Component : PRIVILEGED ACCESS MANAGEMENT
The ports described in manual are needed between PAM appliance and AD server.
Also PAM and target device, and target device and AD should be opened.
https://techdocs.broadcom.com/content/broadcom/techdocs/us/en/ca-enterprise-software/layer7-privileged-access-management/privileged-access-manager/3-3/implementing/protect-privileged-account-credentials/default-ports-for-credential-manager.html#concept.dita_8a5683099737befe6e112e3578cb317fc0f7de79_DefaultPortsforTargetConnectors