RPC Server is Unavailable on a DC

Posted on 2007-03-26
Last Modified: 2012-06-22
I have 2 DC's in one forest/domain with about 600 clients

Both DC's are running 2003 Enterprise with SP2 and fully patched. I have started doing some DNS troubleshooting per this article as clients hang on "Applying Personal Settings"

On my main DNS/DC Server, when I make the changes and do a ipconfig/registerdns - I get the "Registration of DNS records failed: The RPC server is unavailable". I have rebooted the server to no avail. I fear this could be causing some of the DNS issues I am having. How do I begin troubleshooting this error?

Question by:dsheltzel
LVL 30

Accepted Solution

LauraEHunterMVP earned 500 total points
Comment Utility
This error almost always indicates an issue with DNS name resolution.  You should run netdiag and dcdiag (in the Windows Support Tools) on both of your DCs, as well as verifying that your DCs are pointing to the correct DNS server, and that the DNS server contains the _SRV records for your Active Directory domain.

Troubleshooting DNS can be a difficult process, but here is a general overview to get you started:

Things to keep in mind to insure AD functionality (including replication,
RPC communication, authentication, etc etc etc), and just to note, by
default, registration just works as long as:

1. The Primary DNS Suffix matches the zone name that is allowing updates.
Otherwise the client doesn't know what zone name to register in. You can
also have a different Conneciton Specific Suffix in addition to the Primary
DNS Suffix to register into that zone as well.

2. The DNS addresses configured in the client's IP properties must ONLY
reference the DNS server(s) hosting the AD zone you want to update in. You
cannot use an external DNS in any machine's IP property in an AD
environment. You can't mix them either. That's because of the way the DNS
Client side resolver service works. Even if you mix up internal DNS and
ISP's DNS addresses, the resolver algorithm can still have trouble asking
the correct DNS server. It will ask the first one first. If it doesn't get a
response, it removes the first one from the eligible resolvers list and goes
to the next in the list. It will not go back to the first one unless you
restart the machine, restart the DNS Client service, or set a registry entry
to cut the query TTL to 0. The rule is to ONLY use your internal DNS
server(s) and configure a forwarder to your ISP's DNS for efficient Internet

3. DHCP Option 006 for the clients are set to the same DNS server.

4. If using DHCP, DHCP server must only be referencing the same exact DNS
server(s) in it's own IP properties in order for it to 'force' (if you set
that setting) registration into DNS. Otherwise, how would it know which DNS
to send the reg data to?

5. If the AD DNS Domain name is a single label name, such as "EXAMPLE", and
not the proper format of "" and/or any child of that format, such
as "", then we have a real big problem. DNS will not allow
registration into a single label domain name.
This is for rwo reasons:
1. It's not the proper hierachal format. DNS is
hierarchal, but a single label name has no hierarchy.
It's just a single name.
2. Registration attempts causes major Internet queries
to the Root servers. Why? Because it thinks the
single label name, such as "EXAMPLE", is a TLD
(Top LEvel Domain), such as "com", "net", etc. It
will now try to find what Root name server out there
handles that TLD. In the end it comes back to itself
and then attempts to register.

Due to this excessive Root query traffic, which ISC found from a study that
found Microsoft DNS server causing excessive traffic because of single label
names, stopped the ability to register into DNS with Windows 2000 SP4, XP
SP1, (especially XP,which cause lookup problems too), and Windows 2003.

6. AD/DNS zone is not configured to allow dynamic updates, whether Secure or
Secure and Non-Secure. If a client is not joined to the domain, and the zone
is set to Secure, it will not register either.

7.  'Register this connection's address" on the client is not enabled under
the NIC's IP properties, DNS tab.

8. Maybe there's a GPO set to force Secure updates and the machine isn't a
joined member of the domain.

9.  DHCP client service not running.  This is a requirement for DNS
registration and DNS resolution even if the client is not actually using

So in essence, as long as you do not reference any DNS servers that do not
host the AD zone, (no ISP's DNS servers can be in any machine's IP
and you leave everything else default, this just works. No registry
are required.

If you feel this wasn't helpful, I think it's time to ask for more specific
configuration information to better assist, such as:

1. ipconfig /all from a client and from your DC(s)
2. The DNS domain name of AD (found in ADUC)
3. The zonename in your Forward Lookup Zones in DNS
4. If updates are set to allow under zone properties
5. If this machine has more than one NIC
6. Do you have a firewall separating the DCs? If so, what brand?
7. Is/are forwarder(s) configured?
8. Do the SRV records exist under your zone name?
9. Event ID errors?

Author Comment

Comment Utility
What about the RPC errors I have posted above?
LVL 30

Expert Comment

Comment Utility
RPC errors are most frequently caused by DNS misconfiguration or other issues within DNS. Use the steps that I outlined in a previous post to troubleshoot your DNS environment, which the RPC errors are likely symptomatic of.
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.


Expert Comment

Comment Utility
Excellent!! I had never seen anything stating that the DHCP client needs to be running.  This post saved me!

Some knucklehead (probably why he was replaced) set the DHCP client to disabled on an SBS 2003 server.

Enabling and starting DHCP client fixed the "RPC server unavailable" error on ipconfig /registerdns.


Expert Comment

Comment Utility
Cheers man I also didnt knew that DHCP client must be running


Expert Comment

Comment Utility
Thanks for tha DHCP Client reminder!!  I had forgotten about that!!!

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Join & Write a Comment

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Sending a Secure fax is easy with eFax Corporate ( First, Just open a new email message.  In the To field, type your recipient's fax number You can even send a secure international fax — just include t…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor ( If you're interested in additional methods for monitoring bandwidt…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now