none
FW ports between PCNS and MIM 2016 SP1 server RRS feed

  • Question

  • I am setting up as password sync between two forests ( Domain A and Domain B) which have two way forest trust between them. I need to sync password between user accounts in Domain A with corresponding user account in Domain B with Domain A being source for password sync. My MIM server is in Domain B ( target domain). PCNS is installed on all DCs in Domain A. I need the exact ports that needs to be opened in the firewall for password sync communication to happen between DCs with PCNS and the MIM server.

    Wednesday, May 30, 2018 2:27 AM

All replies

  • Communication Protocols and Ports

     

    Service

    Protocol

    Port

    RPC Endpoint mapper

    TCP

    135

    Dynamic RPC ports (PCNS)

    TCP

    5000 - 5100

    Dynamic RPC ports (management agent for Active Directory)

    TCP

    57500 - 57520

     

    Those protocols/ports need to be reachable FROM DCs to MIM


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Wednesday, May 30, 2018 6:08 AM
  • For me usually worked with the following (without high ports mentioned in my previous post):

      Kerberos

    TCP/UDP

    88

      DNS

    TCP/UDP

    53

      Kerberos Change Password

    UDP

    464

      RPC Endpoint mapper

    TCP

    135

      Dynamic RPC ports (PCNS)

    TCP

    5000-5100

      LDAP

    TCP/UDP

    389


    If you found my post helpful, please give it a Helpful vote. If it answered your question, remember to mark it as an Answer.

    Wednesday, May 30, 2018 6:09 AM