Active Directory schema loading crash when DC in DMZ

Hello!

1IM 8.1 SP2.

We try create synchronization project for Active Directory. DC Active Directory is place in DMZ.

We have opened on DC only ldap(s) – 389 (ldap), 636 (ldaps), 88 (Kerberos), 53 (DNS) ports. In process loading schema we have crush report:

Error accessing schema: Directory server "WIN-LC5J1U8R9KT.test1.local" does not exist or cannot be contacted.

ActiveDirectory schema not loaded.

Error accessing schema: Unknown error (0x80005000)

LDAP Directory schema not loaded.

Access to Acetive Directory schema failed.

Got schema.

Object reference not set to an instance of an object.

 

If we add open 445 (TCP) port then the process loading schema finished without errors.

Why the process loading schema use 445 TCP port?