Seems to be... [image: Inline image 1]
Kurt On Mon, Jul 24, 2017 at 12:50 PM, Ed Ziots <eziot...@gmail.com> wrote: > Is tcp 135 open via fw rules on remote host? > > On Jul 24, 2017 12:21 PM, "Kurt Buff" <kurt.b...@gmail.com> wrote: > >> So, fixing the MTU mismatch seems not to have worked. I left the physical >> interface MTUs on both sides at 1500, and set up the MTUs for the tunnel >> interfaces at 1385, and verified that ping -f -l succeeds at 1357 and fails >> at 1358 from both sides. >> >> I even took a single set of entries from my CSV file and unrolled the >> loop, manually replacing the variables with values, including FQDNs for the >> machine names. >> >> Same failure: >> >> # Add-DfsrMember -GroupName US2AU-Engineering -ComputerName >> usfs01p.example.com, aufs01p.example.com >> >> Add-DfsrMember : Could not add the computer to the replication group. >> Computer: aufs01p.example.com Replication group: "US2AU-Engineering" The >> remote procedure call failed >> At line:1 char:1 >> + Add-DfsrMember -GroupName US2AU-Engineering -ComputerName >> usfs01p.exampl ... >> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> + CategoryInfo : NotSpecified: (aufs01p.example.com:String) >> [Add-DfsrMember], DfsrException >> + FullyQualifiedErrorId : Add-DfsrMember.NonTerminatingO >> MException,Microsoft.DistributedFileSystemReplication. >> Commands.AddDfsrMemberCommand >> >> Additionally, I tried running the script on the DC in the AU office, and >> get the reciprocal failure (RPC failure, can't resolve the name of the US >> file server). >> >> Kurt >> >> On Mon, Jul 24, 2017 at 7:54 AM, Michael B. Smith <mich...@smithcons.com> >> wrote: >> >>> Yep, those MTUs. Because inconsistent RPC fragmentation can cause >>> transactions to fail. >>> >>> >>> >>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf >>> orum.com] *On Behalf Of *Kurt Buff >>> *Sent:* Monday, July 24, 2017 10:44 AM >>> >>> *To:* ntsysadm >>> *Subject:* Re: [NTSysADM] RPC not available on remote machine while >>> doing DFSR config >>> >>> >>> >>> MTUs? As in TCP/IP Maximum Transmission Units? >>> >>> I will check that and post back, but why would a mismatch in MTU show up >>> as this? >>> >>> Kurt >>> >>> >>> >>> On Mon, Jul 24, 2017 at 5:31 AM, Michael B. Smith <mich...@smithcons.com> >>> wrote: >>> >>> I’m certain you can google as well as I can – but after looking at 8-10 >>> results… are you sure you have matching MTUs? >>> >>> >>> >>> *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf >>> orum.com] *On Behalf Of *Kurt Buff >>> *Sent:* Monday, July 24, 2017 1:10 AM >>> *To:* ntsysadm >>> *Subject:* Re: [NTSysADM] RPC not available on remote machine while >>> doing DFSR config >>> >>> >>> >>> Ignore my earlier message from this evening. I've overcome some >>> blindness on my part, and have a bit more information, though I fear it's >>> not enough. I used this page for what looks to be a better way to handle >>> the errors: >>> https://stackoverflow.com/questions/38419325/catching-full-e >>> xception-message >>> >>> The red highlighted error is new - but I don't know why that's there. >>> It's very strange, as both are 2012R2 servers, in the same domain, and I'm >>> running this on my Win10 workstation with my DA credentials. >>> >>> >>> >>> ----------Begin revised script---------- >>> $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv >>> New-DfsReplicationGroup -GroupName US2AU-Engineering >>> $GroupName = Get-DfsReplicationGroup US2AU-Engineering >>> Foreach ($Line in $NewDFSR) >>> { >>> $GroupName = $Line.GroupName >>> $SourceComputer = $Line.SourceComputer >>> $FolderName = $Line.FolderName >>> $SourceContentPath = $Line.SourceContentPath >>> $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB >>> $SourcePrimaryMember = [System.Convert]::ToBoolean($L >>> ine.SourcePrimaryMember) >>> $DestinationComputer = $Line.DestinationComputer >>> $DestinationContentPath = $Line.DestinationContentPath >>> $DestinationReadOnly = [System.Convert]::ToBoolean($L >>> ine.DestinationReadOnly) >>> New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName >>> Try >>> { >>> Add-DfsrMember -GroupName $GroupName -ComputerName >>> $SourceComputer, $DestinationComputer >>> } >>> Catch >>> >>> >>> >>> >>> >>> >>> * { $e = $_.Exception $msg = $e.Message while >>> ($e.InnerException) { $e = $e.InnerException $msg += >>> "`n" + $e.Message }* >>> $msg} >>> Add-DfsrConnection -GroupName $GroupName -SourceComputerName >>> $SourceComputer -DestinationComputerName $DestinationComputer -ErrorAction >>> Stop >>> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >>> -ComputerName $SourceComputer -ContentPath $SourceContentPath >>> -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB >>> $SourceStagingPathQuotaInMB -Force >>> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >>> -ComputerName $DestinationComputer -ContentPath $DestinationContentPath >>> -ReadOnly $DestinationReadOnly -Force >>> } >>> Set-DfsrConnectionSchedule -GroupName "US2AU-Engineering" >>> -SourceComputerName "USfs01p" -DestinationComputerName "AUfs01p" -Day >>> 1,2,3,4,5 -BandwidthDetail "fffffffffffffffffffffffffffff >>> fffffff66666666666666666666666666666666ffffffffffffffffffffffffffff" >>> Update-DfsrConfigurationFromAD -ComputerName >>> $SourceComputer,$DestinationComputer >>> >>> ---------End Revised Script---------- >>> >>> Relevant output: >>> >>> ---------Begin snipped output---------- >>> Could not add the computer to the replication group. Computer: AUFS01P >>> Replication group: "US2AU-Engineering" The remote procedure call failed >>> *The operating system version of server AUFS01P cannot be retrieved.* >>> The remote procedure call failed >>> Add-DfsrConnection : The connection could not be added because DFS >>> Replication could not find at least one source and one destination computer >>> in the replication group, or because the >>> source and destination computers were the same. Source computer: USFS01P >>> Destination computer: AUFS01P Replication group: "US2AU-Engineering" >>> At C:\BatchFiles\Configure-NewDFSR2.ps1:32 char:5 >>> + Add-DfsrConnection -GroupName $GroupName -SourceComputerName $Sou >>> ... >>> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>> + CategoryInfo : ObjectNotFound: (:) [Add-DfsrConnection], >>> DfsrException >>> + FullyQualifiedErrorId : Add-DfsrConnection.NoDistinctM >>> emberPairs,Microsoft.DistributedFileSystemReplication.Comman >>> ds.AddDfsrConnectionCommand >>> ---------End snipped output---------- >>> >>> >>> >>> On Fri, Jul 21, 2017 at 8:27 PM, Michael B. Smith <mich...@smithcons.com> >>> wrote: >>> >>> What is the InnerException of the error? >>> >>> >>> -----Original Message----- >>> From: listsad...@lists.myitforum.com [mailto:listsadmin@lists.myitf >>> orum.com] On Behalf Of Kurt Buff >>> Sent: Friday, July 21, 2017 11:11 PM >>> To: ntsysadm >>> Subject: [NTSysADM] RPC not available on remote machine while doing DFSR >>> config >>> >>> All, >>> >>> I'm re-doing the DFSR config for the file servers in our US and AU >>> offices. The US has a bunch of directories that will be replicated to AU >>> (but not back). No big deal, but the PowerShell script I'm writing is >>> killing me. I don't know if I'm running into a time out problem, or what it >>> might be. >>> >>> I'm running the script from Redmond on my laptop. >>> >>> Here's the script, which should Just Work(tm): >>> ---------- >>> $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv >>> >>> New-DfsReplicationGroup -GroupName US2AU-Engineering >>> $GroupName = Get-DfsReplicationGroup US2AU-Engineering >>> >>> Foreach ($Line in $NewDFSR) >>> { >>> $GroupName = $Line.GroupName >>> $SourceComputer = $Line.SourceComputer >>> $FolderName = $Line.FolderName >>> $SourceContentPath = $Line.SourceContentPath >>> $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB >>> $SourcePrimaryMember = >>> [System.Convert]::ToBoolean($Line.SourcePrimaryMember) >>> $DestinationComputer = $Line.DestinationComputer >>> $DestinationContentPath = $Line.DestinationContentPath >>> $DestinationReadOnly = >>> [System.Convert]::ToBoolean($Line.$Line.DestinationReadOnly) >>> >>> New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName >>> Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer, >>> $DestinationComputer >>> Add-DfsrConnection -GroupName $GroupName -SourceComputerName >>> $SourceComputer -DestinationComputerName $DestinationComputer >>> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >>> -ComputerName $SourceComputer -ContentPath $SourceContentPath >>> -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB >>> $SourceStagingPathQuotaInMB -Force >>> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >>> -ComputerName $DestinationComputer -ContentPath $DestinationContentPath >>> -ReadOnly $DestinationReadOnly -Force >>> } >>> ---------- >>> >>> But it fails the Add-DfsrMember command, when trying to add the AU file >>> server: >>> ---------- >>> Add-DfsrMember : Could not add the computer to the replication group. >>> Computer: ZAUFS01P Replication group: "US2AU-Engineering" The remote >>> procedure call failed >>> At C:\BatchFiles\New-DfsrConfiguration.ps1:19 char:2 >>> + Add-DfsrMember -GroupName $GroupName -ComputerName >>> $SourceCompute ... >>> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>> ~~~~~~ >>> + CategoryInfo : NotSpecified: (ZAUFS01P:String) >>> [Add-DfsrMember], DfsrException >>> + FullyQualifiedErrorId : >>> Add-DfsrMember.NonTerminatingOMException,Microsoft.Distribut >>> edFileSystemReplication.Commands.AddDfsrMemberCommand >>> ---------- >>> >>> However, if I RDP to that file server, I see this, which to me indicates >>> that it *is* listening: >>> ---------- >>> C:\Windows\system32>winrm enumerate winrm/config/listener >>> Listener [Source="GPO"] >>> Address = * >>> Transport = HTTP >>> Port = 5985 >>> Hostname >>> Enabled = true >>> URLPrefix = wsman >>> CertificateThumbprint >>> ListeningOn = 10.212.1.30, 127.0.0.1, ::1, >>> fe80::a9e7:6f85:8115:b4ed%16 >>> ---------- >>> >>> Heck, I even stood up wireshark on my laptop, from which I'm running >>> this script, and see traffic to that server, though I can't quite figure >>> out the conversation - but I have a 48kb capture file detailing the >>> transaction for the attempted configuration of a single directory, if >>> anyone wants that. >>> >>> Kurt >>> >>> >>> >>> >>> >> >>