none
"RPC Server Unavailable" while attempting to Join domain

    Question

  • I am promoting one of the Windows Server 2008 as Additional Domain controller of Windows 2003 Server Domain controller. while promoting it is getting failed due to "RPC Server Unavailable".

    Then i am trying to add same Server 2008 to that domain there also its showing "The Following error occured attempting to join the domain xx.com: THE RPC server unavailable"

    Is there any to resolve this.....

     


    MCT,MCSE,MCSA,MCTS, Server Administrator
    Thursday, September 23, 2010 5:57 AM

Answers

  • Issue resolved...

    That is actually a dynamic rpc port for active directory is blocked in firewall.

    Normal port for Active directory like 135, 389, 445, 88, 53 etc are open but other ports are restricted in firewall. i used RPCDUmp utility to locate which port is listening for NTDS and NTFRS and found that 1026 and 1044 respectively.

    Now its got installed properly and working fine with proper replication.

    Thanks to all for your valuable supports.

    Friday, October 01, 2010 4:26 AM

All replies

  • This is more likely to be a DNS issue for more help you may refer below kb article to troubleshoot rpc

    http://support.microsoft.com/kb/839880.

    it would be great if you can post the unedited copy of

    DCDIAG /V /C /D /E /s:dcName > c:\dcdiag.log


    http://www.virmansec.com/blogs/skhairuddin
    Thursday, September 23, 2010 6:05 AM
  • Dear Syed,

    i have gone through that kb article i tried a lot using a kb article  but unable to resolved still getting same error message

    Command Line: "dcdiag.exe /V /C /D /E /s:test.com"

    Domain Controller Diagnosis

    Performing initial setup:
       * Connecting to directory service on server test.com.
       test.com.currentTime = 20100923060856.0Z
       test.com.highestCommittedUSN = 147560
       test.com.isSynchronized = 1
       test.com.isGlobalCatalogReady = 1
       [test.com] LDAP bind failed with error 1326,
       Logon failure: unknown user name or bad password..
       DcDiag: a dcdiag exception raised, handling error 8444


    MCT,MCSE,MCSA,MCTS, Server Administrator
    Thursday, September 23, 2010 6:16 AM
  • Please make it sure that you use elevated command prompt to run this command.


    http://www.virmansec.com/blogs/skhairuddin
    Thursday, September 23, 2010 7:55 AM
  • Command Line: "dcdiag.exe /V /C /D /E /s:test.com"

    Domain Controller Diagnosis

    Performing initial setup:
       * Connecting to directory service on server test.com.
       test.com.currentTime = 20100923083754.0Z
       test.com.highestCommittedUSN = 151650
       test.com.isSynchronized = 1
       test.com.isGlobalCatalogReady = 1
          *** Warning: could not confirm the identity of this server in
             the directory versus the names returned by DNS servers.
             If there are problems accessing this directory server then
             you may need to check that this server is correctly registered
             with DNS
       Failure Analysis: test.com ... OK.
       [test.com] Directory Binding Error 1722:
       The RPC server is unavailable.
       This may limit some of the tests that can be performed.
       * Collecting site info.
       * Identifying all servers.
       RBIMMSTEST.currentTime = 20100923083919.0Z
       RBIMMSTEST.highestCommittedUSN = 151651
       RBIMMSTEST.isSynchronized = 1
       RBIMMSTEST.isGlobalCatalogReady = 1
       * Identifying all NC cross-refs.
       * Found 1 DC(s). Testing 1 of them.
       Done gathering initial info.


    ===============================================Printing out pDsInfo

    GLOBAL:
     ulNumServers=1
     pszRootDomain=TEST.COM
     pszNC=
     pszRootDomainFQDN=DC=TEST,DC=COM
     pszConfigNc=CN=Configuration,DC=TEST,DC=COM
     pszPartitionsDn=CN=Partitions,CN=Configuration,DC=TEST,DC=COM
     iSiteOptions=0
     dwTombstoneLifeTimeDays=180

     dwForestBehaviorVersion=0

     HomeServer=0, XXX

     SERVER: pServer[0].pszName=XXX
      pServer[0].pszGuidDNSName=3dfdd4e0-f3fc-455c-9d3b-9d38444ac04b._msdcs.TEST.COM
      pServer[0].pszDNSName=XXX.TEST.COM
      pServer[0].pszDn=CN=NTDS Settings,CN=XXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TEST,DC=COM
      pServer[0].pszComputerAccountDn=CN=XXX,OU=Domain Controllers,DC=TEST,DC=COM
      pServer[0].uuidObjectGuid=3dfdd4e0-f3fc-455c-9d3b-9d38444ac04b
      pServer[0].uuidInvocationId=3dfdd4e0-f3fc-455c-9d3b-9d38444ac04b
      pServer[0].iSite=0 (Default-First-Site-Name)
      pServer[0].iOptions=1
      pServer[0].ftLocalAcquireTime=3f12ebf0 01cb5a96

      pServer[0].ftRemoteConnectTime=d01bd580 01cb5afa

      pServer[0].ppszMasterNCs:
       ppszMasterNCs[0]=DC=ForestDnsZones,DC=TEST,DC=COM
       ppszMasterNCs[1]=DC=DomainDnsZones,DC=TEST,DC=COM
       ppszMasterNCs[2]=CN=Schema,CN=Configuration,DC=TEST,DC=COM
       ppszMasterNCs[3]=CN=Configuration,DC=TEST,DC=COM
       ppszMasterNCs[4]=DC=TEST,DC=COM

     SITES:  pSites[0].pszName=Default-First-Site-Name
      pSites[0].pszSiteSettings=CN=NTDS Site Settings,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TEST,DC=COM
      pSites[0].pszISTG=CN=NTDS Settings,CN=XXX,CN=Servers,CN=Default-First-Site-Name,CN=Sites,CN=Configuration,DC=TEST,DC=COM
      pSites[0].iSiteOption=0

      pSites[0].cServers=1

     NC:     pNCs[0].pszName=ForestDnsZones
      pNCs[0].pszDn=DC=ForestDnsZones,DC=TEST,DC=COM

       pNCs[0].aCrInfo[0].dwFlags=0x00000201
       pNCs[0].aCrInfo[0].pszDn=CN=c73f7b20-073c-410e-95eb-914630c6badc,CN=Partitions,CN=Configuration,DC=TEST,DC=COM
       pNCs[0].aCrInfo[0].pszDnsRoot=ForestDnsZones.TEST.COM
       pNCs[0].aCrInfo[0].iSourceServer=0
       pNCs[0].aCrInfo[0].pszSourceServer=(null)
       pNCs[0].aCrInfo[0].ulSystemFlags=0x00000005
       pNCs[0].aCrInfo[0].bEnabled=TRUE
       pNCs[0].aCrInfo[0].ftWhenCreated=00000000 00000000    pNCs[0].aCrInfo[0].pszSDReferenceDomain=(null)
       pNCs[0].aCrInfo[0].pszNetBiosName=(null)
       pNCs[0].aCrInfo[0].cReplicas=-1
       pNCs[0].aCrInfo[0].aszReplicas=


     NC:     pNCs[1].pszName=DomainDnsZones
      pNCs[1].pszDn=DC=DomainDnsZones,DC=TEST,DC=COM

       pNCs[1].aCrInfo[0].dwFlags=0x00000201
       pNCs[1].aCrInfo[0].pszDn=CN=2ddebd5f-98b7-41ee-8444-46d7e33b3142,CN=Partitions,CN=Configuration,DC=TEST,DC=COM
       pNCs[1].aCrInfo[0].pszDnsRoot=DomainDnsZones.TEST.COM
       pNCs[1].aCrInfo[0].iSourceServer=0
       pNCs[1].aCrInfo[0].pszSourceServer=(null)
       pNCs[1].aCrInfo[0].ulSystemFlags=0x00000005
       pNCs[1].aCrInfo[0].bEnabled=TRUE
       pNCs[1].aCrInfo[0].ftWhenCreated=00000000 00000000    pNCs[1].aCrInfo[0].pszSDReferenceDomain=(null)
       pNCs[1].aCrInfo[0].pszNetBiosName=(null)
       pNCs[1].aCrInfo[0].cReplicas=-1
       pNCs[1].aCrInfo[0].aszReplicas=


     NC:     pNCs[2].pszName=Schema
      pNCs[2].pszDn=CN=Schema,CN=Configuration,DC=TEST,DC=COM

       pNCs[2].aCrInfo[0].dwFlags=0x00000201
       pNCs[2].aCrInfo[0].pszDn=CN=Enterprise Schema,CN=Partitions,CN=Configuration,DC=TEST,DC=COM
       pNCs[2].aCrInfo[0].pszDnsRoot=TEST.COM
       pNCs[2].aCrInfo[0].iSourceServer=0
       pNCs[2].aCrInfo[0].pszSourceServer=(null)
       pNCs[2].aCrInfo[0].ulSystemFlags=0x00000001
       pNCs[2].aCrInfo[0].bEnabled=TRUE
       pNCs[2].aCrInfo[0].ftWhenCreated=00000000 00000000    pNCs[2].aCrInfo[0].pszSDReferenceDomain=(null)
       pNCs[2].aCrInfo[0].pszNetBiosName=(null)
       pNCs[2].aCrInfo[0].cReplicas=-1
       pNCs[2].aCrInfo[0].aszReplicas=


     NC:     pNCs[3].pszName=Configuration
      pNCs[3].pszDn=CN=Configuration,DC=TEST,DC=COM

       pNCs[3].aCrInfo[0].dwFlags=0x00000201
       pNCs[3].aCrInfo[0].pszDn=CN=Enterprise Configuration,CN=Partitions,CN=Configuration,DC=TEST,DC=COM
       pNCs[3].aCrInfo[0].pszDnsRoot=TEST.COM
       pNCs[3].aCrInfo[0].iSourceServer=0
       pNCs[3].aCrInfo[0].pszSourceServer=(null)
       pNCs[3].aCrInfo[0].ulSystemFlags=0x00000001
       pNCs[3].aCrInfo[0].bEnabled=TRUE
       pNCs[3].aCrInfo[0].ftWhenCreated=00000000 00000000    pNCs[3].aCrInfo[0].pszSDReferenceDomain=(null)
       pNCs[3].aCrInfo[0].pszNetBiosName=(null)
       pNCs[3].aCrInfo[0].cReplicas=-1
       pNCs[3].aCrInfo[0].aszReplicas=


     NC:     pNCs[4].pszName=TEST
      pNCs[4].pszDn=DC=TEST,DC=COM

       pNCs[4].aCrInfo[0].dwFlags=0x00000201
       pNCs[4].aCrInfo[0].pszDn=CN=TEST,CN=Partitions,CN=Configuration,DC=TEST,DC=COM
       pNCs[4].aCrInfo[0].pszDnsRoot=TEST.COM
       pNCs[4].aCrInfo[0].iSourceServer=0
       pNCs[4].aCrInfo[0].pszSourceServer=(null)
       pNCs[4].aCrInfo[0].ulSystemFlags=0x00000003
       pNCs[4].aCrInfo[0].bEnabled=TRUE
       pNCs[4].aCrInfo[0].ftWhenCreated=00000000 00000000    pNCs[4].aCrInfo[0].pszSDReferenceDomain=(null)
       pNCs[4].aCrInfo[0].pszNetBiosName=(null)
       pNCs[4].aCrInfo[0].cReplicas=-1
       pNCs[4].aCrInfo[0].aszReplicas=


     5 NC TARGETS: ForestDnsZones, DomainDnsZones, Schema, Configuration, TEST,
     1 TARGETS: XXX,

    =============================================Done Printing pDsInfo

    Doing initial required tests
      
       Testing server: Default-First-Site-Name\XXX
          Starting test: Connectivity
             * Active Directory LDAP Services Check
             Failure Analysis: XXX ... OK.
             * Active Directory RPC Services Check
             [RBIMMSTEST] DsBindWithSpnEx() failed with error 1722,
             The RPC server is unavailable..
             Printing RPC Extended Error Info:
             Error Record 1, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:40:29:257
                Generating component is 8 (winsock)
                Status is 1722: The RPC server is unavailable.

                Detection location is 1442
                NumberOfParameters is 1
                Unicode string: 3dfdd4e0-f3fc-455c-9d3b-9d38444ac04b._msdcs.TEST.COM
             Error Record 2, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:40:29:257
                Generating component is 8 (winsock)
                Status is 1237: The operation could not be completed. A retry should be performed.

                Detection location is 313
             Error Record 3, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:40:29:257
                Generating component is 8 (winsock)
                Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

                Detection location is 311
                NumberOfParameters is 3
                Long val: 1026
                Pointer val: 0
                Pointer val: 0
             Error Record 4, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:40:29:257
                Generating component is 8 (winsock)
                Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

                Detection location is 318
             Error Record 5, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:40:8:259
                Generating component is 8 (winsock)
                Status is 1237: The operation could not be completed. A retry should be performed.

                Detection location is 313
             Error Record 6, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:40:8:259
                Generating component is 8 (winsock)
                Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

                Detection location is 311
                NumberOfParameters is 3
                Long val: 1026
                Pointer val: 0
                Pointer val: 0
             Error Record 7, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:40:8:259
                Generating component is 8 (winsock)
                Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

                Detection location is 318
             Error Record 8, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:39:47:246
                Generating component is 8 (winsock)
                Status is 1237: The operation could not be completed. A retry should be performed.

                Detection location is 313
             Error Record 9, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:39:47:246
                Generating component is 8 (winsock)
                Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

                Detection location is 311
                NumberOfParameters is 3
                Long val: 1026
                Pointer val: 0
                Pointer val: 0
             Error Record 10, ProcessID is 2700 (DcDiag)        
                System Time is: 9/22/2010 20:39:47:246
                Generating component is 8 (winsock)
                Status is 10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.

                Detection location is 318
             ......................... XXX failed test Connectivity

    Doing primary tests
      
       Testing server: Default-First-Site-Name\XXX
          Skipping all tests, because server XXX is
          not responding to directory service requests

    DNS Tests are running and not hung. Please wait a few minutes...
      
       Running partition tests on : ForestDnsZones
          Starting test: CrossRefValidation
             ......................... ForestDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... ForestDnsZones passed test CheckSDRefDom
      
       Running partition tests on : DomainDnsZones
          Starting test: CrossRefValidation
             ......................... DomainDnsZones passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... DomainDnsZones passed test CheckSDRefDom
      
       Running partition tests on : Schema
          Starting test: CrossRefValidation
             ......................... Schema passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Schema passed test CheckSDRefDom
      
       Running partition tests on : Configuration
          Starting test: CrossRefValidation
             ......................... Configuration passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... Configuration passed test CheckSDRefDom
      
       Running partition tests on : TEST
          Starting test: CrossRefValidation
             ......................... TEST passed test CrossRefValidation
          Starting test: CheckSDRefDom
             ......................... TEST passed test CheckSDRefDom
      
       Running enterprise tests on : TEST.COM
          Starting test: Intersite
             Skipping site Default-First-Site-Name, this site is outside the scope

             provided by the command line arguments provided.
             ......................... TEST.COM passed test Intersite
          Starting test: FsmoCheck
             GC Name: \\XXX.TEST.COM
             Locator Flags: 0xe00003fd
             Warning: Couldn't verify this server as a PDC using DsListRoles()
             PDC Name: \\XXX.TEST.COM
             Locator Flags: 0xe00003fd
             Time Server Name: \\XXX.TEST.COM
             Locator Flags: 0xe00003fd
             Preferred Time Server Name: \\XXX.TEST.COM
             Locator Flags: 0xe00003fd
             KDC Name: \\XXX.TEST.COM
             Locator Flags: 0xe00003fd
             ......................... TEST.COM passed test FsmoCheck
          Starting test: DNS
             Test results for domain controllers:
               
                DC: XXX.TEST.COM
                Domain: TEST.COM

                     
                   TEST: Authentication (Auth)
                      Authentication test: Successfully completed
                     
                   TEST: Basic (Basc)
                      Error: No DS RPC connectivity
                      Error: No WMI connectivity
                      [Error details: 0x800706ba (Type: HRESULT - Facility: Win32, Description: The RPC server is unavailable.) - Connection to WMI server failed]
                   Total query time:0 min. 0 sec.. Total RPC connection time:0 min. 0 sec.
                   Total WMI connection time:2 min. 6 sec. Total Netuse connection time:0 min. 0 sec.
            
             Summary of DNS test results:
            
                                                Auth Basc Forw Del  Dyn  RReg Ext 
                   ________________________________________________________________
                Domain: TEST.COM
                   XXX                   PASS FAIL n/a  n/a  n/a  n/a  n/a 
            
             Total Time taken to test all the DCs:2 min. 6 sec.
             ......................... TEST.COM failed test DNS


    MCT,MCSE,MCSA,MCTS, Server Administrator
    Thursday, September 23, 2010 8:54 AM
  • Check if your replication is working fine if not then see both the dcs are reachable and if you ever had some old domain controllers which are down and not removed from the active directory properly then you might have to remove it from metadata cleanup.

     

     http://technet.microsoft.com/en-us/library/cc736378(WS.10).aspx


    http://www.virmansec.com/blogs/skhairuddin
    Thursday, September 23, 2010 10:24 AM
  • Sounds like a DNS issue.  Make sure you have proper DNS configuration on Windows 2008 sever.  Can you ping the NetBIOS and FQDN of the DC from the Window 2008 Server?

    Please post IPCONFIG/ALL result from you DC and Server here. 


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.
    Thursday, September 23, 2010 11:35 AM
  •  

    Hi,

     

    Please check the below checklist to solve the issue

     

    1) DNS resolution problem. Look at the DNS configuration, Please check with nslookup and add the fqdn on the host file and check

     

    2) RPC services not running on target machine

     

    3) TCP/IP NetBIOS Helper service not running on target machine

     

    4) Firewall blocking RPC ports in between the source and target machine

     


    Thanks and Regards, Vikas This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    • Proposed as answer by Vikas Siingh Thursday, September 23, 2010 12:05 PM
    • Edited by Vikas Siingh Thursday, September 23, 2010 12:10 PM
    Thursday, September 23, 2010 12:05 PM
  • I think an ipconfig /all from the problematic dc will help greatly as Santhosh has requested.  This will spot certain config errors including multi-homing.

     

    --
    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    http://www.pbbergs.com    Twitter @pbbergs

    Please no e-mails, any questions should be posted in the NewsGroup This
    posting is provided "AS IS" with no warranties, and confers no rights.

    Thursday, September 23, 2010 12:07 PM
    Moderator
  • I am unable to ping NetBIOS of DC but able to ping FQDN of the DC from the Windows Serer 2008.

    IPconfig /all result of DC is here--

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : XXX
       Primary Dns Suffix  . . . . . . . : TEST.COM
       Node Type . . . . . . . . . . . . : Unknown
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : TEST.COM

    Ethernet adapter Local Area Connection 2:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : HP NC371i Multifunction Gigabit Server Ad
    apter #2
       Physical Address. . . . . . . . . : 00-1A-4B-4A-DE-48
       DHCP Enabled. . . . . . . . . . . : No
       IP Address. . . . . . . . . . . . : 172.18.14.161
       Subnet Mask . . . . . . . . . . . : 255.255.255.192
       Default Gateway . . . . . . . . . : 172.18.14.129
       DNS Servers . . . . . . . . . . . : 172.18.14.161

    Ethernet adapter Local Area Connection:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : HP NC371i Multifunction Gigabit Server Ad
    apter
       Physical Address. . . . . . . . . : 00-1A-4B-4A-DE-46
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Autoconfiguration IP Address. . . : 169.254.12.219
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . :

    IP Config at Windows Server 2008

    Windows IP Configuration

       Host Name . . . . . . . . . . . . : TESTADC
       Primary Dns Suffix  . . . . . . . :
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No

    Ethernet adapter Local Area Connection 4:

       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Broadcom BCM5708C NetXtreme II GigE (NDIS
     VBD Client)
       Physical Address. . . . . . . . . : 00-1B-78-35-7E-7E
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv4 Address. . . . . . . . . . . : 172.30.22.22(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Default Gateway . . . . . . . . . : 172.30.22.1
       DNS Servers . . . . . . . . . . . : 172.18.14.161
       NetBIOS over Tcpip. . . . . . . . : Enabled


    MCT,MCSE,MCSA,MCTS, Server Administrator
    Friday, September 24, 2010 10:02 AM
  • Disable the second NIC on the DC (the Local Area Connection) and remove references to it (SRV/A records) from DNS. Restart Netlogon on the DC and give it another try

    hth
    Marcin

    Friday, September 24, 2010 10:58 AM
  • Do you have any firewall between the server and the DC?  RPC ports are open on the firewall?


    Santhosh Sivarajan | MCTS, MCSE (W2K3/W2K/NT4), MCSA (W2K3/W2K/MSG), CCNA, Network+ Houston, TX

    Blogs - http://blogs.sivarajan.com/
    Articles - http://www.sivarajan.com/publications.html
    Twitter: @santhosh_sivara - http://twitter.com/santhosh_sivara

    This posting is provided AS IS with no warranties, and confers no rights.
    Friday, September 24, 2010 4:13 PM
  • Set this up as a single ip address and review dns, verifying the host name to the ip address and remove any addresses that don't tie to the single nic you have chosen.

    I would also ipconfig /registerdns

    Restart the NetLogon service

     

    --
    Paul Bergson
    MVP - Directory Services
    MCITP: Enterprise Administrator
    MCTS, MCT, MCSE, MCSA, Security+, BS CSci
    2008, Vista, 2003, 2000 (Early Achiever), NT4
    http://www.pbbergs.com    Twitter @pbbergs

    Please no e-mails, any questions should be posted in the NewsGroup This
    posting is provided "AS IS" with no warranties, and confers no rights.

    Friday, September 24, 2010 4:49 PM
    Moderator
  • Hi,

     

    Please add the DNS Suffix "Test.Com" on Windows 2008 Server and check. As mentioned in IPconfig result that both having different IP Range and different default gateway, make sure connectivity between two VLANs are accessible from both the sides.


    Thanks and Regards, Vikas This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    • Proposed as answer by Vikas Siingh Monday, September 27, 2010 7:25 AM
    Monday, September 27, 2010 7:24 AM
  • Hi Devendra,

     

    Has the issue resolved??? no reply from you!!


    Thanks and Regards, Vikas This posting is provided "AS IS" with no warranties or guarantees , and confers no rights.
    Wednesday, September 29, 2010 10:14 AM
  • Issue resolved...

    That is actually a dynamic rpc port for active directory is blocked in firewall.

    Normal port for Active directory like 135, 389, 445, 88, 53 etc are open but other ports are restricted in firewall. i used RPCDUmp utility to locate which port is listening for NTDS and NTFRS and found that 1026 and 1044 respectively.

    Now its got installed properly and working fine with proper replication.

    Thanks to all for your valuable supports.

    Friday, October 01, 2010 4:26 AM
  • I found our firewall to be performing a packet inspection on RPC traffic.

    we are running a Juniper SRX240 and by default it inspects all RPC traffic passing through it.

    After running the following command:

    set security alg msrpc disable
    commit

    All is working fine. can join the domain and Authenticate users from the other subnet.

    Thursday, November 25, 2010 1:46 AM
  • Thank you Whiteohuse..

    You Resolution help us a lot, our Subnets Were not communicating  when we add Clients to domain.

    thanks a lot

    Tuesday, March 27, 2012 10:02 AM
  • We have found another resolution to this generic error message, and hope it helps someone else out - after days of searching for an answer.

    Check the c:\windows\system32\config directory and make sure the permissions for the local Administrator are 'Full Control', if not, you will not be able to join a domain. The Administrator must be able to write to the contents of that directory. 

    • Edited by Rich_Benson Friday, June 21, 2013 5:42 PM adjusted wording
    Friday, June 21, 2013 5:31 PM