Linux

windows domain controller

8 posts in this topic

What does one look for when trying to locate a domain controller? What services should be running, etc?

I have tried searching for this but found nothing remotely useable.

Thanks

0

Share this post


Link to post
Share on other sites

it depends on which windows OS and what the box was built for most windows DC's are used for a specfic purpose wheather that be DNS DHCP email or whatever the services that would be on these machines would vary depending on what purpose the box has in the network

-Enigma

0

Share this post


Link to post
Share on other sites

This article should be helpful: Exhange 2000 Windows 2000 connectivity through firewalls

sorry, the OS is windows XP

Windows XP cannot act as a domain controller, nor can Windows 2000 Pro. That's why Microsoft is able to make so much money off of Windows 2000 and 2003 Server. Back in the olden days, NT 4.0 Workstation could be modded to run as an NT 4.0 PDC or BDC, but that doesn't apply to XP or 2000 to my knowledge. If the machine in question is XP, it's not a DC.

Edited by Dirk Chestnut
0

Share this post


Link to post
Share on other sites

Sorry about the late reply.

Here's a nmap scan of the Win2K3 domain controller at work.

PORT	  STATE SERVICE
25/tcp open smtp
42/tcp open nameserver
53/tcp open domain
80/tcp open http
88/tcp open kerberos-sec
135/tcp open msrpc
139/tcp open netbios-ssn
389/tcp open ldap
445/tcp open microsoft-ds
464/tcp open kpasswd5
593/tcp open http-rpc-epmap
636/tcp open ldapssl
691/tcp open resvc
808/tcp open ccproxy-http
1026/tcp open LSA-or-nterm
1027/tcp open IIS
1178/tcp open skkserv
1723/tcp open pptp
3268/tcp open globalcatLDAP
3269/tcp open globalcatLDAPssl
3389/tcp open ms-term-serv
6001/tcp open X11:1
6002/tcp open X11:2
38292/tcp open landesk-cba

The open ports that would most likely identify this as a domain controller (if you didn't already know) are 53, 88, 389, 636, 3268 and 3269. Windows domain controllers use ldap and kerberos for managing the login credentials and encryption.

0

Share this post


Link to post
Share on other sites

Win2k and 2k3 DCs run dhcp, dns, printer services (typically) and LDAP services. They're also usually named in such a fashion that gives them as away domain controllers.

0

Share this post


Link to post
Share on other sites

Samba benchmarks faster than win2k3 last I checked so if you are just looking to setup your own domain controller for fun/learning purposes I suggest trying Linux.

Its free gives you a lot of options and when you sit down in front of the real thing (the server wizard in win2k3) you will think you are losing brain cells.

0

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now