Port Requirements

Application launcher and session recording software make use of a small number of ports. Actual port usage varies based on your specific configurations.

Note: The following ports are the standard ports for common protocols. These ports may have been changed on the target system. It is the responsibility of the administrator to determine if any of the target ports have been changed and reflect changed ports when password change jobs or account discovery jobs are performed.

Ports Direction Use

53

TCP/UDP, outbound, DNS Used for name resolution to target hosts.

88

TCP/UDP, outbound, Kerberos When Kerberos authentication is configured,used by the jump server to authenticate users.
443 TCP, outbound, HTTPS Used by the application launcher and web service to communicate with the Privileged Identity web service.
445 TCP, outbound, SMB
  • When hosted across multiple servicers, used by session recording components to copy recorded files to other session recording component hosts.
  • 464 TCP/UDP, outbound, Kerberos When Kerberos authentication is configured, used by the jump server to authenticate users.
    3389 TCP/UDP, inbound, RDP Used by the end user to connect to remote applications installed on the jump server.
    389/636 TCP, outbound, LDAP/LDAPS

    During the login of the application launcher, used by the jump server to communicate with Active Directory.

    Note: Applications will require ports specific to their function. They are not defined by Privileged Identity.

    Note: If either the web service or the web app is on a non-default port, you must configure the firewall to allow communication over that port.