Be sure the following ports are open on the IIS server to allow discovery of IIS application pools and related accounts:
- Port 135 (TCP) for inbound communication with the RPC endpoint mapper program.
- A custom inbound firewall rule to allow communication for the DllHost.exe process on all RPC Dynamic Ports.
- Port 139 (TCP) for file and printer sharing (NB-Session-In) inbound communication if the operating system is Windows Server 2016.
For more information about configuring firewall rules for discovery, see System discovery pre-requisites.