How to Check if Domain Controller is listening on Required Ports
An Active Directory domain controller is a multi-master application. Any object can be created/updated/deleted on any of the domain controllers of an Active Directory domain. A domain controller must listen on certain network ports before it can listen for the replication traffic. To check if a domain controller is listening on the required ports, please run the following command on a domain controller:
Netstat –an –b | find /I “’Listening” > C:\Temp\DCPortsOutput.txt
The above command stores the listening status of the domain controller with the port it is listening on in a text file called DCPortsOutPut.txt. Domain controllers listen on TCP Port 389, 88, 464, 3268 for Global Catalog and 3269 for Global Catalog over SSL. There are also other ports a domain controller listens on.
About Nirmal Sharma
Nirmal is a MCSEx3, MCITP and was awarded Microsoft MVP award in Directory Services. He is specialized in Directory Services, Microsoft Clustering, Hyper-V, SQL and Exchange and has been involved in Microsoft Technologies since 1994. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles. Nirmal can be reached at [email protected]