Red Hat Bugzilla – Bug 1278435
Incomplete ports for IPA ad-trust
Last modified: 2016-06-10 07:55:59 EDT
Related part of ipa-adtrust-manual page after a fix:
In addition to the IPA server firewall requirements, ipa-adtrust-install requires the following ports to be open to allow IPA and Active Directory to communicate together:
· 135/tcp EPMAP
· 138/tcp NetBIOS-DGM
· 139/tcp NetBIOS-SSN
· 445/tcp Microsoft-DS
· 1024/tcp through 1300/tcp to allow EPMAP on port 135/tcp to create a TCP listener based on an incoming request.
· 138/udp NetBIOS-DGM
· 139/udp NetBIOS-SSN
· 389/udp LDAP
I added 135/tcp and 1024-1030/tcp to "Table 5.1. Ports Required for a Trust" and in step 2 of "Opening the Required Ports" to the firewall-cmd command.
Hi Marc, the upper value of the range is incorrect, it should 1300 instead of 1030.
I fixed the upper value of the port range.
Published in an asynchronous update.