By default, Windows Server 2003 enumerates 5000 ports. The first port that is available for use by programs in 1024 is for a maximum of 3977 active connections. When the IP User Cache is disabled in IWSS, it will perform the LDAP query for each request.

Aside from that, the TCP socket will sometimes reach TIME_WAIT state and the port will not be usable until the current state has timed out. Therefore, the LDAP queries need many points in the system.

To resolve this issue, you need to increase the default number of ports that are available for program traffic.

The number of additional ports must be sufficient to handle the number of simultaneous network requests that are being made by all programs. The number of allocated ports is governed by a TCP/IP registry entry, MaxUserPort. By default, this entry does not exist.

Do the following:

1. Make sure to install the latest patch for IWSS 3.1 Windows on your machine.
2. Open the Registry Editor.
    

   Always back up the whole registry before making any modifications. Incorrect changes to the registry can cause serious system problems.
3. Go to HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters.
4. Create a new DWORD Value, "MaxUserPort".
5. Set the decimal value of the key to a number greater than 5000, such as 60000. This value controls the maximum dynamic port number. The valid range is 5000-65534. By default, the number of available ports is 3977 because the first available port is 1024.
6. Close the Registry Editor.
7. Restart the server for the changes to take effect.