Discussion:
RPC server unavailable, unable to obtain RPC connection to domain controller
(too old to reply)
c***@yahoo.com
2005-11-08 17:26:58 UTC
Permalink
I'm having a major problem with my domain controller.

Background:

I have 6 Windows 2003 SP1 servers and they're all domain controllers.
2 of them host Active Directory Integrated DNS zones. My original
problem had to do with multiple DNS errors. The _msdcs zone was
missing. I manually re-created the zone, then ran NETDIAG /FIX and
that repopulated the zone. I then ran NET STOP NETLOGON, and then NET
START NETLOGON to re-register all the domain controllers in that zone.
Then it wouldn't replicate due to trust issues. So I ran nltest
/sc_reset:example.com (where example.com is the domain name)

Then I ran repadmin /bind and then repadmin /syncall to replicate all
the domain controllers.

Current issue:

When I launch Active Directory Domains and Trusts I get RPC server is
unavailable and I just click OK. Then another message comes up that
says: "The Local Security Authority is unable to obtain an RPC
connection to the domain controller GSDT1.example.com Please check
that the name can be resolved and that the server is available. "

GSDT1 has all the FSMO roles.

When I run DCDIAG, all the tests pass except I get this:
Starting test systemlog:
An error Event occured. Event ID 0xC00007D0
Event string: The server's call to a system service failed.
....................................failed test systemlog

When I run NETDIAG, all the tests pass except I get this NETBT warning:
[WARNING] At least one of the <00> "Workstation Service", <03>
'Messenger Service', <20> WINS names is missing.

[WARNING] You don't have a single interface with the 'Workstation
Service', <03> 'Messenger Service', <20> WINS names defined

I can ping the server by name, I can perform NSLOOKUP just fine. When
I login to this server, I don't get any of the group policies applied,
it lets me login but I think I'm just logged in with a local account
and not a domain account.

I looked in the Event Viewer and it shows this:
System log:

Event Id 5781
Source: NETLOGON
Dynamic Registration or deletion of one or more DNS records associated
with DNS domain example.com failed. These records are used by other
computers to locate this server as a domain controller.

Event Id 2000
Source: Srv
The system's call to a system service failed unexpectedly.

Application log:

Event Ids 1030 and 1058 every 5 min.
Windows cannot query for list of Group Policy objects.

DNS log:

Event Id 4010
The DNS server was unable to create a resource record for
1d865196-6ee4-474f-b2d3-41063037fc6c._msdcs.example.com in zone
example.com. The Active Directory definition of this resource record
is corrupt or contains an invalid DNS name.

I get this message for every single domain controller.

I read some posts about a fix for this issue and I did install the fix.
http://support.microsoft.com/kb/898060
It didn't solve my problem.
Maddas69
2005-12-08 14:23:35 UTC
Permalink
Try "net use" to the domain you want to trust to establish a secure
channel
F.i. Start-->Run-->\\domain.com\c$
Type username\password and observe that the \\domain.com\c$ opens
Then try establishing the trust again using FQDN not Netbios.

Maddas69
Post by c***@yahoo.com
I'm having a major problem with my domain controller.
I have 6 Windows 2003 SP1 servers and they're all domain controllers.
2 of them host Active Directory Integrated DNS zones. My original
problem had to do with multiple DNS errors. The _msdcs zone was
missing. I manually re-created the zone, then ran NETDIAG /FIX and
that repopulated the zone. I then ran NET STOP NETLOGON, and then NET
START NETLOGON to re-register all the domain controllers in that zone.
Then it wouldn't replicate due to trust issues. So I ran nltest
/sc_reset:example.com (where example.com is the domain name)
Then I ran repadmin /bind and then repadmin /syncall to replicate all
the domain controllers.
When I launch Active Directory Domains and Trusts I get RPC server is
unavailable and I just click OK. Then another message comes up that
says: "The Local Security Authority is unable to obtain an RPC
connection to the domain controller GSDT1.example.com Please check
that the name can be resolved and that the server is available. "
GSDT1 has all the FSMO roles.
An error Event occured. Event ID 0xC00007D0
Event string: The server's call to a system service failed.
....................................failed test systemlog
[WARNING] At least one of the <00> "Workstation Service", <03>
'Messenger Service', <20> WINS names is missing.
[WARNING] You don't have a single interface with the 'Workstation
Service', <03> 'Messenger Service', <20> WINS names defined
I can ping the server by name, I can perform NSLOOKUP just fine. When
I login to this server, I don't get any of the group policies applied,
it lets me login but I think I'm just logged in with a local account
and not a domain account.
Event Id 5781
Source: NETLOGON
Dynamic Registration or deletion of one or more DNS records associated
with DNS domain example.com failed. These records are used by other
computers to locate this server as a domain controller.
Event Id 2000
Source: Srv
The system's call to a system service failed unexpectedly.
Event Ids 1030 and 1058 every 5 min.
Windows cannot query for list of Group Policy objects.
Event Id 4010
The DNS server was unable to create a resource record for
1d865196-6ee4-474f-b2d3-41063037fc6c._msdcs.example.com in zone
example.com. The Active Directory definition of this resource record
is corrupt or contains an invalid DNS name.
I get this message for every single domain controller.
I read some posts about a fix for this issue and I did install the fix.
http://support.microsoft.com/kb/898060
It didn't solve my problem.
O***@gmail.com
2005-12-19 14:23:50 UTC
Permalink
workd for me! thanks!
Omko
Post by Maddas69
Try "net use" to the domain you want to trust to establish a secure
channel
F.i. Start-->Run-->\\domain.com\c$
Type username\password and observe that the \\domain.com\c$ opens
Then try establishing the trust again using FQDN not Netbios.
Maddas69
Post by c***@yahoo.com
I'm having a major problem with my domain controller.
I have 6 Windows 2003 SP1 servers and they're all domain controllers.
2 of them host Active Directory Integrated DNS zones. My original
problem had to do with multiple DNS errors. The _msdcs zone was
missing. I manually re-created the zone, then ran NETDIAG /FIX and
that repopulated the zone. I then ran NET STOP NETLOGON, and then NET
START NETLOGON to re-register all the domain controllers in that zone.
Then it wouldn't replicate due to trust issues. So I ran nltest
/sc_reset:example.com (where example.com is the domain name)
Then I ran repadmin /bind and then repadmin /syncall to replicate all
the domain controllers.
When I launch Active Directory Domains and Trusts I get RPC server is
unavailable and I just click OK. Then another message comes up that
says: "The Local Security Authority is unable to obtain an RPC
connection to the domain controller GSDT1.example.com Please check
that the name can be resolved and that the server is available. "
GSDT1 has all the FSMO roles.
An error Event occured. Event ID 0xC00007D0
Event string: The server's call to a system service failed.
....................................failed test systemlog
[WARNING] At least one of the <00> "Workstation Service", <03>
'Messenger Service', <20> WINS names is missing.
[WARNING] You don't have a single interface with the 'Workstation
Service', <03> 'Messenger Service', <20> WINS names defined
I can ping the server by name, I can perform NSLOOKUP just fine. When
I login to this server, I don't get any of the group policies applied,
it lets me login but I think I'm just logged in with a local account
and not a domain account.
Event Id 5781
Source: NETLOGON
Dynamic Registration or deletion of one or more DNS records associated
with DNS domain example.com failed. These records are used by other
computers to locate this server as a domain controller.
Event Id 2000
Source: Srv
The system's call to a system service failed unexpectedly.
Event Ids 1030 and 1058 every 5 min.
Windows cannot query for list of Group Policy objects.
Event Id 4010
The DNS server was unable to create a resource record for
1d865196-6ee4-474f-b2d3-41063037fc6c._msdcs.example.com in zone
example.com. The Active Directory definition of this resource record
is corrupt or contains an invalid DNS name.
I get this message for every single domain controller.
I read some posts about a fix for this issue and I did install the fix.
http://support.microsoft.com/kb/898060
It didn't solve my problem.
Loading...