[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 44124
  • Last Modified:

DCOM was unable to communicate with the computer using any of the configured protocols

We get the following in our Exchange 2010 SP3 Rollup 1 event log:
Log Name:      System
Source:        Microsoft-Windows-DistributedCOM
Date:          19.07.2013 10:07:49
Event ID:      10028
Task Category: None
Level:         Error
Keywords:      Classic
User:          SYSTEM
Computer:      cashub01.domain.com
Description:
DCOM was unable to communicate with the computer cashub02.domain.com using any of the configured protocols; requested by PID      604 (c:\windows\system32\inetsrv\w3wp.exe).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-DistributedCOM" Guid="{1B562E86-B7AA-4131-BADC-B6F3A001407E}" EventSourceName="DCOM" />
    <EventID Qualifiers="0">10028</EventID>
    <Version>0</Version>
    <Level>2</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x8080000000000000</Keywords>
    <TimeCreated SystemTime="2013-07-19T08:07:49.405004600Z" />
    <EventRecordID>2986</EventRecordID>
    <Correlation />
    <Execution ProcessID="648" ThreadID="15880" />
    <Channel>System</Channel>
    <Computer>cashub01.domain.com</Computer>
    <Security UserID="S-1-5-18" />
  </System>
  <EventData>
    <Data Name="param1">cashub02.domain.com</Data>
    <Data Name="param2">     604</Data>
    <Data Name="param3">c:\windows\system32\inetsrv\w3wp.exe</Data>
    <Binary>3C5265636F726423313A20436F6D70757465723D286E756C6C293B5069643D3634383B372F31392F3230313320383A373A34393A3430353B5374617475733D313832353B47656E636F6D703D323B4465746C6F633D313436313B466C6167733D303B506172616D733D303B3E3C5265636F726423323A20436F6D70757465723D286E756C6C293B5069643D3634383B372F31392F3230313320383A373A34393A3430353B5374617475733D313832353B47656E636F6D703D323B4465746C6F633D3135333B466C6167733D303B506172616D733D343B7B506172616D23303A2D323134363839333030367D7B506172616D23313A347D7B506172616D23323A36383132367D7B506172616D23333A317D3E</Binary>
  </EventData>
</Event>

This is the same issue, but it does not provide a solution; Only a workaround to hide the error.

I can povoke the error when running
Get-OWAVirtualDirectory -Server cashub02

Open in new window

from cashub01. Same thing the other way.


Setup of Exchange 2010 environment:
* cashub01
* cashub02
* mailbox01 (in DAG with 02)
* mailbox02 (in DAG with 01)

All servers are Microsoft Windows Server 2012 Datacenter running on VMware ESXi 5.1.1.
Everything else is working. This is the only error on our cashubs.
Firewall is configured to allow traffic in and out between the IPs of the four Exchange servers.

Note!: The Exchange 2010 environment is currently coexisting with Exchange 2007 witch currently is our production Exchange environment.

Hope some of you guys can help us out.
1
nifdrift
Asked:
nifdrift
  • 6
  • 3
  • 3
  • +5
1 Solution
 
Shreedhar EtteCommented:
What does domain security group CERTSVC_DCOM_ACCESS contains? Please post the details.
0
 
Sushil SonawaneCommented:
Make sure port 135 open in your server and client side firewall. If still issue persist then off the client side firewall and then check.
0
 
nifdriftAuthor Commented:
shreedhar: We do not have such a group in our domain

Marshalhubs: I do not wish to show this information to everyone. Do you have an e-mail so I can mail you the link for the cab?

sushil84: There is no firewall between any of the Exchange servers, only between Exchange and mail clients.
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
Simon Butler (Sembee)ConsultantCommented:
Unfortuantely the post by marshalhubs is a straight copy and paste from a Microsoft Technet forum post where someone from Microsoft asks for the content.

http://social.technet.microsoft.com/Forums/windowsserver/en-US/353d381d-0911-41c3-98fb-2475b65c32f6/dcom-was-unable-to-communicate-with-the-computer-xxxx-using-any-of-the-configured-protocols

Therefore the post is completely useless to you.

You have mentioned a firewall. Are you talking about the Windows firewall or something else? Microsoft do not support any kind of firewall traffic blocking between Exchange servers, so if you are trying to restrict the traffic you will need to remove that restriction.

Simon.
0
 
nifdriftAuthor Commented:
I tried turning off the firewall on both cashubs, but i still get the following error in the event log
DCOM was unable to communicate with the computer cashub02.domain.com using any of the configured protocols; requested by PID      604 (c:\windows\system32\inetsrv\w3wp.exe).

Open in new window

0
 
Simon Butler (Sembee)ConsultantCommented:
"Firewall is configured to allow traffic in and out between the IPs of the four Exchange servers."

What EXACTLY do you mean by that.

Are you referring to the WINDOWS firewall or something else? Disabling the WIndows firewall is not recommended.

Simon.
0
 
nifdriftAuthor Commented:
"Firewall is configured to allow traffic in and out between the IPs of the four Exchange servers."
This is the Windows firewall. I have re-enabled it.
0
 
Simon Butler (Sembee)ConsultantCommented:
What did you change in the Windows firewall configuration? You shouldn't need to change anything.

Are the two servers on the same subnet?

Simon.
0
 
nifdriftAuthor Commented:
All the Exchange servers are on the same subnet.
0
 
COL_ITCommented:
I am receiving the same error for my two Exchange 2013 STd - CU2 servers. Nothing is prevented from happening, but an extreme delay occurs before I get the information/configuration back from the other server.
0
 
nifdriftAuthor Commented:
I'm going to inquire Microsoft about this issue. Will come back with more information.
0
 
bajpaimCommented:
Solution
=============
•Ensure that the remote computer is online.
•This problem may be the result of a firewall blocking the connection. For security, COM+ network access is not enabled by default.
•Check the system to determine whether the firewall is blocking the remote connection.

1. Disable Offload/SNP features from registry
 
Please backup system state before making any registry changes.
 
a. Disable RSS in the Registry by adding a DWORD registry key value for
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableRSS and setting it to 0.
 
b. DisableTaskOffload in the Registry by adding a DWORD value for
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\DisableTaskOffload and set it to 1.

c. Disable TCPChimney in the Registry by adding a DWORD value for
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableTCPChimney and set it to 0.

d. Disable EnableTCPA in the Registry by adding a DWORD value for
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableTCPA and set it to 0.

e. Configure HKLM\Software\Policies\Microsoft\Windows NT\Rpc\IgnoreDelegationFailure =1


2. Make the following changes on your physical NIC
 
Go to the NIC properties, click on advanced button, disable features that has the "Offload" or "RSS" wording in feature name.
For examples, below is some of the features commonly seen in NIC's advanced properties:
 
- IPv4 Checksum Offload

- IPv6 Checksum Offload

- IPv4 Large Send Offload

- IPv6 Large Send Offload

- Receive Side Scaling
 
Set registry key on both the servers and then reboot. if you experience the issue that trust relation between the domain is broken, then rejoin the server to the domian controller.
0
 
nifdriftAuthor Commented:
We did everything except diabling Receive Side Scaling/RSS and now we dont get errors in the event log regarding DCOM.
0
 
COL_ITCommented:
Yep...this fixed my issues on my Exchange 2013 servers.
0
 
COL_ITCommented:
The big question I have, now that this issue is resolved for me, what did this error do or prevent from doing other than giving me a big red error in my event viewer? I still got the details I was requesting when communicating from one server to the other, but I don't know if something else was happening in the background that was creating true problems.
0
 
JFLavalleeCommented:
Correct me if I'm wrong but the solution really only masks the problem by disabling reporting of DCOM errors. I'm still looking for a way to "solve" the issue!
0
 
bluemarbletechCommented:
I had the same issue with a client's 2011 SBS, the System log showed Event 1009 every 30 minutes for two computers in the domain. It did not seem to affect anything but the log was full of these errors. While dealing with some other issues I found the solution, which was pretty simple. No reg hacks, no port changes.

The two computers showing in the logs had recently been upgraded to Windows 7. They were both wiped clean and then had Win 7 pro reinstalled from scratch, and then rejoined to the domain with new computer names. However, both still showed in AD under the old names as well as the new ones. My guess is they were not dis-joined from the domain before the upgrade. The new computer names showed in AD under SBS Computers, but the old names were still showing under the Computers OU.

In my case the answer was as simple as deleting the old computer names out of AD. The new names stayed put and the errors which were filling up the logs every half hour stopped completely.

Hope this helps someone...
1

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 6
  • 3
  • 3
  • +5
Tackle projects and never again get stuck behind a technical roadblock.
Join Now