic to Active Directory, a range of ephemeral TCP ports between 1024 to 5000 and 49152 to 65535 are required. This section provides a description of each system service, includes the logical name that corresponds to the system service, and displays the ports and the protocols that each service requires. Verwenden Sie die in diesem Artikel beschriebene Methode nur, wenn der RPC-Server keine Möglichkeit zum Definieren des Serverports bietet. The software distributes data among the nodes of the cluster. In addition, the Microsoft LDAP client uses ICMP pings to verify that an LDAP server it has a pending request with is still present on the network. To view this organization's list of TCP/IP port assignments, see Service Name and Transport Protocol Port Number Registry. 1. für \"Remote Registry\", Druckdienste, Backup, Eventlog, Taskplaner und auch Outlook/Exchange bedient sich der Dienste des \"Portmappers\" um die aktuellen Ports für die gewünschten Dienste zu erhalten. However, you can configure this system service through the Internet Information Services (IIS) Manager snap-in. Terminal Services Session Directory keeps track of disconnected sessions on the cluster and makes sure that users are reconnected to those sessions. Dies liegt daran, dass DCOM unformatierte IP-Adressen in der Schnittstelle zum Marshallen von Paketen speichert, und wenn der Client keine Verbindung mit der im Paket angegebenen Adresse herstellen kann, ist dies nicht möglich. The Distributed File Replication Service includes the Dfsrdiag.exe command-line tool. For example, if you configure a VPN gateway that is behind a filtering router, you will probably use only one protocol. System services support the different tasks that the operating system must perform. Damit Sie überhaupt mit dem Internet kommunizieren oder über Ihre Mail-Adresse Nachrichten versenden und empfangen können, müssen nach außen hin Türen in Form der sogenannten Ports geöffnet werden. Bei Y sind die Ports, die im Schlüssel Ports aufgeführt sind, alle Internet verfügbaren Ports auf diesem Computer. Einige Firewalls erlauben auch eine UUID-Filterung, bei der Sie von einer RPC-Endpunkt Zuordnungsanforderung für eine UUID der RPC-Schnittstelle erfahren. The Remote Storage Notification system service notifies users when they read from or write to files that are available only from a secondary storage media. Preloaded Lmhosts entries will bypass the DNS resolver. This service uses Network Time Protocol (NTP) to synchronize computer clocks so that an accurate clock value, or time stamp, is assigned for network validation and for resource access requests. Ereignis-ID: 5820 The RPC service serves as the RPC Endpoint Mapper and Component Object Model (COM) Service Control Manager. SSDP Discovery Service also accepts the registration of event callbacks from clients. ¹ It's the range in Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista. If the administrative website is enabled, a virtual website is created that uses HTTP traffic on TCP port 8098. This requires RPC/WMI access through port 135 and ports 49152-65535 inbound to the … PortsInternetAvailable REG_SZ Y oder N (Groß-/Kleinschreibung wird nicht berücksichtigt). This service helps you locate network resources by using NetBIOS names. The ALG FTP plug-in supports these sessions by redirecting all traffic that meets the following criteria to a private listening port in the range of 3000 to 5000 on the loopback adapter: The ALG FTP plug-in then monitors and updates FTP control channel traffic so that the FTP plug-in can forward port mappings through the NAT for the FTP data channels. The ephemeral port range depends on the server operating system that the client operating system is connected to. The Message Queuing system service is a messaging infrastructure and development tool for creating distributed messaging programs for Windows. 0. This port is used only by the ISA management MMC during remote server and service status monitoring. It is not used on a Windows Server 2012 domain controller. In this encapsulated scenario, you must allow the following items through the router instead of opening all the ports and protocols listed in this topic: Finally, you can hard-code the port that is used for Active Directory replication by following the steps in Restricting Active Directory RPC traffic to a specific port. Trap destinations include the computer name, the IP address, or the Internetwork Packet Exchange (IPX) address of the management system. PortsInternetAvailable: REG_SZ: Y The Distributed Transaction Coordinator (DTC) system service coordinates transactions that are distributed across multiple computer systems and resource managers, such as databases, message queues, file systems, or other transaction-protected resource managers. Port numbers below 5000 may already be in use by other applications and could cause conflicts with your DCOM application (s). The IPAM client UI communicates with the IPAM server to perform remote management. If no member is specified, Dfsrdiag.exe uses the local computer. ¹ For more information about how to customize this port, see Domain controllers and Active Directory in the References section. In Windows Server 2008 and later versions, and in Windows Vista and later versions, the default dynamic port range changed to the following range: Windows 2000, Windows XP, and Windows Server 2003 use the following dynamic port range: For more information about the default dynamic port range, see The default dynamic port range for TCP/IP has changed. In Microsoft Exchange 2000 Server and Exchange Server 2003, the MTA is frequently used to provide backward-compatible message transfer services between Exchange 2000 Server-based servers and Exchange Server 5.5-based servers in a mixed-mode environment. Terminal Services enables multiple users to be connected interactively to a computer. This system service also provides periodic announcements to hosted devices. When the Group Policy Microsoft Management Console (MMC) snap-in creates Group Policy Results reports and Group Policy Modeling reports, it uses DCOM and RPC to send and to receive information from the Resultant Set of Policy (RSoP) provider on the client or on the domain controller. System service name: Remote_Storage_Server. RPC dynamic port allocation will instruct the RPC program to use a particular random port in the range configured for TCP and UDP, based on the … The Boot Information Negotiation Layer (BINL) service, the primary component of Remote Installation Server (RIS), answers PXE client requests, checks Active Directory for client validation, and passes client information to and from the server. Gibt die Standardrichtlinie für das System an. For a cross-domain logon, where a computer is in one domain and the user account is in another domain, these protocols may be required for the client, the resource domain, and the account domain to communicate. For information about the ports that are used by Windows Media Services, see Allocating Ports for Windows Media Services. Die Antwort hat die Portnummer des Servers, und eine nachfolgende RPC-Bindung an diesem Port kann dann übergeben werden. Primary Computer provides a capability to prevent data caching to computers that are not authorized by administrators for specific users. American National Standards Institute (ANSI), RFC 2349 - Time-out interval, and transfer size options, Distributed File System Replication (if not using FRS for SYSVOL replication), File Replication Service (if not using DFSR for SYSVOL replication), WINS (in Windows Server 2003 SP1 and later versions for backup Active Directory replication operations, if DNS is not working), Certificate Services (required for specific configurations), Distributed File System Namespaces (if using domain-based namespaces). For example, many services rely on the Remote Procedure Call (RPC) or DCOM features in Microsoft Windows to assign them dynamic TCP ports. The Remote Procedure Call (RPC) system service is an interprocess communication (IPC) mechanism that enables data exchange and invocation of functionality that is located in a different process. Windows Media Services supports a larger variety of control protocols. 1. Beide werden normalerweise per Voreinstellung automatisch gestartet. For more information about the ports that are used by SMS 2003, see Ports that Systems Management Server 2003 uses to communicate through a firewall or through a proxy server. This system was added in Windows Server 2012. Mit vielen RPC-Servern in Windows können Sie den Serverport in benutzerdefinierten Konfigurationselementen wie Registrierungseinträgen angeben. ¹ For more information about how to customize this port, see Domain controllers and Active Directory in the References section. ¹ For more information about how to customize this port, see Distributed File Replication Service in the References section. DNS servers are required to locate devices and services that are identified by using DNS names and to locate domain controllers in Active Directory. For more information about how to help secure Windows Server and for sample IPsec filters for specific server roles, see Microsoft Security Compliance Manager. For more information about the RPC protocol and about how computers that are running Windows 2000 initialize, see Windows 2000 Startup and Logon Traffic Analysis. Windows Server 2012 support the initiation of remote group policy update against Windows Server 2012 computers. These protocols are provided by Internet Information Services (IIS). Computers that are designated as browsers maintain browse lists that contain all shared resources that are used on the network. Windows domain controllers use the SMTP service for intersite e-mail-based replication. Administrators can use this service to store and manage email accounts on the mail server. ASP.NET State Service stores session data out-of-process. Most FTP clients use passive mode FTP. For more information, see the Using Windows Server 2003 with Service Pack 1 in a Managed Environment: Controlling Communication with the Internet. These programs can communicate across heterogeneous networks and can send messages between computers that may be temporarily unable to connect to one another. ³ It's the range in Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista. SSDP Discovery Service implements SSDP as a Windows service. It accepts and queues email messages for remote destinations, and it retries at set intervals. Then the SNMP Trap Service forwards those messages to SNMP management programs that are running on your computer. (See the Event Log section in this article for port requirements.) The following settings are LDAP session options: This subcomponent of the Internet Connection Sharing/Internet Connection Firewall (ICF) service provides support for plug-ins that allow network protocols to pass through the firewall and work behind Internet Connection Sharing. A summarized list of services, ports, and protocols required for member computers and domain controllers to inter-operate with one another or for application servers to access Active Directory include but are not limited to the following. SNTP also runs on UDP port 123. You can configure the range of high ports by using the IIS metabase. Application Layer Gateway (ALG) plug-ins can open ports and change data (such as ports and IP addresses) that are embedded in packets. ASP.NET State Service provides support for ASP.NET out-of-process session states. Original KB number:   832017. OEM uses Firewall Web Management to provide non-MMC management of ISA Server. A cluster is a collection of independent computers that act as a single computer. verwendet. Für zusätzlichen Schutz sichern Sie die Registrierung, bevor Sie sie ändern. Windows XP and Windows Server 2003 additionally require the ICMP protocol. Es existieren viele Implementierungen dieser Technik, die in der Regel untereinander nicht kompatibel sind. License Logging was introduced with Microsoft Windows NT Server 3.51. The ALG FTP plug-in supports active FTP sessions through the network address translation (NAT) engine that these components use. Wenn Sie einen dedizierten Serverport angeben können, wissen Sie, welcher Datenverkehr zwischen den Hosts über die Firewall fließt, und Sie können definieren, welcher Datenverkehr in einer gezielteren Weise zulässig ist. The Computer Browser service is used by Windows-based computers to view network domains and resources. Sie gelten nicht für frühere Versionen von Windows NT. This service has the same firewall requirements as the File and Printer Sharing feature. Event log reports contain information that you can use to diagnose problems. Stichwort: klassisch For more information about the ports that are used by SQL Server 7.0 and SQL Server 2000 for OLAP, see INF: TCP Ports Used by OLAP Services when Connecting Through a Firewall. The Server service lets users share local resources, such as disks and printers, so that other users on the network can access them. A windows port of ONC/RPC library. Each system service has a. Protocol: TCP/IP protocols are standard formats for communicating between devices on a network. The DHCP Server service uses the DHCP to automatically allocate IP addresses. For more information about how LDAP and the global catalog work, see How the Global Catalog works. (See the Event Log section in this article for port requirements.). You can use this service to adjust the advanced network settings of DHCP clients. When you use RPC with TCP/IP or with UDP/IP as the transport, incoming ports are frequently dynamically assigned to system services as required. The License Logging service uses RPC over named pipes. Windows Server Firewall Ports - Unidirectional or Bidirectional? If you stop this service, users cannot move or retrieve files from the secondary storage media. The Telnet system service for Windows provides ASCII terminal sessions to Telnet clients. Remote Procedure Call (RPC) ist ein Mechanismus, der es Windows-Prozessen ermöglicht, miteinander zu kommunizieren, entweder zwischen einem Client und Server über ein Netzwerk oder innerhalb eines einzigen Systems. ² For more information about how to customize these ports, see Remote Procedure Calls and DCOM in the References section. This article is a list of every port for Windows, the associated protocol, application protocol, and the name of the system service.