Cannot access server via iManager
I have deployed a new IDM environment running eDirectory 9.0.4. Our new organizational policy is to block all ports on servers except the ports that are specifically needed. I requested the following ports be opened on these servers:
I can connect to the hosts via SSH and to eDirectory via LDAPS, but iManager times out. Are there any other ports that need to be opened on these systems?
I believe iManager mostly uses 524 (NCP). I'd make sure that that one is actually open before going any further.
Also make sure that TCP and UDP are open for that one, could be using either one.
The two systems can talk to each other (i.e., the replicas are in sync), so that would indicate that 524 is open, right? I do need to verify that they're accepting traffic over that port from the iManager servers.I will also ask that 524/UDP be open, as you suggest.
Yeah, you'd think so, but I don't trust firewall guys to get the request right.
You may need to have them open the firewall, then run tcpdump and see what ports the traffic is using. It should be NCP/524, but I can't say that I've had to look that deep at iManager in quite a while.
iManager requires port 524 TCP/UDP to be open between the iManager server and the eDirectory server(s). Not just between your workstation and the servers.
I knew 524 had to be open between the iManager server and the eDirectory server (but I thought it was just TCP). I didn't know 524 had to be open from the workstation to the eDirectory server.
I have submitted an amended request that specifies 524/TCP and 524/UDP from both workstation and iManager server to the target eDirectory server. We'll see what happens.