question

38490807 avatar image
0 Votes"
38490807 asked learn2skills commented

Need to know which ports to open in firewall for changing ad users passwords .

Dear Team,

In our organization users can change their ad passwords by clicking alt+cntl+delete when they are in LAN. when users are connected to the vpn , they cant change the ad passwords. Because the port is not opened in firewall.

Please advise as which port should be open in firewall for ad password changing purpose

windows-serverwindows-active-directorywindows-server-2016
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

To follow-up, Please let us know if you have further query on this.
Please don’t forget to Accept the answer

0 Votes 0 ·
learn2skills avatar image
0 Votes"
learn2skills answered

Hi @shihasshamsudheen-6893
Thank You for posting in Q & A.

UDP 389, UDP/TCP 88, and UDP/TCP 464 (password change requests) ports are open for the domain controllers in the user domain.
refer - https://docs.microsoft.com/en-us/archive/blogs/activedirectoryua/conditions-for-kerberos-to-be-used-over-an-external-trust


If the Answer is helpful, please click Accept Answer and up-vote, this can be beneficial to other community members.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

DSPatrick avatar image
0 Votes"
DSPatrick answered
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.