Windows Server 2008 R2 Distributed File System issues
OK, I will make this short and provide details as requested, and it may just be a silly question.
I have two Server 2K8 R2 SP1 servers running DFS replication. I have verified that this works as expected. But, when I try to use the 'Diagnostic Reports' in the DFS management MMC, it fails every time with a DCOM issue:
Cannot connect to reporting DCOM server.
Description: The RPC server is unavailable.
Last occurred: Tuesday, April 26, 2011 at 2:18:43 PM (GMT-6:00)
Suggested action: Verify that the DFS Replication Service is installed on the server and that RPC traffic is not blocked by firewalls or port filtering. For information about troubleshooting RPC issues see RPC KB 839880.
The firewall is not blocking this traffic, so I am at a loss why the actual replication works but not the test?
David Griswold
I have two Server 2K8 R2 SP1 servers running DFS replication. I have verified that this works as expected. But, when I try to use the 'Diagnostic Reports' in the DFS management MMC, it fails every time with a DCOM issue:
Cannot connect to reporting DCOM server.
Description: The RPC server is unavailable.
Last occurred: Tuesday, April 26, 2011 at 2:18:43 PM (GMT-6:00)
Suggested action: Verify that the DFS Replication Service is installed on the server and that RPC traffic is not blocked by firewalls or port filtering. For information about troubleshooting RPC issues see RPC KB 839880.
The firewall is not blocking this traffic, so I am at a loss why the actual replication works but not the test?
David Griswold
ASKER
The "DFSCMD /view <share> /full" command returns what is expected without errors.
Here is the event error when running the report:
Log Name: System
Source: Microsoft-Windows-Distribu
Date: 4/27/2011 10:56:56 AM
Event ID: 10009
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: OW-FS03.domain.local
Description:
DCOM was unable to communicate with the computer ow-fs01.domain.local using any of the configured protocols.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Di
<EventID Qualifiers="49152">10009</
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2011-04-27T15:
<EventRecordID>1913</Event
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>OW-FS03.domain.l
<Security />
</System>
<EventData>
<Data Name="param1">ow-fs01.doma
<Binary>3C5265636F72642331
</EventData>
</Event>
Here is the event error when running the report:
Log Name: System
Source: Microsoft-Windows-Distribu
Date: 4/27/2011 10:56:56 AM
Event ID: 10009
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: OW-FS03.domain.local
Description:
DCOM was unable to communicate with the computer ow-fs01.domain.local using any of the configured protocols.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-Di
<EventID Qualifiers="49152">10009</
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2011-04-27T15:
<EventRecordID>1913</Event
<Correlation />
<Execution ProcessID="0" ThreadID="0" />
<Channel>System</Channel>
<Computer>OW-FS03.domain.l
<Security />
</System>
<EventData>
<Data Name="param1">ow-fs01.doma
<Binary>3C5265636F72642331
</EventData>
</Event>
10009 is a pretty generic error and can be caused by a host of different things, from drivers to peripheral hardware to viruses to misconfiguration in the system. Can you give us a little more info on what is on that server, what it does other than DFS, etc.?
DrUltima
DrUltima
ASKER
I think I have discovered the issue. It is a firewall issue, but not blocking - NATting. I will have to wait until tonight to push out the updated policy.
David
David
That would definitely be problematic. I will continue to monitor and wait for your update.
DrUltima
DrUltima
ASKER
OK, so the NATting issue was a non-issue. Traffic is going through - there is no blocking of ports 135 or 445 or any other ports. I have TCPDUMPs from my firewall that shows the traffic. I am at a loss now. Let me know if you would like to see that TCPDUMP file.
David
David
ASKER
Well, I think I found the solution and it is the firewall if this is correct.
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk33371
I will push policy tonight and test and update the question tomorrow.
David
https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk33371
I will push policy tonight and test and update the question tomorrow.
David
Thanks for the update! I will continue to monitor....
DrUltima
DrUltima
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I was able to find an answer to my own issues. In hindsight, this was as much a Checkpoint firewall issue as it was a MS Server issue, so I should have put it in that category as well.
DrUltima