I Need To Make A Change With My IT Support! Call (225) 706-8414

Whitelist Office 365 URLs Needed for AD DirSync, Azure, and Office 365

If authentication to Office cloud based applications is failing make sure that any anti-virus or network security tools are allowing these URLs for Microsoft

Solution

The following table describes everything in use. Below that is the whitelist URLs.

Item Purpose Impacts Ports URL Ports
Office 365 Portal and
help content
logged on user Client Computer TCP 49152 to 65535 Portal.Office.comHome.Office.com*.office365.com*.office.com*.office.net TCP 80 & 443
Authentication and
support services
logged on user Client Computer TCP 49152 to 65535 *.microsoftonline.com*.microsoft.com*.live.com*.windows.net TCP 80, 25, & 443
Default tenant namespace
(mail routing, etc.)
logged on user Client Computer TCP 80, 25, & 443 *.onmicrosoft.com
Global DNS load
balancing services
logged on user Client Computer TCP 80 & 443 *.glbdns.microsoft.com TCP 80 & 443
Microsoft Azure
Active Directory
logged on user Client Computer TCP 49152 to 65535 *.activedirectory.windowsazure.com
Azure Rights
Management
logged on user Client Computer TCP 49152 to 65535 *.aadrm.com*.azurerms.com*.cloudapp.net

Also be sure to whitelist the following Certificate Revocation List points:

  • crl.microsoft.com
  • evsecure-ocsp.verisign.com
  • evsecure-aia.verisign.com
  • evsecure-crl.verisign.com
  • sa.symcb.com
  • sd.symcb.com
  • *.omniroot.com
  • *.verisign.com
  • *.symcb.com
  • *.symcd.com
  • *.verisign.net
  • *.geotrust.com
  • *.entrust.net
  • *.public-trust.com

                                

Concerned About Cyber Attacks?

CLICK HERE >

Want to Migrate to the Cloud?

CLICK HERE >
Office 365

Ready to Experience Microsoft Office 365?

Want the latest IT news directly in your inbox? Subscribe now!