The Event Log service writes events that are sent to log files by programs, by services, and by the operating system. Such services and operations require network connectivity over specific port and networking protocols. Bei Y sind die Ports, die im Schlüssel Ports aufgeführt sind, alle Internet verfügbaren Ports auf diesem Computer. 1. This article uses certain terms in specific ways. The port range is now truly a range that has a starting point and an ending point. This system service also provides periodic announcements to hosted devices. It lets the business issue and manage digital certificates for programs and protocols such as: Certificate Services relies on RPC and DCOM to communicate with clients by using random TCP ports that are higher than port 1024. The logs can be viewed programmatically through the event log APIs or through the Event Viewer in an MMC snap-in. Net Logon is configured to start automatically only when a member computer or domain controller is joined to a domain. ² It's the range in Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista. For information about how to plan for and to deploy MOM, see System Center Developer Documentation Library. Administrators can use this service to store and manage email accounts on the mail server. The Performance Logs and Alerts system service collects performance data from local or remote computers based on preconfigured schedule parameters and then writes that data to a log or triggers a message. This article discusses the required network ports, protocols, and services that are used by Microsoft client and server operating systems, server-based programs, and their subcomponents in the Microsoft Windows Server system. Bei N sind die Ports, die im Schlüssel Ports aufgeführt sind, alle Ports, die nicht Internet verfügbar sind. An encapsulated solution might consist of a VPN gateway located behind a filtering router that uses Layer 2 Tunneling Protocol (L2TP) together with IPsec. When you use the Kerberos Key Distribution Center (KDC) system service, users can sign in to the network by using the Kerberos version 5 authentication protocol. Das Kommando net send nutzt ein undokumentiertes Feature des Microsoft RPC-Dienstes, der hinter Port 135 (epmap, endpoint mapper) auf eingehende RPC-Anfragen lauscht. As in other implementations of the Kerberos protocol, the KDC is a single process that provides two services: the Authentication Service and the Ticket-Granting Service. If no member is specified, Dfsrdiag.exe uses the local computer. The TCP/IP Print Server system service enables TCP/IP-based printing by using the Line Printer Daemon (LPD) protocol. By default, the TCP binding is performed on port 48885 on the IPAM server. Its core components were developed by using COM, and it has a flexible architecture that you can customize for specific programs. Beispielsweise wird der neue Registrierungsschlüssel wie folgt angezeigt: Ports: REG_MULTI_SZ: 5000-6000 You can use the DFS Administration tool to configure FRS to replicate files and folders between targets of a DFS root or link. The DNS Server service enables DNS name resolution by answering queries and update requests for DNS names. If any one of these protocols is unavailable or blocked between the client and a relevant domain controller, Group Policy will not apply or update. You can also restrict the range of ports that RPC dynamically assigns to a small range, regardless of the service. Bei der dynamischen RPC-Portzuweisung wird das RPC-Programm angewiesen, einen bestimmten Zufalls Port im für TCP und UDP konfigurierten Bereich basierend auf der Implementierung des verwendeten Betriebssystems zu verwenden (siehe Verweise unten). This tool aggregates all previous security recommendations and security documentation into a single utility for all support Microsoft operating systems: For more information about operating system services, security settings, and IPsec filtering, see one of the following Threats and Countermeasures Guides: The Internet Assigned Numbers Authority coordinates the use of well-known ports. diese Aufgabe enthält eine Beschreibung der Schritte zum Bearbeiten der Registrierung. System service name: Remote_Storage_User_Link. American National Standards Institute (ANSI), RFC 2349 - Time-out interval, and transfer size options, Distributed File System Replication (if not using FRS for SYSVOL replication), File Replication Service (if not using DFSR for SYSVOL replication), WINS (in Windows Server 2003 SP1 and later versions for backup Active Directory replication operations, if DNS is not working), Certificate Services (required for specific configurations), Distributed File System Namespaces (if using domain-based namespaces). The Computer Browser system service maintains an up-to-date list of computers on your network and supplies the list to programs that request it. However, detailed documentation on this subject is available on Microsoft TechNet and on the Microsoft Developer Network (MSDN) websites. The Collaboration Data Objects (CDO) for the Windows Server 2003 COM component can use the SMTP service to submit and to queue outgoing email messages. Dies liegt daran, dass DCOM unformatierte IP-Adressen in der Schnittstelle zum Marshallen von Paketen speichert, und wenn der Client keine Verbindung mit der im Paket angegebenen Adresse herstellen kann, ist dies nicht möglich. ), Random port number between 1024 and 65535, Random port number between 49152 and 65535, Randomly allocated high TCP ports (note 6). When this service runs, it relies on the WORKSTATION service and on the Local Security Authority service to listen for incoming requests. If IP version 6 (IPv6) is not installed, port 445 communications will also depend on ICMP for name resolution. Ähnlich wie eine Webseite kann sich ein Unternehmen für ihren Dienst einen Port zulegen, sodass die Datenpakete mit Garantie am Bestimmungsort ankommen. This port is used only by the ISA management MMC during remote server and service status monitoring. Standardmäßig verwenden Windows Server 2008 and 2008 R2 den dynamischen RPC Bereich von 49152-65535 für ausgehende Verbindungen. The trap destination must be a network-enabled host that is running SNMP management software. For more information about how to restrict Active Directory replication and client logon traffic, see Restricting Active Directory replication traffic and client RPC traffic to a specific port. Original Version des Produkts:   Windows Server 2012 R2 To help avoid confusion, make sure that you understand how the article uses these terms: This article doesn't specify which services rely on other services for network communication. These protocols are provided by Internet Information Services (IIS). The process manager controls the processes where custom applications and websites reside. This requires RPC/WMI access through port 135 and ports 49152-65535 inbound to the computer on which the policy is being refreshed. (See the Event Log section in this article for port requirements.). The ALG FTP plug-in supports active FTP sessions through the network address translation (NAT) engine that these components use. Administrators and support professionals may use this article as a roadmap to determine which ports and protocols Microsoft operating systems and programs require for network connectivity in a segmented network. To use Dfsrdiag.exe to set the server RPC port, follow this example: dfsrdiag StaticRPC/port:nnnnn/Member:Branch01.sales.contoso.com. In Windows Server 2008 and later versions, and in Windows Vista and later versions, the default dynamic port range changed to the following range: Windows 2000, Windows XP, and Windows Server 2003 use the following dynamic port range: For more information about the default dynamic port range, see The default dynamic port range for TCP/IP has changed. The Remote Storage Notification system service notifies users when they read from or write to files that are available only from a secondary storage media. The various binary files that make up the Group Policy Microsoft Management Console (MMC) snap-in features primarily use COM calls to send or to receive information. The Windows 2000 version of this service uses Simple Network Time Protocol (SNTP). Die dynamische Portzuweisung (Remote Procedure Call, RPC) wird von Serveranwendungen und Remoteverwaltungsanwendungen wie dem DHCP-Manager (Dynamic Host Configuration Protocol), dem WINS-Manager (Windows Internet Name Service) usw. In diesen Situationen empfehlen wir, die Firewalls neu zu konfigurieren, um Datenverkehr zwischen Servern im dynamischen Portbereich von 49152 bis 65535 zuzulassen. For a cross-domain logon, where a computer is in one domain and the user account is in another domain, these protocols may be required for the client, the resource domain, and the account domain to communicate. By using Certificate Services, a business can act as its own certification authority (CA). The RPC Locator service offers its services by using RPC over named pipes. In this encapsulated scenario, you must allow the following items through the router instead of opening all the ports and protocols listed in this topic: Finally, you can hard-code the port that is used for Active Directory replication by following the steps in Restricting Active Directory RPC traffic to a specific port. Italian (it-IT) Brazilian Portuguese; Spanish (es-MX) Related Knowledge Base topics; Related Topics; List of Ports. ¹ It's the range in Windows Server 2012, Windows 8, Windows Server 2008 R2, Windows 7, Windows Server 2008, and Windows Vista. These programs can communicate across heterogeneous networks and can send messages between computers that may be temporarily unable to connect to one another. The File Replication service (FRS) is a file-based replication engine that automatically copies updates to files and folders between computers that are participating in a common FRS replica set. If the administrative website is enabled, a virtual website is created that uses HTTP traffic on TCP port 8098. Advanced Port Scanner 2.5.3680 für: Windows XP, Windows Vista, Windows 7, Windows 8, Windows 10 Hinweis! UseInternetPorts: REG_SZ: Y. Starten Sie den Server neu. For some RPC-based services, you can configure a specific port instead of letting RPC dynamically assign a port. Although many services may rely on a particular TCP or UDP port, only one service or process at a time can listen on that port. ASP.NET State Service provides support for ASP.NET out-of-process session states. This section provides a description of each system service, includes the logical name that corresponds to the system service, and displays the ports and the protocols that each service requires. In these cases, RPC clients rely on the RPC endpoint mapper to tell them which dynamic port or ports were assigned to the server. Offline Files and Roaming User Profiles cache user data to computers for offline use. SNMP Trap Service receives trap messages that are generated by local or by remote SNMP agents. Windows-Downloads gibt es als 32 Bit- und 64 Bit-Version.