Group Policy - Protocol
To successfully apply Group Policy, a client must be able to contact a domain controller over the DCOM, ICMP, LDAP, SMB, and RPC protocols. If any one of these protocols are unavailable or blocked between the client and a relevant domain controller, policy will not apply or refresh. For a cross-domain logon, where a computer is in one domain, and the user account is in another, these protocols may be required for the client, the resource domain, and the account domain to communicate. ICMP is used for slow link detection.
http://support.microsoft.com/kb/832017
Application protocol Protocol Ports
DCOM TCP + UDP random port number between 1024 - 65535
ICMP (ping) ICMP
LDAP TCP 389
SMB TCP 445
RPC TCP 135
