Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

RPC issue ISA 2006 The RPC server is unavailable

Posted on 2007-11-27
8
Medium Priority
?
4,879 Views
Last Modified: 2011-08-18
Hi Guys
Hope someone can help with this.

I have a new ISA 2006 Installation on W2k3.

The ISA server all looks to be working without issue. (Blocking and enabling require traffic.) The only problem I have is when I try to add users using the windows Users and groups option.

I am able to browse AD for the OU and can Find the Security group that I require. (Same issue for a user.) Yet once I click OK in the select user and groups windows the whole system locks up for 5 min then returns "The RPC server is unavailable."

I have found that if I disable Microsoft Firewall and they select the group that this works without an Issue. I can then enable Microsoft Firewall and every thing works as expect for about 15min. After that the system is unable to refresh the security group and access is stopped.

I did find and Artical that said to disable "EnableRSS" and I have done this on the ISA system. See below for artical.
"http://support.microsoft.com/default.aspx?scid=kb;EN-US;927695"

Also I create a rule to allow all traffic from ISA to AD server yet still failed to resolve the issue.

Any suggestion would be appriciated.


Thanks
0
Comment
Question by:BrendanKing
8 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 20372598
Can you give a little more info because I have a hard time imagining your network / AD layout.
So where is the ISA positioned to the machine where you disable the firewall.
And is that 2K3 the DC?

J.
0
 
LVL 1

Author Comment

by:BrendanKing
ID: 20392361
Hi

The ISA has two nic cards.
one configured for the internet
two configured for the LAN.
I disable to Microsoft Firewall (Not Windows firewall) on the ISA system.

Only one DNS is configured and is pointing to the AD, DNS server.

All system are 2wk3 SP2, Domain functional level windows 2000 native, Forest Level windows 2000.


Let me know if you want any more information.

C
0
 
LVL 1

Author Comment

by:BrendanKing
ID: 20408872
Hi Guys

I managed to track down the solution. There is a require Registry change if W2k3 SP3 is installed for some Nic cards.

Registry changes
HK\LM\System\Currentcontrolset\services\tcpip\parameters.
 
Change Dwords (Or add)
EnableRSS=0
Enable TCPA=0
DisableTaskoffload=1

0
WatchGuard Case Study: NCR

With business operations for thousands of customers largely depending on the internal systems they support, NCR can’t afford to waste time or money on security products that are anything less than exceptional. That’s why they chose WatchGuard.

 
LVL 18

Expert Comment

by:PowerIT
ID: 20409654
OK, nice find.
Some remarks: you have now disabled three of the new features of SP2 on 2K3 which were meant to improve network performance  but which sometimes did the reverse and slowed the network connection to a crawl. And XP SP2 can have the same problem, which means you can have it at the client side also.
The first one is Receive Side Scaling which is only relevant for NAT routing functions and so also to ISA.
By setting EnableRSS to 0 you turned of RSS.
The second one is part of the Scalable Network Pack and meant to increase general network performance. This is done by setting DisableTaskOffload=0.
The third one is TCPA which enables DMA on the PCI-bus to receive packets directly.

The fault itself is usually within the network driver or system dirvers.
So if you want to enable this again then update the drivers of you NIC's first and then give it a try after reversing the settings.
If you have the time and the machine is fre you can find out exactly which one of the 3 is causing this. RSS is only relevant to ISA itself. TCPA and TaskOffload are relevant to general network functionality.


J.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20675065
I agree. Refund and keep the answer for future generations ;-)
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 20703239
PAQed with points refunded (500)

Computer101
EE Admin
0
 
LVL 1

Expert Comment

by:pdmills12
ID: 26108454
Thank you for keeping this up for "future generations", I had the same problem and it fixed it.

Thanks again!
PM
0

Featured Post

What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Experts Exchange expands question security options for members.
Phishing emails are a popular malware delivery vehicle for attack.  While there are many ways for an attacker to increase the chances of success for their phishing emails, one of the most effective methods involves spoofing the message to appear to …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…
In a question here at Experts Exchange (https://www.experts-exchange.com/questions/29062564/Adobe-acrobat-reader-DC.html), a member asked how to create a signature in Adobe Acrobat Reader DC (the free Reader product, not the paid, full Acrobat produ…

885 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question