HI @MatinDe ,

Its depends on which class discovery you are doing, if you are running discovery on Windows , It will use the WMI and WINRM but for Storage CIM Server discovery it will use the WINRM. 

WMI vs WinRM

ServiceNow discovery leverages multiple protocols to communicate with the target devices. Either WMI or WinRM can be utilized for windows discovery. The protocol used for windows discovery is controlled at the MID server level via MID server parameter "mid.windows.management_protocol". The default value for this property is "WMI".

Network Requirements

WMI and WinRM have different network/firewall requirements.

WMI

WMI is based on DCOM/RPC. This means a connection is first initiated on port 135 to determine what dynamic port to use. The connection then proceeds to use the dynamic port negotiated.

The following Microsoft documentation provides more information on this topic:

• Setting up a Remote WMI Connection
• How to configure RPC dynamic port allocation to work with firewalls

Enhanced windows discovery also uses the target server admin$ and as such also requires file sharing port traffic to be allowed (port 445). For more information on enhanced windows discovery please see:

• Differences between Windows PowerShell Discovery and legacy Windows Discovery

WinRM

WinRM uses port 5985 (HTTP) or 5986 (HTTPS), this depends on the configuration on the target host. The following Microsoft documentation provides further information on setting up WinRM:

• Installation and configuration for Windows Remote Management
• How to configure WINRM for HTTPS

https://support.servicenow.com/kb?id=kb_article_view&sysparm_article=KB1116898

Please appreciate the efforts of community contributors by marking appropriate response as Mark my Answer Helpful or Accept Solution this may help other community users to follow correct solution in future.

Thanks

AJ

Linkedin Profile:- https://www.linkedin.com/in/ajay-kumar-66a91385/

ServiceNow Community Rising Star 2024