Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

"The server is not operational" message in the Migration.log file when you use the Active Directory Migration Tool version 2 in Windows Server 2003 or in Windows 2000 Server


View products that this article applies to.

Symptoms

When you use the Active Directory Migration Tool (ADMT) version 2 to migrate users or groups, you may receive an error in the Migration.log file that is similar to the following:
ERR2:7298 Failed to find LDAP ://domain.com/CN=user1,OU=User,OU=Accounts,DC=domain,DC=com in domain.com, hr=8007203a The server is not operational.

↑ Back to the top


Cause

This issue occurs when ADMT performs a Lightweight Directory Access Protocol (LDAP) bind for every object that is to be migrated, and an ephemeral remote procedure call (RPC) port is allocated for each of these connections. Microsoft Windows Server 2003 and Microsoft Windows 2000 Server hold each port for four minutes and then release each port for another network connection. By default, Windows Server 2003 and Windows 2000 Server enumerate 5000 ports. The first port that is available for use by programs is 1024, for a maximum of 3977 active connections. In certain high-powered hardware configurations, the migration task is processed so fast that the rate of network requests exceeds the rate that the opened ports are made available again. If all ephemeral ports are consumed, ADMT may return the error that is listed in the "Symptoms" section.

↑ Back to the top


Resolution

To resolve this issue, increase the default number of ports that are available for program traffic. The number of additional ports must be sufficient to handle the number of simultaneous network requests that are being made by all programs. The number of allocated ports is governed by a TCP/IP registry entry,
MaxUserPort
. By default, this entry does not exist. To create this entry, follow these steps.

Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:
256986 Description of the Microsoft Windows Registry
  1. Click Start, click Run, type regedit in the Open box, and then click OK.
  2. Locate and then click the following subkey:

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters
  3. On the Edit menu, point to New, click DWORD Value, and then type MaxUserPort.
  4. Double-click MaxUserPort, and then set a decimal value to a number greater than 5000.

    Note This value controls the maximum dynamic port number. The valid range for this value is 5000-65534. By default, the number of available ports is 3977 because the first available port is 1024.
  5. Quit Registry Editor.

↑ Back to the top


Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section of this article.

↑ Back to the top


Keywords: KB836429, kberrmsg, kbprb, kbfix, kbactivedirectory, kbwinservds

↑ Back to the top

Article Info
Article ID : 836429
Revision : 4
Created on : 10/30/2006
Published on : 10/30/2006
Exists online : False
Views : 354