Remote Group Policy Update error code 8007071a - remote procedure procedure call was cancelled

Using AD 2012 - do a Group Policy Update from the Group Policy MMC to all servers in the Domain and I get the eror :-
Computer Name , 8007071a , Error The Romote procedure call was cancelled.

Not sure if it stops the polcy being pushed out to the server. I have looked at the link to check what ports are needed open from the the DC's. All seemed covered as in the list in the link below

http://technet.microsoft.com/en-gb/library/dd772723%28v=ws.10%29.aspx

Appreciate if soemone have enlighten me how to resolve this and what is NOT beign replicated
ccfcfcAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

dpcsitCommented:
What happens if you go to the receiving servers and issue a gpupdate /force then a gpresult /v
0
ccfcfcAuthor Commented:
The gpupdate /force complets and the gpresult /v seems to report  no errors, see output below, :-

C:\Users\supps>gpresult /v

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
c 2013 Microsoft Corporation. All rights reserved.

Created on 12/18/2014 at 4:04:54 PM


RSOP data for EUW01\supps on EUW01-DC-001 : Logging Mode
---------------------------------------------------------

OS Configuration:            Primary Domain Controller
OS Version:                  6.3.9600
Site Name:                   N/A
Roaming Profile:             N/A
Local Profile:               C:\Users\supps
Connected over a slow link?: No


USER SETTINGS
--------------
    CN=Paul Smith,OU=Infrastructure,OU=Users,OU=Intamac Systems Limited,DC=euw01
,DC=intamac,DC=com
    Last time Group Policy was applied: 12/18/2014 at 2:36:25 PM
    Group Policy was applied from:      euw01-dc-001.euw01.intamac.com
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        EUW01
    Domain Type:                        Windows 2008 or later

    Applied Group Policy Objects
    -----------------------------
        N/A

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Local Group Policy
            Filtering:  Not Applied (Empty)

    The user is a part of the following security groups
    ---------------------------------------------------
        Domain Users
        Everyone
        BUILTIN\Users
        BUILTIN\Pre-Windows 2000 Compatible Access
        BUILTIN\Administrators
        REMOTE INTERACTIVE LOGON
        NT AUTHORITY\INTERACTIVE
        NT AUTHORITY\Authenticated Users
        This Organization
        LOCAL
        Infastructure
        Domain Admins
        Enterprise Admins
        Authentication authority asserted identity
        Denied RODC Password Replication Group
        High Mandatory Level

    The user has the following security privileges
    ----------------------------------------------


    Resultant Set Of Policies for User
    -----------------------------------

        Software Installations
        ----------------------
            N/A

        Logon Scripts
        -------------
            N/A

        Logoff Scripts
        --------------
            N/A

        Public Key Policies
        -------------------
            N/A

        Administrative Templates
        ------------------------
            N/A

        Folder Redirection
        ------------------
            N/A

        Internet Explorer Browser User Interface
        ----------------------------------------
            N/A

        Internet Explorer Connection
        ----------------------------
            N/A

        Internet Explorer URLs
        ----------------------
            N/A

        Internet Explorer Security
        --------------------------
            N/A

        Internet Explorer Programs
        --------------------------
            N/A
0
dpcsitCommented:
I have to wonder if you still have a firewall issue if the update runs when run locally on the other servers.

I had one server network card that thought it was not in the domain for some reason so the firewalls ports were still blocked.

If you run this from a command prompt on the receiving servers you will fully turn off the firewalls. Then try the remote update and see if you get the same errors.

NetSh Advfirewall set allprofiles state off

Speaking of have you tried the remote update since you did the GPupdate /force?





Lastly  It also could be WMI related see the link below it talks about the process for updates. You might try to rebuild WMI on the servers.

http://technet.microsoft.com/en-us/library/jj134201.aspx
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

ccfcfcAuthor Commented:
Yes it was an issue with the member server not being able to allow a connection through.
0
dpcsitCommented:
So is it resolved?
0
ccfcfcAuthor Commented:
Yes, we are running within the AWS cloud environment. It is slightly differnet in that you setup security groups on member servers to allow tarffic into it. TO make it wasier, I allowed the DC's to be able to communicate over any ports ONLY to the member server. Although I added all the ports as per the URL I provided from Microsoft this obviously needed another port not documented. within the policy, all firewalling is turned off.
0
dpcsitCommented:
Well can you post that port in case someone else has this issue, it will help them in the future! Nice fix!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Server OS

From novice to tech pro — start learning today.