Port Requirements for App Launcher
Application launcher and session recording software make use of a small number of ports. Actual port usage varies based on your specific configurations.
The following ports are the standard ports for common protocols. These ports may have been changed on the target system. It is the responsibility of the administrator to determine if any of the target ports have been changed and reflect changed ports when password change jobs or account discovery jobs are performed.
| Ports | Direction | Use |
|---|---|---|
|
53 |
TCP/UDP, outbound, DNS | Used for name resolution to target hosts. |
|
88 |
TCP/UDP, outbound, Kerberos | When Kerberos authentication is configured, used by the jump server to authenticate users. |
| 443 | TCP, outbound, HTTPS | Used by the application launcher and web service to communicate with the Privileged Identity web service. |
| 445 | TCP, outbound, SMB | When hosted across multiple servicers, used by session recording components to copy recorded files to other session recording component hosts. |
| 464 | TCP/UDP, outbound, Kerberos | When Kerberos authentication is configured, used by the jump server to authenticate users. |
| 3389 | TCP/UDP, inbound, RDP | Used by the end user to connect to remote applications installed on the jump server. |
| 389/636 | TCP, outbound, LDAP/LDAPS |
During the login of the application launcher, used by the jump server to communicate with Active Directory. |
Applications will require ports specific to their function. They are not defined by Privileged Identity.
If either the web service or the web app is on a non-default port, you must configure the firewall to allow communication over that port.
