A Windows server that hosts the Manager Service component must meet additional requirements, in addition to those for all IaaS Windows servers.
The requirements are the same, whether the Manager Service host is a primary or backup.
No firewalls can exist between a Manager Service host and DEM host. For port information, see IaaS Windows Server Ports.
Configure Internet Information Services (IIS) according to the following table.
You need IIS 7.5 for Windows 2008 variants, IIS 8 for Windows 2012, and IIS 8.5 for Windows 2012 R2.
In addition to the configuration settings, avoid hosting additional Web sites in IIS. vRealize Automation sets the binding on its communication port to all unassigned IP addresses, making no additional bindings possible. The default vRealize Automation communication port is 443.
Table 1. IaaS Manager Service Host Internet Information Services
Internet Information Services (IIS) roles
ASPNET 3.5 and ASPNET 4.5
IIS Windows Process Activation Service roles
WCF Activation (Windows 2008 variants only)
Non-HTTP Activation (Windows 2008 variants only)
(Windows 2012 variants: Go to Features > .Net Framework 3.5 Features > Non-HTTP Activation)
IIS Authentication settings
Set the following non-defaults.
Windows Authentication enabled
Anonymous Authentication disabled
Do not change the following defaults.
Negotiate Provider enabled
NTLM Provider enabled
Windows Authentication Kernel Mode enabled
Windows Authentication Extended Protection disabled
For certificates using SHA512, TLS1.2 must be disabled on Windows 2012 variants