Wiki page explains how to configure static ports for the RPC Client Access service, Exchange Address Book service, and public folder connections in Exchange 2010.
Often there are firewall restrictions in place between the Outlook client network and the Exchange 2010 messaging infrastructure network, which requires that static RPC ports are set on each Client Access Server in a Client Access
array. In addition using static RPC ports usually reduces the memory footprint on the load balancer devices.
For information on how to configure a static UDP port for push notifications in an Exchange 2010 environment, see the
Configuring a Static UDP Port for Push Notifications in an Exchange 2010 Environment
TechNet Wiki article.
By default Windows Server 2008 and 2008 R2 are configured with a dynamic RPC range of 49152-65535 for outbound connections. Earlier versions of Windows Server by default used port 1025-65535 (for more details about this change see
Microsoft KB article:
The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008). Also, when the Exchange 2010 Client Access server role is installed on Windows Server 2008 or 2008 R2, the dynamic RPC port range is changed to 6005-59530
and the highest usable port number is set to 60554.
By default the RPC Client Access service on an Exchange 2010 Client Access server uses the TCP End Point Mapper port (TCP/135) and the dynamic RPC port range (6005-59530) for outgoing connections, every time an Outlook clients establish
a connection to Exchange.
To set a static port for the RPC Client Access service on an Exchange 2010 Client Access server, you need to open the registry on the respective server and navigate to:
Here, you need to create a new key named ParametersSystem, and under this key create a
REG_DWORD named TCP/IP Port. The Value for the DWORD should be the port number you want to use.
Configuring static ports for the RPC Client Access service
When you’ve configured the port, it's required to restart the Microsoft Exchange RPC Client Access service in order for the changes to be applied.
By default the Exchange Address Book service on an Exchange 2010 Client Access server uses the TCP End Point Mapper (TCP/135) and the dynamic RPC port range (6005-59530) for outgoing connections, every time an Outlook client establish
a connection to Exchange.
Exchange 2010 RTM
In Exchange 2010 RTM a static port for the Exchange Address Book service is set using the following steps:
Configuring static port for the Exchange Address Book Service in Exchange 2010 RTM
When you’ve configured the port, it's required to restart the Microsoft Exchange Address Book service in order for the changes to be applied.
Exchange 2010 SP1
With Exchange 2010 SP1, you no longer use the “Microsoft.exchange.addressbook.service.exe.config” file to assign a static RPC port to the Exchange Address Book Service. Instead this configuration setting is controlled using the registry. To
set a static RPC port for the Exchange Address Book Service, create a new
REG_SZ registry key named “RpcTcpPort” under:
Configuring static port for the Exchange Address Book Service in Exchange 2010 SP1
By default public folder connections uses the TCP End Point Mapper (TCP/135) and the dynamic RPC port range (49152-65535) for outgoing connections, every time an Outlook client establish a connection to Exchange.
To set a static port for public folder connections, follow the same steps as those required for configuring static ports for the RPC CA service. Just bear in mind you need to perform them on the Exchange 2010 servers that stores
public folder databases. This is because public folder connections from an Outlook client occur against the RPC Client Access service on the Mailbox server role.
Configuring a static port for Public Folder connections
When the port has been set for public folder connections, it's required to restart the Microsoft Exchange RPC Client Access service on the Mailbox server in order for the changes to be applied.
In order to verify that the static ports configured are used, the
netstat.exe tool can be used:
Netstat -an -p tcp
Verifying the configured static ports are used on the Client Access and Mailbox servers
Script to set static ports is now available
here. The script works with Exchange 2010 RTM and SP1, SP2 and SP3. It also includes -auto to automatically search and change ports on all Exchange 2010 CAS servers and Mailbox Servers hosting public folders in the environment. More details
Thanks Austin :)
Excellent article, really.
Please update the article on msexchange.org "Uncovering the new RPC Client Access..." regarding Exchange 2010 SP1 - static RPC port for the Exchange Address Book Service (registry settings)
Thx Andrija! And will make sure the other article is updated.
I have installed Exchange 2010 CAS Array, based on your instruction from msexchange.org "Uncovering the new RPC Client Access Service in Exchange 2010" and my question is, why I can't find
on my CAS and file "Microsoft.exchange.addressbook.service.exe.config" does not have "“RpcTcpPort” " but I have "Microsoft.exchange.addressbook.service.exe.config" BAK file with parameter “RpcTcpPort” in it
"<add key="RpcTcpPort" value="0" />" ?
Could you please explain it.
Very very helpful. Thank you!
You need to create the MSExchangeRpc key manually on a CAS server.
Love your articles Henrik. Ditto on Andrija Panic/MarioTunes requests to update RPC port registry keys (post SP1) as they've changed a bit, and the ParametersSystem reg keys no longer exist.
ie: To make changes to CAS/Mailbox servers pre-Exchange 2010 SP1 (as per your article www.msexchange.org/.../uncovering-new-rpc-client-access-service-exchange-2010-part2.html), the reg key would have been:
DWord "TCP/IP Port" = 55000
What is the new registry location/type, and any reason why you (MS) now recommends a unique value between 59531 and 60554?
The key used for setting a static port for RPC CA hasn't changed with SP1. Only thing that changed is the way in which we set a static key for the Address Book Service. Instead of using a web.config file this is now done via a registry key. Unfortunately the key and the name of the key doesn't match the one used for the RPC CA service.
So why a port between 59531 and 60554? When the CAS role is installed, Exchange sets the max port to 60554 and adjust the dynamic range to be between 6005 and 59530. This made the Exchange Product group recommend to pick two numbers within the range that is outside the dynamic, but below the adjusted max but leave the actual two numbers up to them. This results in two numbers between 59531 and 60554.
Henrik - im using port 55000 for RPC and port 55001 for address book, is this going to cause me problems? im wondering if i need to have it higher?