Go Up
You are here: DeploymentProtocols and Ports Required for Netwrix AuditorActive Directory, Exchange, and Group Policy

Protocols and Ports Required for Monitoring Active Directory, Exchange, and Group Policy

Review a full list of protocols and ports required for monitoring Active Directory, Exchange, and Group Policy.

  • Allow outbound connections from the dynamic (1024 - 65535) local port on the computer where Netwrix Auditor Server resides.
  • Allow outbound connections to remote ports on the source and inbound connections to local ports on the target.

Tip for reading the table: For example, on the computer where Netwrix Auditor Server resides (source), allow outbound connections to remote 389 TCP port. On domain controllers in your domain (target), allow inbound connections to local 389 TCP port.

Port Protocol Source Target Purpose

389

TCP

Netwrix Auditor Server

Domain controllers

LDAP

Common queries

3268

TCP

Netwrix Auditor Server

Domain controllers

LDAP

Group membership

GC search

3269

TCP

Netwrix Auditor Server

Domain controllers

Global catalog LDAP over SSL

88

TCP/UDP

Netwrix Auditor Server

Domain controllers

Kerberos authentication

135

and dynamic range:

1024 -65535

TCP

Netwrix Auditor Server

Domain controllers

Windows Management Instrumentation.

gpupdate /force

445

TCP

Netwrix Auditor Server

Domain controllers

SMB 2.0/3.0

Authenticated communication between Netwrix Auditor Server and domain controllers.

53

UDP

Netwrix Auditor Server

DNS Server

DNS Client

135

and dynamic range:

1024 -65535

TCP

Netwrix Auditor Server

Exchange Server

  • Windows Management Instrumentation.
  • Retrieve Exchange Server configuration settings*
  • Run gpupdate /force *

5985

5986

TCP

Netwrix Auditor Server

Exchange server

  • Windows Remote Management.
  • PowerShell connections:
    • 5985 - for HTTP
    • 5986 - for HTTPS

80

443

TCP

Netwrix Auditor Server

Exchange server

PowerShell connections

* - for Exchange 2010 only

Go Up