To logon onto a NT domain you have a rpc call the the domain server. The RPC to logon is TCP. The datagrams to discover the DC to log onto is UDP.
If you need more info please let me know
BackOffice Capacity Planning
From: mark .
Sent: Wednesday, October 04, 1995 12:00 PM
To: firewalls @
Subject: Technical details of NT Domains..
We have some users who need to login to a windows NT domain that has been set
We currently have an IP firewall installed. This firewall is installed on our
LAN and protects us from the Internet. Since there isn't a site wide
firewall, it also protects us from the rest of JSC. Its a screened host
gateway (Nomenclature taken from Marcus J. Ranum's "Thinking About
Firewalls"). Currently, only IP is filtered at our firewall. All non-IP
protocolas are passed through. All non-IP protocols are filtered at the
site's connection to the Internet.
Now, it turns out that my users can't login to an NT domain. I wouldn't have
expected this because I assumed that NT would have used NetBEUI or some such
other non-IP protocol to communicate. After some experimentation, I've
discovered that I need to set up the following for this to work:
a) Each Win95 machine needs to have a WINS server configured
b) UDP needs to be wide open to that Win95 machine.
It looks like WINS is a UDP based protocol, and it manages the name resolution
for the NT domain. Then, using some unknown protocol, our machines talk to
the NT domain server for authentication. From there, they talk to the
individual disk servers in the NT domain over NetBEUI. (All of this is not
much more than a Wild Ass Guess (tm))
So, the questions is can anyone tell me the specifics of how one logs into an
NT domain? In particular, what are the details of the data exchange? What
I'm looking for is something along the lines of how Brent Chapman describes
protocols in his tutorials (e.g. NTP servers send to & from UDP port 123, NTP
clients send to UDP 123, and from random UDP port >1023). Does anyone know
how logging into an NT domain utilizes UDP?
If WINS is the only thing using UDP, has anyone set up udprelay to act as a
proxy for it?
Thanks in advance.
Mark Horn (sparkie) horn @
http://tommy.jsc.nasa.gov/~horn mark .
Free Advice and Opinions -- Refunds Available