Support
 
Phone Get Quote
 
Support
 
US: +1 888 720 9500
US: +1 888 791 1189
Intl: +1 925 924 9500
Aus: +1 800 631 268
UK: 0800 028 6590
CN: +86 400 660 8680

Direct Inward Dialing: +1 408 916 9892

 

Port Guide

Why ports need to be opened and how to check if they are?

A port is a virtual point through which programs running on different computers exchange data. Ports need to be open to allow this data exchange. Microsoft's PortQryUI displays the status of ports on a computer, and can be installed and run on the machine in which ADAudit Plus is installed.

PortQryUI download link:

https://www.microsoft.com/en-in/download/details.aspx?id=24009

Products Ports

The table below lists the default ports used by ADAudit Plus. These ports can be changed during or after installation.

Note: To change port: Open the ADAudit Plus console → Admin tab, which can be found in the top panel → Connection tab, which can be found in the left panel → Change port.


Port Protocol Purpose
8081 HTTP Product web server
8444 HTTPS Product web server
33307 TCP Database port
29118 TCP DataEngine port

System Ports

The table below lists the ports that should be opened, on the destination computers. These ports can be opened on Windows/third-party firewalls.

Port Protocol Direction Service Purpose
135 TCP Inbound RPC For Windows log collection

Source: ADAudit Plus server

Destination: Monitored computers

137 TCP and UDP Inbound NetBIOS name resolution RPC/named pipes (NP) For Windows log collection

Source: ADAudit Plus server

Destination: Monitored computers

138 UDP Inbound NetBIOS datagram For Windows log collection

Source: ADAudit Plus server

Destination: Monitored computers

139 TCP Inbound NetBIOS session RPC/NP For Windows log collection

Source: ADAudit Plus server

Destination: Monitored computers

445 TCP and UDP Inbound SMB RPC/NP For Windows log collection

Source: ADAudit Plus server

Destination: Monitored computers

389 TCP and UDP Inbound LDAP For syncing AD objects with product

Source: ADAudit Plus server

Destination: Domain Controllers

636 TCP Inbound LDAP over SSL For syncing AD objects with product

Source: ADAudit Plus server

Destination: Domain Controllers

3268 TCP Inbound Global catalog For syncing AD objects with product

Source: ADAudit Plus server

Destination: Domain Controllers

3269 TCP Inbound Global catalog over SSL For syncing AD objects with product

Source: ADAudit Plus server

Destination: Domain Controllers

88 TCP Inbound Kerberos For authentication when accessing a domain resource

Source: ADAudit Plus server

Destination: Domain Controllers

25 TCP Inbound SMTP To send emails

Source: ADAudit Plus server

Destination: SMTP servers

465 TCP Inbound SSL To send emails

Source: ADAudit Plus server

Destination: SMTP servers

587 TCP Inbound TLS To send emails

Source: ADAudit Plus server

Destination: SMTP servers

49152- 65535* TCP Inbound RPC randomly allocated high TCP ports For Windows log collection

Source: ADAudit Plus server

Destination: Monitored computers

*Note: If you are using Windows Firewall you can open dynamic ports, 49152-65535, on the monitored computers by enabling the inbound rules listed below.

  • Remote Event Log Management (NP-In)
  • Remote Event Log Management (RPC)
  • Remote Event Log Management (RPC-EPMAP)

To enable the above rules: Open Windows Firewall → Advanced settings → Inbound Rules → Right click on respective rule → Enable Rule.

In case you are deploying agents, please refer to the Agent guide and open the corresponding ports.

In this article

ADAudit Plus Trusted By

A single pane of glass for complete Active Directory Auditing and Reporting