AD Active Directory Ports


Active Directory replication– There is no defined port for Active Directory replication, Active Directory replication remote procedure calls (RPC) occur dynamically over an available port through RPCSS (RPC Endpoint Mapper) by using port 135

File Replication Services(FRS)- There is no defined port for FRS, FRS replication over remote procedure calls (RPCs) occurs dynamically over an available port by using RPCSS (RPC Endpoint Mapper ) on port 135

Required ports for Active Directory
TCP 53  – DSN (DNS Download)
UDP 53  – DSN (DNS Queries)
TCP 42  - WINS
UDP 42  - WINS
UDP 88  – Kerberos v5
UDP 123 - Time
TCP 135 – MS-RPC, RPC Endpoint Mapper, Replication
UDP 137 & 138 – NetBIOS related
TCP 139 – SMB
TCP 389 – LDAP
TCP 636 – LDAP over SSL/TLS
TCP 445 – SMB , Microsoft-ds
TCP 464 - Kerberos Password Change
UDP 464 - Kerberos Password Change
TCP 1025 & 1026 – AD Login & replication
TCP 3268 -Global Catalog
TCP 3269 – Global Catalog over SSL/TSL
TCP 3389- RDP (Remote Desktop)

Ephemeral ports
 TCP & UDP 1025-5000
 TCP & UDP 49152-65535

System service name: Browser

Application protocolProtocolPorts
NetBIOS Datagram ServiceUDP138
NetBIOS Name ResolutionUDP137
NetBIOS Session ServiceTCP139

The Browser service uses RPC over Named Pipes to compile

System service name: DHCPServer

Application protocolProtocolPorts
DHCP ServerUDP67
MADCAPUDP2535
DHCP FailoverTCP647

Ports and protocols

The following table summarizes the information from the “System services ports” section. This table is sorted by port number instead of by service name. Click here to see the table

PortProtocolApplication protocolSystem service name
n/aGREGRE (IP protocol 47)Routing and Remote Access
n/aESPIPsec ESP (IP protocol 50)Routing and Remote Access
n/aAHIPsec AH (IP protocol 51)Routing and Remote Access
7TCPEchoSimple TCP/IP Services
7UDPEchoSimple TCP/IP Services
9TCPDiscardSimple TCP/IP Services
9UDPDiscardSimple TCP/IP Services
13TCPDaytimeSimple TCP/IP Services
13UDPDaytimeSimple TCP/IP Services
17TCPQuotdSimple TCP/IP Services
17UDPQuotdSimple TCP/IP Services
19TCPChargenSimple TCP/IP Services
19UDPChargenSimple TCP/IP Services
20TCPFTP default dataFTP Publishing Service
21TCPFTP controlFTP Publishing Service
21TCPFTP controlApplication Layer Gateway Service
23TCPTelnetTelnet
25TCPSMTPSimple Mail Transfer Protocol
25TCPSMTPExchange Server
42TCPWINS ReplicationWindows Internet Name Service
42UDPWINS ReplicationWindows Internet Name Service
53TCPDNSDNS Server
53UDPDNSDNS Server
53TCPDNSInternet Connection Firewall/Internet Connection Sharing
53UDPDNSInternet Connection Firewall/Internet Connection Sharing
67UDPDHCP ServerDHCP Server
67UDPDHCP ServerInternet Connection Firewall/Internet Connection Sharing
69UDPTFTPTrivial FTP Daemon Service
80TCPHTTPWindows Media Services
80TCPHTTPWinRM 1.1 and earlier
80TCPHTTPWorld Wide Web Publishing Service
80TCPHTTPSharePoint Portal Server
88TCPKerberosKerberos Key Distribution Center
88UDPKerberosKerberos Key Distribution Center
102TCPX.400Microsoft Exchange MTA Stacks
110TCPPOP3Microsoft POP3 Service
110TCPPOP3Exchange Server
119TCPNNTPNetwork News Transfer Protocol
123UDPNTPWindows Time
123UDPSNTPWindows Time
135TCPRPCMessage Queuing
135TCPRPCRemote Procedure Call
135TCPRPCExchange Server
135TCPRPCCertificate Services
135TCPRPCCluster Service
135TCPRPCDistributed File System Namespaces
135TCPRPCDistributed Link Tracking
135TCPRPCDistributed Transaction Coordinator
135TCPRPCDistributed File Replication Service
135TCPRPCFax Service
135TCPRPCMicrosoft Exchange Server
135TCPRPCFile Replication Service
135TCPRPCGroup Policy
135TCPRPCLocal Security Authority
135TCPRPCRemote Storage Notification
135TCPRPCRemote Storage
135TCPRPCSystems Management Server 2.0
135TCPRPCTerminal Services Licensing
135TCPRPCTerminal Services Session Directory
137UDPNetBIOS Name ResolutionComputer Browser
137UDPNetBIOS Name ResolutionServer
137UDPNetBIOS Name ResolutionWindows Internet Name Service
137UDPNetBIOS Name ResolutionNet Logon
137UDPNetBIOS Name ResolutionSystems Management Server 2.0
138UDPNetBIOS Datagram ServiceComputer Browser
138UDPNetBIOS Datagram ServiceServer
138UDPNetBIOS Datagram ServiceNet Logon
138UDPNetBIOS Datagram ServiceDistributed File System
138UDPNetBIOS Datagram ServiceSystems Management Server 2.0
138UDPNetBIOS Datagram ServiceLicense Logging Service
139TCPNetBIOS Session ServiceComputer Browser
139TCPNetBIOS Session ServiceFax Service
139TCPNetBIOS Session ServicePerformance Logs and Alerts
139TCPNetBIOS Session ServicePrint Spooler
139TCPNetBIOS Session ServiceServer
139TCPNetBIOS Session ServiceNet Logon
139TCPNetBIOS Session ServiceRemote Procedure Call Locator
139TCPNetBIOS Session ServiceDistributed File System Namespaces
139TCPNetBIOS Session ServiceSystems Management Server 2.0
139TCPNetBIOS Session ServiceLicense Logging Service
143TCPIMAPExchange Server
161UDPSNMPSNMP Service
162UDPSNMP Traps OutgoingSNMP Trap Service
389TCPLDAP ServerLocal Security Authority
389UDPDC LocatorLocal Security Authority
389TCPLDAP ServerDistributed File System Namespaces
389UDPDC LocatorDistributed File System Namespaces
389UDPDC LocatorNetlogon
389UDPDC LocatorKerberos Key Distribution Center
389TCPLDAP ServerDistributed File System Replication
389UDPDC LocatorDistributed File System Replication
443TCPHTTPSHTTP SSL
443TCPHTTPSWorld Wide Web Publishing Service
443TCPHTTPSSharePoint Portal Server
443TCPRPC over HTTPSExchange Server 2003
443TCPHTTPSWinRM 1.1 and earlier
445TCPSMBFax Service
445TCPSMBPrint Spooler
445TCPSMBServer
445TCPSMBRemote Procedure Call Locator
445TCPSMBDistributed File System Namespaces
445TCPSMBDistributed File System Replication
445TCPSMBLicense Logging Service
445TCPSMBNet Logon
464UDPKerberos Password V5Kerberos Key Distribution Center
464TCPKerberos Password V5Kerberos Key Distribution Center
500UDPIPsec ISAKMPLocal Security Authority
515TCPLPDTCP/IP Print Server
554TCPRTSPWindows Media Services
563TCPNNTP over SSLNetwork News Transfer Protocol
593TCPRPC over HTTPS endpoint mapperRemote Procedure Call
593TCPRPC over HTTPSExchange Server
636TCPLDAP SSLLocal Security Authority
636UDPLDAP SSLLocal Security Authority
647TCPDHCP FailoverDHCP Failover
9389TCPActive Directory Web Services (ADWS)Active Directory Web Services (ADWS)
9389TCPActive Directory Web Services (ADWS)Active Directory Management Gateway Service
993TCPIMAP over SSLExchange Server
995TCPPOP3 over SSLExchange Server
1067TCPInstallation Bootstrap ServiceInstallation Bootstrap protocol server
1068TCPInstallation Bootstrap ServiceInstallation Bootstrap protocol client
1270TCPMOM-EncryptedMicrosoft Operations Manager 2000
1433TCPSQL over TCPMicrosoft SQL Server
1433TCPSQL over TCPMSSQL$UDDI
1434UDPSQL ProbeMicrosoft SQL Server
1434UDPSQL ProbeMSSQL$UDDI
1645UDPLegacy RADIUSInternet Authentication Service
1646UDPLegacy RADIUSInternet Authentication Service
1701UDPL2TPRouting and Remote Access
1723TCPPPTPRouting and Remote Access
1755TCPMMSWindows Media Services
1755UDPMMSWindows Media Services
1801TCPMSMQMessage Queuing
1801UDPMSMQMessage Queuing
1812UDPRADIUS AuthenticationInternet Authentication Service
1813UDPRADIUS AccountingInternet Authentication Service
1900UDPSSDPSSDP Discovery Service
2101TCPMSMQ-DCsMessage Queuing
2103TCPMSMQ-RPCMessage Queuing
2105TCPMSMQ-RPCMessage Queuing
2107TCPMSMQ-MgmtMessage Queuing
2393TCPOLAP Services 7.0SQL Server: Downlevel OLAP Client Support
2394TCPOLAP Services 7.0SQL Server: Downlevel OLAP Client Support
2460UDPMS TheaterWindows Media Services
2535UDPMADCAPDHCP Server
2701TCPSMS Remote Control (control)SMS Remote Control Agent
2701UDPSMS Remote Control (control)SMS Remote Control Agent
2702TCPSMS Remote Control (data)SMS Remote Control Agent
2702UDPSMS Remote Control (data)SMS Remote Control Agent
2703TCPSMS Remote ChatSMS Remote Control Agent
2703UPDSMS Remote ChatSMS Remote Control Agent
2704TCPSMS Remote File TransferSMS Remote Control Agent
2704UDPSMS Remote File TransferSMS Remote Control Agent
2725TCPSQL Analysis ServicesSQL Server Analysis Services
2869TCPUPNPUPnP Device Host
2869TCPSSDP event notificationSSDP Discovery Service
3268TCPGlobal CatalogLocal Security Authority
3269TCPGlobal CatalogLocal Security Authority
3343UDPCluster ServicesCluster Service
3389TCPTerminal ServicesNetMeeting Remote Desktop Sharing
3389TCPTerminal ServicesTerminal Services
3527UDPMSMQ-PingMessage Queuing
4011UDPBINLRemote Installation
4500UDPNAT-TLocal Security Authority
5000TCPSSDP legacy event notificationSSDP Discovery Service
5004UDPRTPWindows Media Services
5005UDPRTCPWindows Media Services
5722TCPRPCDistributed File System Replication
6001TCPInformation StoreExchange Server 2003
6002TCPDirectory ReferralExchange Server 2003
6004TCPDSProxy/NSPIExchange Server 2003
42424TCPASP.Net Session StateASP.NET State Service
51515TCPMOM-ClearMicrosoft Operations Manager 2000
5985TCPHTTPWinRM 2.0
5986TCPHTTPSWinRM 2.0
1024-65535TCPRPCRandomly allocated high TCP ports
135TCPWMIHyper-V service
random port number between 49152 – 65535TCPRandomly allocated high TCP portsHyper-V service
80TCPKerberos Authentication (HTTP)Hyper-V service
443TCPCertificate-based Authentication (HTTPS)Hyper-V service
6600TCPLive MigrationHyper-V Live Migration
445TCPSMBHyper-V Live Migration
3343UDPCluster Service TrafficHyper-V Live Migration
Information icon

Note Port 572