Summary
When you are planning to implementing a hybrid identity solution, remember that this following ports and protocols are required.
In this post, I will cover the prerequisite of the Microsoft Entra Connect(Formerly known as Azure ad connect) and On-premises AD.
1. Overview
This is the overal design but note that 'On-premises Active Directory and Azure AD Connect Server'
2. Microsoft Entra Connect and On-premises AD
This section describes the ports and protocols that are required for communication between the Microsoft Entra Connect server and on-premises AD.
3. If you don't allow those ports and protocols..
You will encounter following issues.
Example:
389 Ports error.
Test with this powershell on the Microsoft Entra Connect server
Test-Netconnection 'Forest name' -Port 389If the AD has not opened port 53, you need to use IP address.
Test-Netconnection 'IP address' -Port 389Reference
https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/reference-connect-ports
