Note: For agent deployments, open the following file and printer sharing ports:
- TCP 135
- UDP 137
- UDP 138
- TCP 139
- TCP 445
| Port | Direction | Description |
|---|---|---|
|
8721 |
Incoming |
TCP (HTTP) port opened on the Data Governance server computer. This is the base port for the Data Governance REST API, used for communication with Data Governance server REST services, including the One Identity Manager clients and Windows PowerShell. |
|
8722 |
Incoming |
TCP (net.tcp) port opened on the Data Governance server computer. Used for communication with Data Governance agents, One Identity Manager clients, One Identity Manager web server, and PowerShell. NOTE: The net.tcp port is configurable in the Data Governance Configuration wizard. The HTTP port (8721) listed above should always be 1 less than the net.tcp port. These first two ports align with the base addresses in the DataGovernanceEdition.Service.exe.config file under the IndexServerHost service. It is highly recommended that you only change this port using the Data Governance Configuration wizard to ensure the configuration file, One Identity Manager database and service connection points are updated properly; otherwise, you may lose connection with the Manager, the Data Governance service and/or Data Governance agents. IMPORTANT: Do NOT use the Designer to change the QAMServer configuration parameters, including the Port parameter. |
|
8723 |
Incoming |
HTTP port used for communication with the One Identity Manager web server (/landing and /home pages). |
|
18530 - 18630 |
Incoming |
TCP port range opened on all agent computers. Used for communication with the Data Governance server. (The first agent on an agent host will use port 18530, and each subsequent agent on the same host will take the next available port, i.e., 18531, 18532, and so on.). In addition, this range is used to open a TCP listener for NetApp Cluster Mode hosts if resource activity collection is enabled. |