Microsoft KB Archive/315182

= LDAP server locally not available on domain controller because of Winsock program =

Article ID: 315182

Article Last Modified on 2/22/2007

-

APPLIES TO


 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-



This article was previously published under Q315182



Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SYMPTOMS
The LDAP server component of a Windows 2000 domain controller may not respond to local requests. It may be still possible to have successful inbound Active Directory replication from a different domain controller. You may receive the following error message on the affected computer:

Active Directory MMC snap-in like AD Users and Computers cannot be opened.

You may receive the following Active Directory error message:

Naming information cannot be located because: The server is not operational.

If you run the repadmin /showreps command, it may return the following error information:

&quot;LDAP error 81 (Server Down)&quot; (LDAP_SERVER_DOWN)

If you use the Dcdiag.exe tool, it may return the following error information:

&quot;LDAP bind failed with error 58&quot; (ERROR_BAD_NET_RESP)

The NTDS event log may include the following entries:

Event Type: Error

Event Source: NTDS Inter-site Messaging

Event Category: Internal Processing

Event ID: 1168

Description:

Error 52(34) has occurred (Internal ID 11000255).

(Error 52 means LDAP_UNAVAILABLE)

Event Type: Error

Event Source: NTDS Inter-site Messaging

Event Category: Internal Processing

Event ID: 1168

Description:

Error 997(3e5) has occurred (Internal ID 11000256).

(Error 997 means ERROR_IO_PENDING)

Event Type: Warning

Event Source: NTDS Inter-site Messaging

Event Category: Inter-Site Messaging

Event ID: 1473

Description:

The Intersite Messaging Service failed to read the configuration of the Intersite Transports out of the Directory. The error message is as follows:

The specified network resource or device is no longer available.

The record data contains the status code 0x37 = ERROR_DEV_NOT_EXIST

The LDAP interface ID 1216 may be logged if extended NTDS logging is configured, and the log level is set to 5 (maximum) under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Diagnostics for the following:
 * Initialization/Termination
 * Service Control
 * Field Engineering
 * LDAP Interface Events
 * Inter-site Messaging
 * Internal Configuration
 * Directory Access
 * Internal Processing

Event Type: Warning

Event Source: NTDS LDAP

Event Category: LDAP Interface

Event ID: 1216

Description:

The LDAP server closed a socket to a client because of an error condition, 87. (Internal ID c060643::1).

For additional information about how to configure extended NTDS logging, click the following article number to view the article in the Microsoft Knowledge Base:

314980 HOW TO: Configure Active Directory diagnostic event logging in Windows Server

The internal ID can be used for source code analysis with Dsid.exe and ends up with an AtqReadSocket socket call. Its return value 87 means ERROR_INVALID_PARAMETER. The underlying socket interface does not respond correctly.

The symptoms are similar to the symptoms that are described in the following Microsoft Knowledge Base article, but the error occurs even though Windows 2000 Service Pack 2 is already installed:

266657 Windows 2000 Directory Service Agent fails to maintain exclusive control of port 389

This problem cannot be solved by only demoting and re-promoting the domain controller.



CAUSE
This problem can occur after a windows sockets program installs the &quot;Windows Socket 2.0 Non-IFS Service Provider Support Environment&quot; component and prevents the local LDAP server from starting. Sysinfo.exe Drivers output reveals that the System32\Drivers\Ws2ifsl.sys file is running on the computer.



RESOLUTION
Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

If you know which program is causing this problem, and you are able to uninstall it from the domain controller, do so. If you do not know which program is causing this problem, or you are unable to uninstall it from the domain controller, you may need to use the following procedure if you cannot find another solution:  Demote the domain controller. Remove Windows Socket 2.0 Non-IFS Service Provider Support Environment. Rename the c:\Winnt\System32\Drivers\Ws2ifsl.sys file. Uninstall TCP/IP. Delete the following registry keys:

'''HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Winsock2'''

 Reinstall TCP/IP, and the re-promote the computer to a domain controller.</li></ol>

<div class="status_section">

STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section.

Keywords: kbenv kberrmsg kbnetwork kbprb KB315182

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.