Ошибка “
Сервер RPC недоступен
” (
The RPC server is unavailable
) появляется в Windows при ошибке коммуникации между двумя компьютерами по сети, когда компьютер (клиент RPC) не может подключиться к удаленному компьютеру (сервер RPC). В результате программа, которую вы запустили, не работает и возвращает ошибку, т.к. не можете получить данные с удаленного сервера. В этой статье мы разберем наиболее частые проблемы, которые могут препятствовать нормальному взаимодействию компьютеров через сеть по протоколу RPC.
Протокол RPC (Remote Process Call, удаленный вызов процедур) – это распространённый протокол взаимодействия приложений в локальной сети. В основном он используется для обмена данными с удалённым компьютерам, но есть некоторые программы, которые используют RPC для локальных взаимодействий между приложением и запущенной локально службой.
В типовом сеансе клиент RPC подключается к службе RPC Endpoint Mapper (сопоставления конечных точек) на RPC сервере по TCP порту 135 и запрашивает номер порта, на котором запущено нужное ему RPC приложение (служба). Служба RPC Endpoint Mapper возвращает клиенту номер динамического RPC порта, назначенного указанной службе при запуске. Затем RPC клиент взаимодействует с RPC службой по указанному TCP порту.
Если RPC клиент не смог подключиться к RPC серверу, в приложении появится ошибка:
The RPC server is unavailable
В современных версиях Windows (начиная с Windows Vista/2008) используется следующий диапазон динамических RPC портов (Dynamic RPC Port range): 49152 — 65535 (в Windows Server 2003 / XP и ниже использовался другой диапазон 1024 – 65535.
Наиболее распространённые проблемы, из-за которых не работает RPC взаимодействие между компьютерами:
- Удаленный компьютер выключен;
- Не запущены службы RPC на сервере;
- Вы пытаетесь подключиться к RPC серверу по неправильному имени (или как вариант, DNS имени сервера соответствует неверный IP адрес);
- Используются некорректные настройки сетевого подключение на клиенте или сервере;
- RPC трафик между клиентом и сервером блокируется файерволом;
Проверка доступности удаленного компьютера
Убедитесь, что удаленный компьютер включен, отвечает на ping по имени и IP адресу. Если RPC сервер не доступен по имени, проверьте корректность DNS записей и попробуйте сбросить DNS кэш на клиенте:
ipconfig /flushdns
.
Если имя компьютера, на котором запущен RPC-сервер недавно изменилось, попробуйте перерегистрировать его в DNS Active Directory:
ipconfig /registerdns
Проверка служб RPC
Проверьте, что на сервере запущены службы, которые необходимы для обработки входящих RPC подключений:
- Откройте консоль управления службами (services.msc);
- Убедитесь, что следующие службы запущены (статус Running), а тип их запуска – автоматический: Remote Procedure Call (RPC), RPC Endpoint Mapper и DCOM Server Process Launcher;
Если RPC службы отключены и не запускаются, попробуйте активировать их через реестр. Найдите ветки этих служб в реестре и измените значение параметра Start на 2 (автоматический запуск службы):
- Удаленный вызов процедур (RPC) — ветка реестра HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RpcSs
- Сопоставитель конечных точек RPC — HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\RpcEptMapper
- Модуль запуска процессов DCOM-сервера — HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\DcomLaunch
RPC блокируется файерволом (брандмауэром)
Убедитесь, что RPC трафик между компьютерами не блокируется файеволом. Если у вас используется Windows Defender Firewall with Advanced Security, нужно проверить или создать правила, разрешающие RPC трафик. Одно правило, разрешающее доступ к службе RPC Endpoint Mapper по порту TCP/135; второе должно разрешать доступ к RPC службе, которая вам нужна по динамическим RPC портам (RPC Dynamic Ports). Правила нужно создать для всех трех сетевых профилей: Domain, Private и Public.
Проверьте с клиента, что на RPC сервере доступен 135 порт TCP (должен слушаться службой RPC Endpoint Mapper). Можно проверить доступность порта из PowerShell:
Test-NetConnection 192.168.1.201 -port 135
Если RPC порт доступен, должен появится ответ
TcpTestSucceeded:True
.
Вы можете получить список конечных точек RPC (сервисов и приложений), которые зарегистрированы на удаленном компьютере и анонсируются службой RPC Endpoint Mapper с помощью утилиту PortQry
portqry -n 192.168.1.201 -p tcp -e 135
В выводе PortQry можно найти номер порта, назначенный нужной вам службе RPC (она запущена?) и проверить, что этот порт не блокируется с клиента.
Если у вас используется сторонний файервол/антивирус, убедитесь, что он не блокирует RPC трафик и умеет корректно обрабатывать трафик динамических RPC портов.
Проверка сетевых протоколов и настроек
Убедитесь, что на вашем компьютере заданы корректные сетевые настройки: IP адрес, шлюз, маска сети, настройки DNS серверов (можно проверить настройки сети из PowerShell). Проверьте, что в настройках сетевого адаптера, используемого для подключения включены протоколы Internet Protocol Version 6 (TCP/IPv6) и File and Printer Sharing for Microsoft Networks
Некоторые сетевые приложения некорректно работают при отключенном протоколе TCP/IPv6, возвращая ошибку:
1722 The RPC server is unavailable
. Если после включения ipv6 ошибка RPC сохраняется, попробуйте отключить протокол Teredo через реестр:
Создайте в ветке реестра HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters параметр типа DWORD с именем DisabledComponents и значением 8:
reg add hklm\system\currentcontrolset\services\tcpip6\parameters /v DisabledComponents /t REG_DWORD /d 8
В некоторых случаях приходится получаить дамп трафика на RPC сервера и анализирвать его с помощью Microsoft Network Monitor 3.4 или Message Analyzer.
Table of Contents
- Introduction
- The RPC Server
- The RPC Client
- RPC Quick Fixes
- Unable to resolve DNS or NetBIOS names in an Active Directory environment.
- The RPC service or related services may not be started
- Network Connectivity
- Verify ports needed by RPC are open
- File and Printer Sharing is not enabled
- Name Resolution
- DNS Name Resolution
- NetBIOS Name Resolution
- TCP Session Establishment
- Firewall/Network
- RPC Discovery
- Discovery — RPC Over TCPIP
- Discovery — RPC Over SMB
- RPC Communication
- How to identify the RPC traffic in a trace
- RPC over TCPIP
- RPC over HTTP Port 80
- RPC over HTTP Port 443
- RPC over SMB aka “Named Pipes”
- Kerberos Authentication
- NTLM Authentication
- Troubleshooting Authentication
- Active Directory Symptoms:
- Troubleshooting Tools and Methods
- Methods to generate RPC Traffic
- Tools for Testing RPC
- Tools for monitoring RPC
- Using PortQry
- Resources
- RPC Blogs
- External TechNet Magazine article
- KB Article
Introduction
Remote Procedure Call (RPC) is an inter-process communication technique to allow client and server software to communicate on a network. The RPC protocol is based on a client/server model. The client makes a procedure call that appears to be local but is
actually run on a remote computer. During this process, the procedure call arguments are bundled and passed through the network to the server. The arguments are then unpacked and run on the server. The result is again bundled and passed back to the client,
where it is converted to a return value for the client’s procedure call.
RPC is used by several components in Windows Server, such as the File Replication Service (FRS), Active Directory Replication, Certificate services, DCOM, domain join, DCPromo and RDP, NLB and Cluster, Microsoft Operations Master, Exchange and SQL.
The RPC Server
An RPC server is a communications interface provided by an application or service that allows remote clients to connect, pass commands, and transfer data using the RPC protocol. A typical example of an RPC server is Microsoft Exchange Server. Microsoft Exchange
Server is an application running on a computer that supplies an RPC communications interface for an RPC client.
An application will register its RPC server with the operating system’s End Point Mapper (EPM) service so that the remote client can locate the RPC server. When the application registers with the EPM it will indicate the IP address and TCP port that it is
listening on.
The RPC Client
An RPC client is an application running on any given computer that uses the RPC protocol to communicate with an RPC server. An example of a typical RPC client is the Microsoft Outlook application.
NOTE: In this document the terms RPC server and
RPC client refer to the application running at both ends of an RPC communication.
↑
Back to top
RPC Quick Fixes
Common causes of RPC errors include:
- Errors resolving a DNS or NetBIOS name.
- The RPC service or related services may not be running.
- number of connectivity Problems with network connectivity.
- File and printer sharing is not enabled.
Use the following procedures to diagnose and repair common causes of RPC errors.
Unable to resolve DNS or NetBIOS names in an Active Directory environment.
- Use the following commands to verify DNS is working for all DC’s or specific DC’s:
- To get a DNS status for all DCs in forest, run the following command:
- DCDIAG /TEST:DNS /V /E /F:<filename.log>
- The «/e» switch runs the DNS test against all DCs in an Active Directory Forest
- To get DNS health on a single DC, run the command below.
- DCDIAG /TEST:DNS /V /S:<DCNAME> /F:<filename.log>
- The «/s:» switch runs the DNS test against a specified domain controller.
- To verify that a domain controller can be located for a specific domain, run the command below.
- NLTEST /DSGETDC:<NetBIOS or DNS domain name>
- Servers and clients that are receiving the error should be checked to verify that they are configured with the appropriate DNS server. Servers should not be pointing to their ISP’s DNS servers in the preferred or alternate DNS server portion of the TCP/IP
settings. The ISP’s DNS servers should only be used as forwarders in DNS.
- Ensure that at least one correct DNS record is registered on each domain controller.
- To ensure that a correct DNS record is registered on each domain controller, find this server’s Active Directory replication partners that run DNS.
- Open DNSManager and connect in turn to each of these replication partners.
- Find the host (A) resource record registration for this server on each of the other replication partner domain controllers.
- Delete those host (A) records that do not have IP addresses corresponding to any of this server’s IP addresses.
- If a domain controller has no host (A) records for this server, add at least one that corresponds to an IP address on this server. (If there are multiple IP addresses for this server, add at least one that is on the same network as the domain controller
you are updating.)
- Name resolution may also fail with the RPC Server is unavailable error if NetBIOS over TCP/IP is disabled on the WINS tab in the advanced section of the TCP/IP properties. The NetBIOS over TCP/IP setting should be either enabled or default (use DHCP).
- Verify that a single label domain name is not being configured. DNS names that do not contain a suffix such as .com, .corp, .net, .org or .local are considered to be single-label DNS names. Microsoft doesn’t recommend using single label domain names because
they cannot be registered with an Internet registrar and domain members do not perform dynamic updates to single-label DNS zones. Knowledge base article
826743 — «Clients cannot dynamically register DNS records in a single-label domain» provides instructions on how to configure your domain to allow dynamic registration of DNS records in a single label domain.
The RPC service or related services may not be started
Verify the status and startup type for the RPC and RPC locator services on the server that gets the error:
- By default, Windows server 2003 domain controllers and member servers all should have the RPC service started and set to Automatic startup and the RPC Locator service stopped and set to Manual Startup.
- Windows 2000 domain controllers should have the RPC and RPC Locator services both set to started and automatic startup, while Windows 2000 member servers should have the RPC service started and set to automatic startup while the RPC locator service should
be started and set to manual startup. - If you make any changes to the RPC service or to the RPC Locator service settings, restart the computer, and then test for the problem again.
- Additional Services that may result in «The RPC Server is Unavailable» errors are the TCP/IP NetBIOS helper service, Distributed File System service and Remote Registry service. These services should both be set to automatic and started. The Kerberos Key
Distribution Center (KDC) should be Started and Automatic on Windows 2000 and Windows 2003 DCs. It should not be started and set to Disabled in all other cases.
↑
Back to top
Network Connectivity
Verify ports needed by RPC are open
Verify that ports greater than 1024 are not blocked. Clients connect to RPC Endpoint Mapper on port 135. RPC Endpoint Mapper then tells the client which randomly assigned port between 1024-65535 a requested service is listening on.
Ports may be blocked by a hardware firewall or a software firewall. Software firewalls include Internet Connection Firewall on computers running Windows Server 2003 or Windows XP, and Windows Firewall on computers running Windows Vista, Windows 7, Windows
Server 2008 and Windows Server 2008 R2. A computer might also have third-party firewall software installed, or antivirus software with built-in firewall functionality. By default, port 135 TCP/UDP and ports 1024-65535 TCP must be open for RPC to work. You
can restrict the ports greater than 1024 that RPC uses. However, RPC Endpoint Mapper is always on port 135.
File and Printer Sharing is not enabled
File and Printer sharing for Microsoft Networks will produce the error RPC Server is unavailable” when you try to view or manage services on a remote computer using the Services snap-in. See the following example:
Unable to open service control manager database on \\<computer>.
Error 1722: The RPC server is unavailable.
This error message may occur if the File and Printer Sharing for Microsoft Networks component is not enabled on the remote computer.
Troubleshooting RPC
The process of an RPC client connecting to an RPC server can be broken down into four phases. This troubleshooting guide will discuss the events that occur at each phase, how to test these events, and how to identify if the phase completed successfully.
Phase 1: Name Resolution: Name resolution is the act of resolving a name to an IP address. This normally takes two forms: NetBIOS Name Resolution or the more common DNS Name Resolution.
Phase 2: TCP session establishment: TCP session establishment is the act of establishing a TCP connection between the RPC client and the RPC server. TCP sessions will be initiated by the RPC client via a TCP 3-way handshake with the RPC
server.
Phase 3: RPC Discovery: When a client wants to connect to the RPC server supplied by the application it will contact the computer that hosts the RPC Server and discover how to connect to the RPC Server.
Phase 4: RPC Communication: RPC Communication is the act of making RPC requests to the application endpoint and receiving RPC responses from this application.
Data needed to troubleshoot the issue:
- Identify the client and server computers reporting the RPC error. Identify the DNS and WINS servers used by these computers. To do this:
- On each machine, open a command prompt and run ipconfig /all.
- Determine the IP address of both machines. If the server is part of a cluster get the cluster resource IP address as well. Identify the DNS servers and WINS servers that the RPC client is configured to use.
Note: You can also obtain this information by opening Control Panel\Network and Sharing Center, clicking Local Area Connection and selecting Properties.
- Identify the application(s) reporting RPC Server Unavailable
- Simultaneous network traces (using Wireshark, Netmon, or a comparable network sniffer) from the machines hosting the RPC client and RPC Server while reproducing the task that results in a “RPC Server Unavailable” error.
- The network captures on both hosts should be started first.
- From a command prompt on the client run ipconfig /flushdns and nbtstat –R to clear the name resolution caches.
- Reproduce the error.
- Stop the traces and save them.
↑
Back to top
Name Resolution
Name Resolution consists of one or possibly more NetBIOS or DNS queries to locate the IP address for the RPC Server. Troubleshooting this phase requires verifying that a response is received to the name resolution request and that the response contains the
correct IP address for the RPC server. Compare the IP address reported by DNS or NetBIOS in the network trace for the server with the IP addresses you noted earlier. If it does not match then check DNS and WINS and note if there is a difference.
DNS Name Resolution
To identify DNS Name Resolution in a network trace use the following filter in Network Monitor or Wireshark: dns. DNS resolution will be occurring at the client so open the network trace taken from the RPC client machine. You will be looking for one packet
that is the query from the client to the DNS server and then the response packet from the DNS server. It will look similar to this:
If the trace shows the correct IP address for the RPC server was returned by the DNS server proceed to TCP Session Establishment.
If the trace does not show a correct IP address returned or you do not see any answer from the DNS server then reference the following resources to help with DNS name resolution troubleshooting.
For details on troubleshooting Active Directory related DNS issues go
here.
For general DNS troubleshooting:
http://support.microsoft.com/default.aspx?scid=kb;EN-US;330511
NetBIOS Name Resolution
NetBIOS queries come in two forms, WINS or NetBIOS Broadcasts. WINS will consist of a unicast query to a WINS server and a response from the WINS server.
NetBIOS broadcasts are queries broadcast to all hosts on the local subnet so name resolution is limited to only hosts on the subnet. The host with the name listed in the NetBIOS Broadcast will respond with its IP address.
To identify NetBIOS Name Resolution in a network trace, use the following filter in Network Monitor — “nbtns”. For Wireshark, use the following filter — nbns”. If the trace shows a successful resolution using WINS or NetBIOS queries proceed to TCP Session
Establishment.
For details on troubleshooting this NetBIOS Name Resolution further:
http://technet.microsoft.com/en-us/library/cc940110.aspx
TCP Session Establishment
TCP Sessions always begin with a TCP 3-way handshake. The handshake should look similar to what is shown below. The RPC Client will send the first packet, known as the SYN packet. The computer hosting the RPC Server will send a SYN/ACK response, and then
the RPC Client will send an ACK packet.
Scenarios that may cause the TCP session to fail
Firewall/Network
If a firewall or network problem is the culprit, it is likely a failure will occur during this phase. To diagnose this you will want to look at the network traces taken from the RPC Client and RPC Server. If a firewall or other network device is causing a problem
it will usually manifest as a retransmit of the TCP SYN packet by the RPC Client about 3 seconds after the first TCP SYN is sent. This can be seen in a Netmon network trace using the display filter specification of “tcpsynretransmit==1”. In other cases, firewalls
will allow the 3-way handshake to succeed but may block the RPC packets due to the contents of the packet at a higher level. In these cases it is possible to see the retransmit of the RPC packet within half a second of the original packet being sent. To identify
this condition in a Netmon network trace use the display filter specification of “tcpretransmit==1”. To see either of these retransmit conditions in a trace taken using Wireshark use the display filter specification of “tcp.analysis.retransmission”.
The RPC Server is not actively listening.
It was noted earlier that an RPC Server will register itself and listen on a particular port and IP address of the host computer. If for some reason that fails the TCP layer will answer the SYN packet from the client with a Reset packet.
A device in the middle between the RPC Client and RPC Server will be resetting the connection attempt.
In the client side trace it will appear as if the server sent the TCP Reset while the trace from the server indicates the client is the source of the TCP Reset.
For both these scenarios, check for the presence of a Reset packet in the TCP three way handshake by using the display filter specification of “TCP.flags.reset==1”.
For troubleshooting this step see the following sections in this document:
- How to identify RPC traffic in a trace
- Connectivity
- RPC Services
- RPC Client Registry
If the 3-way handshake is successful, continue to the RPC Discovery phase.
↑
Back to top
RPC Discovery
The RPC Discovery phase will occur one of two ways. In both methods the client will know the identifier for the RPC Server it wants to contact and will supply that to the computer hosting the RPC Server and ask for information on how to contact the RPC Server.
The identifier is different depending on which method is used and the RPC client will know ahead of time which method it wishes to use.
Discovery — RPC Over TCPIP
This method is a two-step process. First the RPC client will contact the End Point Mapper (EPM) on the machine hosting the RPC Server to find out what port and IP address that Server is listening on. Upon successful completion of this the RPC client will
contact the RPC Server directly on the indicated IP address and Port. Below is a sample of what this would look like and a step by step explanation below it. This step depends on the successful TCP session establishment twice, first to the EPM and then to
the RPC Server.
- The RPC Client will open a TCP session with TCP port 135 on the computer hosting RPC Server of interest. This can be picked out using the following filter syntax in Netmon or Wireshark: “tcp.port==135”
- The RPC Client will send an RPC Bind request using the UUID of the End Point Mapper and the RPC EPM should respond with a Bind ACK packet.
- The RPC Client will make a MAP request to the EPM to locate the IP address and port of the RPC Server of interest, identifying the RPC Server based on its UUID.
- The EPM will send back a MAP Response that indicates the IP and port the RPC Server is listening on.
- The RPC Client will then open a TCP session with the IP and port it received in the EPM MAP response.
- The client will send an RPC Bind Request to the RPC Server specifying the UUID of the RPC Server application and should get back a Bind ACK from the RPC Server.
- There will be an RPC Alter Context Request/Response in which authentication will take place. If an error is noted here then see the following section for help determining why the error is occurring —
Authentication
- Perform some RPC operations…(Go to RPC Communication phase)
Discovery — RPC Over SMB
The second method an RPC Client may use to contact an RPC Server is RPC over SMB. This method depends upon first establishing an SMB session with the computer hosting the RPC Server and then using the Named Pipes protocol to communicate using RPC. So in
effect there are several levels of encapsulation – RPC over Named Pipes over SMB over TCP. We will not address the SMB session setup in this document and the TCP session establishment has already been discussed.
With a successfully opened TCP and SMB session, next:
- The RPC Client will issue a SMB TreeConnectAndX for the tree name “IPC$”. This is a special hidden share for inter-process communication. It should get a positive response from the computer hosting the RPC Server.
- The RPC Client will then issue an SMB NTCreateAndX for the name of the PIPE of the RPC Server Application and should get back a positive response. Some examples are:
EVENTLOG = The Event log service
winreg = Remote Registry
svcctl = Service Control Manager
srvsvc = Server Service
- Next there is a Bind handshake. This is to “bind” the RPC client to the RPC server. There are a total of four packets involved:
- The RPC Client bind request containing the UUID of the desired RPC Server.
- A Write AndX response from the RPC Server
- A Read AndX request from the RPC Client.
- A Bind ACK response from the RPC Server.
- At this time a RPC request to the RPC server component is expected.
RPC Communication
At this point RPC communication is occurring between the RPC Client and RPC Server. The troubleshooting steps involved at this stage are largely based on the application reporting the RPC failure.
For Active Directory processes or services please see
Active Directory Symptoms.
For Microsoft Exchange related RPC errors please see:
Analyzing Exchange RPC traffic over TCP/IP
↑
Back to top
How to identify the RPC traffic in a trace
RPC network traffic can take multiple forms. It is important to understand which form is in use in order to identify which TCP session is responsible for the RPC communication.
RPC over TCPIP
This is sometimes referred to as Traditional RPC or Sockets based RPC. An example of this is Outlook without “Outlook anywhere” or without http settings configured. A TCP session on TCP port 135 is established with the RPC server. To view this traffic in
a trace use the filter: “tcp.port==135”. This session will be used in the RPC Discovery phase to locate the endpoint of the desired application.
RPC over HTTP
RPC connectivity for Internet connected hosts will typically use RPC over HTTP in order to traverse firewalls. Some examples of this can be seen with Terminal Services Gateway, Outlook Web Access, Outlook via “Outlook Anywhere”. This communication will be
established on one or more connections to either TCP port 80 or 443(SSL). Since this typically traverses a public network, SSL or TCP port 443 is the more common method. Use the filter “tcp.port==80 or tcp.port==443” to locate either form inside network trace.
RPC over HTTP Port 80
For sessions over TCP port 80, the HTTP requests associated with RPC over HTTP will include a UserAgent header that contains the text “OutlookConnectorDS” and the version number of the connector.
RPC over HTTP Port 443
Sessions using TCP port 443 will initially establish a TLS session. After this TLS negotiation, the TCP Payload will be encrypted in TLS/SSL and the contents of the frames will not be readable in the trace. In this phase, look for failures due to improper
certificates, inaccessible Certificate Revocation Lists, or untrusted certificate chains.
For more information on troubleshooting SSL/TLS see:
http://technet.microsoft.com/en-us/library/cc783349(WS.10).aspx
↑
Back to top
RPC over SMB aka “Named Pipes”
RPC can also take advantage of SMB sessions for the purpose of RPC communication. Some examples of this can be seen with Computer Management or the Remote Registry service. With the use of RPC over SMB:
- Establish TCP connection on TCP port 139 or 445.
- Negotiate dialect request/response
- SessionSetupANDX request/response. This sequence is used to establish the SMB Session. Authentication occurs during the SessionSetupANDX exchange.
If a failure in step 1 occurs, see additional troubleshooting steps see:
File and Printer Sharing.
Kerberos Authentication
If Kerberos is used, and the client doesn’t currently have a Kerberos ticket for the RPC server, just after the Negotiate Dialect response is received, the client will obtain a Kerberos ticket for the Servername/cifs SPN of the RPC server. This exchange
will occur over the Kerberos ports TCP or UDP port 88 between the client and a Domain Controller. SessionSetupANDX follows and will consist of a single SessionSetupANDX request which includes the Kerberos ticket, followed by a SessionSetupANDX Response indicating
success or failure of the authentication.
For additional troubleshooting steps during authentication, see
Authentication.
NTLM Authentication
If NTLM is used, SessionSetup will result in a SessionSetupANDX response with a status of STATUS_MORE_PROCESSING_REQUIRED. This response includes the NTLM challenge. The subsequent SessionSetupANDX Request will include the hashed credentials of the client.
At this time, the RPC server must validate the credentials supplied by the user. To do this, the RPC server will contact a domain controller, and validate the credentials with the netlogon service, via RPC, on the domain controller. If this is successful,
the RPC server will then respond to the client with a SessionSetupANDX Response indicating STATUS_SUCCESS.
For additional troubleshooting steps during authentication, see
Authentication.
Troubleshooting Authentication
Verify that authentication is working correctly by checking for Time skew, UDP Fragmentation or an Invalid Kerberos Realm.
- Time skew can be verified by running net time /querysntp and net time /setsntp:<PDCe server name>. The /querysntp switch allows you to determine if a specific DC is manually configured as the authoritative time server. The /setsntp:<PDCe server name> switch
can be used to synchronize the computer receiving the error with the PDC emulator. The PDC emulator is the authoritative time server by default. - UDP fragmentation can cause replication errors that appear to have a source of RPC server is unavailable. Symptoms of UDP fragmentation being at the root of this problem include clients being unable to log on to the domain, administrators being unable
join computers to the domain and Event ID 40960 & 40961 errors with a source of LSASRV and Kerberos errors with an Event ID of 10 in the system log.Knowledge base article 244474 — «How to force Kerberos to use TCP instead of UDP in Windows Server 2003, in Microsoft Windows and XP, and in Microsoft Windows 2000» provides the steps to resolve this
problem. - An incorrect Kerberos realm can also be at the root of RPC server is unavailable problems. The symptoms that will be experience when the Kerberos realm is incorrect include the following errors when opening AD management tools:
Naming Convention could not be located because: No authority could be contacted for authentication. Contact your system administrator to verify that your domain is properly configured and is currently online.
-or-
Naming information cannot be located because: No authority could be contacted for authentication. Contact your system administrator to verify that your domain is properly configured and is currently online.
To verify that the correct Kerberos realm is configured, follow the steps in 837513 — «Domain controller is not functioning correctly».
↑
Back to top
Active Directory Symptoms:
1. If you are experiencing replication problems and getting RPC server is unavailable errors as is reported in repadmin /showreps below, use Portqry or Network Monitor to determine if RPC traffic is being blocked is the first step when attempting
to troubleshoot RPC Server is unavailable errors.
[Replications Check,DC2] A recent replication attempt failed:
From DC1 to DC2
Naming Context: CN=Schema,CN=Configuration,DC=xl
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2003-10-30 11:59.47.
The last success occurred at 2003-10-28 20:50.22.
26 failures have occurred since the last success.
[DC1] DsBind() failed with error 1722,
The RPC server is unavailable..
The source remains down. Please check the machine.
Bermuda\DC1 via RPC objectGuid: 28c78c72-3c95-499a-bcda137a250f069f
Last attempt @ 2003-10-30 11:58.15 failed, result 1722:
The RPC server is unavailable.
Troubleshooting: If IP Security Policies in Active Directory had the Assigned Value to Server (Request Security) set to Yes then these errors will result. Knowledge base article 313190
— «How to use IPSec IP filter lists in Windows 2000» provide details about where to check these settings and more information about their impact.
2. If you are blocking all ICMP traffic between separate AD sites, you will receive the errors below in the output of DCDIAG when trying to replicate inter-site:
Testing server: contoso\DC1
Starting test: Replications
* Replications Check
[Replications Check,DC1] A recent replication attempt failed:
From DC2 to DC1
Naming Context: CN=Schema,CN=Configuration,DC=litware,DC=com
The replication generated an error (1722):
The RPC server is unavailable.
The failure occurred at 2003-08-24 23:00.51.
The last success occurred at (never).
553 failures have occurred since the last success.
[DC2] DsBind() failed with error 1722,
The RPC server is unavailable..
The source remains down. Please check the machine.
REPLICATION LATENCY WARNING
DC1: A full synchronization is in progress
from DC2 to DC1
Replication of new changes along this path will be delayed.
[DC2] LDAP connection failed with error 58,
The specified server cannot perform the requested operation.
Troubleshooting: To resolve this issue, remove the ICMP traffic restriction between domain controllers. When establishing an RPC session prior to AD replication, ICMP traffic is used. If the ICMP fails, so does the RPC session establishment,
and hence AD replication also fails. ISA 2004 can prevent ICMP traffic with the exception of computers specified in the Remote Management Computers computer set which can be configured in system policy.
3. The following error will appear when attempting to connect to the computer.
«computer <\\servername.domain.local> cannot be managed. The network path was not found. RPC server is unavailable.
Or when viewing the properties of the remote computer you will receive the error:
«Win32: The RPC server is unavailable».
Troubleshooting: Computer management is one of the better tools for testing RPC connectivity. When RPC traffic is being blocked, connections to other computers using the computer management console will fail.
4. When attempting to promote an additional domain controller in an Active Directory domain while the RPC service is blocked or not running, the following error will appear:
«The domain «domain.local» is not an Active Directory domain, or an Active Directory domain controller for the domain could not be contacted.
Troubleshooting:
5. Connections to computers via Remote Desktop may fail if RPC connectivity cannot be established. When attempting to logon on to the domain via Remote Desktop the following error will be produced in the form of a popup error message if RPC connectivity
is the root of the problem:
«The system cannot log you on due to the following error: The RPC server is unavailable.”
You may also see the following errors on the Terminal server:
Error 1727: The remote procedure call failed and did not execute
Error 1722: The RPC server is unavailable.
Error 1723: The RPC server is too busy to complete this operation.
Error 1721: Not enough resources are available to complete this operation.
-or-
Event ID 5719:
Source: NetLogon
Description: No Windows NT Domain Controller is available for domain domain_name.
The following error occurred: There are currently no logon servers available to
service the logon request.
Event ID: 1219
Source: Winlogon
Details: Logon rejected for CONTOSO\<computername>. Unable to obtain Terminal Server
User
Configuration. Error: The RPC server is unavailable.
Troubleshooting: These errors can be a result of the TCP/IP NetBIOS Helper service being disabled on the Terminal server or NetBIOS over TCP/IP being disabled on one of the NIC’s used to access the Terminal server. You should also verify
that the Client for Microsoft networks is bound to the adapter used to access the Terminal server. You can tell if this is happening by looking at a Netdiag /v from the box for the following output:
Testing redirector and browser… Failed
NetBT transports test. . . . . . . : Failed
List of NetBt transports currently configured:
[FATAL] No NetBt transports are configured.
Redir and Browser test . . . . . . : Failed
List of transports currently bound to the Redir
NetBIOSSmb
[FATAL] The redir isn’t bound to any NetBt transports.
List of transports currently bound to the browser
[FATAL] The browser isn’t bound to any NetBt transports.
↑
Back to top
Troubleshooting Tools and Methods
Methods to generate RPC Traffic
Computer Management MMC to a remote host
Outlook to an Exchange server
RPCPing — http://support.microsoft.com/kb/831051
Tools for Testing RPC
RPCPing — http://support.microsoft.com/kb/831051
PortQry —
http://support.microsoft.com/default.aspx?scid=kb;EN-US;832919
Pipelist —
http://technet.microsoft.com/en-us/sysinternals/dd581625.aspx
RPCDump —
http://support.microsoft.com/default.aspx?scid=kb;EN-US;325930
NSLookup —
http://support.microsoft.com/default.aspx?scid=kb;EN-US;200525
NBLookup —
http://support.microsoft.com/default.aspx?scid=kb;EN-US;830578
Tools for monitoring RPC
Network Monitor —
Download –
FAQ
Wireshark — Download
Using PortQry
You can use the Portqry tool to verify that the required ports are open. You should run the Portqry tool on a computer that is not receiving any RPC errors against a computer that is receiving RPC errors by using the -n switch. To this, follow these steps:
a. Click «Start», click «Run», type «cmd» in the «Open» box, and then click OK».
b. Type «portqry -n <problem_server> -e 135» (without the quotation marks).
The output will appear similar to the following examples:
Querying target system called:
<problem_server>
Attempting to resolve name to IP address…
Name resolved to 169.254.1.1
querying…
<problem_server>
TCP port 135 (epmap service): LISTENING
Using ephemeral source port
Querying Endpoint Mapper Database…
Server’s response:
UUID: f5cc59b4-4264-101a-8c59-08002b2f8426 NtFrs Service
ncacn_ip_tcp:65.53.63.16[1094]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_ip_tcp:65.53.63.16[1025]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_http:65.53.63.16[1029]
UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface
ncacn_http:65.53.63.16[6004]
If port 135 is blocked, the following will appear:
TCP port 135 (epmap service): NOT LISTENING However, for these RPC Endpoint Mapper errors it is likely that ports greater than 1024 are blocked, and not port 135.From the output, you know the DC is using port 1094 for FRS and 1025, 1029, and 6004 for Active
Directory replication. You can use the Portqry tool again to check those ports. For example, you can test all the ports at the same time by using the Portqry tool with the -o switch. For example, type
«portqry -n <problem_server> -o 1094,1025,1029,6004″(Without the quotation marks)
If the ports all respond as «LISTENING,» it’s likely that blocked ports are not causing this problem. If any ports respond as «NOT LISTENING,» the ports are probably blocked.
↑
Back to top
Resources
RPC Blogs
Basics of RPC are covered here:
RPC to Go v.1:
http://blogs.technet.com/b/networking/archive/2008/10/24/rpc-to-go-v-1.aspx
Architecture and a closer look at a connection to the RPC Endpoint mapper in a network capture.
RPC to Go v.2:
http://blogs.technet.com/b/networking/archive/2008/12/04/rpc-to-go-v-2.aspx
This describes how RPC commands can be sent over Named Pipes in SMB via the IPC$ Tree.
RPC to Go v.3:
http://blogs.technet.com/b/networking/archive/2009/04/28/rpc-to-go-v-3-named-pipes.aspx
Troubleshooting “RPC server is unavailable” error, reported in failing
AD replication scenario.
http://blogs.technet.com/b/abizerh/archive/2009/06/11/troubleshooting-rpc-server-is-unavailable-error-reported-in-failing-ad-replication-scenario.aspx
External TechNet Magazine article
This one is good. It lays out RPC basics really quickly and then moves on RPC errors. The information on MaxUserPort would need to be updated with the information about the dynamic port ranges that are used in Vista/W2008 are the high range of ports compared
to the 1025-5000 for W2003.
How IT Works, Troubleshooting RPC Errors by Zubair Alexander:
http://technet.microsoft.com/en-us/magazine/2007.07.howitworks.aspx
KB Article
Troubleshooting RPC Endpoint Mapper errors using the Windows Server 2003 Support Tools from the product CD
https://support.microsoft.com/en-us/help/839880/troubleshooting-rpc-endpoint-mapper-errors-using-the-windows-server-20
↑
Back to top
The 1722 RPC Server Unavailable (RPC_S_SERVER_UNAVAILABLE) error is a fairly common one that domain administrators are faced with when AD replication is not working properly. However, this error can also occur on workstations running a desktop version of Windows 10/11 or Windows Server that do not have the ADDS role installed. This article will show how to troubleshoot and fix the RPC error 1722 in different cases.
Active Directory Replication Error 1722: The RPC Server is Unavailable
In this section we’ll take a look at the basic ways to Error 1722: The RPC server is unavailable in Active Directory. In most cases, this error is caused by a communication problem between the domain controllers. If this happens, you may have problems with AD replication.
You can face the error both in the domain controller event logs and when trying to start or check the replication status using the Repadmin or dcdiag tool.
For example, you want to check the current replication status in Active Directory:
repadmin /replsummary
Or:
repadmin /showrepl
Dcdiag may return an error:
The replication generated an error (1722):
The RPC server is unavailable.
[lon-dc01] DsBindWithSpnEx() failed with error 1722.
Some of domain controllers may return an “(1722) The RPC server is unavailable” error. This means that some domain controllers are unable to replicate AD changes (or just inactive) for a few days.
Hint. There is a similar error RPC Server is Unavailable 0x800706BA, which is not usually associated with Active Directory domain controllers. This needs to be fixed differently.
Let’s consider the typical reasons for the 1722 AD replication error:
- The domain controller is offline (or broken);
- Some of the domain controller system services are not running;
- Incorrect network configuration and/or blocked ports on firewalls;
- Incorrect DNS configuration on domain controllers, or invalid DNS records;
- Poor network performance and/or high latency.
Make sure the specified domain controllers are powered on and running the following Windows services:
- COM+ Event System;
- Remote Procedure Call (RPC);
- Active Directory Domain Services;
- DNS Client;
- DFS replication;
- Intersite Messaging;
- Kerberos Key Distribution Center;
- Security Accounts Manager;
- Server;
- Workstation;
- Windows Time;
- Netlogon.
For example, lon-dc01 is the problematic DC that returns “1722 RPC server unavailable”. First, check the connection to lon-dc01 from the remote DC:
- Make sure you can access the problematic DC via the UNC path \\lon-dc01, and that the SYSVOL and NETLOGON folders are shared.
- If they are not available, check the basic network connectivity between the RPC client and server:
ping lon-dc01 tracert lon-dc01
- Then check that TCP port 135 (RPC locator) on the target DC is not blocked by a firewall:
Test-NetConnection lon-dc01 –port 135
A common cause of the 1722 replication error is the incorrect DNS configuration on the DC. Check if the correct DNS servers’ IP addresses are specified in the DC network connection settings. The primary address should be the address of another DC, and the secondary one is its own IP address.
Check the DNS health on a problem DC with the dcdiag tool:
DCDIAG /TEST:DNS /V /S:<ProblemDCName>
Hint. Problems with DC entries in Active Directory DNS, Netlogon and Sysvol services can often be resolved by simply rebooting the domain controller.
Active Directory uses the dynamic range of TCP ports for replication. Windows Server 2008 R2 (and higher) uses the following port range for TCP Dynamic RPC — from 49152 to 65535.
In some cases, an AD administrator can bind (restrict) Active Directory replication traffic to a specific port. In this case, the fixed RPC port number must be configured in the domain controller registry. For example, to bind the AD replication traffic on TCP port 5000 (0x1388), you need to change the registry key on the domain controller:
[HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters] "TCP/IP Port"=dword:00001388
If firewalls are used on your corporate network and the replication port AD is fixed, then replication won’t work on the newly promoted DC. This happens because the DC will try to replicate with the partner over a random port from the dynamic RPC range that is blocked by the firewalls.
If your domain controllers are running different versions of Windows (for example, 2019 and 2012 R2 DCs), you should check to see if SMBv2 is enabled on the older versions of Windows Server.
Get-SmbServerConfiguration | select EnableSMB2Protocol
DCs will not be able to communicate with each other with an RPC Unavailable error if this protocol is disabled.
After you’ve fixed all problems, you can run the repadmin /replsummary command again, and check if the replication was successful. We also recommend initiating the AD replication manually and checking for errors. Make sure the dcdiag /a /q command doesn’t return errors.
RPC Server is Unavailable (Error Code: 1722) on Windows 10/11
On Windows, you may receive the error “1722 The RPC server is unavailable” if the local service/app (RPC client) on your computer cannot communicate with the service on the remote computer (RPC server).
In this case, you must check that the services required for the RPC protocol are running on the remote computer:
- Remote Procedure Call (RPC);
- RPC Endpoint Mapper;
- DCOM Server Process Launcher;
Open the Service management console (services.msc), and check if the specified services are in the Running state. If not, start them manually.
You can also use PowerShell to check the status of services:
Get-Service RpcSs,RpcEptMapper,DcomLaunch
Check that TCP port 135 on the domain controller is in Listening state. The svchost process must be listening on this port:
netstat -ano | find "135" Get-Process -Id (Get-NetTCPConnection -LocalPort 135).OwningProcess
Also, some network applications may return error ‘1722 The RPC server is unavailable’ if the TCP/IPv6 protocol is disabled on the computer.
Open the properties of your network adapter in the Control Panel (Win + R > ncpa.cpl), and check if Internet Protocol Version 6 (TCP/IPv6) and File and Printer Sharing for Microsoft Network are enabled.
After that, use the following command to disable the Teredo IPv6 tunneling protocol:
netsh interface teredo set state disabled
And clear the DNS cache with the command:
ipconfig /flushdns
Also, RPC error 1722 may also occur when you try to print a document on a remote computer with a shared network printer. In this case, you need to check if the remote computer is powered on, and the Print Spooler service is running on it.
In Windows 10/11, in order for some RPC connections to work correctly, you will need to open the Advanced Sharing settings in the Control Panel (run the command: control.exe /name Microsoft.NetworkAndSharingCenter /page Advanced). Expand the setting for the network profile that you are using and enable the network discovery and file and printer sharing options.
Troubleshooting RPC Connectivity Using Portquery
The Remote Procedure Call (RPC) protocol is used in Windows to communicate between computers over a network. Many built-in Windows services use RPC (Distributed File System, AD Replication, DCOM services, MSSQL, Exchange, SCOM, SCCM, NLB, Microsoft Cluster Services, Certificate services, etc.).
The RPC protocol is based on a client-server model. The RPC server accepts and processes connections using the RpcSs service. Windows dynamic ports are used for communication between clients and the RCP server (TCP Range from 49152 and up to 65535).
The static TCP port 135 is used as the starting point for RPC communication. This port is listened by the RPC Endpoint Mapper (RpcEptMapper) service. In a normal RPC session, the client connects to the RPC endpoint mapper service on the server on port 135 and requests the dynamic port number assigned to the particular service. RpcEptMapper responds with the IP address and service port number (a random dynamic port is assigned when the service starts).
The most common causes of RPC errors are:
- Disabled RPC service;
- Name resolution errors (DNS or NetBIOS);
- Network connectivity issues;
- RPC traffic is blocked by the firewall.
You can use the portquery tools to diagnose the availability of the RPC and RPC Port Mapper services (PortQry Command Line Port Scanner).
To check the availability of the RPC Port Mapper port on a remote computer, run the command:
portqry -n <problem_server> -e 135
In this example, you can see that the RPC Port Mapper service is available on TCP port 135. The service also service returns a list of running RPC endpoints and the ports associated with them (in square brackets). Check if the service you are troubleshooting is on this list. Check that the port assigned to your TCP service is not blocked by firewalls between the client and server.
portqry -n <problem_server> -p tcp -e 49666
Cyril Kardashevsky
I enjoy technology and developing websites. Since 2012 I’m running a few of my own websites, and share useful content on gadgets, PC administration and website promotion.
Are you experiencing issues with your RPC server on Windows? Learn how to fix errors such as «RPC Server Is Unavailable» from our troubleshooting article.
Those who’ve been using systems such as Windows 10 for an extended period of time may have run into an issue with the RPC Server becoming unavailable. In this scenario, you’re most likely unable to properly connect to other devices on your network.
Experiencing this issue may limit your ability to share files, use printers, and share data or information over a network. Today, we’ll go over what you can do to fix the “RPC Server is unavailable” error on Windows operating systems.
Table of Contents
- What is the RPC Server is Unavailable error? What causes it?
- Method 1. Make sure the RPC services are running
- Method 2. Enable Remote Assistance in your firewall settings
- Method 3. Disable the Selective Startup feature
- Method 4. Flush and renew your DNS
- Method 5. Enable File and Printer Sharing for Microsoft Networks
- Method 6. Force RPC services to start
- Final thoughts
What is the RPC Server is Unavailable error? What causes it?
Simply put, the RPC server allows you to share data through a network and transfer information to another device. RPC enables you to manage devices over this network, such as printers and scanners.
If the RPC server becomes unavailable, you lose this functionality. There are multiple causes for this error, the most common ones being the following issues:
- Services required by RPC are disabled — It’s possible that you, another person using the computer, or some form of malware disabled several services. If a service required by RPC is disabled, you’re likely to run into issues.
- Your firewall is blocking remote assistance — The firewall may end up causing problems with the RPC server. If this happens, you’ll be unable to use RPC services without fixing your firewall settings first.
- File Printer Sharing or IPV6 is disabled — Some types of RPC servers require both IPV6 and File Printer Sharing to be enabled on the network.
- Your IP address is poorly configured — Your IP address may trigger the RPC Server unavailable error message. In this case, simply flushing and renewing your IP address and DNS server could fix the problem.
- RPC is disabled in the Registry — If the RPC services have been disabled on a Registry-level, you’ll need to fix it by using the Registry Editor.
No matter the cause, our methods will help you resolve the “RPC server is unavailable” error on your Windows device.
Solved: RPC Server is Unavailable
Note: Our methods were tested on a Windows 10 operating device. It’s possible that different operating systems may require slightly different steps in order to accomplish the fix.
Method 1. Make sure the RPC services are running
In most cases, the RPC server experiences issues thanks to the service being disabled. This can happen for various reasons, most commonly because of a third-party application making a modification.
Follow the steps below to re-enable the RPC services in your system:
- Open the search bar in your taskbar by clicking on the magnifying glass icon. You can also bring it up with the Windows + S keyboard shortcut.
- Type in Services and click on the first search result.
- Scroll down and locate the Remote Procedure Call (RPC) service from the list. Right-click on the service and then select Properties from the context menu.
- Ensure that the Startup type is set to Automatic. Afterward, click on the Start button to property start the service.
- Click Apply and then close the pop-up window. Now, repeat the same steps for the following 3 services: RPC Endpoint Mapper, Remote Procedure Call (RPC) Locator, and DCOM Service Process Launcher.
- After starting each service, restart your computer and check if the RPC server error is still present.
Method 2. Enable Remote Assistance in your firewall settings
Based on user reports, we were able to determine that one of the most common reasons for experiencing the “RPC Server Is Unavailable” error is caused by the firewall.
This is common — in order to filter everything and secure your device, the firewall often tends to block remote connections. Luckily, there’s a way to get around this without having to disable the firewall itself:
- Open the search bar in your taskbar by clicking on the magnifying glass icon. You can also bring it up with the Windows + S keyboard shortcut.
- Type in Allow an app through Windows Firewall and click on the first search result.
- Click on the Change settings button. Bear in mind that this action may require you to have access to an administrator account.
- Read: Check out our How to make a local user an administrator in Windows 10 guide.
- If you don’t have access to an account with the appropriate permissions, get in touch with your network administrators.
- Scroll down and locate Remote Assistance in the entry list. Make sure that the checkboxes in its row are all ticked to fully enable the service. (See image below).
- Click the OK button to finalize the change. We recommend restarting your computer and checking if the RPC server is available after making this change.
Method 3. Disable the Selective Startup feature
Selective Startup makes it so your device boots up without all features enabled. This can easily cause conflicts with the RPC server, rendering it unusable. Here’s how to disable this feature:
- Press the Windows + R keys on your keyboard. This is going to bring up the Run utility.
- Type in “msconfig” without the quotation marks and press the Enter key on your keyboard. This will launch the System Configuration.
- Stay on the General tab, and then ensure you have Normal startup selected. Click on the Apply button to finalize the change.
- Restart your computer and check if the RPC server is correctly functioning. If this method didn’t work for you, try the next solution.
Method 4. Flush and renew your DNS
If your DNS is outdated, you can manually clear its cache to potentially fix the issues this causes. The method is simple and involves using the Command Prompt. Keep it in mind that you might be required to use an administrator account to perform this method.
- Press the Windows + R keys on your keyboard. This is going to bring up the Run utility.
- Type in “cmd” without the quotation marks and press the Enter key on your keyboard. This will launch the classic Command Prompt application.
- Paste in the following command and press the Enter key to execute it: ipconfig /flushdns.
- After successfully executing the previous command, you’ll need to renew your DNS. Type in and run this command: ipconfig /renew.
- Close the Command Prompt. We recommend restarting your computer and checking if the RPC Server error remains in place.
Method 5. Enable File and Printer Sharing for Microsoft Networks
Configuring your network to enable RPC services is a quick fix for the error at hand. By enabling the appropriate features, you can resolve all conflicts related to the RPC server and possibly fix the error at hand.
- Press the Windows + R keys on your keyboard. This is going to bring up the Run utility.
- Type in “control” and press the Enter key on your keyboard. This will launch the classic Control Panel application.
- Click on Network and Internet, then choose Network and Sharing Center. If you don’t see this option, ensure that your viewing mode is set to Category.
- From the menu on the left side, click on the Change adapter settings link. This is going to open a new window.
- Right-click on the connection you’re currently using and select Properties.
- Locate the File and Printer Sharing for Microsoft Networks and the Internet Protocol Version 6 (TCP/IPv6) options from the list. Make sure that both checkboxes are checked.
- Click OK. Restart your device and check if the RPC error is still present after enabling these options.
Method 6. Force RPC services to start
You can use the Registry Editor to force RPC services to start up. This is the most advanced method of fixing the issue at hand — we recommend you to create a Registry backup before proceeding with the steps below.
- Press the Windows + R keys on your keyboard. This is going to bring up the Run utility.
- Type in “regedit” without the quotation marks and press the Enter key on your keyboard. This will launch the Registry Editor application.
- Navigate to the following key: Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcSs
- You can use the address bar in the Registry Editor to type or paste the key as well, making navigation faster.
- Right-click on the Start value, and then choose Modify from the context menu. A new pop-up window should appear.
- Make sure that the Value data is set to 2. Change the Base selection to Hexadecimal, and then click the OK button.
- Repeat the steps and modify the Start value in the following 2 Registry keys as well:
- Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DcomLaunch
- Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\RpcEptMapper
- After modifying all 3 keys in the locations listed above, close the Registry Editor and restart your computer. You should immediately be able to test if the “RPC Server Is Unavailable” error appears.
Final thoughts
If you need any further help with Windows, don’t hesitate to reach out to our customer service team, available 24/7 to assist you. Return to us for more informative articles all related to productivity and modern-day technology!
Would you like to receive promotions, deals, and discounts to get our products for the best price? Don’t forget to subscribe to our newsletter by entering your email address below! Receive the latest technology news in your inbox and be the first to read our tips to become more productive.
You may also like
» How To Fix System Service Exception Error In Windows 10
> What Causes “Unmountable Boot Volume” on Windows 10 and How to Fix It
» [Solved] Hard Drive Not Showing up in Windows 10
RPC Server Unavailable Issue 1722 is a very common Windows error. When AD replication does not perform as planned, domain administrators frequently encounter this problem. However, without the ADDS role enabled, this issue can appear on workstations running Windows 10 or Windows Server. We’ll show you how to troubleshoot and fix RPC problem 1722 in a variety of scenarios in this article.
Active Directory Domain Controller Replication Error: The RPC Server is Unavailable
In this part, we’ll go over the most common solutions for Active Directory replication Error 1722: When syncing changes between domain controllers, the RPC server is unavailable. The issue can be found in the domain controller event logs as well as when using the repadmin utility to start or check replication status.
For example, you could want to use the command to verify the current status of Active Directory domain controllers:
repadmin /replsummary
Or:
repadmin /showrepl
Some domain controllers, as you can see, return the error “(1722) The RPC server is unavailable.” This means that for a few days, some domain controllers will be unable to replicate AD data (or would be inactive).
RPC Server is Unavailable 0x800706BA is a similar problem that is not normally related with Active Directory domain controllers and can occur on any Windows device. This must be addressed in a different manner.
Consider the most common causes of such an error:
- The domain controller is unavailable (or has failed);
- To restrict AD replication traffic, changes to the network have been made, or new Windows Defender Firewall rules have been applied.
- Invalid DNS entries or incorrect DNS settings on domain controllers;
- High latency or poor network performance.
Ascertain that the domain controllers mentioned are turned on and that the following Windows services are operating on them:
- COM+ Event System;
- Remote Procedure Call (RPC);
- Active Directory Domain Services;
- DNS Client;
- DFS Replication
- Intersite Messaging;
- Kerberos Key Distribution Center;
- Security Accounts Manager;
- Server;
- Workstation;
- Windows Time;
- NETLOGON.
Note. Let’s talk about replication in an Active Directory domain for a moment. Active Directory replication (synchronisation) is a fully automated operation. Each domain controller writes changes from other domain controllers (replication partners) to its local AD database on a regular basis (ntds.dit file). This means that in order to make modifications from dc02 to dc01, dc02 must be the replication partner of dc01.
To begin, ensure that the UNC path lon-dc01 (this is a problematic DC that returns error 1722 RPC server unavailable) is accessible and that the SYSVOL and NETLOGON directories are shared to ensure that replication is working properly.
If they are not available, you need to check the permissions on the folders and check the availability of TCP 135/445 ports, maybe they are blocked by the firewall.
Now check if TCP port 135 (RPC locator) on the domain controller returning error 1722 is in the listening state. You can do this using telnet or the PowerShell Test-NetConnection cmdlet:
telnet lon-dc01 135
Or:
Test-NetConnection lon-dc01 –port 135
The improper DNS setting on the DC is a common source of such issues. In the DC network connection settings, double-check that the correct DNS servers IP addresses are selected. The primary address should be that of another DC, and the secondary address should be that of the DC itself.
Active Directory uses the dynamic range of TCP ports for replication. Windows Server 2008 R2 (and higher) uses the following port range for TCP Dynamic RPC — from 49152 to 65535.
An AD administrator can bind (restrict) Active Directory replication traffic to a specified port in various circumstances. In this situation, the domain controller registry must be configured with the fixed RPC port number. To bind AD replication traffic to TCP port 5000 (0x1388), for example, you must modify the registry key on the domain controller:
[HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
"TCP/IP Port"=dword:00001388
Replication will not work on the newly promoted DC if firewalls are deployed on your corporate network and the replication port AD is fixed. Because the DC will try to replicate with the partner via a random port from the dynamic RPC range that is banned by the firewalls, this will happen.
After you’ve resolved all issues, run repadmin /replsummary again to verify that the replication was successful. We also recommend manually starting AD replication and checking for issues. Check to see if the dcdiag /a /q command returns any issues.
RPC Server is Unavailable (Error Code: 1722) on Windows 10/Windows Server
If the local service/app on your computer cannot communicate with the service on the distant computer, you may encounter the error “1722 The RPC server is unavailable” on Windows.
RPC (Remote Procedure Call) is a commonly used network communication protocol for transmitting data between local computers (RPC client) and remote systems (RPC server) (RPC server). The “RPC Server Unavailable” error happens if the RPC client is unable to connect to the RPC server.
In this situation, you must first ensure that the RPC protocol’s needed services are running on the remote computer:
- Remote Procedure Call (RPC);
- RPC Endpoint Mapper;
- DCOM Server Process Launcher.
Open the Service management console (services.msc), and check if the specified services are in the Running state. If not, start them manually
Also, some network applications may return error 1722 The RPC server is unavailable if TCP/IPv6 protocol is disabled on the computer.
Open the properties of your network adapter in the control panel (Win + R > ncpa.cpl), and check if Internet Protocol Version 6 (TCP/IPv6) and File and Printer Sharing for Microsoft Network are enabled.
Then clear the DNS cache with the command:
ipconfig /flushdns
When you try to print a document on a remote computer using a shared network printer, RPC error 1722 can occur. In this scenario, make sure the remote computer is turned on and that the Print Spooler service is active. Start the Print Spooler service from the services.msc console.