Note: The AFS Server is the computer on which the Active Administrator Server is installed and running the Active Administrator Foundation Service (AFS). The Console is the computer on which the Active Administrator Console is installed. The AFS Database Server is the computer on which the audit database resides.
• Remote Procedure Call (RPC) must be open between the AFS Server and the target
When installing the audit agent on a member server instead of a domain controller, the following inbound firewall exceptions for Windows Management Instrumentation must be enabled:
If you are using the Certificate Management feature, Remote Registry Service must be enabled on all Windows computers on which certificates are managed.
If you are using the Azure™ Active Directory® feature, TCP Ports 80 and 443 must be open on the Internet-facing firewall.
If you are using the Active Directory Health feature:
If you want to access the DNS event logs in Active Administrator, the following inbound firewall exceptions are required on each DNS server:
COM+ Network Access (DCOM-In)
Remote Event Log Management (NP-In)
Remote Event Log Management (RPC)
Remote Event Log Management (RPC-EPMAP)
IMPORTANT: It is recommended that you only use the Web Console internal to the network. If you want to use the Web Console externally, use HyperText Transfer Protocol Secure (HTTPS) by enabling Secure Sockets Layer (SSL). You need to select a certificate, which must be installed in the Personal or My store on the local computer. The default port is 9443. See the Web Console User Guide for more instructions on configuring the Web Server.