Task Client Machines Are Unable To Communicate With NS. Bindings On Ports 50121 and 50124 Fail.
Last Updated August 26, 2012
Task client machines are unable to communicate with Notification Sever (SMP). They are able to communicate to site servers. The atrshost.exe on the Notification Server also fails to bind on 50121 and 50124 but 50120, 50122, and 50123 bind correctly.
"No connection could be made because the target machine actively refused it 127.0.0.1:50121"
"Credential check for "altadmin" failed: System.Net.WebException: The remote server returned an error: (401) Unauthorized."
Windows System Logs:
Log Name: Security
Date: 8/8/2011 12:12:50 PM
Event ID: 4625
Task Category: Logon
Keywords: Audit Failure
An account failed to log on.
Security ID: NULL SID
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 3
Account For Which Logon Failed:
Security ID: NULL SID
Account Name: <NSACCTNAME>
Failure Reason: An Error occured during Logon.
Sub Status: 0x0
Caller Process ID: 0x0
Caller Process Name: -
Workstation Name: <NSHOSTNAME>
Source Network Address: <NSHOSTIPADDR>
Source Port: 17992
Detailed Authentication Information:
Authentication Package: NTLM
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
The atrshost services attempts to authentication to the local machine mulitple times using the server alias. Microsoft by design put in security measure to prevent programs from doing this to prevent reflection attacks.
1: Open up the registry editor by typing regedit under Run. 2: Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0 3: Right-click MSV1_0 and click New and choose to make it a Multi-String Value. 4: Enter BackConnectionHostNames as name for the entry, and double-click it to modify it. 5: Type the hostnames you need to use (usually the value specified NSPrefferedhost). 6: Restart IISAdmin Service ("Start" -> "Administrative Tools" -> "Services")
Solution 2 (Not recommended, but may be easier to test with): 1: Open up the registry editor by typing regedit under Run. 2: Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa 3: Right-click Lsa and click New and choose to make it a DWORD Value. 4: Enter DisableLoopbackCheck as name for the entry, and double-click it to modify it. 5: Set the value to 1 and click OK
Imported Document ID: TECH166902
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe