Required Network Ports for AD


Here is a listing of the port requirements for Active Directory domain, as well as optional ports:

Required Ports
Port No. Protocol Used by Required for
1024-5000 TCP/UDP RPC (dynamic response ports) required for RPC to respond to communications
135 TCP RPC (endpoint mapper)  required to open the endpoint mapper to the destination for RPC communications
389 TCP/UDP LDAP required to bind to a DC
3268 TCP LDAP GC  required to bind to the GC function of a domain controller (extremely important for Exchange)
53 TCP/UDP DNS required for name resolution and Active Directory functionality as a whole
88 TCP/UDP Kerberos self explanatory
445 TCP SMB self explanatory
123 UDP SNTP required for time synchronization with a time source
    ICMP required for group policy detection, application, and MTU size detection, as well as other low level activities
 
Optional Ports
Port No. Protocol Used by Required for
636 TCP LDAP SSL  required to bind to a DC using LDAP over SSL
3269 TCP LDAP GC SSL  required to bind to a GC using LDAP over SSL
137 UDP NetBIOS name  self explanatory
138 UDP NetBIOS Netlogon and Browsing  self explanatory
139 TCP NetBIOS session  self explanatory
42 TCP WINS replication  self explanatory
1723 TCP PPTP required if using PPTP VPN tunnel

Network Ports used for Active Directory authentication…

  • TCP 135 : MS-RPC
  • TCP 1025 & 1026 : AD Login & replication
  • TCP 389 : LDAP
  • TCP & UDP 53 : DNS
  • TCP 445 : SMB , Microsoft-ds
  • TCP 139 : SMB
  • UDP 137 & 138 : NetBIOS related
  • UDP 88 : Kerberos v5

Service overview and network port requirements for the Windows Server system

http://support.microsoft.com/kb/832017

Use PortQryUI to check the ports.

Download portqry:

http://www.microsoft.com/downloads/details.aspx?familyid=8355e537-1ea6-4569-aabb-f248f4bd91d0&displaylang=en

Exchange considerations:

http://support.microsoft.com/?kbid=259240

http://support.microsoft.com/default.aspx?scid=kb;en-us;280132

SQL considerations:

http://support.microsoft.com/kb/q287932/

How to configure RPC dynamic port allocation to work with firewalls

http://support.microsoft.com/default.aspx?scid=kb;en-us;154596

Reference from:

http://technet.microsoft.com/en-us/library/dd772723%28WS.10%29.aspx
http://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx
http://geekswithblogs.net/TSCustomiser/archive/2007/05/09/112357.aspx

Advertisements

About Robiul

Robiul has 15 years of continuous successful career experience in ICT with extensive background in System Engineering, IT infrastructure design, operations and service delivery, managing IT projects / MIS functions for local and multi-national companies with in-depth knowledge of multiple operating systems as well as construct / manage small to medium size Data Center. Proven ability to design and implement medium to semi-large scale LAN/WAN/WLAN and system infrastructures. Academic qualification: Master of Science in Information Systems. Professional certifications are: MCSE, CCNA, ITIL and FoundStone Security Professional, VCP, NetAPP, CISSP etc.
This entry was posted in Windows and tagged . Bookmark the permalink.