Port used by the user id agent to talk to AD server

Showing results for 
Search instead for 
Did you mean: 

Port used by the user id agent to talk to AD server

Cyber Elite
Cyber Elite

We have PA user id agent running on the windows server.

Need to confirm Port used by the User id agent to talk to AD for user to ip mappings

is this port tcp 5006?


where should i look for?


Accepted Solutions

Our Windows based user agents are using TCP 445 to all our DC's.


View solution in original post


Cyber Elite
Cyber Elite


By default, its port 5007. It will initiate from the client/server to the PAN on the management interface. You should be able to see it connect if you go to the Device tab -> User Identification ->User-ID agent subtab. The ball should be green. Also if you have the local firewall turned on on the server, make sure you are allowing port 5007/tcp outbound.





Think the question was what port the UserID agent uses to talk to AD (not the Palo).

UserID to AD servers port usage is referenced here:



I have gone through that link so need to confirm if port used is 5006?


Thanks for replying.

Need to confirm port used between user id agent running on Windows server and AD?


Our Windows based user agents are using TCP 445 to all our DC's.


how can I verify that from user id agent running on windows server?


On the windows server run a command prompt and use


netstat -an


look for established connections from  agent server to ad server, 


Will try that


Tested it is using port 445.

Thanks for help

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!