A Quick Tip To Strict AD Replication To A Specific Port

By /


Active Directory Replication works on many ports. Domain Controllers replicate with its partners using TCP 389, RPC 135, DNS 53 etc. There are more than 10 ports need to be opened in the firewall. Sometimes, it is not possible to open all the port range in the production environment. You can allow Active Directory Replication to work on one port only by modiyfing the following registry on each domain controller:

Registry Entry 1

  • KEY NAME: HEKY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters
  • Entry Name: TCP/IP Port
  • Value: Port No…

Registry Entry 2 

  • KEY NAME: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters
  • Entry Name: DCTcpipPort
  • Value: Port No…

About The Author

Nirmal Sharma is a MCSEx3, MCITP and was awarded the Microsoft MVP award in Directory Services and Windows Networking. He specializes in Microsoft Azure, Office 365, Directory Services, Failover Clusters, Hyper-V, PowerShell Scripting and System Center products. Nirmal has been involved with Microsoft Technologies since 1994. In his spare time, he likes to help others and share some of his knowledge by writing tips and articles on various sites.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top