1

Running Get-WmiObject Win32_ComputerSystem -ComputerName 'MyCnameRecord' gives error: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA).

However running Get-WmiObject Win32_ComputerSystem -ComputerName 'ServerNameToWhichTheAboveCnameRefers' all works.

Equally Get-WmiObject Win32_ComputerSystem -ComputerName 'IPOfServerWhichCnameAlsoCorrectlyResolvesTo' works.

Is anyone aware of some configuration / security setting which may be required to allow RPC calls to a server via a CNAME record? I'd assumed that as the IP is correctly resolving, and this works by IP, it should work by cname record; however clearly it doesn't.

Background

We recently migrated our SQL Servers from a physical cluster to a stand-alone VM. We'd used a DNS alias for the cluster, which we kept after migrating to the VM in order to minimise reconfiguration (i.e. we use this approach: https://www.mssqltips.com/sqlservertip/2663/using-friendly-names-for-sql-servers-via-dns/).

After this migration, some of our monitoring software began giving errors when attempting to query the database server's performance. It was accessing the database server via the DNS alias, rather than by the server name (this had worked previously for the cluster; though no longer worked when using the DNS CNAME record).

The PowerShell code above is just a simplified way to demonstrate the underlying issue.

JohnLBevan
  • 1,134
  • 7
  • 20
  • 44
  • NB: Further testing has shown that this is also true of servers referenced by `A Record` entries. So it's likely not DNS causing the issue, so much as the server not recognising that this name refers to itself. – JohnLBevan Nov 14 '16 at 17:35

2 Answers2

2

Have you looked at OptionalNames and DisableStrictNameChecking in the LanmanServer parameters? Depending on your Windows version these may be the issue.

HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\LanmanServer\Parameters

This has worked with shares & printing for me in the past so should (could) work for other Win32 RPC stuff.

TheFiddlerWins
  • 2,973
  • 1
  • 14
  • 22
  • That worked; thank-you. NB: We continued to have issues with 1 (client) server after this fix. On investigation it turned out that that client had the alias in its `hosts` file (`c:\windows\system32\drivers\etc\hosts`). Though this entry was correct (i.e. same name and IP) it seems that because this value wasn't coming from DNS it wasn't trusted; removing the entry resolved the issue. – JohnLBevan Nov 17 '16 at 18:08
  • ps. more information on additional CName tweaks here: http://serverfault.com/a/23824/137255 – JohnLBevan Jan 31 '17 at 14:45
1

What TheFiddlerWins describes is a very likely culprit. I dealt with a similar issue a couple months ago, see WMI queries can't run with a FQDN?.

Tim Brigham
  • 15,465
  • 7
  • 72
  • 113