Windows Firewall: Domain controller

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

By default, running dcpromo.exe to configure a computer as a Domain Controller turns off Windows Firewall.

Use the Security Configuration Wizard to re-enable Windows Firewall with the port exceptions required to support the Domain Controller role.

Alternatively, you can use Microsoft Knowledge Base article 555381, "How to Configure Windows Server 2003 Firewall for a Domain Controller" (https://go.microsoft.com/fwlink/?linkid=91224) to manually enable Windows Firewall with the port exceptions required to support the Domain Controller role.