SCCM 2012 Untrusted Forest Remote DP InstallationError 0x800706BA

Advertisement

This happens only in complex environments ūüôā . I’ve loads of remote DPs ¬†in untrusted forests. One of the remote DP installation was not going very well. DP was not getting installed at all. Checked and confirmed all the requirements like a)¬†Require the Site server to Initiate Connection to this Site System¬†¬†b) Use another account for installing this site system (this account must have local admin rights on remote DP).

UntrustedDP

Following are the errors in distmgr.log :-

Upgrading DP with ID 33554439. Thread 0x2490. Used 1 threads out of 5.

CWmi::Connect() failed to connect to \\[“Display=\\RemoteDP.com\”]MSWNET:[“SMS_SITE=RSP”]\\RemoteDP.com\\root\CIMv2. Error = 0x800706BA

DPConnection::ConnectWMI() РFailed to connect to  RemoteDP.com.

Failed to install DP files on the remote DP. Error code = 1722

The error¬†0x800706BA translates to “The RPC Server is unavailable”. I tried remote WMI tests using wmimgmt.msc and wbemtest with no luck. ¬†Telnet was not working for remote DP ip for the port 135 from the primary server. The port 135 is used for RPC services. The cause to this problem was very simple. The RPC port 135 was not opened between primary server and remote DP in untrusted forest. ¬†We opened the port 135 and remote DP got installed successfully.

7 COMMENTS

    • I’ve replied to your post in technet forum.
      I know, you must have seen this post about Untrsuted Forest Remote DP Error 0x800706BA. As I mentioned in the post whether you tried to access wmimgrmt.msc and wbemtest.msc with domain admin user? Also worth enabling WMI logs (on DC) to check whether any error while attempting to connect to wmi from primary server. If you’ve Win2k8 and above see how to enable wmi tracing

      It seems to me like a FW issue. The error mentioned above is remote procedure call (RPC) server unavailable that can happen if the dynamic ports are NOT open other than 135.

      It worth checking following ports as well. To get more details you may need to perform network trace so that you will come to which port is blocking it,

      – tcp 135,
      – tcp/udp ‚Äď 389
      – tcp 3268
      – tcp/udp – 88
      – tcp/udp – 53
      – tcp 3268
      – tcp 445
      – dynamic rpc ports for NTDS. Netlogon

    • I’ve replied to your post in technet forum.
      I know, you must have seen this post about Untrsuted Forest Remote DP Error 0x800706BA. As I mentioned in the post whether you tried to access wmimgrmt.msc and wbemtest.msc with domain admin user? Also worth enabling WMI logs (on DC) to check whether any error while attempting to connect to wmi from primary server. If you’ve Win2k8 and above see how to enable wmi tracing

      It seems to me like a FW issue. The error mentioned above is remote procedure call (RPC) server unavailable that can happen if the dynamic ports are NOT open other than 135.

  1. issue solved. It was indeed a firewall issue. Had a detailed check with the FW team. Ephemeral ports are created dynamically and assigned to each client which opens a session. In case of Windows Server 2003 both TCP and UDP ephemeral ports are within the range 1025-5000. We had to set an exception of port # between 1025 and 5000. This fixed the issue

  2. My Problem was that our DP was running on a HyperV server on a physical server. The physical servers firewall was stopped causing an issue. Started the firewall, restarted the VM and voila.

LEAVE A REPLY

Please enter your comment!
Please enter your name here