IP-based AUTD failed to initialize because the processing of notifications could not be setup. Error code [0x]. Verify that no other applications are currently bound to UDP port [], or try specifying a different port number.

Details
Product: Exchange
Event ID: 3015
Source: Server ActiveSync
Version: 6.5.7638.0
Component: Microsoft Exchange ActiveSync
Message: IP-based AUTD failed to initialize because the processing of notifications could not be setup. Error code [0x<number>]. Verify that no other applications are currently bound to UDP port [<number>], or try specifying a different port number.
   
Explanation

This event indicates that more than one application is attempting to use the User Datagram Protocol (UDP) listen port.

   
User Action

To resolve this error, do one or more of the following:

Important  This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore the registry if a problem occurs. For information about how to restore the registry, view the “Restore the Registry” Help topic in Regedit.exe or Regedt32.exe.

  • Verify that no other applications are currently bound to the UDP listen port on the computer. If any other applications are using the UDP listen port, specify a different UDP port. For information about how you can determine the applications using the UDP listen port specified in the event description, see Microsoft Knowledge Base article 323352 “How To Determine Which Program Uses or Blocks Specific Transmission Control Protocol Ports in Windows Server 2003” (http://go.microsoft.com/fwlink/?linkid=3052&kbid=323352).
  • Edit the registry and specify a different UDP port number to resolve this error:
  1. On the computer running Exchange Server, start Regedit.exe.
  2. Open the following registry key:

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MasSync\Parameters

    The registry value name for the UDP listen port is UdpListenPort.

  3. Do one of the following:

    • To return to the default configuration of port 2883, delete the parameter UdpListenPort.
    • To specify a different value for the UDP listen port, right-click UdpListenPort, and then click Modify. In Edit DWORD Value, in Value data, type a value between 1 and 65535.
  4. Close Registry Editor.
  5. Restart Internet Information Services (IIS).

Before you edit the registry, and for information about how to edit the registry, see Microsoft Knowledge Base article 256986, “Description of the Microsoft Windows Registry” (http://go.microsoft.com/fwlink/?linkid=3052&kbid=256986).

Related:

H.323 filter: invalid port (%1) configured for listening. Future H.323 incoming calls will be refused.

Details
Product: Internet Security and Acceleration Server
Event ID: 20005
Source: ISA Server H.323 Filter
Version: 4.0.3443.594
Component: ISA Server Services
Message: H.323 filter: invalid port (%1) configured for listening. Future H.323 incoming calls will be refused.
   
Explanation
The port configured for the H.323 filter is either invalid or cannot be used.
   
User Action
Check that the port is in the valid port range and that it is not in use by any other application. For details about configuring the H.323 filter, see topic “To configure H.232 filter” in ISA Server help.

Related:

The Microsoft Exchange Data Conferencing service could not bind to port 1503. This may be the result of some other T.120 program using the port. The T.120 protocol will not function properly until the port can be bound.

Details
Product: Exchange
Event ID: 8207
Source: MSExchangeT120
Version: 6.0
Component: Conferencing Service
Symbolic Name: MSG_STARTUP_BIND
Message: The Microsoft Exchange Data Conferencing service could not bind to port 1503. This may be the result of some other T.120 program using the port. The T.120 protocol will not function properly until the port can be bound.
   
User Action
Wait until the port is free or restart the server.

Related:

The service could not bind instance . The data is the error code.

Details
Product: Exchange
Event ID: 115
Source: POP3SVC
Version: 6.5.6940.0
Component: Microsoft Exchange POP3 Service
Message: The service could not bind instance <instance>. The data is the error code.
   
Explanation

This event indicates that the SMTP Service could not bind to the configured IP Address and port number combination. The IP Address and Port Number combination might not be unique.

   
User Action

Provide a unique IP address for each virtual server. To do this, either add multiple network interface cards, each with a unique IP address, or add multiple IP addresses to a single network interface card.

Related:

The service could not bind instance %1. The data is the error code.For additional information specific to this message please visit the Microsoft Online Support site located at: http://www.microsoft.com/contentredirect.asp.

Details
Product: Exchange
Event ID: 115
Source: IMAP4SVC
Version: 6.5.0000.0
Message: The service could not bind instance %1. The data is the error code.For additional information specific to this message please visit the Microsoft Online Support site located at: http://www.microsoft.com/contentredirect.asp.
   
Explanation
This error may be seen in the application log after you configure and attempt to start additional virtual servers for the Simple Mail Transfer Protocol (SMTP), Post Office Protocol version 3 (POP3), or Internet Message Access Protocol Version 4 rev1 (IMAP4) services in Exchange 2000 Server. Also, the virtual servers that you added do not start.

This issue can occur because TCP/IP, which includes the SMTP, POP3, and IMAP4 protocols, requires a unique socket for each instance. A TCP/IP socket is composed of an Internet Protocol (IP) address and Transmission Control Protocol (TCP) port pair. To generate a unique socket, either the TCP port or the IP

address of each instance must be unique to the given virtual server.

   
User Action
Provide a unique IP address for each additional virtual server.

Related:

TCP/IP has reached the security limit imposed on the number of concurrent (incomplete) TCP connect attempts.

Details
Product: Windows Operating System
Event ID: 4226
Source: Tcpip
Version: 5.2
Symbolic Name: EVENT_TCPIP_TCP_CONNECT_LIMIT_REACHED
Message: TCP/IP has reached the security limit imposed on the number of concurrent (incomplete) TCP connect attempts.
   
Explanation

The TCP/IP stack in Windows XP with Service Pack 2 (SP2) installed limits the number of concurrent, incomplete outbound TCP connection attempts. When the limit is reached, subsequent connection attempts are put in a queue and resolved at a fixed rate so that there are only a limited number of connections in the incomplete state. During normal operation, when programs are connecting to available hosts at valid IP addresses, no limit is imposed on the number of connections in the incomplete state. When the number of incomplete connections exceeds the limit, for example, as a result of programs connecting to IP addresses that are not valid, connection-rate limitations are invoked, and this event is logged.

Establishing connection–rate limitations helps to limit the speed at which malicious programs, such as viruses and worms, spread to uninfected computers. Malicious programs often attempt to reach uninfected computers by opening simultaneous connections to random IP addresses. Most of these random addresses result in failed connections, so a burst of such activity on a computer is a signal that it may have been infected by a malicious program.

Connection-rate limitations may cause certain security tools, such as port scanners, to run more slowly.

   
User Action

This event is a warning that a malicious program or a virus might be running on the system. To troubleshoot the issue, find the program that is responsible for the failing connection attempts and, if the program might be malicious, close the program as follows.

To close the program

  1. At the command prompt, type Netstat –no
  2. Find the process with a large number of open connections that are not yet established.These connections are indicated by the TCP state SYN_SENT in the State column of the Active Connections information.
  3. Note the process identification number (PID) of the process in the PID column.
  4. Press CTRL+ALT+DELETE and then click Task Manager.
  5. On the Processes tab, select the processes with the matching PID, and then click End Process.If you need to select the option to view the PID for processes, on the View menu, click Select Columns, select the PID (Process Identifier) check box, and then click OK.

Related:

This address is already in use. Binding: %1

Details
Product: Exchange
Event ID: 1001
Source: MSExchangeTransport
Version: 8.0
Symbolic Name: AddressInUse
Message: This address is already in use. Binding: %1
   
Explanation

This Error event indicates that the specified combination of IP address and port number is being used by another process on the server.

Each Receive connector on a Microsoft Exchange Server 2007 Hub Transport server or Edge Transport server must use a unique combination of IP addresses and port numbers to listen for inbound connections from remote SMTP messaging servers.

If other SMTP messaging services are running on this server, they may be using an IP address and port number combination that conflicts with an existing Receive connector. For example, the default Receive connector on an Edge Transport server is configured to use 0.0.0.0:25. The default Receive connectors on a Hub Transport server are configured to use 0.0.0.0:25 and 0.0.0.0:587.

   
User Action

To resolve this error do one or more of the following:

  • Remove or relocate any other SMTP messaging services that are running on this server.

  • Configure any other SMTP messaging services that must run on this Hub Transport server or Edge Transport server to use an IP address and port number combination that doesn’t conflict with any Receive connectors that are configured on the server.

  • Configure the Receive connectors on this Hub Transport server or Edge Transport server to use an IP address and port number combination that doesn’t conflict with any other SMTP messaging services that must run on this server.

For more information, see Receive Connectors.

If you are not already doing so, consider running the tools that Microsoft Exchange offers to help administrators analyze and troubleshoot their Exchange environment. These tools can help you make sure that your configuration is in line with Microsoft best practices. They can also help you identify and resolve performance issues, improve mail flow, and better manage disaster recovery scenarios. Go to the Toolbox node of the Exchange Management Console to run these tools now. For more information about these tools, see Toolbox in the Exchange Server 2007 Help.

Related:

NLB Cluster %2 %1: Host %3 does not have the same number or type of port rules as this host. Please check the NLB configuration on all hosts that belong to the cluster and make sure that they all contain the same number and type of port rules. %4

Details
Product: Windows Operating System
Event ID: 21
Source: WLBS
Version: 5.2
Symbolic Name: MSG_ERROR_RULES_MISMATCH
Message: NLB Cluster %2 %1: Host %3 does not have the same number or type of port rules as this host. Please check the NLB configuration on all hosts that belong to the cluster and make sure that they all contain the same number and type of port rules. %4
   
Explanation

This event is logged when another host in the cluster either contains a different number of port rules from the local host, or its configured port rules conflict with the port rules of the local host. The cluster will not converge until the problem is corrected.

   
User Action

Using Network Load Balancing (NLB) Manager, edit the port rules as appropriate on each host so that the port rules are consistent on all hosts in the cluster. For more information about editing port rules in NLB, see Help and Support.

Related:

Which Ports need to be accessible on a Domain Controller for Clients to logon?

We are currently segmenting our network. We will move the servers in another subnet than the clients. Of course the clients still need access to the domain controller to authenticate against it.

I found various articles about the ports that need to be accessible between the domain controllers to allow replication but none about the ports that are important for the clients. I’m pretty sure the client won’t directly access the LDAP database for example and I want to reduce the attack surface as much as possible.

So which ports are needed for a client to be able to work with a domain controller?

Related: