I am working on a design for deploying AGPM (Advanced Group Policy Management) into our DMZ. As I see it there are four major design components when it comes to network communication. They are the AGPM service (and archive), an SMTP relay, the domain or domains being managed and the AGPM client. I would like to keep the AGPM service, AGPM Client and the SMTP relay on our internal LAN. This means the communications between the AGPM Service and the domain that it is managing need to cross a firewall into our DMZ. I have not been able to find documentation on what network ports are used to communicate between the AGPM Service and the domain it is managing. It is very well documented that the AGPM Service and the AGPM Client use 4600 to communicate and it is clear how to change that however I do not want to have to pu the AGPM Service in our DMZ.
Thanks for any help you can offer.