1

I'm having problem in querying WMI between two different AD sites that is not trusting each other

What I have tried:

Telnet between Windows Server 2008 using IP address and port 135 is all working good vice-versa Start | run "WBEMTEST" between sites always end up in Error 0x800706BA with the description of "The RPC server is unavailable"

I have specified \IPADDRESS\root\cimv2 in the Namespace textbox and DOMAIN\Administrator credentials both returns the same error message on both windows server.

Any idea of how to make the WMI query works between two different AD sites would be greatly appreciated.

Thanks.

Senior Systems Engineer
  • 1,155
  • 2
  • 27
  • 55

1 Answers1

2

I would say you need to check your firewall rules. Just because port 135 is open does not mean it is open to "Public" subnets. Windows Firewall with Advanced Security allows differentiation between Public, Private, and "Domain" address space rules. I would imagine the defaults are set for only inside your domain subnets and not on "public" network (meaning outside the boundaries of the domain). So if you open up wf.msc you should look all the way at the last column to see it is set for what you need. The definitions are, according to Microsoft:

There are three network location types in Windows Firewall with Advanced Security:

Domain. Windows automatically identifies networks on which it can authenticate access to the domain controller for the domain to which the computer is joined in this category. No other networks can be placed in this category.

Public. Other than domain networks, all networks are initially categorized as public. Networks that represent direct connections to the Internet or are in public places, such as airports and coffee shops should be left public.

Private. A network will only be categorized as private if a user or application identifies the network as private. Only networks located behind a NAT device (preferably a hardware firewall) should be identified as private networks. Users will likely want to identify home or small business networks as private.

Also, to get a more specific idea regarding WMI firewall exceptions, get familiar with this Microsoft MSDN article. Happy hunting.

songei2f
  • 1,924
  • 1
  • 20
  • 30
  • 1
    Again, remember from one domain you are joined to over to one your workstation is not probably does not qualify if the trust relationship is not correctly configured. I hope that came across right. – songei2f Sep 17 '11 at 11:20