Hello,
I have a problem with one of our customers: I added machines with an Auto discovery, I can ping machines but can't ad any WMi sensor.
I tried with wbem test and WMItester, and same error every time : The RPC server is unavailable.
I checked https://www.paessler.com/knowledgebase/en/topic/1073-what-are-the-most-common-errors-when-monitoring-wmi under 800706BA - RPC Server Is Unavailable, but nothing helped.
Here is my setup : connection with IP ( i have no dns resolution to customer), is this a problem? Account for WMI connection is member of domain admins Connection trough VPN
There's something odd: I checked some machines in my own network and It works (wbemtest).
But with Wireshark, I noticed that when i connect to customer with WMI, after a frame called RemoteCreateInstance response, my server is trying to call a service: kv-server on port 3360. Any clue on that?
This didn't happen when i connect to my machines.
Regards,
Yannick
Article Comments
Hello,
Thank you for you answer.
After testing and reading lots of thing, you're right about the DCOM part. DCOM uses one port in the high port (above 1024).
The only solution we found (apart installing a remote probe) is to set the DCOM ports on each target machine,and then configure firewalls to allow this range.
This procedure is well described there : http://blogs.msdn.com/b/john_daskalakis/archive/2009/02/05/9397926.aspx
But we still have an issue, after the DCOM port configuration, we need to reboot machine. Do you know a trick to do without reboot?
regards
Mar, 2011 - Permalink
Hello,
I tried giving access for remote launch and activation at DCOM security and also a big range for port to be accessed. However it doesn't work.
Basically WMI Tester and Paessler WMI Tester are communicating with target server which I tried it and return with error "error: 800706BA: The PRC server is unavailable".
If run a test via WMI Diag, it shows all info that WMI can grab. However, info that it shows is retrieved locally but not a target machine.
Are you able to login using WMI Tester in the first place?
Apr, 2011 - Permalink
In order to verify the used credentials WMI on the target machine has to check them with its domain controller. This should work within the remote domain, of course, but the inner workings of these DCOM connections are quite complex, so the observed access on port 3360 could very well be part of the failure.
The easiest thing to avoid overly complex troubles with DCOM setup would be to install a remote probe on a computer inside the customer's domain - only one outgoing port for the probe communications is needed there then.
Mar, 2011 - Permalink