LinuxAnswers - the LQ Linux tutorial section.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


Search this Thread
Old 03-25-2013, 10:19 AM   #1
Registered: Aug 2009
Posts: 48

Rep: Reputation: 3
Iptables for kerberos


Does anyone know what port would need to be open on iptables to allow the

getent group

command to return users from Active directory?

Currently with iptables off I can execute both getent group and wbinfo -g and a list of both local and AD users is successfully returned.

With the firewall on, getent group only returns the list of local users and wbinfo -g still returns AD users.

Also, what kerberos ports should be open in general to allow tickets to be successfully renewed?

Ports currently open are tcp/udp:


Any help would be much appreciated.

Old 03-25-2013, 12:25 PM   #2
Registered: Feb 2008
Distribution: Fedora,RHEL,Ubuntu
Posts: 660

Rep: Reputation: 66
I guess, You should also try by opening port tcp:389 and udp:53

Old 03-27-2013, 11:01 AM   #3
Registered: Aug 2009
Posts: 48

Original Poster
Rep: Reputation: 3
Originally Posted by vishesh View Post
I guess, You should also try by opening port tcp:389 and udp:53

Many thanks for this. It still doesn't work but that's not to say you haven't solved it, as it doesn't work anymore without iptables on...

...I think I need to re-join the domain, then getent group with the new rules and a new ticket in place.


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables error in android: iptables-save and iptables-restore not working preetb123 Linux - Mobile 5 04-11-2011 01:56 PM
kerberos Xris718 Linux - Server 9 03-04-2011 02:03 PM
ssh and kerberos error: Server not found in Kerberos database Felipe Linux - Server 1 01-17-2011 03:12 AM
iptables v1.2.9: Unknown arg `/sbin/iptables' Try `iptables -h' or 'iptables --help' Niceman2005 Linux - Security 4 12-29-2005 08:20 PM
iptables and kerberos BumSlayer Linux - Networking 0 02-12-2004 01:40 AM

All times are GMT -5. The time now is 07:23 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration