Fixes an issue where TCP sessions created to the server ports 88, 464, 389 and 3268 are reset. Sessions using Secure Sockets Layer or Transport Layer Security on ports 636 and 3269 are also affected.
These ports must be open: Port 88 (UDP) Port 3074 (UDP and TCP) Port 53 (UDP and TCP) Port 80 (TCP) Port 500 (UDP) Port 3544 (UDP) Port 4500 (UDP) Once you contact your contact your Internet service provider, make sure to reboot the console and the router as well. I hope this helps. Feel free to ask back any questions and keep me posted.
However, connecting over port 389 is not possible because it always requires strong encryption (SASL or StartTLS). Is it true that Windows Server 2025 no longer supports LDAP without encryption on port 389? I also performed tests in a clean lab environment with a fresh domain controller and attempted to connect GLPI using LDAP.
I do know port 389 is required on AD for existing user logins, replications etc. so we cannot block port 389 on AD. But what I would like to clarify is if port 389(incoming) on AD is in any form useful for a new client to query / join AD via LDAPs?
Is port 389 on AD in anyway used or required when a new client queries ...
Independent from the fact that port 389 is still shown in wireshark, why does it even work? DC was configured to require signing. Does each MMC uses port 389? Does the Get-GPOReport commandlet only use port 389? I need to push that communication over port 636. How does the prioritization even work if ldap or ldaps is used?