Configuring Directory Server for Windows XP Personal Firewall

If you have the default Microsoft Windows XP personal firewall enabled on a PC and you would like to install and run the Directory Server on that PC, you will need to allow communications through the firewall on certain ports. You can do this in one of two ways: you can allow ports for a specific executable program or you can open a specific port. This document covers the following topics:


Allow Ports for a Specific Executable Program

You can allow a specific executable program to open a port. To do so, issue the following commands:

C:\>netsh firewall add allowedprogram program="C:\Program Files\Software AG\Directory Server\xtsdssvcadi.exe" 
name="Software AG Directory Server" profile=ALL

Program xtsdssvcadi.exe is the Windows service file for Directory Server.

To remove the Directory Server as an allowed program, issue the following command:

C:\>netsh firewall delete allowedprogram program="C:\Program Files\Software AG\Directory Server\xtsdssvcadi.exe" 
profile=ALL

Open a Specific Port

To open a specific port for use by the Directory Server in the firewall, issue the following command:

C:\>netsh firewall add portopening protocol=TCP port=nnnn 
name="Software AG Directory Server" profile=ALL

where nnnn is the port number you want to open. The default port for the Directory Server is 4952. For more information about Directory Server ports, read The Directory Server Port Number.

To close a specific port in the firewall, issue the following command:

C:\>netsh firewall delete portopening protocol=TCP port=nnnn profile=ALL

where nnnn is the port number you want to close.