2

I've alsready seen some similar threads on the RPC server unavailable messages; HRESULT: 0x800706BA. I've read some and looked at the recommendations on this thread;

WMI query between two different AD sites?

While there were some helpful hints it doesnt quite fit my questions...

I'm using an endpoint security platform and am trying to oush\update policys to endpoints within the network. I'm seeing differing results when i try to push or amend polices from the managment console (virtual server).

On random machines I get the RPC Server unavailable messge HRESULT: 0x800706BA returned. yet on others the policy updates almost instantly. Initaaly I suspected that this was a firewall\GPO ('ve added addtional rules to allow for WMI\RPC traffic in both directions) issue, however given that many machines can update would seem to rule this out, indeed I have machinwe which is fully connected to the network, has not had any issues with policy updates in the past, now returing the RPC error message.

I'm now at at an impasse. And would appreicate any help woth this issue.

Kind regards.

RobW.

Community
  • 1
user185307
  • 29
  • 2
  • how does the 3rd part endpoint security software update its policies? Does it just copy files to the remote devices? – tony roth Aug 12 '13 at 15:10
  • Hi Tony, Updates are sent via the managment console and I think it just sends across a sdmall file with the updates policy permissions. It's more confusing that some endpoints will update instantly while other won't, which is leading away from any firewaal rule\DCOM issue, etc. – user185307 Aug 12 '13 at 15:53
  • so is it trying to copy the file to an admin share? as in admin$ etc? if so then wmi has nothing to do with the issue. – tony roth Aug 12 '13 at 16:03
  • Hi Tony,Thanks for the reply. I'm seeing addtional errors now in other applications across our network and suspect, after talking with collegaues that there might be a DNS error. So I'll need to look at this first and then either identify this as the problem or rule it out. – user185307 Aug 13 '13 at 09:16
  • We did have a DNS issue, which was resolved and all aother RPC errors on other applications now resolved. It is the the endpoint software that has the problem. Rules are allowing DCOM and WMI traffic across the network. – user185307 Aug 13 '13 at 13:39
  • So the endpoint software still fails with an rpc failure? what's the name of the endpoint software? – tony roth Aug 13 '13 at 13:46
  • Endpoint software is called Safend. – user185307 Aug 13 '13 at 15:44
  • 1
    so the console that pushes out the policies still shows rpc failures on some devices. I'd install netmon 3.4 on the console and watch for traffic directed to the endpoint that's having the problem. – tony roth Aug 13 '13 at 16:12

0 Answers0