Burwell.tech

Assistance at your fingertips...

Enable AD RDC Rules on Domain Controllers

'Enable-ADDCRules-locally.ps1'
<#
✅ Script: Enable All Required RPC Firewall Rules for AD/DC Functionality
This script enables every rule from your system that is necessary for a Domain Controller to function:

AD replication (NTFRS, DFSR)
Time synchronization (W32Time)
DNS and AD DS management
Remote management (Event Log, Services, Tasks)
RPC Endpoint Mapper
Netlogon and KDC
File Replication
Firewall remote management

Note the use of $env:TEMP
Use NotepadPlusPlus 'Find-In-Files' and replace all *.ps1 files content with "c:\temp" or C:\Windows\Temp" with "$env:TEMP"
 
#>
# Define log file
$timestamp = Get-Date -Format "yyyyMMdd-HH"
$logFile = "$env:TEMP\Enable-RPCFirewallRules-$env:COMPUTERNAME-$timestamp.log"

# List of RPC-related firewall rules required for AD/DC functionality
$rpcRulesToEnable = @(
    "Active Directory Domain Controller (RPC)",
    "Active Directory Domain Controller (RPC-EPMAP)",
    "DFS Replication (RPC)",
    "DFS Replication (RPC-EPMAP)",
    "File Replication (RPC)",
    "File Replication (RPC-EPMAP)",
    "Netlogon Service Authz (RPC)",
    "Microsoft Key Distribution Service (RPC)",
    "Microsoft Key Distribution Service (RPC EPMAP)",
    "RPC Endpoint Mapper (TCP, Incoming)",
    "RPC (TCP, Incoming)",
    "Remote Event Log Management (RPC)",
    "Remote Event Log Management (RPC-EPMAP)",
    "Remote Service Management (RPC)",
    "Remote Service Management (RPC-EPMAP)",
    "Remote Scheduled Tasks Management (RPC)",
    "Remote Scheduled Tasks Management (RPC-EPMAP)",
    "Remote Volume Management (RPC-EPMAP)",
    "Remote Volume Management - Virtual Disk Service (RPC)",
    "Remote Volume Management - Virtual Disk Service Loader (RPC)",
    "Windows Defender Firewall Remote Management (RPC)",
    "Windows Defender Firewall Remote Management (RPC-EPMAP)",
    "Distributed Transaction Coordinator (RPC)",
    "Distributed Transaction Coordinator (RPC-EPMAP)",
    "Virtual Machine Monitoring (RPC)",
    "Remote Event Monitor (RPC)",
    "Remote Event Monitor (RPC-EPMAP)",
    "Remote Shutdown (RPC-EP-In)"
)

# Enable rules and log results
"=== Enabling RPC Firewall Rules on $env:COMPUTERNAME ===" | Tee-Object -FilePath $logFile
foreach ($ruleName in $rpcRulesToEnable) {
    $rule = Get-NetFirewallRule -DisplayName $ruleName -ErrorAction SilentlyContinue
    if ($rule -and $rule.Enabled -eq 'False') {
        Enable-NetFirewallRule -DisplayName $ruleName
        "✅ Enabled: $ruleName" | Tee-Object -FilePath $logFile -Append
    } elseif ($rule) {
        "✔️ Already enabled: $ruleName" | Tee-Object -FilePath $logFile -Append
    } else {
        "⚠️ Rule not found: $ruleName" | Tee-Object -FilePath $logFile -Append
    }
}

# Verification tests
"`n=== Verification Tests ===" | Tee-Object -FilePath $logFile -Append

# Test port 135
$test135 = Test-NetConnection -ComputerName $env:COMPUTERNAME -Port 135
"Port 135 (RPC Endpoint Mapper): $($test135.TcpTestSucceeded)" | Tee-Object -FilePath $logFile -Append

# Test a few dynamic RPC ports
49152..49156 | ForEach-Object {
    $result = Test-NetConnection -ComputerName $env:COMPUTERNAME -Port $_
    "Port $_: $($result.TcpTestSucceeded)" | Tee-Object -FilePath $logFile -Append
}

"`n🎯 Completed. Log saved to: $logFile" | Tee-Object -FilePath $logFile -Append


<#
🛡️ What This Covers:
AD DS: Replication, authentication, and directory access
DNS: RPC-based DNS management
DFSR/NTFRS: File replication between DCs
W32Time: Time service sync (via RPC)
Remote Management: Event logs, services, tasks
RPC Core: Endpoint mapper and dynamic port access
#>

Posted

in

, , , ,

by

PatrickBurwell

Tags:

, , , ,