I have configured Windows active directory (2016)as follows:
3 domain controllers, Windows 2016 operating system in 3 different physical locations, communicating with each other via VPN tunnels.
Windows member servers who join the domain are either Windows 2008 , Windows 2012, or Windows 2016 server operating system.
There are on Windows 7 / 8/ 10 client operating systems joined to the domain, only Windows server operating systems currently (although it is possible that this can change, but not likely).
This is a secure environment, and none of the servers can access the internet.
The environment needs to be as secure as possible. Therefore port communication needs to be locked down.
Can someone assist and tell me the the following:
1. Incoming / outgoing ports required by the Domain Controllers so the can communicate with each other?
2. Incoming / outgoing ports required by the member servers and domain controllers so they communicate with each other ? (Member servers do not require communication between each other, only to DC's)
Firewall rules (which exist for all servers) are defined by incoming ports allowed and outgoing ports allowed. Each server in this environment needs to be defined this way.
Thanks in advance!