Share via

The RPC server is unavailable when replicate the second Domain Controller

Angga Pramudya 1 Reputation point
2021-07-01T08:25:49.793+00:00

Hello There,

Sorry i'm newbie on managing windows Actove Directory.
We have single AD DC on winserv 2019 with hostname DC1 then we want to make redundancy/fault tolerant to this domain, so we create secondary Domain Controller (DC2) to achieve this goal.
I follow video tutorial on Adding Additional Domain Controller on this youtube video (link)

But, unfortunately after promoting secondary server to a domain controller finished, i checked the DNS Server there is empty/no DNS record on this DC2, not same with the video tutorial.

When i run command repadmin /showrepl, it's show successfully replicate. but
When i run command repadmin /syncall, it's show error like this

"C:\>repadmin /syncall
CALLBACK MESSAGE: Error contacting server <object guid of NTDS
Settings object>._msdcs.<forest root domain>.<top level domain>
(network error): 1722 (0x6ba):
The RPC server is unavailable."

How to properly solved this problem.
I know maybe this fault came from DNS issue, since there is no/empty record on second DC, but how to fix this problem properly?

Thanks, hopefully anyone who can help my problem.

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,099 questions

6 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Leon Laude 85,701 Reputation points
    2021-07-01T08:34:25.213+00:00

    Hi @Angga Pramudya ,

    Something here might be helpful:

    Active Directory replication error 1722: The RPC server is unavailable
    https://learn.microsoft.com/en-us/troubleshoot/windows-server/identity/replication-error-1722-rpc-server-unavailable

    ----------

    If the reply was helpful please don't forget to upvote and/or accept as answer, thank you!

    Best regards,
    Leon

  2. Daisy Zhou 20,461 Reputation points Microsoft Vendor
    2021-07-02T02:21:36.71+00:00

    Hello @Angga Pramudya ,

    Thank you for posting here.

    Please check as below:

    1.Check if both two DCs (DC1 and DC2) are Windows server 2019 DCs.

    2.On DC1, check if the DC1 has installed DNS role.
    111182-dns1.png

    3.If DC1 has installed DNS role, then DC1 is a DNS server. On DC2, please check if the Preferred DNS of the DC2 is the IP address of DC1.

    For example:

    In my lab, I set the static IP address on DC1, and DC1 has installed DNS role on it, so DC1 is a DNS server. The IP address of DC1 is 192.168.2.53.

    111173-dns2.png

    On DC2, I set the static IP address for DC2. I set Preferred DNS server on DC2 using the IP address of DC1 (it is 192.168.2.53).
    111174-dns3.png

    4.On DC2, check if the DNS role is installed (in step2, the screenshot displays the DNS role is installed).

    From the video you provided, I can see the DNS role is not installed (3:07/11:20).
    111135-dns.png

    5.On DC2, if the DNS role is not installed, please install DNS role on DC2 to see if it helps.

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

  3. Angga Pramudya 1 Reputation point
    2021-07-02T04:35:21.117+00:00

    Hi @Daisy Zhou

    Thanks for your effort to check the video.
    Here are my answer :

    1. Yes, both of the DCs are same Windows Server 2019 (DC1 Standard Edition, DC2 Eval (Will be activated after success created DC)
    2. Yes, DC1 has been installed as DNS Role also.
    3. Yes, like the video mention, i have been setup preferred DNS on DC2 using IP address of DC1.
    4. Yes, on DC2 already installed DNS Role also. On that video, DNS Role at first time not yet installed but after promoting that server into DC, DNS Role automatically installed. But, unlike in the video, my DC2 successfully installed DNS role, but there is no record found.
      111197-dns-role-installed.jpg
      111127-no-dns-record.jpg

    5.Yes, on DC2, DNS Role already installed

    So, what is the solution for my case?

    Thanks
    Best Regards,

    Angga

    0 comments
  4. Daisy Zhou 20,461 Reputation points Microsoft Vendor
    2021-07-02T06:09:56.157+00:00

    Hello @Angga Pramudya ,

    Thank you for your update.

    Please run repadmin /syncall /AdeP on both DCs to check if there is any error message.

    Also, please check if AD ports is open/listening on both DCs.

    For all AD ports, please check links below.

    Active Directory and Active Directory Domain Services Port Requirements
    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/dd772723(v=ws.10)?redirectedfrom=MSDN

    Active Directory Replication over Firewalls
    https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-2000-server/bb727063(v=technet.10)?redirectedfrom=MSDN

    Hope the information above is helpful.

    Should you have any question or concern, please feel free to let us know.

    Best Regards,
    Daisy Zhou

    ============================================

    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments
  5. Parvez Gadhia 1 Reputation point
    2021-07-02T06:38:18.367+00:00

    please reply with yes or no for below questions

    • you would see dc02 record as Name Server in forward lookup zone in DC1
    • your DC01 dns zone is active directory integrated zone, and replicate to all dns in the domain
    • In DC01 -- DNS Manager -- DNS -- DC01 -- Name server -- you see DC02 as well
    • when you nslookup yourdomain.com (ex nslookup mylab.local) you would see both domain controllers details are appeared
    • open dns manager in DC01 -- connect to dns server -- select following server -- DC02 -- you would see forward lookup zone empty
    0 comments