Troubleshooting DCDIAG error: RPC Server is unavailable

It’s a common best practice to run the DCDIAG tool in all DC in your forest whenever a significant change has been made, i.e. a new DC has been added or deleted in the forest. With this you are testing if the change you just made was done correctly. It’s also common that if you have at least two domains in your forest (and the trust relationships in place), when you run dcdiag in any DC you get a message indicating that when the test of replication on a specific server applies, it fails indicating that the “RPC Server is unavailable”. Well, if you see this message you probably check if that the RPC service is up and running on the server… running in cmd “net start rpcss”. But the command prompt answers you, “don’t worry dude, the service was already running”. “Alright then…” you say, “Let’s try DCDIAG again”… and you get the same error like the first time… And then you go like “Hmmmm… why do I keep getting the same “RPC Server is unavailable” error?” And then I say “I know why dude!”… And then you “You do? Is there any way I can solve it?”…“Of course, why I’ll be posting something that I don’t know the answer!”… and then… OK, enough with the theatre… This issue appears when the configurations between the different DNS servers are not compatible. It’s something like this: you have a correct […]

Read More →

Troubleshooting a special case for domain controllers and DNS servers

“My DC is online, the TCP/IP it´s OK, the DNS service running but I still cannot make a valid connection with AD! “ This is a problem that can be present in many ways. The most common example is: you have your DC completely configure for Active Directory, the DNS server too, and you try to join a workstation to your domain and the following error appears: An Active Directory Domain Controller for the domain [yourdomain.com] could not be contacted.Ensure that the domain name is typed correctly(…) First of all, the obvious: Check that the connectivity is working fine… the DNS server and the DC both of them responds to PING requests. It’s most likely that if you cannot connect to the domain, the PING requests for the FQDN (such as: ping dcname.yourdomain.com or ping yourdomain.com) will not respond as well… but with the IP parameter should be working… if it’s not, then there’s definitely a connectivity problem, a bad TCP/IP configuration or a firewall within the way . Well, let’s see, this is a problem that can really make you nuts trying to solve it. Let’s assume that you have the correct configuration in your DC and workstations. If you have a DHCP server in you network, check that he is doing his job… giving the correct IP address for the workstations, the subnet mask, the DNS server and the other parameters that you are using. DCDIAG really? Can […]

Read More →