none
Group Policy Error: "The RPC server is unavailable."

    Question

  • The Group Policy Results Wizard says "The RPC server is unavailable" on the client machine (Win7). If I disable the "Domain Network" firewall on the client machine, the problem goes away.

    My question is: What firewall rule do I enable so that I do not disable the entire domain firewall on the client machine? And is there a way to bypass this using another group policy to enable the rule on every machine?

    Friday, July 27, 2012 8:09 PM

Answers

  • RPC uses port 135.

    • Open the Group Policy Object Editor snap-in to edit the Group Policy object (GPO) that is used to manage Windows Firewall settings in your organization
    • Open Computer Configuration, open Administrative Templates, open Network, open Network Connections, open Windows Firewall, and then open Domain Profile.
    • In the details pane, double-click Windows Firewall: Allow remote administration exception.
    • In the Windows Firewall: Allow remote administration exception properties dialog box, on the Settings tab, click Enabled or Disabled

    http://technet.microsoft.com/en-us/library/cc738900(v=ws.10).aspx


    Saturday, July 28, 2012 8:51 PM

All replies

  • RPC uses port 135.

    • Open the Group Policy Object Editor snap-in to edit the Group Policy object (GPO) that is used to manage Windows Firewall settings in your organization
    • Open Computer Configuration, open Administrative Templates, open Network, open Network Connections, open Windows Firewall, and then open Domain Profile.
    • In the details pane, double-click Windows Firewall: Allow remote administration exception.
    • In the Windows Firewall: Allow remote administration exception properties dialog box, on the Settings tab, click Enabled or Disabled

    http://technet.microsoft.com/en-us/library/cc738900(v=ws.10).aspx


    Saturday, July 28, 2012 8:51 PM
  • Using F-Secure Client Security instead of Windows Firewall and had to add these Services to the Rule:

    epmap 135
    microsoft-ds 445
    NTDS 1027

    • Proposed as answer by Gaffa-R Wednesday, November 8, 2017 9:18 AM
    • Unproposed as answer by Gaffa-R Wednesday, November 8, 2017 9:18 AM
    Wednesday, October 31, 2012 8:09 AM
  • I want to thank you too.  I've been strugling with this issue in a Windows 2008 R2 domain (and tried countless fixes found on the web), with Windows 7 SP1 PCs that are not able to be scanned via a server based inventory software and when I try and run PowerShell scripts, get the same RPC Error message.  We have Symantec (SEPM) v12 maintaining the firewall rules for Windows 7 machines and I've opened Port 135 there as well.  No luck.

    Your solution has worked for me.

    I did a gpudate /force on the machines I couldn't previously scan, rescanned them with our inventory software, and ran some remote PowerShell WMI queries and both worked!

    Friday, May 3, 2013 6:33 PM
  • This also works on Windows Server 2012, spent half the day going through which ports to open/close and then found this suggestion and now have SC2012 Operations Manager agents deploying to my servers.

    Nice one thank you

    Friday, September 26, 2014 3:04 PM
  • Hi,

    I'm facing same issue, could you please help me out what you tried to fix the issue.

    Regards

    Kishore

    Thursday, February 16, 2017 5:59 AM
  • Thankyou - resolved the same issue for me :D
    Tuesday, March 7, 2017 2:29 PM