We have a really strange issue here. A lot of our computers are hanging on login and logout. After a bit of troubleshooting we discovered that our firewall are blocking requests from the computers on port 5102 towards the domain controllers.
This is a port that always have been blocked. When we created an exception for the computers login works perfectly again. It seems like LSASS is the listening service.
We can't find any article or documentation on this issue, and it started probably over the weekend.
Anyone who experienced this?
Edit: Trend Micro OfficeScan is installed on both servers and we've done full scan with malwarebytes
Edited by hamluis, 05 November 2014 - 08:10 AM.
Moved from Win Server to Am I Infected - Hamluis.