options for a natively supported, remote file transfer on Windows Server 2008 R2

Use SMB.

SMB/CIFS is out due to sharing the port with Active Directory services.

I'm not sure what exactly you're talking about, but that's not right. Modern implementations of SMB use SMB over TCP, which happens on port 445. Legacy implementations of SMB rely on NetBIOS over TCP, which uses a combination of ports 137-139. None of these ports are AD specific.

AD relies a lot of ports, the most common ones are:

  • 53 - DNS resolution
  • 88 - Kerberos
  • 135 - RPC Endpoint Mapping
  • 389 - LDAP
  • 636 - LDAP over SSL
  • 3268 - Global Catalog
  • 3269 - Global Catalog over SSL
  • 49152 - 65535 - for RPC endpoints (on a 2008 and later DC)

Sure some functions of a client logging in use SMB (like processing GPOs), but there's nothing authentication or authorization specific that runs over the same ports as SMB. You seem to be (mistakenly) over-protective of port 445 :-)


Since you're blocking the port that Windows natively uses for both authentication and file transfers, you're up a creek for finding a native protocol to do this. You might be able to use NFS for this. You could install FileZilla server (free), and script the transfers with psftp or another SCP client. Since you have no native option, the sky is almost the limit for you.


Windows Server 2008 only natively supports (both the server and the client for) CIFS and FTP. Everything else requires that you install/download something else. Since CIFS is unavailable this leaves you with FTP.