?
Solved

Domain controllars and clients necessary ports communication

Posted on 2014-12-29
4
Medium Priority
?
166 Views
Last Modified: 2014-12-30
hi ..

i am setting up new domain forest in multi lan enviornment.

2 domain controllar.
clients on various VLAN.

please help me to know what are the necessary ports to be opened related to active directory.
I see some microsoft articles but it confuses me lots...
0
Comment
Question by:Skumar_CCSA
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 56

Accepted Solution

by:
McKnife earned 2000 total points
ID: 40523096
http://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx to start with. "Active Directory and Active Directory Domain Services Port Requirements"
Please note, that the german version of that site is much more precise, for whatever reason: http://technet.microsoft.com/de-de/library/dd772723(v=ws.10).aspx

From the german one, take this small list of ports that the client computers need to reach at the DC for user-/computer authentication:

Port | Type of traffic
TCP and UDP 445 SMB/CIFS/SMB2
TCP and UDP 88 Kerberos
UDP 389 LDAP
TCP and UDP 53 DNS
TCP dynamic RPC
0
 

Author Comment

by:Skumar_CCSA
ID: 40523103
The OS is windows 2008r2..
Need to help to see if any website has clear information from donteollar to controller and controller to clients ports info
0
 
LVL 56

Expert Comment

by:McKnife
ID: 40523104
Well, that was just provided. The first link is for 2008 r2, too.
0
 

Author Comment

by:Skumar_CCSA
ID: 40523267
thanks
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A hard and fast method for reducing Active Directory Administrators members.
Microsoft Office 365 is a subscriptions based service which includes services like Exchange Online and Skype for business Online. These services integrate with Microsoft's online version of Active Directory called Azure Active Directory.
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question