Bitlocker Save key to Azure AD Required Network urls/Ports list

Hun boy 181 Reputation points
2022-10-05T14:26:33.013+00:00

Hi Experts,

I got some errors on the device when I try to save Bitlocker key to Azure AD. I am sure on this I think Network firewall team is blocking the required ports, I would like to know what are the base required ports to communicate correctly with Azure AD as these devices are azure AD joined.

  1. What are the required ports or URLS / IP whitelist for Azure AD join ?
  2. List of Ports or URL / IP list for storing the Bitlocker Key in Azure AD.

Note:- all these devices are behind the Corporate Firewall.

Thank you for your time in reading this.

Appreciate your response.!!

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,780 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,476 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,846 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Jaya Lakshmi Koduru 6 Reputation points Microsoft Employee
    2022-10-05T22:48:22.79+00:00

    Hi @Hun boy

    Thank you for your post.

    We do not have any port restrictions enforced, we would recommend device registration, and require the access on HTTPS port for the following URLs: https://login.microsoftonline.com
    https://enterpriseregistration.windows.net And you need to exclude device.login.microsoftonline.com, if they are using device based CX policy. Also, you need to consider excusing MDM URLs like the following for Intune: https://portal.manage.microsoft.com

    https://learn.microsoft.com/en-us/azure/active-directory/hybrid/reference-connect-ports
    https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join#network-connectivity-requirements

    Additionally, here is the document for your reference on the worldwide endpoints, this is jfyi
    https://learn.microsoft.com/en-gb/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide#microsoft-365-common-and-office-online

    Hope this helps.

    Please "Accept the answer" if the information helped you, so that others in the community facing similar issues can easily find the solution.

    0 comments No comments