Chat now with support
Chat with Support

Enterprise Reporter 3.2.1 - Installation and Deployment Guide

Product Overview Installation Considerations for Enterprise Reporter Installing and Configuring Enterprise Reporter Managing Your Enterprise Reporter Deployment Troubleshooting Issues with Enterprise Reporter Appendix: Database Content Wizard Appendix: Encryption Key Manager Appendix: Log Viewer

Port Requirements

For the Enterprise Reporter components to communicate, some ports must be open.

This figure outlines the ports used by the Enterprise Reporter components.

*For more information on ports used when creating a discovery, see Table 11.

**For more information on ports used during data collections, see Table 12.

This table outlines the ports used by all of the Enterprise Reporter components.

Configuration Manager1

FTP

20, 21

TCP

 

X

 

 

 

SMTP

25

TCP

X

X

 

X

 

WINS / NetBiOS Name Resolution

42

TCP
UDP

 

 

 

X

 

DNS FQDN Resolution

53

TCP
UDP

X

X

 

X

 

Kerberos

88

TCP
UDP

X

 

 

X

 

RPC Service & Endpoint Mapper / WMI

135

TCP
UDP

X

 

 

 

 

NetBIOS Name Service

137

UDP

 

 

 

X

 

NetBIOS Datagram (browsing)

138

UDP

X

 

 

 

 

LDAP

389

TCP
UDP

X

 

 

 

 

SQL

1433

TCP

 

X

X

X

X

SQL Server Browser Service

1434

TCP
UDP

X

X

 

 

 

Enterprise Reporter Node

7737

TCP

 

 

 

X

X

Enterprise Reporter Server

7738

TCP

X

X

 

X

X


1

This table outlines the ports used by all of the Enterprise Reporter discoveries.

WINS / NetBiOS Name Resolution

42

TCP
UDP

X

 

 

X

X

 

X

X

 

X

X

DNS FQDN Resolution

53

TCP
UDP

X

 

 

X

X

 

X

X

 

X

X

HTTP

80

TCP

 

X

X

 

X*

X

 

 

X

 

X

Kerberos

88

TCP
UDP

X

 

 

X

X*

 

X

X

 

X

X

RPC Service & Endpoint Mapper / WMI

135

TCP
UDP

 

 

 

X

X**

 

X

X

 

X

X

NetBIOS Name Service

137

UDP

X

 

 

X

X

 

X

X

 

X

X

Remote Registry

139

TCP

 

 

 

X

X

 

X

X

 

X

 

ICMP

 

 

 

 

 

X

 

 

X

X

 

X

X

LDAP

389

TCP
UDP

X

 

 

X

X

 

X

X

 

X

X

HTTPS

443

TCP
UDP

 

X

X

 

 

 

 

 

X

 

X

SMB / Remote Registry

445

TCP

X

 

 

X

 

 

X

X

 

X

X

LDAP Secure

636

TCP

X

 

 

 

 

 

 

 

 

 

 

DCOM on XP/2003 and below
(uses an open port in this range)

1024
- 5000

TCP
UDP

 

 

 

X

X

 

X

X

 

 

X

SQL

1433

TCP

X

X

X

X

X

X

X

X

X

X

X

SQL Server Browser Service

1434

UDP

 

 

 

 

 

 

 

 

 

 

X

LDAP GC

3268

TCP

X

 

 

 

X

 

 

 

 

 

 

WinRM

5985
5986

TCP
UDP

 

 

 

 

 

X

 

 

 

 

X

Exchange PowerShell

12067

TCP

 

 

 

 

X**

 

 

 

 

 

 

DCOM on Vista/2008 and above
(uses an open port in this range)

49152
- 65535

TCP
UDP

 

 

 

X

X

 

X

X

 

 

X

*Exchange 2010 and higher, **Exchange 2007 only

The following figures outline the ports used by the Enterprise Reporter discoveries.

Firewall Requirements

The following changes are required to be made to the Windows Firewall settings to allow Enterprise Reporter to return all available data during a discovery. Without these settings, the data returned during a discovery will be limited and the discovery will indicate the following error:

 

Windows 2019

Start | Settings | Network & Internet

Select Windows Firewall

Scroll down and select Allow an app through firewall

Select Windows Management Instrumentation (WMI) and File and Print Sharing (if not already selected)

The check box in the Domain column will be selected.

Click OK.

Windows 2016

Start | Control Panel |System Security

Select Allow an app through Windows Firewall

Select Windows Management Instrumentation (WMI) and File and Print Sharing

The check box in the Domain column will be selected.

Click OK.

Windows 2012 and Windows 2012 R2

Start | Control Panel | Windows Firewall.

Select Allow an app or feature through Windows Firewall.

Select Windows Management Instrumentation (WMI).
The check box in the Domain column will be selected.

Click OK.

Windows 2008 R2

Start | Control Panel | System and Security | Windows Firewall.

Select Allow a program or feature through Windows Firewall.

Select Windows Management Instrumentation (WMI).
The check box in the Domain column will be selected.

Click OK.

Windows 2008

Start | Control Panel | Windows Firewall.

Select Allow a program through Windows Firewall.

Select the Exceptions tab.

Scroll down and select Windows Management Instrumentation (WMI) and click OK.

Windows 2003 and Windows 2003 R2

Run the following command-line context:

netsh firewall set service type = remoteadmin mode = enable

Windows 8, Windows 8.1, and Windows 10

In the lower left hand corned of the screen right click and select Control Panel.

Select System and Security | Windows Firewall.

Select Allow a program or feature through Windows Firewall.

Select File and Printer Sharing and Windows Management Instrumentation (WMI).
The checkbox in the Domain column will be selected.

Click OK.

Start the Remote Registry service and set it to Automatic.
This step is required to collect data such as installed software, event logs, and security policies.

 

Windows 7

Start | Control Panel | System and Security | Windows Firewall.

Select Allow a program or feature through Windows Firewall.

Select File and Printer Sharing and Windows Management Instrumentation (WMI).
The checkbox in the Domain column will be selected.

Click OK.

Start the Remote Registry service and set it to Automatic.
This step is required to collect data such as installed software, event logs, and security policies.

Windows Vista

Start | Control Panel | Security | Windows Firewall.

Select Allow a program or feature through Windows Firewall.

Select the Exceptions tab.

Select File and Printer Sharing and Windows Management Instrumentation (WMI).

Click OK.

Windows XP

Start | Control Panel | Security Center| Windows Firewall.

Select the Exceptions tab.

Select File and Printer Sharing.

Click OK.

Database Requirements

The Enterprise Reporter server requires a database to store configuration specifications and the information that will be collected from your network environment. Before you install Enterprise Reporter, determine where you will set up your database. It should reside on a SQL Server® that is accessible from the computer running the Enterprise Reporter server. For more information, see SQL Server Supported Versions .

See also:

Configuring the Database and Security Groups

In order for the server to function, you must have a fully configured Enterprise Reporter database. You can either:

The simplest way to configure the database is to allow Enterprise Reporter to set up the database following installation. You need to know the SQL Server® on which you want to create the database, and you can use either Windows® or SQL Server® credentials to connect to your SQL Server®.

There are parameters that you can set when creating an Enterprise Reporter database:

When you allow Enterprise Reporter to create the database, you also have the option to automatically create the following Domain Local security groups:

You may optionally enter customized group names during setup. Assign names that reflect the purpose of each group to ensure clarity when group names are displayed in various system administration tools.

These groups provide access to the appropriate tables in the Enterprise Reporter database and are used to allow Windows® authentication on the SQL Server®. For more information, see Security Groups in Enterprise Reporter .

A corresponding SQL login and role is created for each group.

 

Related Documents