Microsoft KB Archive/836429

= &quot;The server is not operational&quot; message in the Migration.log file when you use the Active Directory Migration Tool version 2 in Windows Server 2003 or in Windows 2000 Server =

Article ID: 836429

Article Last Modified on 10/30/2006

-

APPLIES TO


 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Advanced Server

-





Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



SYMPTOMS
When you use the Active Directory Migration Tool (ADMT) version 2 to migrate users or groups, you may receive an error in the Migration.log file that is similar to the following:

ERR2:7298 Failed to find LDAP ://domain.com/CN=user1,OU=User,OU=Accounts,DC=domain,DC=com in domain.com, hr=8007203a The server is not operational.



CAUSE
This issue occurs when ADMT performs a Lightweight Directory Access Protocol (LDAP) bind for every object that is to be migrated, and an ephemeral remote procedure call (RPC) port is allocated for each of these connections. Microsoft Windows Server 2003 and Microsoft Windows 2000 Server hold each port for four minutes and then release each port for another network connection. By default, Windows Server 2003 and Windows 2000 Server enumerate 5000 ports. The first port that is available for use by programs is 1024, for a maximum of 3977 active connections. In certain high-powered hardware configurations, the migration task is processed so fast that the rate of network requests exceeds the rate that the opened ports are made available again. If all ephemeral ports are consumed, ADMT may return the error that is listed in the &quot;Symptoms&quot; section.



RESOLUTION
To resolve this issue, increase the default number of ports that are available for program traffic. The number of additional ports must be sufficient to handle the number of simultaneous network requests that are being made by all programs. The number of allocated ports is governed by a TCP/IP registry entry,. By default, this entry does not exist. To create this entry, follow these steps.

Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry


 * 1) Click Start, click Run, type regedit in the Open box, and then click OK.
 * 2) Locate and then click the following subkey:

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
 * 1) On the Edit menu, point to New, click DWORD Value, and then type MaxUserPort.
 * 2) Double-click MaxUserPort, and then set a decimal value to a number greater than 5000.

Note This value controls the maximum dynamic port number. The valid range for this value is 5000-65534. By default, the number of available ports is 3977 because the first available port is 1024.
 * 1) Quit Registry Editor.



STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the &quot;Applies to&quot; section of this article.

Keywords: kbwinservds kbactivedirectory kbfix kbprb kberrmsg KB836429

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.