The following ports are required to have free access when configuring password synchronization betwee IBM iSeries and Windows Active Directory: 137, 139, 397, 445 to 449, 512, 2001, 3000, 5010, 5544, 5555, 8470 to 8476, 8480.
Steps to configure IBM i/AS400 system accounts with ADSelfService Plus
Go to Configuration --> Self-Service --> Password Synchronizer
Click IBM i/AS400 system link. You will be presented with IBM i/AS400 system configuration page.
Enter the system name or IP address of the IBM i/AS400 system.
Enter the username and password of the user account that belongs to the security officer (QSECOFR) account class in the IBM i/AS400 system.
Enter a brief description of the system.
Select the Self-Service Policies by clicking the plus icon. Password Synchronization will be possible for only those users who fall under the selected self-service policies.