locked
check permissions of two nodes, RRS feed

  • Question

  • I have NLB CAS array with two nodes. When i type shell commands from CAS01 node - works perfectly. But if i execute the same commands in CAS02 node (shell commands that effects two nodes, like get-autodiscovervirtualdirectory, Get-WebServicesVirtualDirectory) - it response  "extracting production of a COM class object for remote component with CLSID {2B72133B-3F5B-4602-8952-803546CE3344} on your computer CAS01.mydomain.local EROOR: 800706ba.

    googling this error does says that RPC server not  available ...  2 nodes pinging each other, mail works normally...


    Be real

    Tuesday, July 24, 2012 1:36 PM

Answers

  • One of the cas can you telnet to port 135 to the other cas? I would also give them a reboot maybe the firewall blocked some rpc registration.

    telnet cas2 135 [enter]


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    Friday, July 27, 2012 3:32 PM
  • Same result "dcom 10009 was unable to communicate with the computer using any of the configured protocols".

    Be real


    That's an error that I have seen in every Exchange 2010 implementation I've ever made.

    To get rid of these irritating error messages follow the instructions at this blog post

    Martina Miskovic

    Saturday, July 28, 2012 6:10 AM
  • That is the expected response, did you try Martina's solution?

    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    • Marked as answer by Voffka_UA Wednesday, August 1, 2012 10:37 AM
    Tuesday, July 31, 2012 2:13 PM

All replies

  • NLB is unicast or multicast?  How many NICs?  How have you configured DNS registration, i.e., which of the NICs register in DNS?

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Tuesday, July 24, 2012 4:19 PM
  • NLB multicast. 2 NICs.  NIC for public access is looking to DNS servers. Replication NIC that use to make NLB have no DNS servers.

    Be real

    Wednesday, July 25, 2012 7:52 AM
  • When you do NSLOOKUP on the server name, do you see both NICs?  If so, try configuring the NLB NIC so it doesn't register in DNS.

    Ed Crowley MVP "There are seldom good technological solutions to behavioral problems."

    Wednesday, July 25, 2012 7:04 PM
  • Solution IS: on the CAS01 - control panel - Windows Firewall - Advanced - New rule - Allow - tcp, Local:RPC Dynamic ports.

    now execution of commands is succesful, BUT:

    But everytime i execute get-autodiscover from CAS02 (or eny command that effects two CAS servers) - appears en event in journal "dcom 10009 was unable to communicate with the computer using any of the configured protocols "...


    Be real

    Thursday, July 26, 2012 6:14 AM
  • Any reason you're running windows firewall on your cas? Not only is it not necessary and unconventional it's basically not supported for the same reason putting CAS in dmz firewall is not supported.

    Windows Firewall Service is Enabled on Exchange Server

    http://technet.microsoft.com/en-us/library/aa995688(v=exchg.80).aspx


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    Thursday, July 26, 2012 2:00 PM
  • disabled firewall in both nodes. Same result "dcom 10009 was unable to communicate with the computer using any of the configured protocols". Nothing seems to be not working. But have this event spawning, when executing commands in PS

    Be real

    Friday, July 27, 2012 11:55 AM
  • One of the cas can you telnet to port 135 to the other cas? I would also give them a reboot maybe the firewall blocked some rpc registration.

    telnet cas2 135 [enter]


    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    Friday, July 27, 2012 3:32 PM
  • Same result "dcom 10009 was unable to communicate with the computer using any of the configured protocols".

    Be real


    That's an error that I have seen in every Exchange 2010 implementation I've ever made.

    To get rid of these irritating error messages follow the instructions at this blog post

    Martina Miskovic

    Saturday, July 28, 2012 6:10 AM
  • no answer to telnet. black screen and cursor is blinking...

    Be real

    Tuesday, July 31, 2012 8:33 AM
  • That is the expected response, did you try Martina's solution?

    James Chong MCITP | EA | EMA; MCSE | M+, S+ Security+, Project+, ITIL msexchangetips.blogspot.com

    • Marked as answer by Voffka_UA Wednesday, August 1, 2012 10:37 AM
    Tuesday, July 31, 2012 2:13 PM
  • And get the BSOD. Reinstalling server from backup after that ... i dont know if this because of those method, but there only "ignore those accidents", but not  resolve them ...

    Be real

    Wednesday, August 1, 2012 10:39 AM
  • When i did a ping from hubcas1 to hubcas2 I got an answer with a direcction in ipv6. The ipv6 was disabled in both nicks. So I modified the host file and add the ipv4 address of hubcas2. I did the same with the hubcas2.

    Now the NLB console could add the other hubcas and both are converged.

    Greetings.

    Thursday, August 2, 2012 11:23 PM
  • this is not my case....

    Be real

    Friday, August 3, 2012 11:42 AM