I need to permit firewall rules to domain controllers for MS AAG.
Is domain controller = AD server = DNS server? How do I find out
the domain controller from my SQL server that has joined the domain.
Below are the rules I'm trying to get permitted:
The following is the list of services and their ports used for Active Directory communication for SQL Server AlwaysOn:
· UDP port 88 for Kerberos authentication
· UDP and TCP port 135 for domain controllers-to-domain controller and client to domain controller operations.
· TCP port 139 and UDP port 138 for File Replication Service between domain controllers.
· UDP Port 389 for LDAP to handle normal queries from client computers to the domain controllers.
· TCP and UDP port 445 for File Replication Service
· TCP and UDP port 464 for Kerberos Password Change
· TCP port 3268 and 3269 for Global Catalog from client to domain controller.
· TCP and UDP port 53 for DNS from client to domain controller and domain controller to domain controller.