Hi @shihasshamsudheen-6893
Thank You for posting in Q & A.
UDP 389, UDP/TCP 88, and UDP/TCP 464 (password change requests) ports are open for the domain controllers in the user domain.
refer - https://learn.microsoft.com/en-us/archive/blogs/activedirectoryua/conditions-for-kerberos-to-be-used-over-an-external-trust
If the Answer is helpful, please click Accept Answer
and up-vote, this can be beneficial to other community members.