HOW TO: Use Portqry to Troubleshoot Active Directory Connectivity Issues

Traduções de Artigos Traduções de Artigos
Artigo: 816103 - Ver produtos para os quais este artigo se aplica.
Expandir tudo | Reduzir tudo

Nesta página

Sumário

Portqry is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. The utility reports the port status of target Transition Control Protocol (TCP) and User Datagram Protocol (UDP) ports on a remote computer. You can run Portqry on Windows Server 2003, Windows 2000, and Windows XP.

You can also use Portqry in the following ways:
  • To troubleshoot Active Directory issues in which you have to verify basic TCP/IP connectivity. This can be especially useful in environments with firewalls.
  • To verify connectivity to TCP/IP ports that are used by Active Directory for Lightweight Directory Access Protocol (LDAP), remote procedure call (RPC), and Domain Name Service (DNS).
Nota Version 2 of Portqry.exe is now available. The Microsoft Download Center link at the end of this article has been updated to reflect the new version. Version 1.0 of Portqry.exe has been removed from the Microsoft Download Center.



Descrição geral

Portqry reports the status of a port in one of three ways:
  • Listening: A process is listening on the target port on the target system. Portqry received a response from the port.
  • Not Listening: No process is listening on the target port on the target system. Portqry received an Internet Control Message Protocol (ICMP) "Destination Unreachable - Port Unreachable" message back from the target UDP port. Or, if the target port is a TCP port, Portqry received a TCP acknowledgement packet with the Reset flag set.
  • Filtered: The target port on the target system is being filtered. Portqry did not receive a response from the target port. A process may or may not be listening on the port. By default, TCP ports are queried three times and UDP ports are queried one time before reporting the target port is filtered.
With Portqry, you can also query an LDAP service. It knows how to send an LDAP query (by using UDP and TCP) and interpret an LDAP server's response to the query. The response from the LDAP server is parsed, formatted, and returned to the user.

Exemplo 1

When you run the following command


portqry -n myserver -p udp -e 389
Portqry automatically resolves UDP port 389 using the %SystemRoot%\System32\Drivers\...\Services file that every Windows Server 2003 computer has by default. If it resolves the port to the LDAP service, it sends an unformatted user datagram to UDP port 389 on the target system. Portqry will not receive a response from the port, because the LDAP service only responds to a correctly formatted LDAP query. Portqry will report that the port is listening or filtered. Portqry will then send a correctly formatted LDAP query to UDP port 389. If it receives a response to the query, it returns the whole response to the user and reports that the port is listening. If portqry does not receive a response to the query, it reports that the port is filtered.

Sample Output:
C:\>portqry -n mydc.reskit.com -e 389 -p udp 
 
Querying target system called: 
 
mydc.reskit.com 
 
Attempting to resolve name to IP address... 
 
Name resolved to 169.254.0.14 
 
UDP port 389 (unknown service): LISTENING or FILTERED 
 
Sending LDAP query to UDP port 389... 
 
LDAP query response: 
 
currentdate: 10/11/2001 23:10:21 (unadjusted GMT) 
subschemaSubentry: 
CN=Aggregate,CN=Schema,CN=Configuration,DC=reskit,DC=com 
dsServiceName: CN=NTDS  
Settings,CN=mydc,CN=Servers,CN=eu,CN=Sites,CN
=Configuration,DC=reskit,DC=com 
namingContexts: DC=reskit,DC=com 
defaultNamingContext: DC=reskit,DC=com 
schemaNamingContext: 
CN=Schema,CN=Configuration,DC=reskit,DC=com 
configurationNamingContext: 
CN=Configuration,DC=reskit,DC=com 
rootDomainNamingContext: DC=reskit,DC=com 
supportedControl: 1.2.840.113556.1.4.319 
supportedLDAPVersion: 3 
supportedLDAPPolicies: MaxPoolThreads 
highestCommittedUSN: 815431405 
supportedSASLMechanisms: GSSAPI 
dnsHostName: MYDC.reskit.com 
ldapServiceName: reskit.com:mydc$@RESKIT.COM 
serverName:  
CN=MYDC,CN=Servers,CN=EU,CN=Sites,CN=Configuration,DC=reskit,DC=com 
supportedCapabilities: 1.2.840.113556.1.4.800 
isSynchronized: TRUE 
isGlobalCatalogReady: TRUE 
 
======== End of LDAP query response ======== 
UDP port 389 is LISTENING 
In this sample, port 389 is listening and from the output it can be determined which LDAP service is listening on the port and some details about its configuration. This information may also be useful in troubleshooting various problems.

Portqry knows how to send a query to the RPC end point mapper (using UDP and TCP) and interpret the response. This query will dump all the end points currently registered with the RPC end point mapper. The response from the end point mapper is parsed, formatted, and returned to the user.

Exemplo 2

When you run the following command

portqry -n mydc.reskit.com -p udp -e 135

Sample Output:
Querying target system called: 
 
mydc.reskit.com 
 
Attempting to resolve name to IP address... 
 
Name resolved to 169.254.0.18 
 
UDP port 135 (epmap service): LISTENING or FILTERED 
Querying Endpoint Mapper Database... 
Server's response: 
 
UUID: ecec0d70-a603-11d0-96b1-00a0c91ece30 NTDS Backup Interface
ncacn_np:\\\\MYDC[\\PIPE\\lsass] 
 
UUID: 16e0cf3a-a604-11d0-96b1-00a0c91ece30 NTDS Restore Interface
ncacn_np:\\\\MYDC[\\PIPE\\lsass] 
 
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_ip_tcp:169.254.0.18[1027] 
 
UUID: f5cc59b4-4264-101a-8c59-08002b2f8426 NtFrs Service
ncacn_ip_tcp:169.254.0.18[1130] 
 
UUID: d049b186-814f-11d1-9a3c-00c04fc9b232 NtFrs API
ncacn_ip_tcp:169.254.0.18[1130] 
 
UUID: d049b186-814f-11d1-9a3c-00c04fc9b232 NtFrs API
ncacn_np:\\\\MYDC[\\pipe\\00000580.000] 
 
Total endpoints found: 6 
 
==== End of RPC Endpoint Mapper query response ==== 
 
UDP port 135 is LISTENING
In this example, port 135 is listening. From the output, it can be determined which services or applications have been registered with the target server's RPC end point mapper database. The output includes each application's Universally Unique Identifier (UUID), annotated name (if one exists), the protocol the application uses, the network address that the application is bound to, and the application's end point (port number, named pipe in square brackets). This information may also be useful in troubleshooting various problems.

Portqry can send a correctly formatted DNS query (using UDP or TCP). The utility will send a DNS query for "portqry.microsoft.com." Portqry then waits for a response from the target DNS server. Whether the DNS response to the query is negative or positive is irrelevant, because any response indicates that the port is listening.

Download Portqry.exe


Portqry.exe is available for download from the Microsoft Download Center. To download Portqry.exe, visit the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=en
Para obter informações adicionais sobre como transferir ficheiros de suporte da Microsoft, clique o número de artigo seguinte para visualizar o artigo na Microsoft Knowledge Base:
119591 Como obter ficheiros de suporte da Microsoft a partir de serviços on-line
Microsoft procedeu de vírus neste ficheiro. Microsoft utilizou o mais recente software de detecção de vírus que estava disponível na data em que o ficheiro foi publicado. O ficheiro é alojado em servidores de com segurança melhorada que ajudam a impedir quaisquer alterações não autorizadas ao ficheiro. importante The PortQueryUI tool provides a graphical user interface and is available for download. PortQueryUI has several features that can make using PortQry easier. To obtain the PortQueryUI tool, visit the following Microsoft Web site:
http://download.microsoft.com/download/3/f/4/3f4c6a54-65f0-4164-bdec-a3411ba24d3a/PortQryUI.exe

Propriedades

Artigo: 816103 - Última revisão: 3 de dezembro de 2007 - Revisão: 6.6
A informação contida neste artigo aplica-se a:
  • Microsoft Windows Server 2003 Datacenter Edition
  • Microsoft Windows Server 2003 Enterprise Edition
  • Microsoft Windows Server 2003 Standard Edition
  • Microsoft Windows Small Business Server 2003 Standard Edition
  • Microsoft Windows Small Business Server 2003 Premium Edition
Palavras-chave: 
kbmt kbhowtomaster KB816103 KbMtpt
Tradução automática
IMPORTANTE: Este artigo foi traduzido por um sistema de tradução automática (também designado por Machine translation ou MT), não tendo sido portanto revisto ou traduzido por humanos. A Microsoft tem artigos traduzidos por aplicações (MT) e artigos traduzidos por tradutores profissionais. O objectivo é simples: oferecer em Português a totalidade dos artigos existentes na base de dados do suporte. Sabemos no entanto que a tradução automática não é sempre perfeita. Esta pode conter erros de vocabulário, sintaxe ou gramática? erros semelhantes aos que um estrangeiro realiza ao falar em Português. A Microsoft não é responsável por incoerências, erros ou estragos realizados na sequência da utilização dos artigos MT por parte dos nossos clientes. A Microsoft realiza actualizações frequentes ao software de tradução automática (MT). Pedíamos-lhe o favor de preencher o formulário existente no fundo desta página caso venha a encontrar erros neste artigo e tenha possibilidade de colaborar no processo de aperfeiçoamento desta ferramenta. Obrigado.
Clique aqui para ver a versão em Inglês deste artigo: 816103

Submeter comentários

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com