Solved

Remote Group Policy Update error code 8007071a - remote procedure procedure call was cancelled

Posted on 2014-12-18
8
5,891 Views
Last Modified: 2015-01-07
Using AD 2012 - do a Group Policy Update from the Group Policy MMC to all servers in the Domain and I get the eror :-
Computer Name , 8007071a , Error The Romote procedure call was cancelled.

Not sure if it stops the polcy being pushed out to the server. I have looked at the link to check what ports are needed open from the the DC's. All seemed covered as in the list in the link below

http://technet.microsoft.com/en-gb/library/dd772723%28v=ws.10%29.aspx

Appreciate if soemone have enlighten me how to resolve this and what is NOT beign replicated
0
Comment
Question by:ccfcfc
  • 5
  • 3
8 Comments
 
LVL 1

Expert Comment

by:dpcsit
ID: 40507090
What happens if you go to the receiving servers and issue a gpupdate /force then a gpresult /v
0
 

Author Comment

by:ccfcfc
ID: 40507279
The gpupdate /force complets and the gpresult /v seems to report  no errors, see output below, :-

C:\Users\supps>gpresult /v

Microsoft (R) Windows (R) Operating System Group Policy Result tool v2.0
c 2013 Microsoft Corporation. All rights reserved.

Created on 12/18/2014 at 4:04:54 PM


RSOP data for EUW01\supps on EUW01-DC-001 : Logging Mode
---------------------------------------------------------

OS Configuration:            Primary Domain Controller
OS Version:                  6.3.9600
Site Name:                   N/A
Roaming Profile:             N/A
Local Profile:               C:\Users\supps
Connected over a slow link?: No


USER SETTINGS
--------------
    CN=Paul Smith,OU=Infrastructure,OU=Users,OU=Intamac Systems Limited,DC=euw01
,DC=intamac,DC=com
    Last time Group Policy was applied: 12/18/2014 at 2:36:25 PM
    Group Policy was applied from:      euw01-dc-001.euw01.intamac.com
    Group Policy slow link threshold:   500 kbps
    Domain Name:                        EUW01
    Domain Type:                        Windows 2008 or later

    Applied Group Policy Objects
    -----------------------------
        N/A

    The following GPOs were not applied because they were filtered out
    -------------------------------------------------------------------
        Local Group Policy
            Filtering:  Not Applied (Empty)

    The user is a part of the following security groups
    ---------------------------------------------------
        Domain Users
        Everyone
        BUILTIN\Users
        BUILTIN\Pre-Windows 2000 Compatible Access
        BUILTIN\Administrators
        REMOTE INTERACTIVE LOGON
        NT AUTHORITY\INTERACTIVE
        NT AUTHORITY\Authenticated Users
        This Organization
        LOCAL
        Infastructure
        Domain Admins
        Enterprise Admins
        Authentication authority asserted identity
        Denied RODC Password Replication Group
        High Mandatory Level

    The user has the following security privileges
    ----------------------------------------------


    Resultant Set Of Policies for User
    -----------------------------------

        Software Installations
        ----------------------
            N/A

        Logon Scripts
        -------------
            N/A

        Logoff Scripts
        --------------
            N/A

        Public Key Policies
        -------------------
            N/A

        Administrative Templates
        ------------------------
            N/A

        Folder Redirection
        ------------------
            N/A

        Internet Explorer Browser User Interface
        ----------------------------------------
            N/A

        Internet Explorer Connection
        ----------------------------
            N/A

        Internet Explorer URLs
        ----------------------
            N/A

        Internet Explorer Security
        --------------------------
            N/A

        Internet Explorer Programs
        --------------------------
            N/A
0
 
LVL 1

Accepted Solution

by:
dpcsit earned 500 total points
ID: 40507470
I have to wonder if you still have a firewall issue if the update runs when run locally on the other servers.

I had one server network card that thought it was not in the domain for some reason so the firewalls ports were still blocked.

If you run this from a command prompt on the receiving servers you will fully turn off the firewalls. Then try the remote update and see if you get the same errors.

NetSh Advfirewall set allprofiles state off

Speaking of have you tried the remote update since you did the GPupdate /force?





Lastly  It also could be WMI related see the link below it talks about the process for updates. You might try to rebuild WMI on the servers.

http://technet.microsoft.com/en-us/library/jj134201.aspx
0
 
LVL 1

Expert Comment

by:dpcsit
ID: 40507474
0
Free Gift Card with Acronis Backup Purchase!

Backup any data in any location: local and remote systems, physical and virtual servers, private and public clouds, Macs and PCs, tablets and mobile devices, & more! For limited time only, buy any Acronis backup products and get a FREE Amazon/Best Buy gift card worth up to $200!

 

Author Comment

by:ccfcfc
ID: 40509306
Yes it was an issue with the member server not being able to allow a connection through.
0
 
LVL 1

Expert Comment

by:dpcsit
ID: 40509317
So is it resolved?
0
 

Author Comment

by:ccfcfc
ID: 40509336
Yes, we are running within the AWS cloud environment. It is slightly differnet in that you setup security groups on member servers to allow tarffic into it. TO make it wasier, I allowed the DC's to be able to communicate over any ports ONLY to the member server. Although I added all the ports as per the URL I provided from Microsoft this obviously needed another port not documented. within the policy, all firewalling is turned off.
0
 
LVL 1

Expert Comment

by:dpcsit
ID: 40509350
Well can you post that port in case someone else has this issue, it will help them in the future! Nice fix!
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

This article will review the basic installation and configuration for Windows Software Update Services (WSUS) in a Windows 2012 R2 environment.  WSUS is a Microsoft tool that allows administrators to manage and control updates to be approved and ins…
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
In this Micro Tutorial viewers will learn how to use Windows Server Backup to create full image of their system. Tutorial shows how to install Windows Server Backup Feature on Windows 2012R2 and how to configure scheduled Bare Metal Recovery backup.…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now