What ports need to be opened for RVI to inventory HyperV

Document ID : KB000074896
Last Modified Date : 27/03/2018
Show Technical Document Details
Question:
When inventorying a Microsoft HyperV server, using ITCM's Remote Virtual Inventory (RVI), what are the required ports?
Environment:
Client Automation (ITCM) -- any version.
Answer:
Unlike VMWare ESX/ESXi, which RVI can inventory using the VMWare Web Service, Microsoft HyperV servers are inventoried via remote WMI queries.  

There are THREE requirements for remote WMI querying: 
1- RPC Server: TCP/135. 
2- svchost.exe (service=winmgmt): TCP any port (typically TCP 1024-65535) 
3- unsecapp.exe: TCP any port 

If you're using the Windows Firewall, it will create three rules automatically. Rather than opening ports TCP 1024-65535, it will allow the specific svchost.exe executable for the winmgmt service, to access any of these ports, rather than opening them generically.

The problem is if you're not using the built-in Windows Firewall, it is not practical to open TCP 1024-65535 to satisfy any/every possible WMI query.

Instead, follow these instructions for configuring WMI to use a single port:
https://msdn.microsoft.com/en-us/library/bb219447(v=vs.85).aspx

Once the port is fixed or the firewall is opened, the connection may be tested by remotely running the following WMI query:
wmic /node: <IP address of HyperV server> OS get name 

Once verifed, the RVI inventory can be manually run by starting the AM agent:
caf start amagent args -collect