Adding/Replacing New Domain Server - 1722 RPC Errors

drkr0ot777 1 Reputation point
2021-03-10T16:41:48.15+00:00

In our current infrastructure we have 2 domain controllers. The first one is a 2008 box and needs to be replaced. I've created a new Server 2019 VM and installed domain services. For transparency I used this guide (https://www.rebeladmin.com/2020/08/active-directory-migration-from-windows-server-2008-to-2019/).

I've completed everything listed in the guide I linked above until where decommissioning the old domain controller (DC1). When I start this process I continually get a "1722 The RPC server is unavailable." error. I've googled, and searched forums trying various things others have mentioned but have yet to find a resolution. I've provided some details below hoping someone could shed some light on what I'm missing.

DC1: Windows Server 2008 (phasing out)
DC2: Windows Server 2012 R2
DC3: Windows Server 2019

[FSMO ROLES]
FSMO roles have been transferred to the new server.

Get-ADDomainController -Filter * | Select-Object Name, Domain, Forest, OperationMasterRoles | Where-Object {$_.OperationMasterRoles} | out-string -Width 160  

76326-fsmo-roles-succeeded.jpg

[SERVICES]
I've checked to ensure each of the following services are running on all the servers:

  • COM+ Event System
  • Remote Procedure Call (RPC)
  • Active Directory Domain Services
  • DNS Client
  • DFS Replication
  • Intersite Messaging
  • Kerberos Key Distribution Center
  • Security Accounts Manager
  • Server
  • Workstation
  • Windows Time
  • NETLOGON

[DNS]
I've updated DNS IP for each server and flushed DNS on each. They are set like this:
DC1= DNS1: 192.168.1.86 DNS2: 192.168.1.84
DC2= DNS1: 192.168.1.86 DNS2: 127.0.0.1
DC3= DNS1: 192.168.1.84 DNS2: 127.0.0.1

[FIREWALL]
Firewall is turned off on each server

[LOGS]
I've attached the DCDIAG results from all 3 servers.
76403-dcdiag-results-dc1.txt
76310-dcdiag-results-dc2.txt
76404-dcdiag-results-dc3.txt

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,398 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
5,727 questions
{count} votes

2 answers

Sort by: Most helpful
  1. drkr0ot777 1 Reputation point
    2021-03-10T17:52:11.407+00:00

    Realizing after the fact that I ran dcdiag without admin permissions I'm uploading a new set of files where I ran dcdiag /v /c as administrator. Feel free to review attached logs.

    76366-dcdiag-v-c-results-dc1.txt

    76376-dcdiag-v-c-results-dc2.txt

    76434-dcdiag-v-c-results-dc3.txt

    0 comments No comments

  2. Daisy Zhou 17,991 Reputation points Microsoft Vendor
    2021-03-11T07:23:12.56+00:00

    Hello @drkr0ot777 ,

    Thank you for posting here.

    Before troubleshooting the issue, kindly remind that since private information and security information may be involved, the forum does not analyze logs. Please delete or remove any private information and security information in the logs and cover or blur any information you provided in the post.

    Based on the description, you have added a 2019 DC in your domain.

    The minimum requirement to add a Windows Server 2019 Domain Controller is a Windows Server 2008 functional level. The domain also has to use DFS-R as the engine to replicate SYSVOL.

    Forest and Domain Functional Levels
    https://learn.microsoft.com/en-us/windows-server/identity/ad-ds/active-directory-functional-levels

    Here are some suggest for your issue:

    1.Please check the forest/domain functional level of your domain.

    2.Please check the SYSVOL replication type (FRS or DFSR).

    HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\DFSR\Parameters\SysVols\Migrating Sysvols\LocalState registry subkey. If this registry subkey exists and its value is set to 3 (ELIMINATED), DFSR is being used. If the subkey does not exist, or if it has a different value, FRS is being used.

    3.From dcdiag result of dc1, it seems DC1 has issue.
    Before you add 2019 DC, did you check the health of DC1 and DC2?
    Before you add 2019 DC, did you check the AD replication of DC1 and DC2?

    4.If you can check the AD replication now by running commands below on PDC.

    repadmin /showrepl >c:\repsum1.txt

    repadmin /replsum >c:\repsum2.txt

    repadmin /showrepl * /csv >c:\repsum.csv

    If there is no any error message in the result, it means AD replication works fine.

    5.Meanwhile, please try to check the issue "The RPC server is unavailable" based on the links below.

    Windows Server Troubleshooting: "The RPC server is unavailable"
    https://social.technet.microsoft.com/wiki/contents/articles/4494.windows-server-troubleshooting-the-rpc-server-is-unavailable.aspx#DNS_Name_Resolution

    Active Directory Replication Error 1722: The RPC server is unavailable
    https://support.microsoft.com/en-us/help/2102154/active-directory-replication-error-1722-the-rpc-server-is-unavailable

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    0 comments No comments