Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

RPC issue ISA 2006 The RPC server is unavailable

Posted on 2007-11-27
8
Medium Priority
?
4,874 Views
Last Modified: 2011-08-18
Hi Guys
Hope someone can help with this.

I have a new ISA 2006 Installation on W2k3.

The ISA server all looks to be working without issue. (Blocking and enabling require traffic.) The only problem I have is when I try to add users using the windows Users and groups option.

I am able to browse AD for the OU and can Find the Security group that I require. (Same issue for a user.) Yet once I click OK in the select user and groups windows the whole system locks up for 5 min then returns "The RPC server is unavailable."

I have found that if I disable Microsoft Firewall and they select the group that this works without an Issue. I can then enable Microsoft Firewall and every thing works as expect for about 15min. After that the system is unable to refresh the security group and access is stopped.

I did find and Artical that said to disable "EnableRSS" and I have done this on the ISA system. See below for artical.
"http://support.microsoft.com/default.aspx?scid=kb;EN-US;927695"

Also I create a rule to allow all traffic from ISA to AD server yet still failed to resolve the issue.

Any suggestion would be appriciated.


Thanks
0
Comment
Question by:BrendanKing
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
8 Comments
 
LVL 18

Expert Comment

by:PowerIT
ID: 20372598
Can you give a little more info because I have a hard time imagining your network / AD layout.
So where is the ISA positioned to the machine where you disable the firewall.
And is that 2K3 the DC?

J.
0
 
LVL 1

Author Comment

by:BrendanKing
ID: 20392361
Hi

The ISA has two nic cards.
one configured for the internet
two configured for the LAN.
I disable to Microsoft Firewall (Not Windows firewall) on the ISA system.

Only one DNS is configured and is pointing to the AD, DNS server.

All system are 2wk3 SP2, Domain functional level windows 2000 native, Forest Level windows 2000.


Let me know if you want any more information.

C
0
 
LVL 1

Author Comment

by:BrendanKing
ID: 20408872
Hi Guys

I managed to track down the solution. There is a require Registry change if W2k3 SP3 is installed for some Nic cards.

Registry changes
HK\LM\System\Currentcontrolset\services\tcpip\parameters.
 
Change Dwords (Or add)
EnableRSS=0
Enable TCPA=0
DisableTaskoffload=1

0
Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

 
LVL 18

Expert Comment

by:PowerIT
ID: 20409654
OK, nice find.
Some remarks: you have now disabled three of the new features of SP2 on 2K3 which were meant to improve network performance  but which sometimes did the reverse and slowed the network connection to a crawl. And XP SP2 can have the same problem, which means you can have it at the client side also.
The first one is Receive Side Scaling which is only relevant for NAT routing functions and so also to ISA.
By setting EnableRSS to 0 you turned of RSS.
The second one is part of the Scalable Network Pack and meant to increase general network performance. This is done by setting DisableTaskOffload=0.
The third one is TCPA which enables DMA on the PCI-bus to receive packets directly.

The fault itself is usually within the network driver or system dirvers.
So if you want to enable this again then update the drivers of you NIC's first and then give it a try after reversing the settings.
If you have the time and the machine is fre you can find out exactly which one of the 3 is causing this. RSS is only relevant to ISA itself. TCPA and TaskOffload are relevant to general network functionality.


J.
0
 
LVL 18

Expert Comment

by:PowerIT
ID: 20675065
I agree. Refund and keep the answer for future generations ;-)
0
 
LVL 1

Accepted Solution

by:
Computer101 earned 0 total points
ID: 20703239
PAQed with points refunded (500)

Computer101
EE Admin
0
 
LVL 1

Expert Comment

by:pdmills12
ID: 26108454
Thank you for keeping this up for "future generations", I had the same problem and it fixed it.

Thanks again!
PM
0

Featured Post

Protect Your Retail Business and Reputation

Wi-Fi access doesn't just impact your business & customer experience, it can also affect your security.  Join us for an informative webinar to learn more about the top threats and trends impacting retail today, and the key solutions to protecting retail networks and reputations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In the absence of a fully-fledged GPO Management product like AGPM, the script in this article will provide you with a simple way to watch the domain (or a select OU) for GPOs changes and automatically take backups when policies are added, removed o…
The well known Cerber ransomware continues to spread this summer through spear phishing email campaigns targeting enterprises. Learn how it easily bypasses traditional defenses - and what you can do to protect your data.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
Attackers love to prey on accounts that have privileges. Reducing privileged accounts and protecting privileged accounts therefore is paramount. Users, groups, and service accounts need to be protected to help protect the entire Active Directory …

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question