On Wed, 2018-03-14 at 18:01 +0100, Roger MÃ¥rtensson wrote:
Hello!
Got tasked to look at firewall rules and am now wondering if there is a
document anywhere that describes the ports and protocols used by SSSD?
My list currently consist of: 53 (udp/tcp), 88 (udp), 389 (tcp), 636
(tcp) and 3268 (tcp) and 3269 (tcp)
If I search on "Windows Client" and ports I get tons of ports and
port-ranges I may need to open. But what do SSSD use?
It really depends on what backend you are using.
for AD you won't need 636(tcp) but you will need 389 (udp) for site
discovery and 445 (tcp) if you use GPOs
If you use a plain LDAP server then you won't need 3268/3269
For password changes if you use kerberos (including AD) you will need
464(tcp)
If you use one of the pam passwthrough modules you may need othere
things (like NIS ports etc... )
Simo.
--
Simo Sorce
Sr. Principal Software Engineer
Red Hat, Inc