AD Replication Error 1722 The RPC server is unavailable

In this article we’ll take a look at the basic ways to fix Error 1722: The RPC server is unavailable when performing replication between Active Directory domain controllers. You can face an error 1722 The RPC server is unavailable both in the domain controller logs and when you try to start or check the replication status using the repadmin utility.

For example, you decided to check the current status of Active Directory domain controllers with the command:

repadmin / replsummary

error 1722 the rpc server is unavailable


Repadimn /showrepl

As you can see, some domain controllers return an error (1722) The RPC server is unavailable. Based on this data, you see that some domain controllers can’t replicate AD data (or just inactive) for a few days.

Let’s consider the typical reasons for such an error:

  1. Domain controller is in offline state (or broken);
  2. Changes have been made to the network or new firewall rules have been added;
  3. Incorrect DNS configuration on domain controllers or invalid DNS records;
  4. Poor network performance or large delays .

Verify that the specified domain controllers are powered on and that the following Windows services are running on them:

  • COM+ Event System;
  • Remote Procedure Call (RPC);
  • Active Directory Domain Services;
  • DNS Client;
  • DFS Replication;
  • Intersite Messaging;
  • Kerberos Key Distribution Center;
  • Security Accounts Manager;
  • Server;
  • Workstation;
  • Windows Time;
READ ALSO  FSMO Role: Domain Naming Master

Note. Now let’s say a few words about how replication works in an Active Directory domain. Replication (Synchronization) Active Directory is a fully automatic the process. Each domain controller periodically picks up changes to its database that occurred on other domain controllers (replication partners). This means that the changes made to dc01 on dc02 require that dc02 be the replication partner with dc01 and then request these changes from dc01.

First of all, to verify that everything is fine with replication, you need to make sure that the UNC path \\lon-dc01 is available for reading the SYSVOL and NETLOGON folder.

1722 the rpc server is unavailable

If they are not available, then you need to check the permissions on the folders and check the availability of RPC TCP/UDP 135 ports, maybe they are closed on the firewall.

To check that TCP port 135 on the domain controller that returns error 1722 is in listening state you can use telnet or the PowerShell Test-NetConnection cmdlet:

telnet lon-dc01 135


Test-NetConnection lon-dc01 –port 135

A frequent source of such problems is the incorrect DNS configuration on the DC. Verify that the correct DC server order is specified in the DC network connection settings that did not want to replicate. The primary address should be the address of another DC, and the secondary one is himself IP address.

READ ALSO  Active Directory Migration to Windows Server 2016

the rpc server is unavailable domain controller

For replication, Active Directory uses the dynamic range of TCP ports. Windows Server 2008 R2 (and higher) use the fooling range for TCP Dynamic RPC – from 49152 to 65535.
In some cases, an AD administrator can fix Active Directory replication traffic on a specific port. To do this, you must specify the port number in the domain controller registry. For example, to fix replication traffic on TCP port 5000 (0x1388), you need to change the registry key on the domain controller:


"TCP/IP Port"=dword:00001388

In the event that firewalls are installed on your network, and the replication port AD is fixed, then on the newly promoted DC replication wont’ work, because it will try to replicate with the partner through the port from the dynamic range, which is blocked on the firewall.

After you’ve fixed all the problems, you can run the repadmin /replsummary command again, and check if the replication was successful. We also recommend to start AD replication manually and check for errors. Make sure that the dcdiag /a /q command does not returns errors.

Cyril Kardashevsky
READ ALSO  Change Default OU permissions in Active Directory

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.