Apart from all the regular features, our members enjoy some additional cool feature like
• Post comments for any result or its source site.
• Star/Unstar your favorite results.
• Organize your favorites with custom categories.
Please login/register to your member area and start enjoying these additional benefits.
Active Directory runs under the Lsass.exe process and includes the authentication and replication engines for Windows domain controllers. Domain controllers, client computers and application servers require network connectivity to Active Directory over specific hard-coded ports.
Active Directory and Active Directory Domain Services Port Requirements, Updated: June 18, 2009 (includes updated new ephemeral ports for Windows Vista/2008 and newer). This also discusses RODC port requirements. You must also make sure the ephemeral ports are opened. They are:
Active Directory Firewall Ports In the attached document, I have listed down the must "allow" firewall ports for Active Directory that are responsilble for Active Directory Replication, User and Computer Authentication, Group Policy processing and Trusts.
In Windows 2000 and Windows XP, the Internet Control Message Protocol (ICMP) must be allowed through the firewall from the clients to the domain controllers so that the Active Directory Group Policy client can function correctly through a firewall. ICMP is used to determine whether the link is a slow link or a fast link.
Active Directory Ports to be Allowed up vote 2 down vote favorite What ports should be allowed in the firewall so that my workstations can access the Active Directory Server and have group policies pushed to the workstations.
TCP and UDP port 53 for DNS TCP and UDP Dynamic - 1025 to 5000 ( Windows Server 2003 ) & start from 49152 to 65535 ( Windows Server 2008 ) for DCOM, RPC, EPM Let me know, if I'm missing something.
Active Directory communication takes place using several ports. These ports are required by both client computers and Domain Controllers.As an example, when a client computer tries to find a domain controller it always sends a DNS Query over Port 53 to find the name of the domain controller in the domain.
With a Domain Infrastructure that has Windows 2003 and Windows 2008 Domain controllers, if I have to restrict the AD ReplicationLogon Ports, the range for Windows 2003 and Windows 2008 is different.
You can also work with Active Directory by using the Active Directory module for Windows PowerShell. The module is automatically imported when you select the related option on the Administrative Tools menu. Otherwise, this module is not imported into Windows PowerShell by default, and you need to import it before you can work with any Active ...
Based on my research, you should ensure that the following ports between clients and Active Directory Domain Controllers are open: required 88 - TCP/ UDP (Kerberos traffic)