This is more of a tip than ask for help.

I spent four hours yesterday trying to figure out why I couldn't add a new server to the domain. After wrestling with dns and tcp-settings the penny dropped...the only change made since previously adding machines to the domain was turning on the window's firewall.

Even though I am following the advice given in the kb article below I am still having problems when the firewall is running. I will have to continue to look into port exceptions for 2003.

I am also left wondering if part of my problem is adding server roles before turning the firewall on. Should the exceptions be added automatically i.e. when you add AD with dns, or are they always added manually.

Hopefully, this saves someone a few hours :-)

Service overview and network port requirements for the Windows Server system