question

uranus12 avatar image
0 Votes"
uranus12 asked LimitlessTechnology-2700 answered

AD RODC internet firewalld ports

Hello! I mapped the AD RODC to the public network, but found that the terminal on the public network could not be connected. Are there any other ports to be opened?

PORT:
SMB over IP (Microsoft-DS): port 445 TCP, UDP
Kerberos: port 88 TCP, UDP
LDAP: port 389 UDP
DNS: port 53 TCP, UDP
RPC Dynamically-assigned ports: 49152-65535 ,TCP

windows-server-2019
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LeonLaude avatar image
0 Votes"
LeonLaude answered LeonLaude edited

Hi @uranus12,

Here's two documentations of all the port requirements of Active Directory:

Older documentation:
Active Directory and Active Directory Domain Services Port Requirements

Newer documentation:
How to configure a firewall for Active Directory domains and trusts


If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!


Best regards,
Leon

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

LimitlessTechnology-2700 avatar image
0 Votes"
LimitlessTechnology-2700 answered

Hello,

when you plan to configure RODC to receive configuration you need to have in mind to the ports which need to be open in order for the RODC and Writable DC to talk to each other, securing the communication between your RODC and the writable DC, provisioning the RODC and etc....The link below is an article on provisioning an RODC in the perimeter / DMZ. Take particular note of the Ports / Firewall and Security sections:

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd728028(v=ws.10)?redirectedfrom=MSDN

Also here more information regarding Active Directory and Active Directory Domain Services Port Requirements

https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd772723(v=ws.10)

Hope this helps you further!

Best Regards,

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.