Windows 2000 Directory Service Agent Fails to Maintain Exclusive Control of Port 389 (266657)


The information in this article applies to:

  • Microsoft Windows 2000 Server
  • Microsoft Windows 2000 Advanced Server
This article was previously published under Q266657

SYMPTOMS

If you install an application on a Domain Controller (DC) that binds to port 389 with a listener, multiple failures are seen on the DCs. These include failures running dcpromo, startup failures with Inter-Site Messaging service, as well as NTFRS preventing a machine from becoming a DC.

This can usually be detected by using Ldp.exe from the Support Tools to confirm that you are succeeding in connecting to the Active Directory on each DC.

CAUSE

This problem occurs because the NT Directory Service Agent (NTDSA) fails to maintain exclusive control of port 389. Therefore, any other application that attempts to setup a listener on port 389 succeeds and gains control of the port from the NTDSA.

RESOLUTION

To resolve this problem, obtain the latest service pack for Windows 2000. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

260910 How to Obtain the Latest Windows 2000 Service Pack

The English version of this fix should have the following file attributes or later: 
   Date       Time    Version        Size     File name
   ------------------------------------------------------
   8/2/2000  3:48pm  5.0.2195.2103  32,016    Ntdsatq.dll

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed at the beginning of this article. This problem was first corrected in Windows 2000 Service Pack 2.

MORE INFORMATION

If installed after promotion on the only DC in the domain, the Intersite Messaging Service will fail to run after a restart. The NTDS Event Log will have the following errors and warnings logged

Event 1168 Error 997(3e5) has occurred (Internal ID 11000252).
Event 1168 Error 0(0) has occurred (Internal ID 11000251).
Event 1168 Error 53(35) has occurred (Internal ID 11000250).

and one Warning 1473 Event showing the following:

The Intersite Messaging Service failed to read the configuration of the Intersite Transports out of the Directory. The error message is as follows: Cannot complete this function.

The service has stopped. It will be necessary to correct the problem and restart the service in order for intersite communication to occur. The KCC will be unable to calculate intersite topology without this service.

There may be a problem retrieving data from the LDAP server. Please verify that LDAP queries are succeeding on this machine. You may also wish to try restarting the Intersite Messaging Service manually.

The record data is the status code.
Data:
0000: eb 03 00 00

If dcpromo attempts to source from a machine with a third party LDAP server on it, it will fail with the following error:

The domain "<domain name>" is not an Active Directory domain, or an Active Directory Domain Controller for the domain could not be contacted.

If dcpromo runs on a DC with an LDAP server on it, it will complete the dcpromo with no errors. The Intersite Messaging Service will fail upon restarting. The NTDS Event Log will have the following errors and warnings

Event 1168 Error 997(3e5) has occurred (Internal ID 11000252).
Event 1168 Error 0(0) has occurred (Internal ID 11000251).
Event 1168 Error 7(7) has occurred (Internal ID 11000250).

and one Warning 1473 Event showing the following:

The Intersite Messaging Service failed to read the configuration of the Intersite Transports out of the Directory. The error message is as follows: Access is denied.

The service has stopped. It will be necessary to correct the problem and restart the service in order for intersite communication to occur. The KCC will be unable to calculate intersite topology without this service.

There may be a problem retrieving data from the LDAP server. Please verify that LDAP queries are succeeding on this machine. You may also wish to try restarting the Intersite Messaging Service manually.

The record data is the status code.
Data:
0000: 05 00 00 00

The FRS Event Log will log a warning with Event ID 13514, stating that NTFRS is preventing the DC from becoming a Domain Controller. Forcing replication using Active Directory Sites and Services will appear to succeed.
Modification Type:MinorLast Reviewed:1/20/2006
Keywords:kbHotfixServer kbQFE kbActiveDirectoryRepl kbbug kbDCPromo KB266657
©2004 Microsoft Corporation. All rights reserved.