Active Directory
For EmpowerID to communicate with Active Directory environments, the following ports must be open:
- LDAP: port 389 TCP, UDP
- Global catalog LDAP: port 3268 TCP
- Kerberos: port 88 TCP, UDP
Internal EmpowerID Communications
The EmpowerID Management Console Windows desktop client requires the following ports be open:
- HTTPS/SSL: port 443 TCP
EmpowerID server to server communications require the following ports be open:
- Microsoft SQL Server: port 1433 TCP
EmpowerID server to SQL Database communications require the following ports be opend:
- Microsoft SQL Server: port 1433 TCP
The below two images depict the EmpowerID Communications and Connectivity architecture. The first shows the architecture without EmpowerID WAM/Reverse Proxy, while the second shows the architecture with EmpowerID WAM/Reverse Proxy.
Figure 1: EmpowerID Communications and Connectivity architecture
Figure 2: EmpowerID Communications and Connectivity architecture with WAM/Reverse Proxy module
In addition to the above, for password resets you may need to open TDP/UDP 135, as well as all RPC dynamic ports. For more information, see the following Microsoft topics: