Communication to Domain Controllers ports


Microsoft page file

AD communication ports

Service Port/Protocol

RPC endpoint mapper 135/tcp, 135/udp

Network basic input/output system (NetBIOS) name service 137/tcp, 137/udp

NetBIOS datagram service 138/udp

NetBIOS session service 139/tcp

RPC dynamic assignment 1024-5001/tcp,49152-65535

Server message block (SMB) over IP (Microsoft-DS) 445/tcp, 445/udp

Lightweight Directory Access Protocol (LDAP) 389/tcp

LDAP ping 389/udp

LDAP over SSL 636/tcp

Global catalog LDAP 3268/tcp

Global catalog LDAP over SSL 3269/tcp

Kerberos 88/tcp, 88/udp

Domain Name Service (DNS) 53/tcp1, 53/udp

Windows Internet Naming Service (WINS) resolution (if

required) 1512/tcp, 1512/udp

WINS replication (if required) 42/tcp, 42/udp

NTP 123/tcp, 123/udp

Disable and move computer objects


dsquery computer -name PC1 | dsmod computer -disabled yes>>Disable.txt


dsmove “CN=PC1,OU=Domain Controllers,DC=test,DC=com ” -newparent “OU=DisabledPC,DC=test,DC=com”

%d bloggers like this: