You are running Windows 8 or newer or Windows Server 2012 or newer member machines in a domain. When you restart the machines you may notice that the Netlogon is not running.
You may detect this only after a dependent service reports a problem.
In the system eventlog you find the following event:
Log Name:      System
Source:        NETLOGON
Event ID:      5820
Level:         Error
Keywords:      Classic
The Netlogon service could not add the AuthZ RPC interface.  The service was terminated. The following error occurred: ‘The parameter is incorrect.’
When you start the service manually, the same error occcurs and the service does not start.


Windows 8 and Server 2012 introduce a new RPC interface for remote effective Permissions evaluations. There is a failure in the RPC runtime allocating a TCP port for the RPC interface.
Netlogon considers this a fatal failure, logs event 5820 and stops.


The port restriction defined in registry key “HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\Internet” does not allow the port to be allocated. There is an error in the settings or there are insufficient ports granted for the use of RPC ports on this machine.
Either remove the restriction or allow for more ports to be allocated to the RPC runtime. You need to reboot so the changes take effect.

Leave a Reply

Your email address will not be published. Required fields are marked *