Export (0) Print
Expand All
Expand Minimize

DSAccess DisableNetLogonCheck registry parameter is non-default

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at http://go.microsoft.com/fwlink/?linkid=34707.]  

Topic Last Modified: 2005-11-18

The Microsoft® Exchange Server Analyzer Tool reads the following registry entry to determine whether Directory Service Access (DSAccess) has been configured to use a non-default ping protocol:

HKEY_LOCAL_MACHINE\SYSTEM \CurrentControlSet\Services\MSExchangeDSAccess\DisableNetLogonCheck

If the Exchange Server Analyzer finds DisableNetLogonCheck is present and configured with a value greater than 0, a non-default configuration message is displayed.

After DSAccess discovers the Active Directory® directory service topology, it determines whether the discovered domain controllers and global catalog servers are suited for use. During initial discovery and ongoing rediscovery, DSAccess determines server suitability by running a series of tests. One test sends a remote procedure call (RPC) to the directory server to test its general suitability. In a perimeter network scenario where RPC traffic is typically not allowed, the DSAccess RPC request fails. However, DSAccess continues to issue RPCs until it fails, which can take a long time. Such repeated checks can adversely affect the performance of computers that are running Exchange Server. For this reason, administrators frequently add the DisableNetLogonCheck registry key and configure it with a value of 1 on Exchange servers located on a perimeter network.

If the Exchange server that generated the non-default configuration message is in a perimeter network where RPC is disabled, or if you have determined that you do not want DSAccess to perform this suitability test, you should set the DisableNetLogonCheck key to 1. Otherwise, you should delete the DisableNetLogonCheck key.

importantImportant:
This article contains information about editing the registry. Before you edit the registry, make sure you understand how to restore the registry if a problem occurs. For information about how to restore the registry, view the "Restore the Registry" Help topic in Regedit.exe or Regedt32.exe.

  1. Open a registry editor, such as Regedit.exe or Regedt32.exe.

  2. Navigate to: HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeDSAccess

  3. Double-click the DisableNetLogonCheck key, and set the DWORD value to 1.

  4. Close the registry editor. You do not have to restart any services to make the change take effect.

  1. Open a registry editor, such as Regedit.exe or Regedt32.exe.

  2. Navigate to: HKLM\SYSTEM\CurrentControlSet\Services\MSExchangeDSAccess

  3. Delete the value called DisableNetLogonCheck.

  4. Close the registry editor. You do not have to restart any services to make the change take effect.

Before you edit the registry, and for information about how to edit the registry, see the Microsoft Knowledge Base article 256986, "Description of the Microsoft Windows Registry" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=256986).

For more information about the DisableNetLogonCheck registry key, see the Knowledge Base article 320228, "XGEN: The DisableNetLogonCheck Registry Value and How to Use It" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=320228).

 
Was this page helpful?
(1500 characters remaining)
Thank you for your feedback

Community Additions

ADD
Show:
© 2014 Microsoft