Restricting RPC to a specific port 1

[karlvg]

I am trying to minimize the RPC traffic between my DMZ and Internal LAN. In Microsoft's article it says to add the following key:
HKEY_LOCAL_MACHINE\CurrentControlSet\Services
\NTDS\Parameters

Registry Value: TCP/IP Port
Value Type: REG_DWORD
Value Data: (available port)

When I go to HKEY_LOCAL_MACHINE, I do not see the \CurrentControlSet\Services\NTDS\Parameters
Listing. I don't even see \CurrentControlSet. Does anyone know if I have to add this? Has anyone done what I am trying to do?
Here is the link to the article:
Microsoft Knowledge Base Article - 224196
Restricting Active Directory Replication Traffic to a Specific Port

http://support.microsoft.com/default.aspx?scid=kb;en-us;224196&Product=Win2000Dev

TIA,
Karl

 

[mlichstein]

There is a key missing from that article.

It should read HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters

 

[karlvg]

Thank you.
You would think that others would have this problem and that Microsoft would correct it.

 

[karlvg]

OK - So I am in HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services and \NTDS\ does not exist.
Do I add this? I see a NDIS or an NTFS but not an NTDS. Please shed some more light on the correct path.
Thank you,
Karl

 

[mlichstein]

The NTDS key will only be on domain controllers.

 

[mlichstein]

You may want to check out this article for more information:

154596 HOWTO: Configure RPC Dynamic Port Allocation to Work with Firewall

http://support.microsoft.com/?id=154596