-
标题
Communication Ports Required for Password Policy Manager to function behind a firewall -
说明
If Domain controllers are deployed behind firewalls. Password Policy Manager which will be installed on the Domain controllers requires Ports to be open for it to function.
-
原因
Password Policy Manager requires specific Communication ports to be open in order to function properly. -
解决办法
For Password Policy Manager to function behind a firewall the following ports need to be opened:
Administration Site
Port 80 (Default HTTP) TCP Inbound
Port 443 (Default HTTPS) TCP Inbound/Outbound
Port 8081 TCP Inbound/Outbound
Port 25 (Default SMTP port) TCP Outbound
Self-Service and Helpdesk Sites
Port 80 (Default HTTP) TCP Inbound
Port 443 (Default HTTPS) TCP Inbound/Outbound
Port 8081 TCP Inbound/Outbound
Password Manager Service
Port 53 (Outgoing DNS lookups) UDP Outbound
Port 88 (Kerberos Authentication) TCP/UDP Outbound
Port 389 (LDAP Access) TCP/UDP Outbound
Port 636 (LDAP Access) TCP Outbound
Port 137 (NetBIOS Name Service) TCP Outbound
Port 139 (NetBIOS Session Service) TCP Outbound
SQL Server
Port 1433 (SQL Server) TCP/UDP Outbound
Port 1434 (SQL Server Browser Service) TCP/UDP Outbound
Report Server
Port 80 (SQL Server Report Services) TCP Outbound
Email Notification
Port 25 (Default SMTP port) TCP Outbound
One Identity Quick Connect Sync Engine
Port 808 TCP Outbound
Secure Password Extension
Port 80 (Default HTTP) TCP Outbound
Port 88 (Kerberos Authentication) UDP Outbound
Port 389 (LDAP Access) TCP Outbound
Port 443 (Default HTTPS) TCP Outbound
Telesign
Port 443 TCP Outbound
Defender
Port specified in the activity settings (Authenticate with Defender) is used.
BitLocker with MBAM.
Port specified in the activity settings (Issue BitLocker recovery key) is used.
Note: These are exactly the same ports required to be open for Password Manager to function and are also stated in Appendix B of the Administration Guide. Development has informed that these ports are also required by PPM for PPM to function properly.