Changing LSA RPC Port from Dynamic to Fixed

Archived from groups: microsoft.public.win2000.security (More info?)

Hello all,

Is it possible ?
I read a MS document where it clearly says that it is possible by
tweaking the registry but I cannot find any specific information
around.
Does anybody know the key / value to modify or add ? I would
appreciate it.

Actually, this leads to another question.
The reason I'm asking this is that we have remote users from Asia that
connect to Europe using a SmartCard to our W2K AD Domain. This
authentication process, in a LAN environment, only takes a second
while it takes up to a minute and longer from Asia (bandwidth is ok
but there is a high latency, distance is approx 6000 miles, so
increasing the line would not help that much - I guess).

So I was wondering if we could gain anything by using QoS and, for
this, I wanted to channel all LSA traffic to a specific port in order
to have better control over it. Because I'm not an expert in both
SmartCards and QoS (at router level I guess) I wonder if anybody can
give me some advice !

Further, do you suggest to prioritize only LSA or Kerberos as well ? I
guess I might prioritize them both.

Thank you in advance for your help.
Bye
Bar

Archived from groups: microsoft.public.win2000.security (More info?)

Internet.

Thanks,
Bar

"Steve Riley [MSFT]" <steriley@microsoft.com> wrote in message news:<uYERrX$tEHA.1452@TK2MSFTNGP11.phx.gbl>...
> Are you doing a login directly over the Internet, not through a VPN?
>
> Steve Riley
> steriley@microsoft.com
>
>
> "barabba" <barabba72@hotmail.com> wrote in message
> news:8ec33ba5.0410201246.1904070c@posting.google.com...
> > Hello all,
> >
> > Is it possible ?
> > I read a MS document where it clearly says that it is possible by
> > tweaking the registry but I cannot find any specific information
> > around.
> > Does anybody know the key / value to modify or add ? I would
> > appreciate it.
> >
> > Actually, this leads to another question.
> > The reason I'm asking this is that we have remote users from Asia that
> > connect to Europe using a SmartCard to our W2K AD Domain. This
> > authentication process, in a LAN environment, only takes a second
> > while it takes up to a minute and longer from Asia (bandwidth is ok
> > but there is a high latency, distance is approx 6000 miles, so
> > increasing the line would not help that much - I guess).
> >
> > So I was wondering if we could gain anything by using QoS and, for
> > this, I wanted to channel all LSA traffic to a specific port in order
> > to have better control over it. Because I'm not an expert in both
> > SmartCards and QoS (at router level I guess) I wonder if anybody can
> > give me some advice !
> >
> > Further, do you suggest to prioritize only LSA or Kerberos as well ? I
> > guess I might prioritize them both.
> >
> > Thank you in advance for your help.
> > Bye
> > Bar