The NetLogon service on remote machines will not be able to connect to this DC over TCP/IP resulting in authentication failure Rule

Run As Profiles

Name
Default

Alert Details

Message Priority Severity
The NetLogon service on remote machines will not be able to connect to this DC over TCP/IP resulting in authentication failure Medium Warning

Rule Knowledgebase

Summary

The Net Logon service could not register a remote procedure call (RPC) endpoint for the TCP/IP protocol.

Sample Event:

The NetLogon service on this domain controller has been configured to use port %1 for incoming RPC connections over TCP/IP from remote machines. However, the following error occurred when Netlogon attempted to register this port with the RPC endpoint mapper service: %2 This will prevent the NetLogon service on remote machines from connecting to this domain controller over TCP/IP that may result in authentication problems.

Causes
This rule does not contain any causes.
Resolutions

The specified port is configured via the Group Policy or via a registry value 'DcTcpipPort' under the 'HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Netlogon\Parameters' registry key; the value configured through the Group Policy takes precedence. If the port specified is in error, reset it to a correct value. You can also remove this configuration for the port in which case the port will be assigned dynamically by the endpoint mapper at the time the NetLogon service on remote machines makes RPC connections to this domain controller. After the misconfiguration is corrected, restart the NetLogon service on this machine and verify that this event log no longer appears.

External References

For more information, see:

See Also for Active Directory (AD) Monitoring Management Pack


Downloads for Active Directory (AD) Monitoring Management Pack

AZURE OPTIMIZATION ASSESSMENT GET STARTED
MIGRATION TO AZURE GET STARTED
SYSTEM CENTER MIGRATION TO AZURE GET STARTED
MIGRATION TO AZURE FOR SQL AND WINDOWS 2008 GET STARTED