XADM: Intrasite Directory Replication Fails Error 1720

This article was previously published under Q180795
This article has been archived. It is offered "as is" and will no longer be updated.
Symptoms
One or more servers within the site fail to notify other site servers ofreplica updates, and other site servers fail in their attempt tocommunicate with the affected server or servers.

The problem servers log the following Directory event in the ApplicationEvent Log during startup:
   1166   Error 1720 has occurred (Internal ID 3230203). Contact Microsoft   Technical Support for assistance.				

Additionally, other site servers may log the following Directory eventswhen attempting to communicate with the problem servers:
   1083   Replication warning: The directory replication agent (DRA) couldn't   synchronize naming context /o=<some-naming-context> with naming context   on directory <some-servername-or-DSA-Signature>   1059   Internal error: The directory replication agent (DRA) call returned   error 13.				
Cause
During directory service startup, the RPC endpoint mapper failed in itsattempt to register an endpoint on behalf of the directory service for aspecific protocol. This can occur for the ncacn_ip_tcp protocol when thefollowing conditions are true:

  • The directory service has had a registry setting applied to force the use of a specific TCP port for directory service communication.
  • That port has already been assigned to some other process by Winsock or RPC by the time the directory service starts.
Resolution
If the network environment requires that the Exchange Services have fixedports assigned to them, carefully plan port assignments to ensure that theports are not already in use. See MORE INFORMATION, below. Also see thefollowing Microsoft Knowledge Base article:
176466XGEN: TCP Ports and Microsoft Exchange: In-depth Discussion
More information
The Exchange Services' default behavior is to allow the RPC endpoint mapperto dynamically assign a TCP port from the pool of ephemeral (short-lived)ports during service initialization. On Windows NT, by default, this poolbegins with port 1024. The result is that the port assigned to a servicecan be different every time the service starts.

Clients attempting to contact a service first query the RPC endpoint mapper(at port 135) to determine at what port the Exchange Service can becontacted (see 176466).

Some network environments (typically involving firewalls) require that theports used by services remain within a fixed range, or in the extreme, alsothat they remain consistent every time the service executes.

Port Assignment Options and Strategy

NOTE: The UDP protocol also has pools of port numbers. These are separatefrom the TCP pools.

There are two pools of TCP port numbers to draw from for forcing anExchange Service to use a particular TCP port: the Well-known Ports pool (0- 1023); and the Ephemeral pool (1024 and above). Either is satisfactory,and a firewall's configuration may dictate which pool to use. When usingeither pool, adhere to the following:

  • Assign ports not already in use in the environment.
  • Document those choices (the \winnt\system32\drivers\etc\services file is a logical place for such documentation).

Well-known (TCP) Ports (0 - 1023)

By convention and for interoperability of standard network services, thispool of addresses was set aside per RFC 1060, and many of these ports arereserved for use by specific services, such as echo, ftp, smtp, ldap, pop3,finger, nntp, snmp, and so on. There are 1024 ports in this pool (not allof them assigned yet), and typically only a small fraction of theseservices is actually implemented within a particular computing environment.It is acceptable to use ports that are not currently (nor ever will be)hosting the service that the port was originally reserved for, or usingunassigned ports.

Ephemeral (TCP) Ports

DO NOT pick the first ports within this range (1024 [ASCII 150] 65535). Winsock andRPC assign these ports starting at the lowest in the range. By the time theExchange Services starts up, some of the first ports may have been alreadyassigned (hence the SYMPTOMS above). Unfortunately there is nocomprehensive diagnostic that can report which ports have been assigned byeither Winsock or RPC. Running "NETSTAT -a" lists all connections andlistening ports, but this may not reveal all assigned ports.Experimentation may be required. If in doubt, consider assigning from theWell-known ports pool, or selecting port numbers above 1023 (for instance,the 1200 range).

Other Core Exchange Services

Neither the Exchange System Attendant nor the Exchange Information Storeservice logs an event if an RPC endpoint creation fails during serviceinitialization. The operating behavior and performance of these serviceswithout the ncacn_ip_tcp protocol enabled is unpredictable and could varywidely from environment to environment. The MTA logs:
   9321 - Interface   An RPC communications error occurred. An attempt to listen over RPC has   failed. NT Error: 1720. [ncacn_ip_tcp BASE IL MAIN BASE 1 504] (14)				
Properties

Article ID: 180795 - Last Review: 10/26/2013 04:10:00 - Revision: 4.0

  • Microsoft Exchange Server 4.0 Standard Edition
  • Microsoft Exchange Server 5.0 Standard Edition
  • Microsoft Exchange Server 5.5 Standard Edition
  • kbnosurvey kbarchive kbprb kbusage KB180795
Feedback