Active Directory Firewall Ports

Active Directory Firewall Ports

Active Directory Firewall Ports

If you are working on Active Directory environment and have domain joined systems that needs access to Active Directory that are on different or isolated networks separated by Firewall then you need to allow multiple Active Directory ports to pass through the Firewall. Below are the ports that I have validated and needs to be allowed for smooth member server / workstation and AD Communication, as well as for replication –

Port Description Port Details
Kerberos TCP – 88, UDP – 88
DNS TCP – 53, UDP – 53
Global Catalog TCP – 3268
Global Catalog (Secure) TCP – 3269
LDAP TCP – 389, UDP – 389
LDAP (Secure) TCP – 636
RPC / Replication TCP – 135
Time Service UDP – 123
Replication, User / Computer Authentication, Trusts and Group Policy TCP – 49152-65535, UDP 49152-65535
 NetLogon, NetBIOS name Resolution UDP – 137
 DFS , NetLogon UDP – 138
Kerberos Password Change TCP – 464, UDP – 464
SMB (File Sharing) TCP – 139, 445
DFSR TCP – 5722

Hope this helps with your smooth functioning of Active Directory Replication, Trusts, User / Computer Authentication and Group Policy Processing.

About The Author

Related posts

Leave a Reply

Your email address will not be published. Required fields are marked *