AFAIK, 9389 shouldnt be. This may help you further sort out your port requirements:
<goog_1952925946> https://technet.microsoft.com/en-us/library/dd772723%28v=ws.10%29.aspx -- Espi On Wed, May 24, 2017 at 8:50 AM, Christopher Bodnar < [email protected]> wrote: > I’m setting up an external trust between two forests. There are firewalls > between them. I’ve been using this as the basis for the firewall rules: > > > > https://support.microsoft.com/en-us/help/179442/how-to- > configure-a-firewall-for-domains-and-trusts#method3 > > > > It does NOT mention 9389 (AD DS Web Services). My understanding is that > that is only needed for DC to DC communication within a Forest, not for a > Trust. Can anyone confirm this? > > > > Right now, I haven’t been able to get the trust to work yet, and I do see > that the outgoing side of the trust is trying to get to the incoming side > over 9389, which is currently blocked. > > > > > > Thanks > > > > > > *Christopher Bodnar* > Enterprise Architect II, Corporate Office of Technology:Enterprise > Architecture and Engineering Services > > Tel 610-807-6459 <(610)%20807-6459> > 3900 Burgess Place, Bethlehem, PA 18017 > [email protected] > > [image: cid:[email protected]] > > * The Guardian Life Insurance Company of America* > > * www.guardianlife.com <http://www.guardianlife.com/>* > > > > > > ------------------------------ > ----------------------------------------- This message, and any > attachments to it, may contain information that is privileged, > confidential, and exempt from disclosure under applicable law. If the > reader of this message is not the intended recipient, you are notified that > any use, dissemination, distribution, copying, or communication of this > message is strictly prohibited. If you have received this message in error, > please notify the sender immediately by return e-mail and delete the > message and any attachments. Thank you. > >
