I cannot add Windows users or Windows user groups to the FactoryTalk Directory
If, when adding
Windows
users or Windows
user groups to the FactoryTalk Directory
, you receive errors regarding Windows
domain controller not being found or notice a delay in communication between the domain controller and FactoryTalk Directory
, do the following:- On theWindowsdomain controller (Windows2008 server) computer, check theWindowsExceptions list to ensure the Active Directory Domain Services and the DNS Service exceptions are selected.
- From theWindowsStart menu, selectStart > Settings > Control Panel.
- In theControl Panelwindow, double-clickSecurity Center, and then select.WindowsFirewall
- In thedialog box, select theWindowsFirewallExceptionstab.
- On theExceptionstab, underPrograms and Services, make sure theActive Directory Domain Servicesand theDNS Serviceexceptions are selected. If they are not, select the check boxes next to these exceptions.
- If the Active Directory Domain Services and the DNS Service exceptions are not listed in the Programs and Services list on the Exceptions tab, you must manually add the TCP 445 port, the 53 UDP port, and the Kerberos Key Distribution Center program to the exceptions list.
- To add the TCP 445 and 53 UDP ports:
- On theExceptionstab, selectAdd Port.
- In theAdd a Portdialog box, make sure theTCPradio button is selected, and then in the Port number field, type445.
- SelectOK.
- SelectAdd Portagain to add 53 UDP port.
- In theAdd a Portdialog box, select theUDPradio button, and then in the Port number field, type53.
- SelectOK.
- To add the Kerberos key Distribution Center program:
- On theExceptionstab, selectAdd Program.
- In theAdd a Programdialog box, selectBrowse, and navigate to C:\Windows\System32\, selectlsass.exe, and then selectOpen.
- SelectOK.
Provide Feedback