Configmgr Current branch Primary site deployment is getting failed with error The RPC server is unavailable

One of the most challenges while implementing anything on secure environment where basic PING disable. I will be discussing about one of the reported issue that requester was trying to implement configmgr (SCCM). Requester has already provided all the recommendation port must be open to the network side and as per network team has implemented that change and open all the port.   Click HERE for port details

Issue Reported:  CAS and PRI-1 is working fine as normal but while implementing PRI 2 its not getting connect and while giving reporting server name.

 Here CAS and PRI-1 is in same network but PRI-2 is in different network. Challenge we can’t do ping as network team has disable. We can’t do telnet as they have disable.  To going to the root of the solutions below action taken.




All the environment servers are running with 2012 R2

Error:  ConfigMgrSetupWizard.log

ConfigMgrSetupWizard Error: 1 : Received COMException while connecting to the SMS provider on ServerName Exception message: [The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)


Point 1: In PRI-2 run the network monitoring tool to understand blocking level.  Click Here to download tool 

After executing running tool found that server is sending sync but not getting reply from CAS server.  Normally TCP communication work as like below. 



Point 2: Any how we are getting error on logs that The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) But we have RPC Service is running as normal for finding error validate DCOM Permission all has permission. Refer this URL for validation DCOM permission..

Point 3: After verify DCOM permission error is not moving. Then we have tried to validate DCOM Communication PORT between CAS to PRI-2 Found DCOM level ports are blocked.  Normally if we talk about server to server communication DCOM port must be open if you don’t want to open you can give predefined dedicated port for both the side.

These are the port for servers running on 2008 and above  Which they call has HIGH range Port 49152 through 65535. we can open this rang or we can define dedicated.  By default these port open, if network side there are not block.

Click here for detailing DCOM Port

After enable dedicated DCOM Port on CAS TO PRI-2 Installation went smooth as normal and primary site build went normal. So in these scenario we have open all require SCCM (configmgr ) Port but there was blocked by DCOM service port communication. Which was server level.  

Happy Learning!!!

Thanks & Regards,

Haresh Hirani

Email: hiraniconfigmgr@outlook.com 

Follow me: https://www.linkedin.com/in/hiraniconfigmgr 




0 Comments

    No Comments

Leave a Comment