The RPC server is unavailable. Context Information: WMI failure: Connecting to \\EXAMPLE\ root\default Error Code = 0X800706BA (-2147023174))
search cancel

The RPC server is unavailable. Context Information: WMI failure: Connecting to \\EXAMPLE\ root\default Error Code = 0X800706BA (-2147023174))

book

Article ID: 156764

calendar_today

Updated On:

Products

Control Compliance Suite Control Compliance Suite Standards Server

Issue/Introduction

Control Compliance Suites data is being collected but is taking a very long time.
In the Evaluation results are a number of Unknown checks. Some of which have errors like the following.

The RPC server is unavailable. Context Information: WMI failure: Connecting to \\Example\root\default Error Code = 0X800706BA (-2147023174))

Object Name: <EXAMPLE.COM>
Object Type: Machines
Expression: AUDITSPECIALLOGON = 'AUDIT_SUCCESS'
Current Value: {The RPC server is unavailable.  Error Code = 0x800706BA (-2147023174)}

Object Name: <EXAMPLE.COM>
Object Type: Machines
Expression: ONLYELEVATEUIACCESSAPPINSECUREDLOCS = '1'
Current Value: {WMI failure: Connecting to \\Example.com\root\default. Error : The RPC server is unavailable.   Error Code = 0x800706BA (-2147023174)}

Custom Message: Special value {WMI failure: Connecting to \\Example.com\root\default. Error : The RPC server is unavailable.   Error Code = 0x800706BA (-2147023174)} returned for SECURITYOPTMACHINEPATHANDSUB field.

Cause

Required RPC Ports are not open.

Resolution

Check if the following ports are open 135 (endpoint mapper port) also the RPC ports range (49152-65535).

 

For Windows local firewall the following rules have been identified to help open a number of those RPC Ports, although not all get opened. Enough are to allow the data collection job to collect the data.
The File and Printer Sharing (SMB-In) is required for port 445 and while does not have any effect on RPC Ports, if port 445 is not opened an error about "the network path not found" is returned.

COM+ Network Access (DCOM-In)
File and Printer Sharing (SMB-In)
Netlogon Service Authz (RPC)
Remote Scheduled Tasks Management (RPC)
Remote Service Management (RPC)

For Windows 10 it has been found that enabling the "Windows Management Instrumentation (WMI)" appears to be enough to allow data collection to be successful.

 

Additional Information

Here is a Microsoft Dev blog that provides a Powershell script that can be used for testing the RPC ports.

https://devblogs.microsoft.com/scripting/testing-rpc-ports-with-powershell-and-yes-its-as-much-fun-as-it-sounds/

Also, refer to this other KB article for help with troubleshooting WMI/RPC, etc.

https://knowledge.broadcom.com/external/article?articleId=161568

 

Powered by Wolken Software