AH. Yes, it's a firewall issue. https://support.microsoft.com/en-us/kb/2512643
I could, I suppose, open the firewall on the DCs for those RPC-related ports, to eliminate these messages, as the KB shows. However, rather than screw around with a DC, I think I will go for the other work-around: Ignore all these errors when running DCDIAG. LOL The important take-away is that my domain is clean and healthy. On Tue, Jan 12, 2016 at 9:55 AM, Michael Leone <[email protected]> wrote: > I have a question. I am running dcdiag (with /c /v /e switches); all > DCs are Win2012 R2, but domain/forest level is still Win2008 R2. > > I am seeing that some tests fail (such as DFSREvent) fail with "RPC > server is unavailable", when querying other DCs. Now, we're not really > using DFS at all (yet). But I am also seeing it on things like the KCC > Event log. And system log.All the "log" tests, it appears ... > > The error is error 0x6ba. I've found references that this might be an > expected error if querying Win2003 DCs, but not Win2012 R2 servers. > > All the other tests - advertising, Machine Account, NetLogons, > ObjectsReplicated, etc - they are all passing. It's only these certain > tests that are failing. > > If I do dcdiag locally on the server mentioned in the fail message > above, it all passes; I don't see that error. > > repadmin (/showrepl and /replsummary) are all fine. > > So, my question: is it normal for the "log" queries to fail in dcdiag, > when querying DCs remotely? As I say, if I do dcdiag /c /v locally on > each of the servers that show as fail, the test passes fine (those log > services are running fine). > > Do I need to adjust my firewall, if I want to run the tests against > all servers from just one DC?
