What ports need to be opened for RVI to inventory HyperV

book

Article ID: 74896

calendar_today

Updated On:

Products

CA Automation Suite for Data Centers - Configuration Automation CA Client Automation - Asset Management CA Client Automation - IT Client Manager CA Client Automation CA Client Automation - Remote Control CA Client Automation - Asset Intelligence CA Client Automation - Desktop Migration Manager CA Client Automation - Patch Manager

Issue/Introduction



When inventorying a Microsoft HyperV server, using ITCM's Remote Virtual Inventory (RVI), what are the required ports?

Environment

Client Automation (ITCM) -- any version.

Resolution

Unlike VMWare ESX/ESXi, which RVI can inventory using the VMWare Web Service, Microsoft HyperV servers are inventoried via remote WMI queries.  

There are THREE requirements for remote WMI querying: 
1- RPC Server: TCP/135. 
2- svchost.exe (service=winmgmt): TCP any port (typically TCP 1024-65535) 
3- unsecapp.exe: TCP any port 

If you're using the Windows Firewall, it will create three rules automatically. Rather than opening ports TCP 1024-65535, it will allow the specific svchost.exe executable for the winmgmt service, to access any of these ports, rather than opening them generically.

The problem is if you're not using the built-in Windows Firewall, it is not practical to open TCP 1024-65535 to satisfy any/every possible WMI query.

Instead, follow these instructions for configuring WMI to use a single port:
https://msdn.microsoft.com/en-us/library/bb219447(v=vs.85).aspx

Once the port is fixed or the firewall is opened, the connection may be tested by remotely running the following WMI query:
wmic /node: <IP address of HyperV server> OS get name 

Once verifed, the RVI inventory can be manually run by starting the AM agent:
caf start amagent args -collect