The AD agent cannot be activated when using the Windows firewall even if all ports are opened.
An error message like the following is reported in the agent log:
2011-11-29 09:46:47.935 ECHO <ActiveDirectory/5.5.8/ActiveDirectory/agent_name> ERROR [RestoreAgent-0] com.quest.agent.ad.ActiveDirectoryAgent - ActiveDirectoryAgent.
The host is unreachable. The server could be down or cannot be resolved.
Make sure you can ping the IP or that the Netbios(DNS) name is resolvable.
The properties for the agent should also be verified; it's possible an address or other property string is incorrect.: 
Java bug 5061571 causes the function used by the AD agent to verify connectivity to use the Echo service on port 7.
WORKAROUND 1: Turn off the firewall.
WORKAROUND 2: Enable the Windows feature "Simple TCP/IP Services" and allow incoming connections to tcp port 7. Please see the screen shots in the work-with-firewall.zip file.
STATUS: Waiting for fix in a future release of the Foglight Active Directory cartridge.