SCOM 2012 - Fix ports at descovery


  • Hello everyone.

    I have simple question.

    Is possible to set specifics ports for SCOM 2012 SP1 use for discovering? Instead of opening all these ports at firewall?

    Name Port Number Protocol
    RPC endpoint mapper 135 TCP/UDP
    RPC/DCOM High ports (Win 2K/2K3 OS) 1024-5000 TCP/UDP
    RPC/DCOM High ports (Win 2K8) 49152-65535 TCP/UDP
    NetBIOS name service 137 TCP/UDP
    NetBIOS session service 139 TCP/UDP
    SMB over IP 445 TCP
    MOM Channel 5723 TCP/UDP


    Friday, July 19, 2013 5:14 PM


  • If your environment is heavily blocked with firewalls, you might need to resort to installing the agent manually. This could be any number of methods, including SCCM or another configuration management system.

    Another option is to deploy a gateway server in the same logical boundary where your agents are to be installed, and discover the agents that way. However, the latter will add complexity and gateways are not intended to be used this way. I don't even like offering this as an option, because gateways are inherently flaky in my experience, and I will not support implementing them in any environment, unless it is absolutely necessary.

    The fact of the matter is, file and print sharing, and remote management need to be working in order to copy the installation files to the agent. There is no way around that, and these are standard ports that should not be changed - probably wouldn't be able to if you tried.

    Jonathan Almquist | SCOMskills, LLC (

    Saturday, July 20, 2013 12:19 AM