XADM: How to Force Static Mapping of Sockets

ID: Q155831

The information in this article applies to:

SUMMARY

This article tells you how to allow the Microsoft Exchange Client to connect to Microsoft Exchange Server over an existing connection to the Internet and through a firewall. In order to do this, make the ports assigned to these connections static. This requires you to add entries to the registry.

For additional information about configuring Exchange Services for Internet Firewalls, please see the following article in the Microsoft Knowledge Base:

Q148732 XADM: Setting TCP/IP Port Numbers for Internet Firewalls


MORE INFORMATION

The computer must be restarted for these changes to take effect.

To make the ports static:

WARNING: Using Registry Editor incorrectly can cause serious problems that may require you to reinstall Windows NT. Microsoft cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Use Registry Editor at your own risk.

  1. Start Registry Editor (Regedt32.exe).


  2. Under the HKEY_LOCAL_MACHINE subtree, go to the following subkey: 
    
      System\CurrentControlSet\Services\MSExchangeDS\Parameters


  3. Add the following entry for the Microsoft Exchange Directory service: 
    
      TCP/IP port REG_DWORD
      DATA: <port number to assign>

    NOTE: DO NOT assign ports immediately above the 1023 range. For more information about the ramifications and guidelines for static port assignment of Exchange services, please see the following article in the Microsoft Knowledge Base:


    4. Q180795 XADM: Intrasite Directory Replication Fails with Error 1720
    EXAMPLE: "TCP/IP Port"=dword:000004C9(1225)

    The decimal number 1225 was used for the DS, which is 4C9 in hexadecimal.

  4. Go to the following subkey: 
    
      System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem


  5. Add the following entry for the Information Store: 
    
      TCP/IP port REG_DWORD
      DATA: <port number to assign>

    NOTE: DO NOT assign ports immediately above the 1023 range. For more information about the ramifications and guidelines for static port assignment of Exchange services, please see the following article in the Microsoft Knowledge Base:


    6. Q180795 XADM: Intrasite Directory Replication Fails with Error 1720
    EXAMPLE: "TCP/IP Port"=dword:000004CA(1226)

    The decimal number 1226 was used for the IS, 4CA in hexadecimal format.

  6. Quit Registry Editor.


After this, you will need to configure the packet filter (or firewall) to allow TCP connections to be made to these ports as well as to port 135.

Further Explanation

A packet filter (or firewall) will deny connection attempts made to any port for which you have not explicitly allowed connections. Microsoft Exchange Server does use a well-known static port (port 135) to listen for client connects to the RPC Endpoint Mapper Service. However, after the client connects to this socket, Microsoft Exchange Server then re-assigns the client two random ports to use when communicating with the Directory and the Information Store. This makes it impossible to allow these through the firewall without forcing them to be statically assigned.


REFERENCES

For additional information, please refer to the Readme.wri file on the Microsoft Exchange Server version 4.0 compact disc.

Additional query words: 


Keywords          : XCLN 
Version           : winnt:4.0
Platform          : winnt 
Issue type        :

Last Reviewed: April 1, 1999