Connector ports and protocols
The Privilege Cloud Connector uses standard ports and protocols to communicate with different devices. The following tables list the ports used by the Connector to communicate with the different devices for which it manages passwords.
|
Device |
Protocol |
Port |
|
|---|---|---|---|
|
Windows Domain Accounts
|
Windows protocols (SMB, RPC, WMI, DCOM, etc.) |
139, 445 |
|
|
Kerberos |
88
|
||
| DNS | 53 | ||
|
Windows Domain Accounts via LDAP
|
Windows protocols (SMB, RPC, WMI, DCOM, etc.) |
139, 445 |
|
|
LDAP/s |
389, 636, 3268, 3269
|
||
|
Kerberos |
88 | ||
|
DNS |
53 |
||
|
Windows Desktop Accounts
|
Windows protocols (SMB, RPC, WMI, DCOM, etc.) |
135, 445 |
|
|
Windows Local Accounts |
Windows protocols (SMB, RPC, WMI, DCOM, etc.) |
139, 445 |
|
|
UNIX
|
SSH |
22 |
|
|
Telnet |
23 |
SMB protocol information
Some CPM plugins use IPC calls to communicate with clients and servers. IPC calls are part of the SMB protocol.
CyberArk does not use a specific SMB protocol version. The SMB version that is used is determined by the OS version of the client and server. There are several versions (or dialects) of the SMB protocol that were introduced with different versions of Windows:
-
SMB 1 - Windows 2000
-
SMB 2 - Windows Server 2008 and Windows Vista SP1
-
SMB 2.1 - Windows Server 2008 R2 and Windows 7
-
SMB 3.0 - Windows Server 2012 and Windows 8
The SMB version that is used between two machines is the highest version or dialect that both machines support.
For example, if a Windows 8 machine is talking to a Windows 8 or Windows Server 2012 machine, it will use SMB 3.0. If a Windows 10 machine is talking to a Windows Server 2008 R2, then the highest common level is SMB 2.1.
|
In older Windows versions (95, 98, ME & NT), SMB ran on NetBIOS over TCP/IP (NBT) on ports 137/tcp and udp, 138/udp, and 139/tcp. However, in later Windows versions (2000 and XP), it is possible to run SMB directly over TCP/IP on port 445. |
|
Device |
Protocol |
Port |
|---|---|---|
|
Oracle |
Proprietary protocol |
1521 |
|
MSSql |
Proprietary protocol |
1433 |
|
Device |
Protocol |
Port |
|---|---|---|
|
CheckPoint Firewall-1 NG |
OPSEC |
18190 |
|
RSA Authentication Manager Accounts |
SSH |
22 |
|
HTTPS |
443 |
|
Device |
Protocol |
Port |
|---|---|---|
|
Netscreen |
SSH |
22 |
|
Telnet |
23 |
|
Device |
Protocol |
Port |
|---|---|---|
|
CISCO |
SSH |
22 |
|
Telnet |
23 |
|
Device |
Protocol |
Port |
|---|---|---|
|
CyberArk |
CyberArk |
1858 (can be changed) |
|
Device |
Protocol |
Port |
|---|---|---|
|
LDAP |
Plain |
389 |
|
SSL |
636 |
