Well, I never would’ve figured that out! I didn’t even know you had WAN accelerators. ☺
I’m glad you got it resolved! From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Thursday, July 27, 2017 6:53 PM To: ntsysadm Subject: Huzzah! Re: [NTSysADM] RPC not available on remote machine while doing DFSR config It turns out that our Riverbed WAN accelerators were the problem. Don't know why that would be, but while working with MSFT support, I turned off the optimization for the Riverbed at each end, and it went through with nary a hiccup. This worked without a flaw, creating one Replication Group, and then creating many Replicated Folders under that RG, between two servers, and it's supposed to be one-way replication, which I'll test tomorrow. It also sets up the connection schedule, using the local time for the receiving computer However, I might not have gotten the connection schedule correct, because when I check the schedule in the GUI, it's set up for full speed replication 24x7, when it should be 512kbits/sec during the receiving computer's business hours. I'm going to let that cook overnight to see if that updates itself. This was a fun project, modulo the frustration with getting the script past the errors induced by the Riverbeds. I'm not real proud of the script, as it does no error checking, no prompting for user input, etc., but it got the job done. I've stripped out the comments and write-host stuff for the sake of brevity, and wanted to share it with y'all. Hope someone finds it useful. Kurt Tab-Delimited CSV, with header and one entry ----------Begin NewDFSr.csv---------- GroupName SourceComputer FolderName SourcePrimaryMember SourceContentPath SourceStagingPathQuotaInMB DestinationComputer DestinationContentPath DestinationReadOnly US2AU-Engineering usfs01p TC-39.3 TRUE K:\Engineering\TestCandidates\Folder1\CurrentVersions 10240 aufs01p E:\Engineering\TestCandidates\Folder1\CurrentVersions TRUE ----------End NewDFSR.csv---------- ----------Begin Script---------- $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv $NewGroupName = "US2AU-Engineering" New-DfsReplicationGroup -GroupName $NewGroupName Add-DfsrMember -GroupName $NewGroupName -ComputerName usfs01p, aufs01p Add-DfsrConnection -GroupName $NewGroupName -SourceComputerName $SourceComputer -DestinationComputerName $DestinationComputer Foreach ($Line in $NewDFSR) { $SourceComputer = $Line.SourceComputer $FolderName = $Line.FolderName $SourceContentPath = $Line.SourceContentPath $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB $SourcePrimaryMember = [System.Convert]::ToBoolean($Line.SourcePrimaryMember) $DestinationComputer = $Line.DestinationComputer $DestinationContentPath = $Line.DestinationContentPath $DestinationReadOnly = [System.Convert]::ToBoolean($Line.DestinationReadOnly) New-DfsReplicatedFolder -GroupName $NewGroupName -FolderName $FolderName Set-DfsrMembership -GroupName $NewGroupName -FolderName $FolderName -ComputerName $SourceComputer -ContentPath $SourceContentPath -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB $SourceStagingPathQuotaInMB -Force Set-DfsrMembership -GroupName $NewGroupName -FolderName $FolderName -ComputerName $DestinationComputer -ContentPath $DestinationContentPath -ReadOnly $DestinationReadOnly -Force } Set-DfsrConnectionSchedule -GroupName $NewGroupName -SourceComputerName $SourceComputer -DestinationComputerName $DestinationComputer -Day 1,2,3,4,5 -BandwidthDetail "ffffffffffffffffffffffffffffffffffff66666666666666666666666666666666ffffffffffffffffffffffffffff" Update-DfsrConfigurationFromAD -ComputerName $SourceComputer,$DestinationComputer ----------End Script---------- On Mon, Jul 24, 2017 at 3:30 PM, Michael B. Smith <mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote: And do you have errors in the DFS specific event logs? From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Michael B. Smith Sent: Monday, July 24, 2017 6:22 PM To: ntsysadm@lists.myitforum.com<mailto:ntsysadm@lists.myitforum.com> Subject: RE: [NTSysADM] RPC not available on remote machine while doing DFSR config 609 ms? Wow. I suspect that is a hint. Let’s do a bit more: rpcping -s aufs01p –i 100 –v 3 and see what that tells us…. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 5:33 PM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config I believe so: From my workstation: # rpcping -s aufs01p Completed 1 calls in 609 ms 1 T/S or 609.000 ms/T Kurt On Mon, Jul 24, 2017 at 1:13 PM, Michael B. Smith <mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote: Does rpcping agree? From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 4:04 PM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config Seems to be... Kurt On Mon, Jul 24, 2017 at 12:50 PM, Ed Ziots <eziot...@gmail.com<mailto:eziot...@gmail.com>> wrote: Is tcp 135 open via fw rules on remote host? On Jul 24, 2017 12:21 PM, "Kurt Buff" <kurt.b...@gmail.com<mailto:kurt.b...@gmail.com>> wrote: So, fixing the MTU mismatch seems not to have worked. I left the physical interface MTUs on both sides at 1500, and set up the MTUs for the tunnel interfaces at 1385, and verified that ping -f -l succeeds at 1357 and fails at 1358 from both sides. I even took a single set of entries from my CSV file and unrolled the loop, manually replacing the variables with values, including FQDNs for the machine names. Same failure: # Add-DfsrMember -GroupName US2AU-Engineering -ComputerName usfs01p.example.com<http://usfs01p.example.com>, aufs01p.example.com<http://aufs01p.example.com> Add-DfsrMember : Could not add the computer to the replication group. Computer: aufs01p.example.com<http://aufs01p.example.com> Replication group: "US2AU-Engineering" The remote procedure call failed At line:1 char:1 + Add-DfsrMember -GroupName US2AU-Engineering -ComputerName usfs01p.exampl . + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (aufs01p.example.com:String) [Add-DfsrMember], DfsrException + FullyQualifiedErrorId : Add-DfsrMember.NonTerminatingOMException,Microsoft.DistributedFileSystemReplication.Commands.AddDfsrMemberCommand Additionally, I tried running the script on the DC in the AU office, and get the reciprocal failure (RPC failure, can't resolve the name of the US file server). Kurt On Mon, Jul 24, 2017 at 7:54 AM, Michael B. Smith <mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote: Yep, those MTUs. Because inconsistent RPC fragmentation can cause transactions to fail. From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 10:44 AM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config MTUs? As in TCP/IP Maximum Transmission Units? I will check that and post back, but why would a mismatch in MTU show up as this? Kurt On Mon, Jul 24, 2017 at 5:31 AM, Michael B. Smith <mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote: I’m certain you can google as well as I can – but after looking at 8-10 results… are you sure you have matching MTUs? From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 1:10 AM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config Ignore my earlier message from this evening. I've overcome some blindness on my part, and have a bit more information, though I fear it's not enough. I used this page for what looks to be a better way to handle the errors: https://stackoverflow.com/questions/38419325/catching-full-exception-message The red highlighted error is new - but I don't know why that's there. It's very strange, as both are 2012R2 servers, in the same domain, and I'm running this on my Win10 workstation with my DA credentials. ----------Begin revised script---------- $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv New-DfsReplicationGroup -GroupName US2AU-Engineering $GroupName = Get-DfsReplicationGroup US2AU-Engineering Foreach ($Line in $NewDFSR) { $GroupName = $Line.GroupName $SourceComputer = $Line.SourceComputer $FolderName = $Line.FolderName $SourceContentPath = $Line.SourceContentPath $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB $SourcePrimaryMember = [System.Convert]::ToBoolean($Line.SourcePrimaryMember) $DestinationComputer = $Line.DestinationComputer $DestinationContentPath = $Line.DestinationContentPath $DestinationReadOnly = [System.Convert]::ToBoolean($Line.DestinationReadOnly) New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName Try { Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer, $DestinationComputer } Catch { $e = $_.Exception $msg = $e.Message while ($e.InnerException) { $e = $e.InnerException $msg += "`n" + $e.Message } $msg} Add-DfsrConnection -GroupName $GroupName -SourceComputerName $SourceComputer -DestinationComputerName $DestinationComputer -ErrorAction Stop Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $SourceComputer -ContentPath $SourceContentPath -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB $SourceStagingPathQuotaInMB -Force Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $DestinationComputer -ContentPath $DestinationContentPath -ReadOnly $DestinationReadOnly -Force } Set-DfsrConnectionSchedule -GroupName "US2AU-Engineering" -SourceComputerName "USfs01p" -DestinationComputerName "AUfs01p" -Day 1,2,3,4,5 -BandwidthDetail "ffffffffffffffffffffffffffffffffffff66666666666666666666666666666666ffffffffffffffffffffffffffff" Update-DfsrConfigurationFromAD -ComputerName $SourceComputer,$DestinationComputer ---------End Revised Script---------- Relevant output: ---------Begin snipped output---------- Could not add the computer to the replication group. Computer: AUFS01P Replication group: "US2AU-Engineering" The remote procedure call failed The operating system version of server AUFS01P cannot be retrieved. The remote procedure call failed Add-DfsrConnection : The connection could not be added because DFS Replication could not find at least one source and one destination computer in the replication group, or because the source and destination computers were the same. Source computer: USFS01P Destination computer: AUFS01P Replication group: "US2AU-Engineering" At C:\BatchFiles\Configure-NewDFSR2.ps1:32 char:5 + Add-DfsrConnection -GroupName $GroupName -SourceComputerName $Sou ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (:) [Add-DfsrConnection], DfsrException + FullyQualifiedErrorId : Add-DfsrConnection.NoDistinctMemberPairs,Microsoft.DistributedFileSystemReplication.Commands.AddDfsrConnectionCommand ---------End snipped output---------- On Fri, Jul 21, 2017 at 8:27 PM, Michael B. Smith <mich...@smithcons.com<mailto:mich...@smithcons.com>> wrote: What is the InnerException of the error? -----Original Message----- From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Kurt Buff Sent: Friday, July 21, 2017 11:11 PM To: ntsysadm Subject: [NTSysADM] RPC not available on remote machine while doing DFSR config All, I'm re-doing the DFSR config for the file servers in our US and AU offices. The US has a bunch of directories that will be replicated to AU (but not back). No big deal, but the PowerShell script I'm writing is killing me. I don't know if I'm running into a time out problem, or what it might be. I'm running the script from Redmond on my laptop. Here's the script, which should Just Work(tm): ---------- $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv New-DfsReplicationGroup -GroupName US2AU-Engineering $GroupName = Get-DfsReplicationGroup US2AU-Engineering Foreach ($Line in $NewDFSR) { $GroupName = $Line.GroupName $SourceComputer = $Line.SourceComputer $FolderName = $Line.FolderName $SourceContentPath = $Line.SourceContentPath $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB $SourcePrimaryMember = [System.Convert]::ToBoolean($Line.SourcePrimaryMember) $DestinationComputer = $Line.DestinationComputer $DestinationContentPath = $Line.DestinationContentPath $DestinationReadOnly = [System.Convert]::ToBoolean($Line.$Line.DestinationReadOnly) New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer, $DestinationComputer Add-DfsrConnection -GroupName $GroupName -SourceComputerName $SourceComputer -DestinationComputerName $DestinationComputer Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $SourceComputer -ContentPath $SourceContentPath -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB $SourceStagingPathQuotaInMB -Force Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $DestinationComputer -ContentPath $DestinationContentPath -ReadOnly $DestinationReadOnly -Force } ---------- But it fails the Add-DfsrMember command, when trying to add the AU file server: ---------- Add-DfsrMember : Could not add the computer to the replication group. Computer: ZAUFS01P Replication group: "US2AU-Engineering" The remote procedure call failed At C:\BatchFiles\New-DfsrConfiguration.ps1:19 char:2 + Add-DfsrMember -GroupName $GroupName -ComputerName $SourceCompute ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (ZAUFS01P:String) [Add-DfsrMember], DfsrException + FullyQualifiedErrorId : Add-DfsrMember.NonTerminatingOMException,Microsoft.DistributedFileSystemReplication.Commands.AddDfsrMemberCommand ---------- However, if I RDP to that file server, I see this, which to me indicates that it *is* listening: ---------- C:\Windows\system32>winrm enumerate winrm/config/listener Listener [Source="GPO"] Address = * Transport = HTTP Port = 5985 Hostname Enabled = true URLPrefix = wsman CertificateThumbprint ListeningOn = 10.212.1.30, 127.0.0.1, ::1, fe80::a9e7:6f85:8115:b4ed%16 ---------- Heck, I even stood up wireshark on my laptop, from which I'm running this script, and see traffic to that server, though I can't quite figure out the conversation - but I have a 48kb capture file detailing the transaction for the attempted configuration of a single directory, if anyone wants that. Kurt
