locked
ERR2:7422 The RPC server is unavailable. RRS feed

  • Question

  • I am trying to migrate a user account (the same happens when tying to migrate group accounts) and get the following error:

    ERR2:7422 Failed to move source object 'CN=something'. hr=0x800706ba  The RPC server is unavailable.

    Info:

    I am doing an intra-forest migration.

    A few days ago I successfully migrated a number of users (and groups before that and computers afterwards) using the exact same setup.
    I CAN migrate computer accounts.

    Using ADMT 3.2, which is installed on an ADMT WS running Win 2008 R2.
    Both DCs Win 2008 R2; both domains at 2008R2 functional level.
    Have admin rights in both domains (having succeeded to migrate groups, users and computers before).
    Explicit domain trusts in both directions verified to work.
    Firewalls and antivirus off on DCs and ADMT WS.
    From the ADMT WS, both DCs can be pinged, ADMIN$ shares and remote registry can be accessed.
    All DCs successfully resolve thru DNS.
    On all three, RPC endpoint mapper and Remote procedure call services are started.
    No group policies used.

    Any idea?

    Andrej



    • Edited by AVitek Tuesday, May 15, 2012 6:43 AM
    Tuesday, May 15, 2012 6:05 AM

Answers

  • The problem was solved by disabling the IPv6 protocol through the registry on the ADMT WS.

    IPv6 was disabled on the NIC (unchecked in adapter properties), but not in the registry.

    See http://support.microsoft.com/kb/929852

    Regards, Andrej

    Thanks again Sandesh and Prashant.

    • Proposed as answer by Prashant Girennavar Tuesday, May 15, 2012 8:16 AM
    • Marked as answer by AVitek Tuesday, May 15, 2012 10:16 AM
    Tuesday, May 15, 2012 8:08 AM

All replies

  • You are getting the error "The RPC server is unavailable" relates to port being blocked or network connectivity issue or due to dns misconfig.Ensuer that required poart are open for domain and trust.Have your n/w admin modified any firewall setting.Also was any AV patch of window update deployed?

    How to configure a firewall for domains and trusts
    http://support.microsoft.com/kb/179442

    If all are in PC I would recommend to reboot both the servers in both forest and check how does it work.


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Tuesday, May 15, 2012 6:43 AM
  • Make sue neccessary ports are op

    Refer below link which explasin port requirement in AD

    http://technet.microsoft.com/en-us/library/dd772723(WS.10).aspx

    I would suggest you to run PortQRy and check neccessary ports are opne on firewall or not

    You can download it from the below link.

    http://www.microsoft.com/download/en/details.aspx?id=17148

    Using PortQry for Troubleshooting.

    http://blogs.technet.com/b/askds/archive/2009/01/22/using-portqry-for-troubleshooting.aspx

    For your DNS Refer below article

    http://support.microsoft.com/kb/321046

    Regards,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Tuesday, May 15, 2012 6:58 AM
  • Sandesh, thanks.

    I have just migrated a computer account successfully. Since I understand this involves migrating an account from one to the other domain, there should be no connectivity issue between the three machines.
    Still I cannot migrate a user account.

    Windows firewall is disabled on all three (both DCs and the ADMT WS), so is AV scanner. No external firewall is between the three.
    A number of Windows patches were deployed a few days ago.
    The trust can be validated both ways using AD domains and trusts.

    I rebooted both DCs, still cannot migrate user account.

    Thanks, Andrej

    Tuesday, May 15, 2012 7:29 AM
  • The problem was solved by disabling the IPv6 protocol through the registry on the ADMT WS.

    IPv6 was disabled on the NIC (unchecked in adapter properties), but not in the registry.

    See http://support.microsoft.com/kb/929852

    Regards, Andrej

    Thanks again Sandesh and Prashant.

    • Proposed as answer by Prashant Girennavar Tuesday, May 15, 2012 8:16 AM
    • Marked as answer by AVitek Tuesday, May 15, 2012 10:16 AM
    Tuesday, May 15, 2012 8:08 AM
  • It seems me there is some dns resolution issue.Ensure the following on DC:
    1. Each DC / DNS server points to its private IP address as primary DNS server and other remote/local DNS servers as secondary in TCP/IP properties.
    2. Each DC has just one IP address and single network adapter is enabled.
    3. Contact your ISP and get valid DNS IPs from them and add it in to the forwarders, Do not set public DNS server in TCP/IP setting of DC.
    4. Once you are done, run "ipconfig /flushdns & ipconfig /registerdns", restart DNS and NETLOGON service each DC.
    Do not put private DNS IP addresses in forwarder list.
    5.Assigning static IP address to DC if IP address is assigned by DHCP server to DC.It is strongly not recommended.

    Also ensure that ADMT service account is configured correctly.http://portal.sivarajan.com/2010/04/admt-service-account-permission-and.html

    see this also:http://santhoshsivarajan.wordpress.com/2011/07/19/admt-user-migration-and-leaf-object-error-message/

    Hope this helps


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Tuesday, May 15, 2012 8:12 AM
  • You are welcome!!!!!

    Cheers,

    _Prashant_


    MCSA|MCITP SA|Microsoft Exchange 2003 Blog - http://prashant1987.wordpress.com Disclaimer: This posting is provided AS-IS with no warranties/guarantees and confers no rights.

    Tuesday, May 15, 2012 8:16 AM
  • Nice to hear that the issue is fixed.However it is not recommended to disable IPv6.Windows 2008 R2/7 IPv6  should be configured to dynamic (Automatically).Since it is desktop PC that should not be the major issue. 


    Best Regards,

    Sandesh Dubey.

    MCSE|MCSA:Messaging|MCTS|MCITP:Enterprise Adminitrator | My Blog

    Disclaimer: This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.

    Tuesday, May 15, 2012 8:19 AM