Vulnerability in EPiServer.Forms
We also have problems like teh one mentioned above. We are upgradi9ng our Intranet from 4.31 to 5 sp2.
We have installed EPi 5 sp2 on our web server, where our current intranet resides (Epi 4.31). The web server is in DMZ and the domain controller is inside on our production network.
After long time of research we have found that: System.Web.Security.ActiveDirectoryMembershipProvider demands that the firewall ports 137 to 139 must be opened (NETBios protocol)? Plus port 88 (Kerberos protocol). Maybe also port 445 (smb protocol)
4.31 has only used port 389 for accessing the AD?
Our network technicians want to know why the ports has to be open. Do anyone have documenattion why the ActiveDirectoryMembershipProvider needs thos ports open? We need that kind of documentation.