Port

53/tcp/udp (DNS)[必須]

DNS from client to domain controller and domain controller to domain controller.

88/tcp/udp (Kerberos)

Kerberos authentication(User and Computer), Forest Level Trusts

123/udp (Windows Time)

Network Time Protocol

135/tcp/udp (RPC, EPM(RPC endpoint mapper))

domain controllers-to-domain controller and client to domain controller operations.

389/tcp/udp (LDAP)

Directory, Replication, User and Computer Authentication, Group Policy, Trusts

464/tcp/udp

Kerberos Password change/set

445/tcp/udp (SMB)

File Replication Service

636/tcp (LDAP SSL)

Directory, Replication, User and Computer Authentication, Group Policy, Trusts

3268/tcp(LDAP GC), 3269/tcp (LDAP GC SSL)

Global Catalog from client to domain controller.

49152-65535/tcp (Group Policy)

If your network has any Server 2008 or newer domain controllers.

This is the new dynamic port range for RPC connections.

137/tcp/udp (NetBIOS Name Resolution)

NetBIOS name service

138/udp (NetBIOS Datagram Service)

139/tcp (NetBIOS Session Service)

File Replication Service between domain controllers.

5722/tcp (RPC, DFSR (SYSVOL))

Replication