![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(102.4, 76%, 19%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMA%3C/text%3E%3C/svg%3E)
So now even firewall rules are in place as MS doc. I ran portquery application "Domain and Trusts", I see all the required ports are open except 636 is looking as filtered. but 389 is listening. But weird things is that, my DC is not able to translate my local administrator group member's name, I see only SIDs. I think something is causing communication issue between client and DC.
UDP and TCP Port 135 for domain controllers-to-domain controller and client to domain controller operations.
UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers.
TCP and UDP Port 464 for Kerberos Password Change
TCP and UDP Port 53 for DNS from client to domain controller and domain controller to domain controller.
UDP Port 88 for Kerberos authentication
TCP Port 139 and UDP 138 for File Replication Service between domain controllers.
TCP and UDP Port 445 for File Replication Service
TCP Port 3268 and 3269 for Global Catalog from client to domain controller.
