Below you can find the list of ports necessary for the proper functioning of ThinMan.
| Connection | Port Type | Port Number | Description |
|---|---|---|---|
| Inbound | TCP | 443 | Communication between ThinMan Server and devices (can be configured) |
| Connection | Port Type | Port Number | Description |
|---|---|---|---|
| Inbound | UDP TCP |
137,138 139,445 |
Praim Windows device image management. |
| Outbound | TCP | 389 or 636 | Active Directory (used on ThinMan Login/ThinMan Smart Identity with User+ Feature Pack) and ThinMan Access Control |
| Inbound | TCP | 20080 | ThinMan Secondary Server (Admin+ Feature Pack needed) |
| Outbound | UDP/TCP | 1680 | Network browsing |
| Outbound | UDP | 9 | Wake on LAN Magic Packet |
ThinMan Services
In case of a firewall, add to the whitelist the following ThinMan Services.
- For the server:
- https://stats.praim.com (for technical support services)
- https://packages.praim.com (to download ThinMan and Windows boot image upgrades)
- https://api.cloud.praim.com
- For the console:
- https://wiki.praim.com (for documentation purposes)
- https://www.praim.com
The WebSocketSecure (WSS) is the communication protocol between the ThinMan Server and a device (Agile/ThinOX). When the endpoint notifies to the ThinMan Server, a tcp connection is activated permanently as a channel between the endpoint and ThinMan. All the communications that take place between the ThinMan Server and the device happen through this channel.
In order to achieve the full potential of device management through ThinMan, it is necessary to configure the devices to point the ThinMan Server.
With the introduction of the WSS protocol, ThinMan uses the HTTPS port 443 for the communication with all Praim devices. If necessary, the default port (443) can be changed either during the ThinMan installation(see image below) or later on, through the ThinMan Server Settings configurator.
The ThinMan Repository file sharing (needed to Capture and Apply Images on Praim Windows devices) makes used of the ports indicated above. For more information about shared folders, read https://technet.microsoft.com/en-us/library/cc731402.aspx.
You can configure one or more LDAP Servers as authentication server whether you want to use:
If you want to use the Active Directory on the ThinMan console, be aware LDAP communication occurs over port 389 and LDAPS communication occurs over port TCP 636.
ThinMan Secondary Server allows you to implement a High Availability ThinMan infrastructure (installing the primary and secondary ThinMan server). We highly suggest when using ThinMan Login, ThinMan Smart Identity and User policies.
The ThinMan Secondary server can be configured as:
On the HALF mode, the secondary server only reads the ThinMan database. It does not contact the Primary server. In this case, you will need to configure the incoming port indicated below.
On the FULL mode, the secondary server writes on the ThinMan database and monitors the Primary Server. In this case, be sure the incoming and outgoing ports are opened in both servers.
For more information, read ThinMan Operation Modes and High Availability Software Architecture.
The network browsing is a functionality that allows to discover devices containing a Praim solution (either ThinOX O.S or Windows with Agile) on reachable networks, before Configuring devices to contact the ThinMan Server.
Below you can find information about the ports needed in case you have legacy devices.