techcodr
asked on
Group Policy Results Wizard says "The RPC server is unavailable"
Group Policy Results Wizard says "The RPC server is unavailable"
THe-RPC-Server-is-Unavailable.docx
THe-RPC-Server-is-Unavailable.docx
ASKER
Yes, running at server. Do not know how to run the same thing at Windows 7.
At win7, open an elevated command prompt (right click cmd.exe and select "run as administrator"). There, launch
gpresult /h %temp%\result.html & %temp%\result.html
ASKER
Had not seen the & %temp%\result.html. & is not listed in gpresult /?. It does display the results.
If you run that command, a results file results.html will be created in %temp%. Open it (the command would open it automatically unless you do something wrong like close the browser that opens).
ASKER
The command did display the results and I did not have to go to %temp%
You may simply run rsop.msc from run command on client machine..If the user is non-administrator it will give you access denied for computer configuration but will show user configurations...running from admin user should not be a problem
ASKER
Am I being told that the command on the server just does not work and I have to go to individual computers?
It was one of the way to run rsop and if you wanna run from server then follow below link and run from gpmc.msc...if you find any errors then disable the windows firewall or any other firewall between the client and DC
https://liquidwarelabs.zendesk.com/hc/en-us/articles/210638683-How-To-Get-A-Complete-Group-Policy-GPO-RSoP-Report-For-Support
https://liquidwarelabs.zendesk.com/hc/en-us/articles/210638683-How-To-Get-A-Complete-Group-Policy-GPO-RSoP-Report-For-Support
"The command did display the results and I did not have to go to %temp%" - ok, just to make sure: and the result did again display the error?
Why have you tagged azure in the question..do we have Azure involved in this context
ASKER
To Life1430.
The link you provided seems what needs to be run at the individual computer. Running the Gpresults at Windows 7 works fine (using the gpresult /h %temp%\result.html & %temp%\result.html McKnife provided). But using that work around requires me to go to each client computer. I am running to run Group Policy Results Wizard on client computer at the server. I have tried to turn off Windows Server Defender firewall at the server and disable the Symantec Endpoint Protection at the Windows 7 client.
To McKnife.
The command gpresult /h %temp%\result.html & %temp%\result.html works at the Windows 7 client. What I am trying to do is run Group Policy Results Wizard for the Windows 7 client at the server. Using Group Policy Results Wizard does not work.
The link you provided seems what needs to be run at the individual computer. Running the Gpresults at Windows 7 works fine (using the gpresult /h %temp%\result.html & %temp%\result.html McKnife provided). But using that work around requires me to go to each client computer. I am running to run Group Policy Results Wizard on client computer at the server. I have tried to turn off Windows Server Defender firewall at the server and disable the Symantec Endpoint Protection at the Windows 7 client.
To McKnife.
The command gpresult /h %temp%\result.html & %temp%\result.html works at the Windows 7 client. What I am trying to do is run Group Policy Results Wizard for the Windows 7 client at the server. Using Group Policy Results Wizard does not work.
ASKER
To Life1430
I do not know how Azure and Windows 10 was selected.
I do not know how Azure and Windows 10 was selected.
I have seen that problem myself (results cannot be displayed at the server but only at the client), but honestly, I never investigated why, sorry.
I would expect it to be Firewall and remote management related.
There is is post that claims it is
There is is post that claims it is
RSoP. You need to enable the program unsecapp.exe (C:\WINDOWS\system32\wbem)https://social.technet.microsoft.com/Forums/exchange/en-US/2a742f2b-8560-4f69-bf25-bc7883c939ae/rsop-on-remote-machine-returns-rpc-error?forum=winserverGPas well as port 135.Open the port in firewall
ASKER
C:\PortQryV2>portqry -n server -e 135
...
TCP port 135 (epmap service): LISTENING
Is that good enough to show port 135 is open?
You wrote "You need to enable the program unsecapp.exe (C:\WINDOWS\system32\wbem) as well as port 135.Open the port in firewall" and gave a link.
That link refers to another link that is broken. I am not finding information regarding enabling the program unsecapp.exe
...
TCP port 135 (epmap service): LISTENING
Is that good enough to show port 135 is open?
You wrote "You need to enable the program unsecapp.exe (C:\WINDOWS\system32\wbem)
That link refers to another link that is broken. I am not finding information regarding enabling the program unsecapp.exe
ASKER
Was talking to Dell Support regarding another issue and was told firewall. So I uninstalled Symantec End Point protection and turned off Windows Firewall. That allowed the Group Policy Results Wizard to run. Then I tired to figure what would make the Windows Firewall allow Group Policy Results Wizard to work. Suddenly, Group Policy Results Wizard started working. Reinstalled Symantec End point protection and that computer can be accessed. But I do not know what changed and can not access the next computer.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Symantec Support put in a rule Remote Access to allow Inbound & outbound on any computer for all communication. This worked for two computers. I am remoted in so I do not know which other computers are powered to continue testing. Will test further.
I tried my suggestion successfully, by the way.
ASKER
Your solution was open inbound TCP local ports 49152-65535. Correct?
Yes, in addition to tcp 135.
ASKER
Not able to reach all computers. Also switched to inbound and outbound TCP local ports 49152-65535
It works on any of the shelf domain-joined machine, so something else is playing a role here. any other firewalls in between?
ASKER
The count was 8 computers yes and 2 computers no. Having a special rule for port 135 did not seem to matter. PortQry showed port 135 was open.
135 could have been opened by other programs. It's closed by default as anything else (if the fw is active).
For those where it still does not work, please upload the firewall logfile (log only dropped packets, please).
For those where it still does not work, please upload the firewall logfile (log only dropped packets, please).
ASKER
There are several causes.
1. If the computer is not available on the network. When selecting computers, the server still remembers computers that were on network. The computers could be moved completely off the network or be powered off.
2. Firewall blocking. Was using Symantec Endpoint Protection. Had to create rule to open local inbound TCP ports 49152-65535.
Additional Symantec Endpoint Protection items to check
a. Any new computers will be put in the default group and have to be move the group with the Firewall rule
b. If computer name is change, the Symantec Endpoint Protection has to be uninstall and reinstalled.
3. If the computer is not a domain computer.
1. If the computer is not available on the network. When selecting computers, the server still remembers computers that were on network. The computers could be moved completely off the network or be powered off.
2. Firewall blocking. Was using Symantec Endpoint Protection. Had to create rule to open local inbound TCP ports 49152-65535.
Additional Symantec Endpoint Protection items to check
a. Any new computers will be put in the default group and have to be move the group with the Firewall rule
b. If computer name is change, the Symantec Endpoint Protection has to be uninstall and reinstalled.
3. If the computer is not a domain computer.
Great conclusive conversation guys..
ASKER
Thanks
Run it at the client.