none
The RPC server is unavailable.(Error 1722)

    Question

  • When m running repadmin /showrepl ad1* /verbose /all /intersite for replication then it shows following error

    CN=Configuration,DC=fitnessonrequest,DC=com

        FOR\ADCENTER1 via RPC

            DSA object GUID: e4d865bc-0168-4a54-8ee2-90545560f916

            Address: e4d865bc-0168-4a54-8ee2-90545560f916._msdcs.fitnessonrequest.com

            DSA invocationID: 25af071a-3c79-4b64-bc5f-68d88b744ea4

            DO_SCHEDULED_SYNCS WRITEABLE COMPRESS_CHANGES NO_CHANGE_NOTIFICATIONS

            USNs: 5103995/OU, 5103995/PU

            Last attempt @ 2011-11-23 05:26:27 failed, result 1722 (0x6ba):

                The RPC server is unavailable.

            198 consecutive failure(s).

            Last success @ 2011-11-21 06:03:45.

     

    any one can say what could i do even all settings are fine


    Sharad Singh | My blogs: SharadTech | Twitter: @MrLucknowWale |
    Wednesday, November 23, 2011 11:36 AM

Answers

All replies

  • The error " The RPC server is unavailable" relates to network connectivity or port being blocked on the firewall. verify the network connectivity first and then ports on the firewall. For ports you can use portquery tool which can be downloaded for free and can be installed on the server.

    http://blogs.technet.com/b/abizerh/archive/2009/06/11/troubleshooting-rpc-server-is-unavailable-error-reported-in-failing-ad-replication-scenario.aspx

     

    Regards


    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com


    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Wednesday, November 23, 2011 12:33 PM
  • Most likely there is a firewall that is blocking high ports between the two dc's.

    I have an article on firewall Ports needed for Replication with a couple of quick troubleshooting tips at:
    http://www.pbbergs.com/windows/articles.htm

    --
    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    http://www.pbbergs.com    Twitter @pbbergs
    http://blogs.dirteam.com/blogs/paulbergson

    Please no e-mails, any questions should be posted in the NewsGroup. This posting is provided "AS IS" with no warranties, and confers no rights.

     

    Wednesday, November 23, 2011 1:06 PM
  • Paul,

    m using 2008 server and those ports are enough or needed some more.


    Sharad Singh | My blogs: SharadTech | Twitter: @MrLucknowWale |
    Wednesday, November 23, 2011 4:04 PM
  • Since, you are getting RPC error, its better to run portquery tool and see what it list out, it will give you enough idea to proceed.

     

    Regards


    Awinish Vishwakarma

    MY BLOG:  awinish.wordpress.com
    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Wednesday, November 23, 2011 4:29 PM
  • Hi,

    The "RPC server unavailable" error can occur for the following reasons:

    DNS problems

    Time synchronization problem

    RPC service is not running

    Network connectivity problem

    Troubleshooting:
    DNS problems - Check the DNS pointing on each DC.
    http://support.microsoft.com/default.aspx?scid=kb;EN-US;825036

    Time synchronization problem - PDC role owner in forest root domain should be a authorative time server.
    http://support.microsoft.com/kb/816042

    RPC service-
    Ensure the RPC service is running.

    Network connectivity-
    Ensure that the important well-known ports required in a domain environment are open on the firewall between these DCs, use the Portqry tool.
    http://blogs.technet.com/b/abizerh/archive/2009/06/11/troubleshooting-rpc-server-is-unavailable-error-reported-in-failing-ad-replication-scenario.aspx

    Additional, Active Directory Replication Over Firewalls
    http://social.technet.microsoft.com/wiki/contents/articles/active-directory-replication-over-firewalls.aspx

    Ports requirement for AD.
    http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx

    Regards,


    Abhijit Waikar - MCSA 2003|MCSA 2003:Messaging|MCTS|MCITP:SA
    • Proposed as answer by gyugyi Friday, March 23, 2012 2:46 PM
    Wednesday, November 23, 2011 6:50 PM
  • Guys, every thing is fine when m restarting server then it's replicate after sometimes, again same errro.
    Sharad Singh | My blogs: SharadTech | Twitter: @MrLucknowWale |
    Thursday, November 24, 2011 1:52 AM
  • Note on RPC is unavailable - This can either be a DNS misconfig and/or necessary ports are not fully opened between locations. It can also be caused by antivirus software with many of them sporting a new feature called "network traffic protection," which can efffectively block necessary AD traffic. Microsoft's PortQry tests specific AD ports and the ephemeral ports, and the required responses from the services on the required AD ports it specifically scans for.  Here's more info on the ports that AD requires to properly communicate:

    Active Directory Firewall Ports - Let's Try To Make This Simple
    http://msmvps.com/blogs/acefekay/archive/2011/11/01/active-directory-firewall-ports-let-s-try-to-make-this-simple.aspx

    Also, disable local windows firewall service on the server.

    Ensure the following on DC:
    1. Each DC / DNS server points to its private IP address as primary DNS server and other remote/local DNS servers as secondary in TCP/IP properties.
    2. Each DC has just one IP address and single network adapter is enabled.
    3. Contact your ISP and get valid DNS IPs from them and add it in to the forwarders, Do not set public DNS server in TCP/IP setting of DC.
    4. Once you are done, run "ipconfig /flushdns & ipconfig /registerdns", restart DNS and NETLOGON service each DC.
    Do not put private DNS IP addresses in forwarder list.

    Ran dcdiag /q and repadmin /replsum to check for any errors.

    Hope this helps.

    Regards,
    Sandesh Dubey.
    -------------------------------
    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator
    My Blog: http://sandeshdubey.wordpress.com
    This posting is provided AS IS with no warranties, and confers no rights

     

    Thursday, November 24, 2011 2:47 AM
  • Restarting resolves the issue, it might be the memory leak issue too where memory required by application is not released which results in server hang, you can use tool like poolmon.exe to give a try that its not a memory leak. Also, i would verify if server is full patched and running with latest update as well as hardware is also running with latest drivers of NIC/Firmware/Bios etc.

    http://msdn.microsoft.com/en-us/library/ff560135%28v=vs.85%29.aspx

     

    Regards  


    Awinish Vishwakarma

    MY BLOG:  http://awinish.wordpress.com/


    This posting is provided AS-IS with no warranties/guarantees and confers no rights.
    Thursday, November 24, 2011 3:31 AM
  • Hi

    I want you to gothrough below mentioned ASKDS article...that gives you better understanding.

     

    http://blogs.technet.com/b/abizerh/archive/2009/06/11/troubleshooting-rpc-server-is-unavailable-error-reported-in-failing-ad-replication-scenario.aspx

     

    All the best

    Venkat.SP

     

    Friday, November 25, 2011 9:22 PM
  • If after restarting the server the issue get resolves this indicates some performance issue on the server.
    1.Check and update the BIOS and NIC drivers.
    2.Ran chkdsk in read only mode to check for any errors c,d,etc volume.If errors are found ran chkdsk /f to fix the same
    3.Check the latest Service Pack and hotfixes are installed on the server.
    4.Update the antivirus version and defination file if it is not update.You can also check the AV firewall setting,is it blocking any ports.If possible disable the AV temporary and check
    5.Check the Page file setting on the server and set it correctly.
    http://support.microsoft.com/kb/308417
    6.Make sure that no third party application is installed on the server this could also be the cause.
    7.As mentioned in the prevoius post check the NIC binding order & DNS setting.
    8.Also the firewall for any port blockage:http://support.microsoft.com/kb/179442,ask the n/w team to check the network performance.
    9.Kerberos to use TCP instead of UDP in Windows:http://support.microsoft.com/kb/244474,check this KB as well http://support.microsoft.com/kb/948496

    Hope this helps.

    Regards,
    Sandesh Dubey.
    -------------------------------
    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator
    My Blog: http://sandeshdubey.wordpress.com
    This posting is provided AS IS with no warranties, and confers no rights.


     

     

    Saturday, November 26, 2011 3:57 AM
  • i ran the port qury from DC1 to DC2

    and found following ports are not listening, what i have to do, to resolve the issue

    Ports

    AD and AD Ds usage

    TCP-25

    Replication

    TCP-42

    Wins

    TCP-137

    Netbios name resolution

    UDP-123

    Windows Time, Trusts

    UDP-138

    DFS, Group Policy, NetBIOS Netlogon, Browsing

    UDP-67

    DHCP (Note: DHCP is not a core AD DS service but may be necessary)

    UDP-2535

    DHCP (Note: DHCP is not a core AD DS service but may be necessary)

    UDP-445

    Replication, User and Computer Authentication, Group Policy, Trusts

    UDP-88

    User and Computer Authentication, Forest Level Trusts

    UDP-464

    Replication, User and Computer Authentication, Trusts

    TCP/UDP-1024-65535

    Enhanced in Windows 2008



    Sharad Singh | My blogs: SharadTech | Twitter: @MrLucknowWale |
    Thursday, December 08, 2011 6:55 PM
  • some log of dcdiag

     Starting test: Replications

             * Replications Check
             DC=ForestDnsZones,DC=fitnessonrequest,DC=com has 6 cursors.
             [Replications Check,AD1] A recent replication attempt failed:

                From ADCENTER1 to AD1

                Naming Context: DC=ForestDnsZones,DC=fitnessonrequest,DC=com

                The replication generated an error (1722):

                The RPC server is unavailable.

                The failure occurred at 2011-12-08 12:16:22.

                The last success occurred at 2011-11-21 06:03:45.

                1673 failures have occurred since the last success.

                The source ADCENTER1 is responding now.

             CN=Schema,CN=Configuration,DC=fitnessonrequest,DC=com has 6 cursors.
             [Replications Check,AD1] A recent replication attempt failed:

                From ADCENTER1 to AD1

                Naming Context:

                CN=Schema,CN=Configuration,DC=fitnessonrequest,DC=com

                The replication generated an error (1722):

                The RPC server is unavailable.

                The failure occurred at 2011-12-08 12:18:25.

                The last success occurred at 2011-11-21 06:03:45.

                1673 failures have occurred since the last success.

                The source ADCENTER1 is responding now.

             CN=Configuration,DC=fitnessonrequest,DC=com has 6 cursors.
             [Replications Check,AD1] A recent replication attempt failed:

                From ADCENTER1 to AD1

                Naming Context: CN=Configuration,DC=fitnessonrequest,DC=com

                The replication generated an error (1722):

                The RPC server is unavailable.

                The failure occurred at 2011-12-08 12:19:28.

                The last success occurred at 2011-11-21 06:03:45.

                1676 failures have occurred since the last success.

                The source ADCENTER1 is responding now.

             DC=fitnessonrequest,DC=com has 6 cursors.
             [Replications Check,AD1] A recent replication attempt failed:

                From ADCENTER1 to AD1

                Naming Context: DC=fitnessonrequest,DC=com

                The replication generated an error (1722):

                The RPC server is unavailable.

                The failure occurred at 2011-12-08 12:20:11.

                The last success occurred at 2011-11-21 06:03:45.

                1673 failures have occurred since the last success.

                The source ADCENTER1 is responding now.

             DC=DomainDnsZones,DC=knet,DC=fitnessonrequest,DC=com has 2 cursors.
             DC=knet,DC=fitnessonrequest,DC=com has 2 cursors.
             ......................... AD1 failed test Replications

          Starting test: RidManager

             ridManagerReference = CN=RID Manager$,CN=System,DC=knet,DC=fitnessonrequest,DC=com
             * Available RID Pool for the Domain is 2100 to 1073741823
             fSMORoleOwner = CN=NTDS Settings,CN=AD1,CN=Servers,CN=KNET,CN=Sites,CN=Configuration,DC=fitnessonrequest,DC=com
             * ad1.knet.fitnessonrequest.com is the RID Master
             * DsBind with RID Master was successful
             rIDSetReferences = CN=RID Set,CN=AD1,OU=Domain Controllers,DC=knet,DC=fitnessonrequest,DC=com
             * rIDAllocationPool is 1100 to 1599
             * rIDPreviousAllocationPool is 1100 to 1599
             * rIDNextRID: 1166
             ......................... AD1 passed test RidManager

     

    Starting test: FrsEvent

             * The File Replication Service Event log test
             Skip the test because the server is running DFSR.

             ......................... AD1 passed test FrsEvent

          Starting test: DFSREvent

             The DFS Replication Event Log.
             ......................... AD1 passed test DFSREvent

          Starting test: SysVolCheck

             * The File Replication Service SYSVOL ready test
             [AD1] An net use or LsaPolicy operation failed with error 53,

             The network path was not found..

             The registry lookup failed to determine the state of the SYSVOL.  The

             error returned  was 0x35 "The network path was not found.".  Check the

             FRS event log to see if the SYSVOL has successfully been shared.
             ......................... AD1 failed test SysVolCheck

          Starting test: FrsSysVol

             * The File Replication Service SYSVOL ready test
             The registry lookup failed to determine the state of the SYSVOL.  The

             error returned  was 0x35 "The network path was not found.".  Check the

             FRS event log to see if the SYSVOL has successfully been shared.
             ......................... AD1 failed test FrsSysVol

          Starting test: KccEvent

             * The KCC Event log test
             A warning event occurred.  EventID: 0x8000061E

                Time Generated: 12/08/2011   12:15:37

                Event String:

                All directory servers in the following site that can replicate the directory partition over this transport are currently unavailable.

                

                Site:

                CN=FOR,CN=Sites,CN=Configuration,DC=fitnessonrequest,DC=com

                Directory partition:

                DC=ForestDnsZones,DC=fitnessonrequest,DC=com

                Transport:

                CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=fitnessonrequest,DC=com

             An error event occurred.  EventID: 0xC000051F

                Time Generated: 12/08/2011   12:15:37

                Event String:

                The Knowledge Consistency Checker (KCC) has detected problems with the following directory partition.

                

                Directory partition:

                DC=ForestDnsZones,DC=fitnessonrequest,DC=com

                

                There is insufficient site connectivity information for the KCC to create a spanning tree replication topology. Or, one or more directory servers with this directory partition are unable to replicate the directory partition information. This is probably due to inaccessible directory servers.

                

                User Action

                Perform one of the following actions:

                - Publish sufficient site connectivity information so that the KCC can determine a route by which this directory partition can reach this site. This is the preferred option.

                - Add a Connection object to a directory service that contains the directory partition in this site from a directory service that contains the same directory partition in another site.

                

                If neither of the tasks correct this condition, see previous events logged by the KCC that identify the inaccessible directory servers.

             A warning event occurred.  EventID: 0x80000749

                Time Generated: 12/08/2011   12:15:37

                Event String:

                The Knowledge Consistency Checker (KCC) was unable to form a complete spanning tree network topology. As a result, the following list of sites cannot be reached from the local site.

                

                Sites:

                CN=FOR,CN=Sites,CN=Configuration,DC=fitnessonrequest,DC=com

                

                

                

                

                

                

               

             A warning event occurred.  EventID: 0x8000061E


    Sharad Singh | My blogs: SharadTech | Twitter: @MrLucknowWale |
    Thursday, December 08, 2011 8:21 PM
  • when m trying to ping AD1 from adcenter1 via IP able to ping but could not ping via fqdn name, that showing time out.
    Sharad Singh | My blogs: SharadTech | Twitter: @MrLucknowWale |
    Thursday, December 08, 2011 8:50 PM
  • First of all you need to get the required port open for AD replication,get you network/firewall administrator involve and sort the port blocking issue.

    Port Assignments for Active Directory Replication

    Service Name   UDP                  TCP
    LDAP                 389                  389
    LDAP                                         636
    GC                                            3268
    Kerboros           88                   88
    DNS                  53                   53
    smb over IP     445                  445

    Reference link:http://geekswithblogs.net/TSCustomiser/archive/2007/05/09/112357.aspx

    Hope this helps

    Regards,
    Sandesh Dubey.
    -------------------------------
    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator
    My Blog: http://sandeshdubey.wordpress.com
    This posting is provided AS IS with no warranties, and confers no rights.

    Friday, December 09, 2011 1:38 AM
  • Sounds to me like a DNS problem. Do you by any possibility have a dual NIC. Try nslookup on both machines. And try it by NETBIOS name, FQDN and IP I once had a similar problem when I had a RRAS server and dual NIC.
    Friday, January 06, 2012 3:53 PM