Port 10117: NetIQ IQCResource Management Service — The Invisible Enterprise Port

What Lives on Port 10117

Port 10117 runs NetIQ's IQCResource Management Service, part of NetIQ's suite of identity governance and resource management tools used by enterprises to manage users, permissions, and IT resources.¹

You've never heard of it because it doesn't run on public-facing infrastructure. This port only appears on internal corporate networks where organizations have deployed NetIQ's identity management platform.

The Port Range: What "Registered" Actually Means

Port 10117 sits in the registered port range (1024-49151), which means three things:

1. It's officially assigned — Unlike the ephemeral ports (49152-65535) that the OS auto-assigns to client connections, port 10117 has a permanent entry in the IANA registry²
2. It requires no system privileges — Applications running as regular users can bind to registered ports
3. There's no enforcement — IANA maintains the registry, but nothing stops someone from running their own service on port 10117. The registration is a courtesy and a standard.

What This Port Actually Does

NetIQ's IQCResource Management Service uses port 10117 to:

• Manage identity and access across enterprise systems
• Provision and deprovision user accounts at scale
• Enforce role-based access control policies
• Connect to directory services, databases, and target systems

It's infrastructure for IT teams managing thousands of users and systems. Every password reset, every access request, every permission change flows through ports like this one.

How to Check if Port 10117 is Listening

To see if something is listening on port 10117:

On Linux/macOS:

netstat -tlnp | grep 10117
lsof -i :10117

On Windows (PowerShell):

netstat -ano | findstr :10117
Get-NetTCPConnection -LocalPort 10117

From another machine:

nmap -p 10117 <target-ip>
nc -zv <target-ip> 10117

If nothing appears, either nothing is listening, or a firewall is blocking it (likely).

Why Unassigned and Registered Ports Matter

There are 65,535 ports. The landscape looks like this:

• Well-known (0-1023) — HTTP, SSH, DNS, SMTP. The famous ones. Protected by the OS.
• Registered (1024-49151) — A middle ground where enterprises register their applications. Port 10117 is here, along with thousands of others.
• Ephemeral (49152-65535) — No assignment. The OS uses these for outbound client connections when an application doesn't care which port it gets.

Most of the Internet runs on well-known ports. But the enterprise infrastructure—the systems that manage millions of users, secure critical operations, and handle identity at scale—often runs on registered ports that almost nobody knows about.

Port 10117 is one of those quiet channels. It does important work. It's just not the work you see.

Related Ports

NetIQ services often use multiple ports for different components:

• Port 8180 — Common for NetIQ web consoles
• Ports 636, 389 — LDAP and LDAPS (directory services that NetIQ integrates with)
• Port 3306 — MySQL (common database backend for NetIQ)

These work in concert. Port 10117 is one spoke in a larger identity management wheel.