Solved

Server 2012 R2 NPS not starting

Posted on 2014-03-24
9
1,303 Views
Last Modified: 2014-03-31
I am new to server 2012. I'm in a small environment and using my 2012 server as an integrated AD/DNS/DHCP/NPS server. I've successfully set up AD, DNS, and DHCP, and have NPS installed.

The error I get is:

Error 0x80072740: Only one usage of each socket address (protocol/Network address/port) is normally permitted.

I've found Microsoft posts that for server 2000/2003 a registry key existed to exclude those ports from the dynamic range. For server 2008 and beyond, that key has been sunsetted and is no longer used, in part because DNS dynamic ports have been shifted further up.

I've done a 'netsh int ipv4 show dynamicportrange udp' and found that the range is 49152-16384, which I'd expect. If you perform a netstat -ano | findstr 1812, nothing is using port 1812. (True also of 1813, 1645, and 1646).

I am at a loss as to where to go next. Any help is appreciated.
0
Comment
Question by:USSC-IT
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 3
9 Comments
 

Author Comment

by:USSC-IT
ID: 39951134
Adding add'l points.
0
 
LVL 10

Expert Comment

by:0xSaPx0
ID: 39951311
Do you have any security software installed on this box such as Symantec Endpoint, Websense Endpoint or any third party firewall software?


Something is using the port that the NPS service is trying to bind to and is unable to, netstat should tell you, I'd check the list manually.

netstat -an | more
0
 

Author Comment

by:USSC-IT
ID: 39951343
The only thing that has been installed on this server is stock Windows Server 2012 R2 components.

I did do a raw netstat - there are no bindings showing for any of those ports on UDP (or on TCP for that matter). That's what is so confusing about the error.
0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 10

Expert Comment

by:0xSaPx0
ID: 39951356
Couple ideas:

1). If there are multiple network adaptors, disable all not in use then reboot.
2). Update network drivers
3). Uninstall TCP/IP (deselect from NIC properties, hit OK) and Reinstall (reselect in NIC properties and hit OK)
4). Are there any Group Policies applied to this box?
5). Does enabling/disabling windows firewall have any impact on this?
0
 

Author Comment

by:USSC-IT
ID: 39951390
In response:

1. Only one adapter in use.
2. Network drivers appear to be up-to-date
      Broadcom BCM5708C NetXtreme II GigE
      v.7.4.23.2 from Microsoft
3.   All other network services are working correctly, including DHCP, AD, and DNS, system in a production environment.
4. Same group policies that apply to the current Windows 2008 Server hosting RADIUS.
5. No effect. Firewall has the ports set for pass-through.
0
 
LVL 10

Expert Comment

by:0xSaPx0
ID: 39951422
Download TCPView and double check the ports listed here. If netstat wasn't lying and nothing is bound to those ports then I would uninstall the NPS role and reinstall it.

http://technet.microsoft.com/en-us/library/cc732902.aspx

TCPView:
http://technet.microsoft.com/en-us/sysinternals/bb897437
0
 

Author Comment

by:USSC-IT
ID: 39951552
I will try TCPView and post my findings, thanks.
0
 

Accepted Solution

by:
USSC-IT earned 0 total points
ID: 39955760
I decided to look through the documentation on NPS with a fresh mind this morning based on the "multi-homed" note in the NPS top-level properties where the ports are defined. Based on the notes that instruct how to restrict ports to specific adapters, I decided to explicitly call out the IPv4 address of the network adapter for each port.

After explicitly restricting NPS to the IPv4 address of the main adapter, the NPS service started up with no problems.

Apparently the default settings on a default configured single network adapter don't work. Go figure.

Regardless, thanks for your help.
0
 

Author Closing Comment

by:USSC-IT
ID: 39966120
After confirming none of the stock RADIUS ports were being stepped on by another process, revisited the documentation and decided to explicitly tie the ports to a specific IPv4 adapter with each port, and start the process. Confirmed that the process was trying to step on itself by binding most likely to both the single live network IP and the localhost loopback address, as well as the IPv6 addresses.
0

Featured Post

Is Your AD Toolbox Looking More Like a Toybox?

Managing Active Directory can get complicated.  Often, the native tools for managing AD are just not up to the task.  The largest Active Directory installations in the world have relied on one tool to manage their day-to-day administration tasks: Hyena. Start your trial today.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
Configuring network clients can be a chore, especially if there are a large number of them or a lot of itinerant users.  DHCP dynamically manages this process, much to the relief of users and administrators alike!
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles from a Windows Server 2008 domain controller to a Windows Server 2012 domain controlle…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question