Hello dear community members!
I need your assistance very much! =)
I have installed Windows server 2022 and configured it as Domain Controller DC1 with ZT onboard in Office 1
than
I have installed second Windows server 2022 with ZT onboard in Office 2
connection between them via ZT is perfect BUT!
When I have tried to set up DC2 with replication of DC1 connection between them failed, DC2 cannot find a Forest.
In Server Manager AD DS I see an error "dns server could not open socket for address “ZT_adapter_ip”
I`m afraid that my knowledge in Networks is poor, thats why I came here asking for your help.
I think that some ports in ZT are closed for properly working replication between two DCs.
in particular
• LDAP: TCP/UDP 389
• LDAP SSL: TCP 636
• Kerberos: TCP/UDP 88
• DNS: TCP/UDP 53
• SMB: TCP 445
• Global Catalog: TCP 3268, 3269
• RPC: TCP 135
• Dynamic RPC Ports: TCP 49152-65535
Please help me configure the rules for correct operation of replication between two DC servers.
If I knew how to do this, I wouldn’t be asking here =)
Only a fraction of your issues is related to ZT, so you should not expect all your problems to be solved here.
Don’t use any ZT IPs while configuring your applications.
Configure Managed Routes in ZeroTier Central (use search!). You need to establish proper routing between your LANs (or at least hosts) over ZeroTier network.
Check that “packet forwarding” is enabled on windows interfaces you use (ZT and LAN).
Check that Windows firewall allows traffic on the ports that you use.
Check that you can ping the remote server LAN address across ZT.
Check if you can access a port on the remote server: telnet {remote server LAN IP} 389
You can use any other TCP port that the remote server is listening on.
In older Windows Server releases, you could easily create NTDS connection objects in the control panel for AD forest management, but I don’t know whether the GUI tool for creating manual replication links is still bundled with Windows Server 2022.