Between 12:43:50 and 12:43:53, several days ago, the APP log on my Exchange server was filled with hundreds of these errors (EventID 9385). Here's a description of the error: http://www.eventid.net/display.asp?eventid=9385&eventno=9148&source=MSExchangeSA&phase=1 In my case, 1. Yes, the server is a member of the Exchange servers group (just double-checked). 2. There was no need to restart the service in question as Exchange continued to function, and the error has not appeared since. 3. Mail flow is fine, no one is complaining, Exchange BPA shows no problems, Test-* cmdlets are OK (Test-ServiceHealth, OWA Connectivity, etc.). DCDIAG and NETDIAG on the domain controllers showed no errors (and nothing in domain controller event viewer logs). 4. This error has been logged three times before during the entire year of 2010 - but never with so many entries at once. At the same time, this entry was added to the SYSTEM log: EventID 4227 (12:43:50) TCP/IP failed to establish an outgoing connection because the selected local endpoint was recently used to connect to the same remote endpoint. This error typically occurs when outgoing connections are opened and closed at a high rate, causing all available local ports to be used and forcing TCP/IP to reuse a local port for an outgoing connection. To minimize the risk of data corruption, the TCP/IP standard requires a minimum time period to elapse between successive connections from a given local endpoint to a given remote endpoint. ********************************************** ********************************************** All seems to be fine now, but does anyone know what might cause this? Is there an underlying problem I should be dealing with? They say an once of prevention is worth a pound of cure. So I'm looking to see what I need to prevent - if anything. Thank you in advance!

Honestly I probably would ignore the message assuming all your conditions above are true. It sounds like there was a brief connectivity error since you are also logging a TCP issue at that same time. The error is probably generated because of a brief network outage that causes the Exchange server to not be able to poll a DC, thus spitting out the errors. now if it happened all the time I would really look into the network infrastructure and possibly start to isolate the outages. But since it only happend 3 times in an entire year and there are no ill effects it shouldn't be a problem. Jorge R. Diaz, PMP, CCNA, MCSA, MCSE Senior Microsoft Consultant Planet Technologies, Inc. Check out My Blog!

It can also be caused if you moved the Exchange Domain Servers and Exchange Enterprise Servers out of the default USERS OU. James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

Very true James, but you would get that error consistently until you moved them back. The infrequency of the alert leads me to believe it is more network related. But definetely a good catch! Jorge R. Diaz, PMP, CCNA, MCSA, MCSE Senior Microsoft Consultant Planet Technologies, Inc. Check out My Blog!