Article ID: 816103 - View products that this article applies to.
Portqry is a command-line utility that you can use to help troubleshoot TCP/IP connectivity issues. The utility reports the port status of target Transition Control Protocol (TCP) and User Datagram Protocol (UDP) ports on a remote computer. You can run Portqry on Windows Server 2003, Windows 2000, and Windows XP.
You can also use Portqry in the following ways:
OverviewPortqry reports the status of a port in one of three ways:
Example 1When you run the following command
portqry -n myserver -p udp -e 389Portqry automatically resolves UDP port 389 using the %SystemRoot%\System32\Drivers\...\Services file that every Windows Server 2003 computer has by default. If it resolves the port to the LDAP service, it sends an unformatted user datagram to UDP port 389 on the target system. Portqry will not receive a response from the port, because the LDAP service only responds to a correctly formatted LDAP query. Portqry will report that the port is listening or filtered. Portqry will then send a correctly formatted LDAP query to UDP port 389. If it receives a response to the query, it returns the whole response to the user and reports that the port is listening. If portqry does not receive a response to the query, it reports that the port is filtered.
In this sample, port 389 is listening and from the output it can be determined which LDAP service is listening on the port and some details about its configuration. This information may also be useful in troubleshooting various problems.
Be aware that the LDAP test over UDP may not work against domain controllers that are running Windows Server 2008. One reason for this can be that you have disabled IPv6 on the Domain Controller. To re-enable IPv6, set the value discussed in the article below to the default of "0":
929852 How to disable certain Internet Protocol version 6 (IPv6) components in Windows Vista, Windows 7 and Windows Server 2008
If Portqry is not available to you for this UDP port 389 test, you can perform the same test using LDP.EXE when you connect to the Domain Controller on port 389 with "Connectionless" check box activated.
Another alternative to portqry is NLTEST, but it does not work for arbitrary servers. The server needs to be a Domain Controller in the same domain as the machine you run the tool on. If this is the case, you can use Nltest /sc_reset < domain name >\< computer name > to force a security channel onto a particular domain controller. For more information, visit the following Microsoft Web site:
http://technet.microsoft.com/en-us/library/cc961803.aspxPortqry knows how to send a query to the RPC end point mapper (using UDP and TCP) and interpret the response. This query will dump all the end points currently registered with the RPC end point mapper. The response from the end point mapper is parsed, formatted, and returned to the user.
Example 2When you run the following command
portqry -n mydc.reskit.com -p udp -e 135Sample Output
In this example, port 135 is listening. From the output, it can be determined which services or applications have been registered with the target server's RPC end point mapper database. The output includes each application's Universally Unique Identifier (UUID), annotated name (if one exists), the protocol the application uses, the network address that the application is bound to, and the application's end point (port number, named pipe in square brackets). This information may also be useful in troubleshooting various problems.
Portqry can send a correctly formatted DNS query (using UDP or TCP). The utility will send a DNS query for "portqry.microsoft.com." Portqry then waits for a response from the target DNS server. Whether the DNS response to the query is negative or positive is irrelevant, because any response indicates that the port is listening.
Download Portqry.exePortqry.exe is available for download from the Microsoft Download Center. To download Portqry.exe, visit the following Microsoft Web site:
http://www.microsoft.com/downloads/details.aspx?familyid=89811747-C74B-4638-A2D5-AC828BDC6983&displaylang=enFor additional information about how to download Microsoft Support files, click the following article number to view the article in the Microsoft Knowledge Base:
119591Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help to prevent any unauthorized changes to the file.
(https://support.microsoft.com/kb/119591/EN-US/ )How to Obtain Microsoft Support Files from Online Services
Important The PortQueryUI tool provides a graphical user interface and is available for download. PortQueryUI has several features that can make using PortQry easier. To obtain the PortQueryUI tool, visit the following Microsoft Web site:
Article ID: 816103 - Last Review: September 11, 2011 - Revision: 10.0