meade470
asked on
RPC Server is unavailable
WOW! Where do I begin?
I have an Exchange 2003 Server running on Windows 2003 Server member server. It was running very good, however, I noticed an error showing up my event viewer about the Browser service. I have two Network cards, and one is disabled and one of the posts about fixing the browser error mentioned that having two network cards (one disabled) could cause this error, so I did the fix. It mentioned removing all of the components for the disabled NIC. I went to the properties for the disabled NIC and removed TCP/IP, Client for Microsoft Networks, and Network Load Balance. I did that and then the server prompted me to reboot, so I did. I first noticed a problem about 5 minutes later, when I tried to remote desktop to it. I got the username and password screen on Remote Desktop, and when I put them in, I got a "RPC Server is unavailable" error message. I went to the Exchange Server and tried to logon to the computer and was not able to log on to the domain, I could only log on locally (on the Exchange Server). When I did logon locally, I found several errors in the event viewer. Here are only some of them (other mentioned that certain services of Exchange could not start, etc):
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1053
Date: 10/4/2004
Time: 11:44:14 AM
User: NT AUTHORITY\SYSTEM
Computer: EMAIL
Description:
Windows cannot determine the user or computer name. (Access is denied. ). Group
Policy processing aborted.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 10/4/2004
Time: 10:59:18 AM
User: N/A
Computer: EMAIL
Description:
The Security System detected an authentication error for the server
cifs/lakeside-server.meade
protocol Kerberos was "The attempted logon is invalid. This is either due to a
bad username or authentication information.
(0xc000006d)".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 00 c0 m..À
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 10/4/2004
Time: 10:59:18 AM
User: N/A
Computer: EMAIL
Description:
The Security System could not establish a secured connection with the server
cifs/lakeside-server.meade
available.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 00 c0 m..À
Event Type: Information
Event Source: DnsApi
Event Category: None
Event ID: 11160
Date: 10/4/2004
Time: 9:45:10 AM
User: N/A
Computer: EMAIL
Description:
The system failed to register pointer (PTR) resource records (RRs) for network
adapter
with settings:
Adapter Name : {3525DCB6-BDF0-439A-8CAE-A
Host Name : email
Adapter-specific Domain Suffix : meadeauto.local
DNS server list :
192.168.25.51, 192.168.17.51
Sent update to server : 192.168.25.51
IP Address : 192.168.25.84
The reason that the system could not register these RRs was because of a
security related problem. The cause of this could be (a) your computer does not
have permissions to register and update the specific DNS domain name set for
this adapter, or (b) there might have been a problem negotiating valid
credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its
settings by typing "ipconfig /registerdns" at the command prompt. If problems
still persist, contact your DNS server or network systems administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 39 23 00 00 9#..
I tried to do use NETDOM /RESET or NETDOM /VERIFY on that computer and I get an error saying the RPC Server is unavailable.
I guess this sums up what went wrong, any help would be great. I don't know if that "fix" for the Browser service error caused this or not. Maybe something was already messed up on it, and it just needed the reboot to have the "screwed up settings" to take over. Any help would be fantastic, especially a fix...
I have an Exchange 2003 Server running on Windows 2003 Server member server. It was running very good, however, I noticed an error showing up my event viewer about the Browser service. I have two Network cards, and one is disabled and one of the posts about fixing the browser error mentioned that having two network cards (one disabled) could cause this error, so I did the fix. It mentioned removing all of the components for the disabled NIC. I went to the properties for the disabled NIC and removed TCP/IP, Client for Microsoft Networks, and Network Load Balance. I did that and then the server prompted me to reboot, so I did. I first noticed a problem about 5 minutes later, when I tried to remote desktop to it. I got the username and password screen on Remote Desktop, and when I put them in, I got a "RPC Server is unavailable" error message. I went to the Exchange Server and tried to logon to the computer and was not able to log on to the domain, I could only log on locally (on the Exchange Server). When I did logon locally, I found several errors in the event viewer. Here are only some of them (other mentioned that certain services of Exchange could not start, etc):
Event Type: Error
Event Source: Userenv
Event Category: None
Event ID: 1053
Date: 10/4/2004
Time: 11:44:14 AM
User: NT AUTHORITY\SYSTEM
Computer: EMAIL
Description:
Windows cannot determine the user or computer name. (Access is denied. ). Group
Policy processing aborted.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40960
Date: 10/4/2004
Time: 10:59:18 AM
User: N/A
Computer: EMAIL
Description:
The Security System detected an authentication error for the server
cifs/lakeside-server.meade
protocol Kerberos was "The attempted logon is invalid. This is either due to a
bad username or authentication information.
(0xc000006d)".
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 00 c0 m..À
Event Type: Warning
Event Source: LSASRV
Event Category: SPNEGO (Negotiator)
Event ID: 40961
Date: 10/4/2004
Time: 10:59:18 AM
User: N/A
Computer: EMAIL
Description:
The Security System could not establish a secured connection with the server
cifs/lakeside-server.meade
available.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 6d 00 00 c0 m..À
Event Type: Information
Event Source: DnsApi
Event Category: None
Event ID: 11160
Date: 10/4/2004
Time: 9:45:10 AM
User: N/A
Computer: EMAIL
Description:
The system failed to register pointer (PTR) resource records (RRs) for network
adapter
with settings:
Adapter Name : {3525DCB6-BDF0-439A-8CAE-A
Host Name : email
Adapter-specific Domain Suffix : meadeauto.local
DNS server list :
192.168.25.51, 192.168.17.51
Sent update to server : 192.168.25.51
IP Address : 192.168.25.84
The reason that the system could not register these RRs was because of a
security related problem. The cause of this could be (a) your computer does not
have permissions to register and update the specific DNS domain name set for
this adapter, or (b) there might have been a problem negotiating valid
credentials with the DNS server during the processing of the update request.
You can manually retry DNS registration of the network adapter and its
settings by typing "ipconfig /registerdns" at the command prompt. If problems
still persist, contact your DNS server or network systems administrator.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: 39 23 00 00 9#..
I tried to do use NETDOM /RESET or NETDOM /VERIFY on that computer and I get an error saying the RPC Server is unavailable.
I guess this sums up what went wrong, any help would be great. I don't know if that "fix" for the Browser service error caused this or not. Maybe something was already messed up on it, and it just needed the reboot to have the "screwed up settings" to take over. Any help would be fantastic, especially a fix...
ASKER
All of the bindings are good. The DNS address is pointing to the correct place, and it is an internal address. I can do tracert AND a ping to the dns server.
Did you try to re-register in DNS? "ipconfig /registernds"
err that was /registerdns lol ... sorry it's been a long day
ASKER
yep...did an ipconfig /flushdns then a ipconfig /registerdns
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Everything passed when I ran DCDIAG. When I ran the NETDIAG, there were two instances of something failing...
Here is the first mention...
Testing trust relationships... Failed
And the second was a little bit farther down the text file...
Trust relationship test. . . . . . : Failed
Test to ensure DomainSid of domain 'MEADEAUTO' is correct.
[FATAL] Secure channel to domain 'MEADEAUTO' is broken. [ERROR_ACCESS_DENIED]
When I ran nslookup from a workstation, I got the correct machine name...I also was able to do a successful nslookup on the Exchange Server.
There are static IP addresses for the NIC, with DNS entries pointing to our internal DNS servers. I was thinking about removing the disabled NIC, however, I didn't know if that might mess things up more. I DID uninstall them in Device manager and then rebooted, hoping the OS would reconfigure them differently. However, I still had no luck after that, the computer seemed to respond the same way as before I uninstalled them. Do you think I SHOULD try to remove the disabled NIC?
I went to ADUC, and reset the computer account, and that didn't seem to change anything either.
I am a little confused with your last question.
I appreciate your help...
Here is the first mention...
Testing trust relationships... Failed
And the second was a little bit farther down the text file...
Trust relationship test. . . . . . : Failed
Test to ensure DomainSid of domain 'MEADEAUTO' is correct.
[FATAL] Secure channel to domain 'MEADEAUTO' is broken. [ERROR_ACCESS_DENIED]
When I ran nslookup from a workstation, I got the correct machine name...I also was able to do a successful nslookup on the Exchange Server.
There are static IP addresses for the NIC, with DNS entries pointing to our internal DNS servers. I was thinking about removing the disabled NIC, however, I didn't know if that might mess things up more. I DID uninstall them in Device manager and then rebooted, hoping the OS would reconfigure them differently. However, I still had no luck after that, the computer seemed to respond the same way as before I uninstalled them. Do you think I SHOULD try to remove the disabled NIC?
I went to ADUC, and reset the computer account, and that didn't seem to change anything either.
I am a little confused with your last question.
I appreciate your help...
I was just more or less saying to verify the server is listed in DNS ...
I would definitely consider removing the disabled NIC ... can you also tell me what fix you applied?
Remove the NIC
Back out of the fix you previously applied
Then try to run NETDOM /reset ....
ASKER
The fix mentioned just taking out the Network components bound to that NIC...I unchecked the options of Internet Protocol (TCP/IP), Client for Microsoft Networks, and Network Load Balancing for the disabled NIC. As soon as I realized there was a problem with the server, I put those entries back just as they were before I made any changes.
I can uninstall the NIC, but in terms of the fix, I already backed out of it...
I can uninstall the NIC, but in terms of the fix, I already backed out of it...
ASKER
The actual problem was that the Exchange Server lost its secure channel to communicate to the DC. I couldn't remove it from the domain or Exchange will most likely get messed up.
All I did was to go the screen where I normally join a domain, and joined it to the Netbios name of our domain. That way it used the same computer account as it had previously in AD, making all of the permissions stay unchanged.
That was yesterday (Thursday) morning, and it seems to be running ok..I will watch the event logs very closely.
Thanks for your help...
All I did was to go the screen where I normally join a domain, and joined it to the Netbios name of our domain. That way it used the same computer account as it had previously in AD, making all of the permissions stay unchanged.
That was yesterday (Thursday) morning, and it seems to be running ok..I will watch the event logs very closely.
Thanks for your help...
Wow! - Got me back up and running again.
We had our DNS domain name of corp.company.com as the domain.
I took your advice and added my CORP_COMPANY NetBios Domain Name, rebooted, re-ran NetDiag /FIX and passed the Kerberos and LDAP tests!
Thanks.
- James
We had our DNS domain name of corp.company.com as the domain.
I took your advice and added my CORP_COMPANY NetBios Domain Name, rebooted, re-ran NetDiag /FIX and passed the Kerberos and LDAP tests!
Thanks.
- James
Check the bindings on the network adapter ...
Make sure you only have internal DNS servers configured in the IP properties
Make sure you can contact the valid DNS servers from your exchange.
- Tracert, PING