What ports needed to be opened crom client to DC server .

Anonymous
2023-11-12T09:04:24+00:00

I need to know what ports shoul I open in the FW for the client to the active directory dc server .

Windows for business | Windows Server | Directory services | Active Directory

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Anonymous
    2023-11-13T02:03:22+00:00

    Hello נתן בן ציון - Ben-zion Natan nir,

    Thank you for posting in Microsoft Community forum.

    You should open ports below:

    UDP and TCP Port 135 for domain controllers to domain controller and client to domain controller operations.

    UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers.

    TCP and UDP Port 464 for Kerberos Password Change.

    TCP and UDP Port 53 for DNS from client to domain controller and domain controller to domain controller.

    UDP Port 88 for Kerberos authentication.

    TCP Port 139 and UDP 138 for File Replication Service between domain controllers.

    TCP and UDP Port 445 for File Replication Service.

    TCP Port 3268 and 3269 for Global Catalog from client to domain controller.

    Network Ports 123 Used by Windows Time Service.

    And other ports on client:
    https://filestore.community.support.microsoft.com/api/images/ad60fb7c-d5a7-47e5-8553-dd0bfbeb1014?upload=true&fud_access=wJJIheezUklbAN2ppeDns8cDNpYs3nCYjgitr%2BfFBh2dqlqMuW7np3F6Utp%2FKMltnRRYFtVjOMO5tpbpW9UyRAwvLeec5emAPixgq9ta07Dgnp2aq5eJbnfd%2FU3qhn54Ui9c7IY3%2BVaDGM794ieFEWFOTytTrMKy7m1XQpeIKlfhHZvv6qxFNypZh8EVO%2BjzMgLRnj7SrY%2FjVoV7qs8fDiK994oMxVrhrFAMYDcU%2FzpcP6azl%2B2KkdleyterOP4jq2cxH4NDkW%2FTRqu9cE8NZj1nt2eSoBbeVp5OEzTBzjvCO2eh%2BEoyxoU3hwSG0Ww7GOACYidau9iSAqrrIio4qnLWvEZof0uqH8v0lA8mFFi0tnwunRXEzajWLd7h0i5J1KQeI4JZadBvdmO6H90TA5bS1XdiZqZV%2FnHGh0TQCm0%3D

    Similar thread.
    Active directory domain controler to Client require ports - Microsoft Q&A

    For more information, please read links below.

    Configure firewall for AD domain and trusts - Windows Server | Microsoft Learn

    Active Directory and Active Directory Domain Services Port Requirements | Microsoft Learn

    Active Directory Replication over Firewalls | Microsoft Learn

    I hope the information above is helpful.

    If you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments No comments