Ports Active Directory und Active Directory Domaenendienste

Ports Active Directory und Active Directory-Domänendienste

Anforderungen Ports

Das Active Directory sowie die Active Directory Domain Services benötigen zur reibungslosen Kommunikation einen Satz an geöffneten Ports.

Diese Anforderungen stehen für eine DC zu DC Kommunikation (nicht schreibgeschützt) bis hin zu Windows Server 2019.

Protocol and PortAD and AD DS UsageType of traffic
TCP and UDP 389Directory, Replication, User and Computer Authentication, Group Policy, TrustsLDAP
TCP 636Directory, Replication, User and Computer Authentication, Group Policy, TrustsLDAP SSL
TCP 3268Directory, Replication, User and Computer Authentication, Group Policy, TrustsLDAP GC
TCP 3269Directory, Replication, User and Computer Authentication, Group Policy, TrustsLDAP GC SSL
TCP and UDP 88User and Computer Authentication, Forest Level TrustsKerberos
TCP and UDP 53User and Computer Authentication, Name Resolution, TrustsDNS
TCP and UDP 445Replication, User and Computer Authentication, Group Policy, TrustsSMB,CIFS,SMB2, DFSN, LSARPC, NbtSS, NetLogonR, SamR, SrvSvc
TCP 25ReplicationSMTP
TCP 135ReplicationRPC, EPM
TCP DynamicReplication, User and Computer Authentication, Group Policy, TrustsRPC, DCOM, EPM, DRSUAPI, NetLogonR, SamR, FRS
TCP 5722File ReplicationRPC, DFSR (SYSVOL)
UDP 123Windows Time, TrustsWindows Time
TCP and UDP 464Replication, User and Computer Authentication, TrustsKerberos change/set password
UDP DynamicGroup PolicyDCOM, RPC, EPM
UDP 138DFS, Group PolicyDFSN, NetLogon, NetBIOS Datagram Service
TCP 9389AD DS Web ServicesSOAP
UDP 67 and UDP 2535DHCPDHCP, MADCAP
UDP 137User and Computer AuthenticationNetLogon, NetBIOS Name Resolution
TCP 139User and Computer Authentication, ReplicationDFSN, NetBIOS Session Service, NetLogon

TCP dynamic = 49152 bis 65535 ab Windows Server 2008

Eine Liste mit weiteren Ports rund um das Thema schreibgeschützte Domänencontroller, findet ihr unter diesem Link.

Active Directory & Services Ports