A Quick Tip To Strict FRS Replication To A Specific Port

by Nirmal Sharma [Published on 22 Oct. 2009 / Last Updated on 30 April 2009]

This article explains a registry heck which can be used to strict FRS Replication to a specific port.

File Replication Service and Active Directory Replication require that you open more than 10 TCP and UDP ports in Firewall. File Replication Service works on Dynamic RPC port to replicate the SYSVOL contents. Sometimes, it is not possible to open this port range in a production environment. You can strict the FRS Replication to work on a specific port. You enable this functionality by setting the below mentioned registry entries on all the domain controllers where SYSVOL folder is hosted:

  • KEY NAME: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTFRS\Parameters
  • Entry Name: RPC TCP/IP Port Assignment
  • Type: REG_DWORD
  • Value: Port No...(for example: 4999)

With above configuration, you only need to open the Port No: 4999 to allow FRS to replicate the contents of SYSVOL to all the domain controllers. This minimizes the security risk in the production environment.

See Also

Featured Links