-
标题
Ports Used by Active Administrator -
说明
Ports Used by Active Administrator -
解决办法
DCOM
TCP & UDP
random port number between 1024 - 65535DNS
TCP & UDP
53Global Catalog Server
TCP
3268 - 3269LDAP Server
TCP & UDP
389LDAP SSL
TCP & UDP
636NAT-T
UDP
4500NetBIOS Datagram Service
UDP
138NetBIOS Name Resolution
UDP
137NetBIOS Session Service
TCP
139RPC
TCP
135, random port number between 1024 - 65535
135, random port number between 49152 - 65535SMB
TCP
445SMTP
TCP
25SQL
TCP
1433SQL Probe
UDP
1434ADDED IN ACTIVE ADMINISTRATOR 7.5 and above
Port requirements
These ports are required by the Active Administrator application:
Port 15600 TCP, outgoing and incoming, for communication between an AA Console and the AA Server and the AA Foundation Service; firewall exceptions are necessary on both Console and Server machines.
Port 15601, TCP outgoing, on any member server or workstation on which the Active Administrator Workstation Logon Auditing Agent (AAWLA Agent) is installed port 15601, TCP incoming, on the AA Server to receive information from the AAWLA Agent(s).
Note: The AFS Server is the computer on which the Active Administrator Server is installed and running the Active Administrator Foundation Service (AFS). The Console is the computer on which the Active Administrator Console is installed. The AFS Database Server is the computer on which the audit database resides.
• TCP Port 15600 must be open between Console and the AFS Server.• TCP Port 15601 must be open between the computer running the Workstation Logon Audit Agent and the AFS Server.• TCP Port 389 must be open between domain controllers and the AFS Server and Console.• TCP Port 1433 must be open between the AFS Server and the AFS Database Server.• Remote Procedure Call (RPC) must be open between the AFS Server and the target.
When installing the audit agent on a member server instead of a domain controller, the following inbound firewall exceptions for Windows Management Instrumentation must be enabled:
ASync-InDCOM-InWMI-In
If you are using the Certificate Management feature, Remote Registry Service must be enabled on all Windows computers on which certificates are managed.
If you are using the Azure™ Active Directory® feature, TCP Ports 80 and 443 must be open on the Internet-facing firewall.
If you are using the Active Directory Health feature:
TCP Port 15602 must be open on the Active Administrator server for the Active Administrator Data Service (ADS).
TCP Port 15603 must be open on the computer running the Directory Analyzer agent.
For more information:
-
Service overview and network port requirements for the Windows Server system.
http://support.microsoft.com/kb/832017
-
Restricting Active Directory replication traffic and client RPC traffic to a specific port.
http://support.microsoft.com/kb/224196
-
How the Directory System Agent, LDAP, and the local system authority are related.
http://msdn.microsoft.com/en-us/library/ms675902.aspx
-