We've been having intermittent group policy processing errors, other servers losing time sync with domain controllers and just flaky networking issues.
Sometimes uses will boot up in the morning, and the mapping to a file share will be gone. Almost every time, rebooting will fix it. While troubleshooting, I'm seeing packets dropped by the windows firewall on the DCs. Packed is from a local machine, destined to port 389 on the DC. The firewall has rules for Active Directory Domain Services enabled. The LSASS exe is listening on 389 and it appears that the FW isn't blocking all port 389 traffic, just random. DCs are win2k8 R2. Workstations are xp, vista, 7 and other 2003 servers. I found one post googling that said to disable the AD Domain Services firewall rule and create a plain allow rule for port 389. Anyone tried this or seen this behavior and know of a sure fire fix? Thanks. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
