Connection to Recipient Update Service domain controller

[This topic is intended to address a specific issue called out by the Exchange Server Analyzer Tool. You should apply it only to systems that have had the Exchange Server Analyzer Tool run against them and are experiencing that specific issue. The Exchange Server Analyzer Tool, available as a free download, remotely collects configuration data from each server in the topology and automatically analyzes the data. The resulting report details important configuration issues, potential problems, and nondefault product settings. By following these recommendations, you can achieve better performance, scalability, reliability, and uptime. For more information about the tool or to download the latest versions, see "Microsoft Exchange Analyzers" at https://go.microsoft.com/fwlink/?linkid=34707.]  

Topic Last Modified: 2006-05-18

The Microsoft® Exchange Server Analyzer Tool opens a TCP socket connection to port 389 on each domain controller. This connection is made by using a custom object processor that returns a specific string if the connection is successful.

If the Exchange Server Analyzer does not receive 389 Available as part of the returned string, a warning is displayed.

This warning indicates that the domain controller did not respond to a connection attempt on TCP port 389. TCP port 389 is the default port for Lightweight Directory Access Protocol (LDAP) communications. If you receive this warning, any of the following conditions may exist:

  • There may be connectivity issues between the Exchange Server Analyzer and the domain controller.

  • The server may be down.

  • The server may have been decommissioned.

There are many reasons why LDAP requests may not be correctly serviced by a domain controller when the Exchange Server Analyzer queries it.

To correct this warning

  1. Verify that the account running the Exchange Server Analyzer is authorized to query the domain controller. You must have User level permissions in the domain where the domain controller is running. You can find more information about permissions that are required to run the Exchange Server Analyzer in the Help file included with the Exchange Server Analyzer. To open the Exchange Server Analyzer Help file, in the Exchange Server Analyzer, click Help, and then click Microsoft Exchange Server Analyzer Tool Help.

  2. Verify that there are no firewalls or port restrictions between the computer that is running the Exchange Server Analyzer and the domain controller that did not respond.

  3. Verify that the domain controller is connected to the network and functioning correctly.

  4. Verify that the server has not been decommissioned and is still listed as an available domain controller to Exchange Server.

For more information, see the following Microsoft Knowledge Base articles: