View what's in this topicRequired Network Ports for uProduce Environments
This article summarizes the network ports required for inter-server communication in XMPie uProduce deployments. Use it as a quick reference when configuring firewalls, network ACLs, or security groups for on-premises and cloud installations.
Overview
A typical uProduce deployment includes one or more application servers (uProduce, Dispatcher, Production Server, etc.) that communicate with a SQL Server database, a shared file storage location, and — when domain-joined — Active Directory. The tables below list the ports required for each of these communication paths.
Protocol legend:
-
TCP – Connection-oriented
-
UDP – Datagram
-
TCP/UDP – Both protocols required
Shared Backend Services
All uProduce servers must be able to reach the shared SQL Server and file storage on the following ports:
|
Port |
Protocol |
Purpose |
Notes |
|---|---|---|---|
|
1433 |
TCP |
SQL Server – uProduce databases |
Default SQL Server port. Required from every uProduce server to the SQL host. |
|
1434 |
UDP |
SQL Server Browser |
Only needed if SQL is on a named instance or dynamic port. |
|
445 |
TCP |
SMB – shared assets & output |
Required for shared file storage between uProduce servers. |
|
137 / 138 / 139 |
TCP/UDP |
Legacy NetBIOS (SMB v1) |
Only on legacy networks; modern deployments do not require these. |
MSMQ — Microsoft Message Queuing
uProduce uses MSMQ for production tracking and other inter-server messaging. The ports below must be open between any two servers exchanging messages.
|
Port |
Protocol |
Purpose |
Notes |
|---|---|---|---|
|
1801 |
TCP |
MSMQ message delivery |
The main MSMQ port. Required between any two servers exchanging messages. |
|
1801 |
UDP |
MSMQ pings / notifications |
Same number, UDP variant — used for queue status pings. |
|
2101 |
TCP |
MSMQ-DS / MQIS |
Legacy AD-integrated MSMQ (MSMQ 1.0 / 2.0). |
|
2103 |
TCP |
MSMQ RPC |
Legacy AD-integrated MSMQ. |
|
2105 |
TCP |
MSMQ RPC |
Legacy AD-integrated MSMQ. |
|
3527 |
UDP |
MSMQ multicast pings |
Only if multicast queues are used (rare). |
DCOM / RPC
Required for remote management, MMC snap-ins, MSMQ administration, and WMI between servers.
|
Port |
Protocol |
Purpose |
Notes |
|---|---|---|---|
|
135 |
TCP |
RPC Endpoint Mapper |
Required for any remote DCOM/RPC activation (MMC, WMI, MSMQ admin). |
|
49152–65535 |
TCP |
Dynamic RPC range |
Default Windows ephemeral range. Negotiated via the endpoint mapper after connecting on TCP 135. |
Domain Services (when domain-joined)
When uProduce servers are joined to an Active Directory domain, the following ports must be open from each server to the Domain Controllers.
|
Port |
Protocol |
Purpose |
Notes |
|---|---|---|---|
|
53 |
TCP/UDP |
DNS |
Name resolution for all servers. |
|
88 |
TCP/UDP |
Kerberos authentication |
Required for AD authentication. |
|
389 |
TCP/UDP |
LDAP |
Directory queries. |
|
636 |
TCP |
LDAPS (LDAP over SSL) |
If secure LDAP is enforced. |
|
464 |
TCP/UDP |
Kerberos password change |
Used during password / ticket renewal flows. |
Licensing & Outbound
uProduce servers must be able to reach XMPie's external licensing endpoints (in a distributed environment, only the Director).
|
Port |
Protocol |
Purpose |
Notes |
|---|---|---|---|
|
443 |
TCP |
HTTPS – XMPie licensing / activation |
Outbound to XMPie's licensing endpoints. Outbound to Adobe services.* |
* Only for editions that include InDesign Server production.
Created By Mohammad Mansour on May, 2026