Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

RPC server unavailable, unable to obtain RPC connection to domain controller

1,221 views
Skip to first unread message

cgflo...@yahoo.com

unread,
Nov 8, 2005, 12:26:58 PM11/8/05
to
I'm having a major problem with my domain controller.

Background:

I have 6 Windows 2003 SP1 servers and they're all domain controllers.
2 of them host Active Directory Integrated DNS zones. My original
problem had to do with multiple DNS errors. The _msdcs zone was
missing. I manually re-created the zone, then ran NETDIAG /FIX and
that repopulated the zone. I then ran NET STOP NETLOGON, and then NET
START NETLOGON to re-register all the domain controllers in that zone.
Then it wouldn't replicate due to trust issues. So I ran nltest
/sc_reset:example.com (where example.com is the domain name)

Then I ran repadmin /bind and then repadmin /syncall to replicate all
the domain controllers.

Current issue:

When I launch Active Directory Domains and Trusts I get RPC server is
unavailable and I just click OK. Then another message comes up that
says: "The Local Security Authority is unable to obtain an RPC
connection to the domain controller GSDT1.example.com Please check
that the name can be resolved and that the server is available. "

GSDT1 has all the FSMO roles.

When I run DCDIAG, all the tests pass except I get this:
Starting test systemlog:
An error Event occured. Event ID 0xC00007D0
Event string: The server's call to a system service failed.
....................................failed test systemlog

When I run NETDIAG, all the tests pass except I get this NETBT warning:
[WARNING] At least one of the <00> "Workstation Service", <03>
'Messenger Service', <20> WINS names is missing.

[WARNING] You don't have a single interface with the 'Workstation
Service', <03> 'Messenger Service', <20> WINS names defined

I can ping the server by name, I can perform NSLOOKUP just fine. When
I login to this server, I don't get any of the group policies applied,
it lets me login but I think I'm just logged in with a local account
and not a domain account.

I looked in the Event Viewer and it shows this:
System log:

Event Id 5781
Source: NETLOGON
Dynamic Registration or deletion of one or more DNS records associated
with DNS domain example.com failed. These records are used by other
computers to locate this server as a domain controller.

Event Id 2000
Source: Srv
The system's call to a system service failed unexpectedly.

Application log:

Event Ids 1030 and 1058 every 5 min.
Windows cannot query for list of Group Policy objects.

DNS log:

Event Id 4010
The DNS server was unable to create a resource record for
1d865196-6ee4-474f-b2d3-41063037fc6c._msdcs.example.com in zone
example.com. The Active Directory definition of this resource record
is corrupt or contains an invalid DNS name.

I get this message for every single domain controller.

I read some posts about a fix for this issue and I did install the fix.
http://support.microsoft.com/kb/898060
It didn't solve my problem.

Maddas69

unread,
Dec 8, 2005, 9:23:35 AM12/8/05
to
Try "net use" to the domain you want to trust to establish a secure
channel
F.i. Start-->Run-->\\domain.com\c$
Type username\password and observe that the \\domain.com\c$ opens
Then try establishing the trust again using FQDN not Netbios.

Maddas69

Omkom...@gmail.com

unread,
Dec 19, 2005, 9:23:50 AM12/19/05
to
workd for me! thanks!
Omko

Maddas69 schreef:

0 new messages