Ports used by Delinea Platform Vault (Secret Server Cloud)
Delinea’s PS Consultant David Rose took a look at our full ports documentation and distilled the most essential into this quick overview. Thanks David!
Looking at the Secret Server Ports Requirement from the Delinea doc site, these are the more important ports to start Secret Server with the ability to discover, rotate passwords on secrets, and communicate with AD.
| Types of Traffic | Port Number(s) | Source | Destination |
| SSL/TLS | TCP/443 | Distributed Engine(s), Delinea Connector(s) | Internet-based Delinea Platform |
| Kerberos | TCP/88, UDP/88 | Distributed Engine(s) | Domain Controllers |
| LDAP | TCP/389, UDP/389 | Distributed Engine(s) | Domain Controllers |
| LDAPS | TCP/636, UDP/636 | Distributed Engine(s) | Domain Controllers |
| Window’s Endpoint Server(s) - Firewall Port Configurations via GPO | |||
| SMB/Microsoft-DS | TCP/445, UDP/445 | Distributed Engine(s) | Windows Servers | Discovery & Pw Change |
| RPC Endpoint Mapper | TCP/135, UDP/135 | Distributed Engine(s) | Windows Servers | Discovery & Pw Change |
| MS RDP | TCP/49152 – 65535, UDP/49152-65535 | User’s Workstation | Windows Servers | Discovery & Pw Change |
| Distributed Engin(e) - Firewall Port Configurations via GPO | |||
| MS RDP Proxy | TCP/3390, UDP/3390,
| User’s Workstation | Distributed Engine(s) | Secret Server Proxy Windows |
| SSH | TCP/22, UDP/22 | User’s Workstation | Distributed Engine (s) Secret Server Proxy SSH |
For LDAPS communication, LDAP (port 389) is used for the initial handshake.
The RPC Dynamic Port ranges are a range of ports utilized by Microsoft's Remote Procedure Call (RPC) functionality. This port range varies by operating system. For Windows Server 2008 or greater, this port range is 49152 to 65535 and this entire port range must be open for RPC technology to work. The RPC range is needed to perform Remote Password Changing since Secret Server will need to connect to the computer using DCOM protocol.
See the full online documentation, including additional ports needed for Secret Server On-Prem: Ports Used by Secret Server