You've just received notice that your Active Directory server is being used as part of a wide scale dDoS attack. Here is how you can fix it.
Go to the firewall settings on the active directory server or reported server IP and look for the following rules.
- Active Directory Domain Controller - LDAP (TCP-In)
- Active Directory Domain Controller - LDAP (UDP-In)
- Active Directory Domain Controller - LDAP for Global Catalog (TCP-In)
- Active Directory Domain Controller - Secure LDAP (TCP-In)
- Active Directory Domain Controller - Secure LDAP for Global Catalog (TCP-In)
For each of these alter the rule by choosing the Scope tab and entering only IP addresses that should have access to LDAP information. For example, Microsoft Exchange Servers within your network that need access to LDAP.
For assistance securing your network or if you are looking for hosted exchange services check out Area51.mn.
This error appears in the event viewer when the scheduled task "ScheduledDefrag" runs.
Cause: In most cases this is cause by the -k switch which tells the defrager to perform a slab consolidation on the selected volume. This will cause an error for slabs that are less than 8 MB, and will commonly toss an error on HyperV VM's.
Solution: remove the -k switch from the task.
- Open scheduled tasks, Microsoft, windows, defrag: "ScheduledDefrag"
- Now click properties, actions, edit [start a program]
- under add arguments(optional): remove the -k and click "ok", "ok"
That's it, your done.
After installing exchange 2013 and migrating clients over to the server you may notice Microsoft® SharePoint® Search Component or noderunner.exe running multiple instances with high memory usage. This is because Microsoft has integrated parts of sharepoint into exchange 2013. This process runs when accounts are first migrated and periodically to index email data stores for OWA in order to make search results fast, very fast.
You can disable Microsoft Exchange Search Host Controller service if it is causing an issue. In some cases it can consume an extremely high amount of memory causing the "Microsoft Exchange RPC Client Access" to fail and get stuck in a starting state. In which case the best solutions are to:
- Increase the amount of RAM on the server.
- Set the server to restart when "Microsoft Exchange RPC Client Access" fails.
- Disable the "Microsoft Exchange Search Host Controller service".
This is an obvious flaw in the design of exchange 2013 server.