Below are some of the ports which are required to be open for proper communication.
Port Requirements:
-->SMS site server to Active Directory
| Service Name | UDP | TCP |
| LDAP | 389 | 389 |
| LDAP SSL | N/A | 636 |
| RPC Endpoint Mapper | 135 | 135 |
| Global Catalog LDAP | N/A | 3268 |
| Global Catalog LDAP SSL | N/A | 3269 |
| Kerberos | 88 | 88 |
--> SMS 2003 Advanced Client to Active Directory
In an Active Directory environment, the Advanced client makes a Lightweight Directory Access Protocol (LDAP) query to the global catalog server to find a management point that matches the client’s IP address. The following ports are required in Active Directory to allow the client to contact the global catalog server.
--> Port 389 UDP (User Datagram Protocol) LDAP Ping
--> Port 389 TCP LDAP
--> Port 636 TCP LDAP (SSL Connection)
-> Port 3268 TCP (explicit connection to Global Catalog)
--> Port 3269 TCP (explicit SSL connection to Global Catalog)
--> SMS 2003 Advanced Client to Management Point or to distribution point
--> Port 80 Hypertext Transfer Protocol (HTTP)
--> Port 139 Client sessions (for non BITS-enabled DPs)
--> Port 445 Server Message Block (for non BITS-enabled DPs)
| SMS Remote Control System service: Wuser32 | ||
| Application protocol | Protocol | Ports |
| SMS Remote Chat | TCP | 2703 |
| SMS Remote Chat | UDP | 2703 |
| SMS Remote Control (control) | TCP | 2701 |
| SMS Remote Control (control) | UDP | 2701 |
| SMS Remote Control (data) | TCP | 2702 |
| SMS Remote Control (data) | UDP | 2702 |
| SMS Remote File Transfer | TCP | 2704 |
| SMS Remote File Transfer | UDP | 2704 |
--> SMS Remote Control UDP
When you use NetBIOS over TCP/IP for SMS Remote Control, the following ports are used:
--> Port 137 Name resolution
--> Port 138 Messaging
--> Port 139 Client sessions
2 Comments
Thanks a fantastic blog something like that. been my salvation for my web
Pingback: How to allow SMS/SCCM to take remote control though firewall in ON « Rawse Itenok