locked
RPC error remote Event Viewer/remote dcdiag RRS feed

  • Question

  • Hi All,

    I am writing a code to perform active directory health check. When I perform dcdiag /s:<server name> /test:kccevent i get results for 80% of servers. While on few Domain controller it shows failed with RPC error. While the same test is passed locally. All  other results except FRSevent, KCCevent and DFSRevent are fine.

    I want to be more prepared before i reach to the network guy to open port (135) for few sites where issue is occurring. Can you guys tell me the if anything else can cause this? 

    Also if I will appreciate, any suggestion on any other important test result to be added here, except dcdiag?

    Thanks - Alok


    • Edited by Alok-Sharma Friday, August 28, 2015 2:43 PM
    Friday, August 28, 2015 2:42 PM

Answers

  • Hi Alok-Sharma,

    What's your operating system and the environment?

    Could you please run DCDIAG.EXE /E (or /A or /C) and post the specific error message?

    Please also refer to the following article to have a check.

    https://technet.microsoft.com/en-us/library/Cc731968.aspx?f=255&MSPPError=-2147217396

    https://support.microsoft.com/en-us/kb/2512643

    Best Regards,

    Mary Dong


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Mary Dong Tuesday, September 8, 2015 1:18 AM
    Monday, August 31, 2015 5:41 AM
  • Please share the result for the below command from the DC in which the code is run to the defected DCs.

    Repadmin /bind DefectedDCName

    If it says unable to bind with the LDAP server, there are issues in communication between the DCs.

    Further on the RPC, opening just the 135 port will not cut it. There are  ephemeral rpc ports which needs to be open between the DCs. Please follow the below link and check whetehr the ports are open using the utility portqry.

    https://support.microsoft.com/en-us/kb/929851

    find below the link to download portqry to check whether the port is open between the servers.

    http://www.microsoft.com/en-in/download/details.aspx?id=17148

    • Proposed as answer by Eric Anto Monday, August 31, 2015 8:13 AM
    • Marked as answer by Mary Dong Tuesday, September 8, 2015 1:18 AM
    Monday, August 31, 2015 8:13 AM

All replies

  • is this being ran from a domain admin account, system account, or another level account?
     Have you looked at the elevated part or the UAC part of the script that can affect this?
    Friday, August 28, 2015 3:14 PM
  • Yes, It is being run using domain admin and elevated command prompt.
    Friday, August 28, 2015 3:25 PM
  • Are you using Win RM?

    Can you post the code/ script?

    Friday, August 28, 2015 3:38 PM
  • Hello Alok,

    Can you run the following command and provide the output.

    REPADMIN /REPLSUM /Errorsonly

    Friday, August 28, 2015 5:09 PM
  • No, I am using C# to get it.. it's LDAP
    Monday, August 31, 2015 1:53 AM
  • Hi Alok-Sharma,

    What's your operating system and the environment?

    Could you please run DCDIAG.EXE /E (or /A or /C) and post the specific error message?

    Please also refer to the following article to have a check.

    https://technet.microsoft.com/en-us/library/Cc731968.aspx?f=255&MSPPError=-2147217396

    https://support.microsoft.com/en-us/kb/2512643

    Best Regards,

    Mary Dong


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Marked as answer by Mary Dong Tuesday, September 8, 2015 1:18 AM
    Monday, August 31, 2015 5:41 AM
  • No error, all smooth, maximum delta in 20 mins
    Monday, August 31, 2015 7:38 AM
  • Thi dong,  https://support.microsoft.com/en-us/kb/2512643 seems to be more related to what error i am getting.

    I will make the required changes and post updates - thanks

    Monday, August 31, 2015 7:45 AM
  • The hint with WinRM was not bad. Try "WinRM /qc /force" on the servers which do not work.

    Also test the RPC by your own. Try MMC - Eventlogs on the not working server and also regedit remoting.

    How did you implement the remoting in C#?


    Greetings,

    David das Neves

    Technology Specialist - Consulting Services
    Computacenter AG & Co. oHG - München

    Blog    

    Caution: This post may contain errors.

    Monday, August 31, 2015 8:05 AM
  • Please share the result for the below command from the DC in which the code is run to the defected DCs.

    Repadmin /bind DefectedDCName

    If it says unable to bind with the LDAP server, there are issues in communication between the DCs.

    Further on the RPC, opening just the 135 port will not cut it. There are  ephemeral rpc ports which needs to be open between the DCs. Please follow the below link and check whetehr the ports are open using the utility portqry.

    https://support.microsoft.com/en-us/kb/929851

    find below the link to download portqry to check whether the port is open between the servers.

    http://www.microsoft.com/en-in/download/details.aspx?id=17148

    • Proposed as answer by Eric Anto Monday, August 31, 2015 8:13 AM
    • Marked as answer by Mary Dong Tuesday, September 8, 2015 1:18 AM
    Monday, August 31, 2015 8:13 AM
  • Hi  Alok-Sharma,

    Is there any updates for your issue?

    Look forward to your reply.

    Best Regards,

    Mary Dong


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, September 7, 2015 2:15 AM
  • Hi Dong,

    You were correct, that helped me getting the issue resolved.

    Thank you very much for brilliant answer. Thank you everyone....

    I have enabled - Remote Event Log Management (RPC) and now all DC reports coming without error. 

    Friday, September 11, 2015 6:00 AM