1722 the rpc server is unavailable

AD Replication Error 1722 The RPC server is unavailable


In this article we’ll take a look at the basic ways to fix Error 1722: The RPC server is unavailable when performing replication between Active Directory domain controllers. You can face an error 1722 The RPC server is unavailable both in the domain controller logs and when you try to start or check the replication status using the repadmin utility.

For example, you decided to check the current status of Active Directory domain controllers with the command:

repadmin / replsummary

error 1722 the rpc server is unavailable

Or

Repadimn /showrepl

As you can see, some domain controllers return an error (1722) The RPC server is unavailable. Based on this data, you see that some domain controllers can’t replicate AD data (or just inactive) for a few days.

Let’s consider the typical reasons for such an error:

  1. Domain controller is in offline state (or broken);
  2. Changes have been made to the network or new firewall rules have been added;
  3. Incorrect DNS configuration on domain controllers or invalid DNS records;
  4. Poor network performance or large delays .

Verify that the specified domain controllers are powered on and that the following Windows services are running on them:

  • COM+ Event System;
  • Remote Procedure Call (RPC);
  • Active Directory Domain Services;
  • DNS Client;
  • DFS Replication;
  • Intersite Messaging;
  • Kerberos Key Distribution Center;
  • Security Accounts Manager;
  • Server;
  • Workstation;
  • Windows Time;
  • NETLOGON.
READ ALSO  Fix: Windows 10 Keyboard not Working

Note. Now let’s say a few words about how replication works in an Active Directory domain. Replication (Synchronization) Active Directory is a fully automatic the process. Each domain controller periodically picks up changes to its database that occurred on other domain controllers (replication partners). This means that the changes made to dc01 on dc02 require that dc02 be the replication partner with dc01 and then request these changes from dc01.

First of all, to verify that everything is fine with replication, you need to make sure that the UNC path \\lon-dc01 is available for reading the SYSVOL and NETLOGON folder.

the rpc server is unavailable

If they are not available, then you need to check the permissions on the folders and check the availability of RPC TCP/UDP 135 ports, maybe they are closed on the firewall.

To check that TCP port 135 on the domain controller that returns error 1722 is in listening state you can use telnet or the PowerShell Test-NetConnection cmdlet:

telnet lon-dc01 135

or

Test-NetConnection lon-dc01 –port 135

A frequent source of such problems is the incorrect DNS configuration on the DC. Verify that the correct DC server order is specified in the DC network connection settings that did not want to replicate. The primary address should be the address of another DC, and the secondary one is himself IP address.

READ ALSO  How to hide specific OU in Active Directory

fix the rpc server is unavailable

For replication, Active Directory uses the dynamic range of TCP ports. Windows Server 2008 R2 (and higher) use the fooling range for TCP Dynamic RPC – from 49152 to 65535.
In some cases, an AD administrator can fix Active Directory replication traffic on a specific port. To do this, you must specify the port number in the domain controller registry. For example, to fix replication traffic on TCP port 5000 (0x1388), you need to change the registry key on the domain controller:

[HKLM\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]

"TCP/IP Port"=dword:00001388

In the event that firewalls are installed on your network, and the replication port AD is fixed, then on the newly promoted DC replication wont’ work, because it will try to replicate with the partner through the port from the dynamic range, which is blocked on the firewall.

After you’ve fixed all the problems, you can run the repadmin /replsummary command again, and check if the replication was successful. We also recommend to start AD replication manually and check for errors. Make sure that the dcdiag /a /q command does not returns errors.

You may also like:

Fix Adobe Premiere Pro has Stopped Working error Hello guys! In this article we will show you how to fix Adobe Premiere PRO has stopped working error. This problem occurs because of graphics card set...
Installing Active Directory Snap-in on Windows 10 One of the main Active Directory domain management tools is the MMC snap-in Active Directory Users and Computers (ADUC). To work with ADUC snap-in in ...
FSMO Role: Infrastructure Master We continue the series of articles about FSMO roles in the Active Directory domain. This time, we will take a closer look at the FSMO role — Infrastru...
How to hide specific OU in Active Directory The first thing you see while opening Active Directory Users and Computers (ADUC) snap-in is AD containers (Organization Unit, OU), in which user acco...
Change Default OU permissions in Active Directory By default, each newly created organizational unit (OU) in the access list includes read permission for the group Authenticated Users (built-in group)...

Add Your Comment