I found this paragraph in the following article. These MIGHT be the ports you need to unblock.
http://support.microsoft.com/kb/832017
Net Logon
The Net Logon system service maintains a security channel between your computer and the domain controller to authenticate users and services. It passes the user's credentials to a domain controller and returns the domain security identifiers and the user rights for the user. This is typically referred to as pass-through authentication. Net Logon is configured to start automatically only when a member computer or domain controller is joined to a domain. In the Windows 2000 Server and Windows Server 2003 families, Net Logon publishes service resource locator records in the DNS. When this service runs, it relies on the WORKSTATION service and on the Local Security Authority service to listen for incoming requests. On domain member computers, Net Logon uses RPC over named pipes. On domain controllers, it uses RPC over named pipes, RPC over TCP/IP, mailslots, and Lightweight Directory Access Protocol (LDAP).
System service name: Netlogon
Collapse this tableExpand this table
| Application protocol | Protocol | Ports |
| NetBIOS Datagram Service | UDP | 138 |
| NetBIOS Name Resolution | UDP | 137 |
| NetBIOS Session Service | TCP | 139 |
| SMB | TCP | 445 |
| LDAP | UDP | 389 |
| RPC¹ | TCP | 135, random port number between 1024 - 65535
135, random port number between 49152 - 65535² |
¹ For more information about how to customize this port, see the "Domain controllers and Active Directory" section in the "References" section.
² This is the range in Windows Server 2008 and in Windows Vista.
Note The Net Logon service uses RPC over named pipes for down-level clients. This service has the same firewall requirements as those of the "File and Printer Sharing" feature.
I'm no Microsoft expert at all but I hope it helps (even a little bit)
~Xavier
