Active Directory – Check communication (portqueryUI)

Table of Contents

• Overview
• Download and Installation of portqueryUI
• Configuration
• Summary on how to check Active Directory communication with Port Query

Overview

With network segmentation, domain controllers often have to configured on a firewall. How do you test, verify and document the functioniality or errors?

You often have to run tests, repeat them and document them. I like to use the Microsoft port query tool for this and add the GUI – graphical user interface – for better visibility.

The tool is available from Microsoft and allows various functions to be executed and run against DNS names of systems or IP addresses.

Download and Installation of portqueryUI

To do this, we download the programme directly from Microsoft via this link or search for ‘portqueryUI’ in the search engine of our choice.

Execute the downloaded file and accept the licence agreement. Then select the path for unpacking the files. In the example, I unzip this into my user directory under Documents on the test server.

Configuration

Then set the programme so that the domain controller to be tested is set as the destination IP and select the Domain and Trusts service.

The tool then automatically checks all relevant network ports to the domain controller and reports if certain communication does not work.

Summary on how to check Active Directory communication with Port Query

For me, an unjustly forgotten ‘treasure’ of a tool. I still like to use it and will do so again and again. For more tools to check connectivity take a look at WinMTR here.