Solved

RPC error in ISA 2004

Posted on 2007-04-05
11
479 Views
Last Modified: 2009-06-04
While i am trying to add windows domain users to the ISA 2004 Server user group,it is showing RPC

Two things i tried without success

1, Created a rule to allow RPC.
2, Tried to disable the RPC filter.

Any one having any suggetion please help?
0
Comment
Question by:Shibint
  • 3
  • 2
  • 2
  • +2
11 Comments
 
LVL 7

Expert Comment

by:LimeSMJ
ID: 18861875
Can you be a bit more specific with the error?  Are you running Standard or Enterprise?

For now, if you didn't already, you may want to try this Microsoft ISA Standard RPC patch to see if it fixes your problem:

http://www.microsoft.com/downloads/details.aspx?FamilyID=0b3b8b50-9a7a-43ca-8e30-ccfcd8ad5fa3&DisplayLang=en

By the way, next time you might want to post firewall questions in the Firewall section and not in Windows Networking (you may get help faster).
0
 
LVL 7

Expert Comment

by:LimeSMJ
ID: 18861916
Nevermind the last line...
0
 
LVL 5

Expert Comment

by:drtoto82
ID: 18861917
can't really understand what u want to say .
Do u want to manage ISA using RPC ? or u can't add users or what ?

Any way make sure u enable TCP port 135 for the RPC connection . Also , make sure of making proper source and destination and remember that ISA treats the local host (the ISA server itself) as a separate netwrok .
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18862696
Firstly, don't disable the rpc filter; without you are dead in the water. The RPC filter is responsible for controlling all of the dynamic aspects to the RPC controls so if you turn it off, YOU will need to create all the controls necessary manually.

Confirm you have ISA sp2 and the post ISA sp2 rollup patches installed.
Is ISA installed as a proxy or as a firewall? Is ISA part of the domain?
What rule(s) have you put in place on the ISA firewall policy to allow traffic between the internal network and the local host (and back)?

Keith
ISA MCT
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 

Author Comment

by:Shibint
ID: 18911379
Can Any one give me a exact configuration required to configure a ISA server on a domain envirnment as a proxy & firewall.?

What you meant by create the all controls?

The problem i cannot add users?
0
 
LVL 51

Expert Comment

by:Keith Alabaster
ID: 18911459
No-one would be that stupid. You haven't told us what you want to do so how could anyone give you an exact configuration?

You tell me what you want to allow in from the Intenet
Tell me what you want to allow out from the inside to the Internet

I still need to know what revision of ISA2004 you are running. If you won't answer the responses, there is not much we can do is there.

What rule have put from internal & local host TO internal & local host?
0
 

Author Comment

by:Shibint
ID: 18911586
I tried to allow all protocols from  internal & local host TO internal & local host.

Specifically i want to allow http,https, ftp,smtp,pop3 & pptp.
0
 
LVL 51

Accepted Solution

by:
Keith Alabaster earned 63 total points
ID: 18911674
Assuming you have set ISA up correctly in the first place with the correct ip addresses in the klocal address table etc then i would run the best practice analyser. This will tell you if you have a fundamental issue as no amendments should be required on the RPC filter at all.

http://www.microsoft.com/downloads/details.aspx?FamilyID=D22EC2B9-4CD3-4BB6-91EC-0829E5F84063&displaylang=en
0
 

Assisted Solution

by:wdigitech
wdigitech earned 62 total points
ID: 18921279
I had the same issue and this I fixed it:
1. Open the ISA Management Console.
2. Right Click on Firewall Policy and select Edit System Policy.
3. Under the option for Authentication Services you will see Active Directory. Click on it.
4. On the right side uncheck a box that says "Enforce strict RPC compliance". This is the one I found on my own.
5. Then left click on Firewall Policy and on the right side you will see the SBS Protected Network Access Rule (number 4). Right click on it and select configure RPC protocol. Then uncheck the box that says "Enforce strict RPC compliance" as above.
6. Then on the left side, under Configuration select Add-ins. On the right side, right click on "RPC Filter" and select properties. Uncheck the box that says 'enable'.
 
Restart the server and you are good to go. Microsoft had an article on this problem but when I went to it, it could not be found. He did not know what happened to it. The KB number would be 928580. Supposedly, it deals with this same issue.
0

Featured Post

Get up to 2TB FREE CLOUD per backup license!

An exclusive Black Friday offer just for Expert Exchange audience! Buy any of our top-rated backup solutions & get up to 2TB free cloud per system! Perform local & cloud backup in the same step, and restore instantly—anytime, anywhere. Grab this deal now before it disappears!

Join & Write a Comment

This is the first one of a series of articles I’ll be writing to address technical issues that are always referred to as network problems. The network boundaries have changed, therefore having an understanding of how each piece in the network  puzzl…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now