Article ID: 917936
Article Last Modified on 12/4/2007
APPLIES TO
- Microsoft Internet Security and Acceleration Server 2004 Enterprise Edition
- Microsoft Internet Security and Acceleration Server 2004 Standard Edition
- Microsoft Internet Security and Acceleration Server 2006 Enterprise Edition
- Microsoft Internet Security and Acceleration Server 2006 Standard Edition
SYMPTOMS
Consider the following scenario:
- You are using a Microsoft Office Outlook client that connects to a Microsoft Exchange server through Microsoft Internet Security and Acceleration (ISA) Server 2004 or Microsoft Internet Security and Acceleration (ISA) Server 2006.
- You are using Exchange remote procedure call (RPC) publishing to publish the Exchange server.
In this scenario, if the Outlook client connection to the Exchange server is lost because of network problems, the Outlook client may be unable to reconnect for 24 hours.
Note The Outlook client may be able to connect to the Exchange server if you restart the ISA Server Firewall service.
CAUSE
This issue occurs if the Outlook client has used up the default maximum limit of 32 MAPI connections to the Exchange server and if the Exchange server does not clean up idle sockets.
In an Exchange RPC publishing scenario, the Exchange server does not clean up idle sockets because the sockets connect to ISA Server instead of to Outlook. ISA Server acts in compliance with Request for Connections (RFC) 1631, "The IP Network Address Translator (NAT)." This RFC requires that NAT connections be maintained for 24 hours and does not clean up idle sockets for 24 hours.
Note RFC 1631 has been replaced by RFC 3022, "Traditional IP Network Address Translator (Traditional NAT)."
RESOLUTION
To resolve this issue, install the hotfix that is described in Microsoft Knowledge Base article 919012.
For more information, click the following article number to view the article in the Microsoft Knowledge Base:
919012 Description of the ISA Server 2004 hotfix package: May 10, 2006
After you apply hotfix 919012
After you apply the hotfix, run one of the Microsoft Visual Basic scripts that are described in this section to enable the KeepAlive option. ISA Server uses the KeepAlive option on the sockets that ISA Server uses to connect to the Exchange server and to the Outlook client. The script that you select depends on the rule that you use to access the Exchange server.
For the Exchange RPC server publishing rule
Microsoft provides programming examples for illustration only, without warranty either expressed or implied. This includes, but is not limited to, the implied warranties of merchantability or fitness for a particular purpose. This article assumes that you are familiar with the programming language that is being demonstrated and with the tools that are used to create and to debug procedures. Microsoft support engineers can help explain the functionality of a particular procedure. However, they will not modify these examples to provide added functionality or construct procedures to meet your specific requirements.
- Click Start, point to Programs, point to Accessories, and then click Notepad.
Copy and then paste the following code into a new Notepad file.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' ' Copyright (c) Microsoft Corporation. All rights reserved. ' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE ' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE ' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS ' HEREBY PERMITTED. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' This script adds a KeepAlive value to a given protocol definition. ' The value is in seconds. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' Sub AddKA2Protocol() ' Create the root object. Dim root ' The FPCLib.FPC root object Set root = CreateObject("FPC.Root") 'Declare the other objects needed. Dim array ' An FPCArray object Dim RuleElements ' an FPCRuleElements objects. Dim ProtocolDefinitions ' an FPCProtocolDefinitions collection. Dim ProtocolDefinition ' an FPCProtocolDefinition object. Dim VendorSets ' An FPCVendorParametersSets collection Dim VendorSet ' An FPCVendorParametersSet object ' Get references to the array object ' and the protocols collection. Set array = root.GetContainingArray On Error Resume Next Set RuleElements = array.RuleElements CheckError Set ProtocolDefinitions = RuleElements.ProtocolDefinitions CheckError Wscript.Echo "Number of protocols- " & ProtocolDefinitions.Count Set ProtocolDefinition = ProtocolDefinitions.Item("Exchange RPC Server") Set VendorSets = ProtocolDefinition.VendorParametersSets Set VendorSet = VendorSets.Item( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" ) If Err.Number <> 0 Then Err.Clear ' Add the item Set VendorSet = VendorSets.Add( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" ) CheckError WScript.Echo "New VendorSet added... " & VendorSet.Name Else WScript.Echo "Existing VendorSet found..." End If VendorSet.Value("KeepAliveTimeout") = 5400 ' value in seconds. VendorSets.Save false, true WScript.Echo "Done..." End Sub Sub CheckError() If Err.Number <> 0 Then WScript.Echo "An error occurred: 0x" & Hex(Err.Number) & " " & Err.Description Err.Clear End If End Sub AddKA2Protocol- Use a .vbs extension to save the file. For example, save the file as ExchangeKeepAliveTimeout.vbs.
- Double-click the .vbs file to run the script.
For the RPC (all interfaces) Access rule
- Click Start, point to Programs, point to Accessories, and then click Notepad.
Copy and then paste the following code into a new Notepad file.
'''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' ' Copyright (c) Microsoft Corporation. All rights reserved. ' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE ' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE ' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS ' HEREBY PERMITTED. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' ' This script adds a KeepAlive value to a given protocol definition. ' The value is in seconds. '''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''' Sub AddKA2Protocol() ' Create the root object. Dim root ' The FPCLib.FPC root object Set root = CreateObject("FPC.Root") 'Declare the other objects needed. Dim array ' An FPCArray object Dim RuleElements ' an FPCRuleElements objects. Dim ProtocolDefinitions ' an FPCProtocolDefinitions collection. Dim ProtocolDefinition ' an FPCProtocolDefinition object. Dim VendorSets ' An FPCVendorParametersSets collection Dim VendorSet ' An FPCVendorParametersSet object ' Get references to the array object ' and the protocols collection. Set array = root.GetContainingArray On Error Resume Next Set RuleElements = array.RuleElements CheckError Set ProtocolDefinitions = RuleElements.ProtocolDefinitions CheckError Wscript.Echo "Number of protocols- " & ProtocolDefinitions.Count Set ProtocolDefinition = ProtocolDefinitions.Item("RPC (all interfaces)") Set VendorSets = ProtocolDefinition.VendorParametersSets Set VendorSet = VendorSets.Item( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" ) If Err.Number <> 0 Then Err.Clear ' Add the item Set VendorSet = VendorSets.Add( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" ) CheckError WScript.Echo "New VendorSet added... " & VendorSet.Name Else WScript.Echo "Existing VendorSet found..." End If VendorSet.Value("KeepAliveTimeout") = 5400 ' value in seconds. VendorSets.Save false, true WScript.Echo "Done..." End Sub Sub CheckError() If Err.Number <> 0 Then WScript.Echo "An error occurred: 0x" & Hex(Err.Number) & " " & Err.Description Err.Clear End If End Sub AddKA2Protocol- Use a .vbs extension to save the file. For example, save the file as RPCKeepAliveTimeout.vbs.
- Double-click the .vbs file to run the script.
Notes
- The time-out value in the script is equal to the KeepAliveTimeout registry value. The time-out value in the script is in seconds.
- The interval between KeepAlive retransmissions is equal to the KeepAliveInterval registry value. The interval value is computed internally as the time-out value divided by 5 (time-out value / 5).
- If the default value of the TcpMaxDataRetransmissions registry entry is not changed, the connection drops after a period that is equal to the time-out value times two seconds (time-out value * 2).
If you want to remove hotfix 919012
Before you remove hotfix 919012, you must run one the following Visual Basic scripts to disable the KeepAlive option.
For the Exchange RPC server publishing rule
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'
' Copyright (c) Microsoft Corporation. All rights reserved.
' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE
' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS
' HEREBY PERMITTED.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' This script Remove a KeepAlive value from a given protocol definition.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Sub RemoveKAFromProtocol()
' Create the root object.
Dim root ' The FPCLib.FPC root object
Set root = CreateObject("FPC.Root")
'Declare the other objects needed.
Dim array ' An FPCArray object
Dim RuleElements ' an FPCRuleElements objects.
Dim ProtocolDefinitions ' an FPCProtocolDefinitions collection.
Dim ProtocolDefinition ' an FPCProtocolDefinition object.
Dim VendorSets ' An FPCVendorParametersSets collection
Dim VendorSet ' An FPCVendorParametersSet object
' Get references to the array object
' and the protocols collection.
Set array = root.GetContainingArray
On Error Resume Next
Set RuleElements = array.RuleElements
CheckError
Set ProtocolDefinitions = RuleElements.ProtocolDefinitions
CheckError
Wscript.Echo "Number of protocols- " & ProtocolDefinitions.Count
Set ProtocolDefinition = ProtocolDefinitions.Item("Exchange RPC Server")
Set VendorSets = ProtocolDefinition.VendorParametersSets
Set VendorSet = VendorSets.Item( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" )
If Err.Number <> 0 Then
CheckError
WScript.Echo "VendorSet does not exit."
Else
WScript.Echo "Existing VendorSet found..."
VendorSets.Remove( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" )
If Err.Number <> 0 Then
CheckError
WScript.Echo "Cannot remove VendorSet"
Else
WScript.Echo "VendorSet removed..."
End If
End If
VendorSets.Save false, true
WScript.Echo "Done..."
End Sub
Sub CheckError()
If Err.Number <> 0 Then
WScript.Echo "An error occurred: 0x" & Hex(Err.Number) & " " & Err.Description
Err.Clear
End If
End Sub
RemoveKAFromProtocol
For the RPC (all interfaces) Access rule
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
'
' Copyright (c) Microsoft Corporation. All rights reserved.
' THIS CODE IS MADE AVAILABLE AS IS, WITHOUT WARRANTY OF ANY KIND. THE ENTIRE
' RISK OF THE USE OR THE RESULTS FROM THE USE OF THIS CODE REMAINS WITH THE
' USER. USE AND REDISTRIBUTION OF THIS CODE, WITH OR WITHOUT MODIFICATION, IS
' HEREBY PERMITTED.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
' This script Remove a KeepAlive value from a given protocol definition.
''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
Sub RemoveKAFromProtocol()
' Create the root object.
Dim root ' The FPCLib.FPC root object
Set root = CreateObject("FPC.Root")
'Declare the other objects needed.
Dim array ' An FPCArray object
Dim RuleElements ' an FPCRuleElements objects.
Dim ProtocolDefinitions ' an FPCProtocolDefinitions collection.
Dim ProtocolDefinition ' an FPCProtocolDefinition object.
Dim VendorSets ' An FPCVendorParametersSets collection
Dim VendorSet ' An FPCVendorParametersSet object
' Get references to the array object
' and the protocols collection.
Set array = root.GetContainingArray
On Error Resume Next
Set RuleElements = array.RuleElements
CheckError
Set ProtocolDefinitions = RuleElements.ProtocolDefinitions
CheckError
Wscript.Echo "Number of protocols- " & ProtocolDefinitions.Count
Set ProtocolDefinition = ProtocolDefinitions.Item("RPC (all interfaces)")
Set VendorSets = ProtocolDefinition.VendorParametersSets
Set VendorSet = VendorSets.Item( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" )
If Err.Number <> 0 Then
CheckError
WScript.Echo "VendorSet does not exit."
Else
WScript.Echo "Existing VendorSet found..."
VendorSets.Remove( "{80ad2d9c-725e-4fcd-a1d4-32c8042c774f}" )
If Err.Number <> 0 Then
CheckError
WScript.Echo "Cannot remove VendorSet"
Else
WScript.Echo "VendorSet removed..."
End If
End If
VendorSets.Save false, true
WScript.Echo "Done..."
End Sub
Sub CheckError()
If Err.Number <> 0 Then
WScript.Echo "An error occurred: 0x" & Hex(Err.Number) & " " & Err.Description
Err.Clear
End If
End Sub
RemoveKAFromProtocol
STATUS
Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
MORE INFORMATION
For more information about RFC 1631 and about RFC 3022, visit the following Internet Society Web site:
Keywords: kbqfe kbprb KB917936
