Is tcp 135 open via fw rules on remote host? On Jul 24, 2017 12:21 PM, "Kurt Buff" <[email protected]> wrote:
> So, fixing the MTU mismatch seems not to have worked. I left the physical > interface MTUs on both sides at 1500, and set up the MTUs for the tunnel > interfaces at 1385, and verified that ping -f -l succeeds at 1357 and fails > at 1358 from both sides. > > I even took a single set of entries from my CSV file and unrolled the > loop, manually replacing the variables with values, including FQDNs for the > machine names. > > Same failure: > > # Add-DfsrMember -GroupName US2AU-Engineering -ComputerName > usfs01p.example.com, aufs01p.example.com > > Add-DfsrMember : Could not add the computer to the replication group. > Computer: aufs01p.example.com Replication group: "US2AU-Engineering" The > remote procedure call failed > At line:1 char:1 > + Add-DfsrMember -GroupName US2AU-Engineering -ComputerName usfs01p.exampl > ... > + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ > + CategoryInfo : NotSpecified: (aufs01p.example.com:String) > [Add-DfsrMember], DfsrException > + FullyQualifiedErrorId : Add-DfsrMember.NonTerminatingOMException, > Microsoft.DistributedFileSystemReplication.Commands.AddDfsrMemberCommand > > Additionally, I tried running the script on the DC in the AU office, and > get the reciprocal failure (RPC failure, can't resolve the name of the US > file server). > > Kurt > > On Mon, Jul 24, 2017 at 7:54 AM, Michael B. Smith <[email protected]> > wrote: > >> Yep, those MTUs. Because inconsistent RPC fragmentation can cause >> transactions to fail. >> >> >> >> *From:* [email protected] [mailto:[email protected] >> orum.com] *On Behalf Of *Kurt Buff >> *Sent:* Monday, July 24, 2017 10:44 AM >> >> *To:* ntsysadm >> *Subject:* Re: [NTSysADM] RPC not available on remote machine while >> doing DFSR config >> >> >> >> MTUs? As in TCP/IP Maximum Transmission Units? >> >> I will check that and post back, but why would a mismatch in MTU show up >> as this? >> >> Kurt >> >> >> >> On Mon, Jul 24, 2017 at 5:31 AM, Michael B. Smith <[email protected]> >> wrote: >> >> I’m certain you can google as well as I can – but after looking at 8-10 >> results… are you sure you have matching MTUs? >> >> >> >> *From:* [email protected] [mailto:[email protected] >> orum.com] *On Behalf Of *Kurt Buff >> *Sent:* Monday, July 24, 2017 1:10 AM >> *To:* ntsysadm >> *Subject:* Re: [NTSysADM] RPC not available on remote machine while >> doing DFSR config >> >> >> >> Ignore my earlier message from this evening. I've overcome some blindness >> on my part, and have a bit more information, though I fear it's not enough. >> I used this page for what looks to be a better way to handle the errors: >> https://stackoverflow.com/questions/38419325/catching-full- >> exception-message >> >> The red highlighted error is new - but I don't know why that's there. >> It's very strange, as both are 2012R2 servers, in the same domain, and I'm >> running this on my Win10 workstation with my DA credentials. >> >> >> >> ----------Begin revised script---------- >> $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv >> New-DfsReplicationGroup -GroupName US2AU-Engineering >> $GroupName = Get-DfsReplicationGroup US2AU-Engineering >> Foreach ($Line in $NewDFSR) >> { >> $GroupName = $Line.GroupName >> $SourceComputer = $Line.SourceComputer >> $FolderName = $Line.FolderName >> $SourceContentPath = $Line.SourceContentPath >> $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB >> $SourcePrimaryMember = [System.Convert]::ToBoolean($L >> ine.SourcePrimaryMember) >> $DestinationComputer = $Line.DestinationComputer >> $DestinationContentPath = $Line.DestinationContentPath >> $DestinationReadOnly = [System.Convert]::ToBoolean($L >> ine.DestinationReadOnly) >> New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName >> Try >> { >> Add-DfsrMember -GroupName $GroupName -ComputerName >> $SourceComputer, $DestinationComputer >> } >> Catch >> >> >> >> >> >> >> * { $e = $_.Exception $msg = $e.Message while >> ($e.InnerException) { $e = $e.InnerException $msg += >> "`n" + $e.Message }* >> $msg} >> Add-DfsrConnection -GroupName $GroupName -SourceComputerName >> $SourceComputer -DestinationComputerName $DestinationComputer -ErrorAction >> Stop >> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >> -ComputerName $SourceComputer -ContentPath $SourceContentPath >> -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB >> $SourceStagingPathQuotaInMB -Force >> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >> -ComputerName $DestinationComputer -ContentPath $DestinationContentPath >> -ReadOnly $DestinationReadOnly -Force >> } >> Set-DfsrConnectionSchedule -GroupName "US2AU-Engineering" >> -SourceComputerName "USfs01p" -DestinationComputerName "AUfs01p" -Day >> 1,2,3,4,5 -BandwidthDetail "fffffffffffffffffffffffffffff >> fffffff66666666666666666666666666666666ffffffffffffffffffffffffffff" >> Update-DfsrConfigurationFromAD -ComputerName >> $SourceComputer,$DestinationComputer >> >> ---------End Revised Script---------- >> >> Relevant output: >> >> ---------Begin snipped output---------- >> Could not add the computer to the replication group. Computer: AUFS01P >> Replication group: "US2AU-Engineering" The remote procedure call failed >> *The operating system version of server AUFS01P cannot be retrieved.* >> The remote procedure call failed >> Add-DfsrConnection : The connection could not be added because DFS >> Replication could not find at least one source and one destination computer >> in the replication group, or because the >> source and destination computers were the same. Source computer: USFS01P >> Destination computer: AUFS01P Replication group: "US2AU-Engineering" >> At C:\BatchFiles\Configure-NewDFSR2.ps1:32 char:5 >> + Add-DfsrConnection -GroupName $GroupName -SourceComputerName $Sou >> ... >> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> + CategoryInfo : ObjectNotFound: (:) [Add-DfsrConnection], >> DfsrException >> + FullyQualifiedErrorId : Add-DfsrConnection.NoDistinctM >> emberPairs,Microsoft.DistributedFileSystemReplication. >> Commands.AddDfsrConnectionCommand >> ---------End snipped output---------- >> >> >> >> On Fri, Jul 21, 2017 at 8:27 PM, Michael B. Smith <[email protected]> >> wrote: >> >> What is the InnerException of the error? >> >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected] >> orum.com] On Behalf Of Kurt Buff >> Sent: Friday, July 21, 2017 11:11 PM >> To: ntsysadm >> Subject: [NTSysADM] RPC not available on remote machine while doing DFSR >> config >> >> All, >> >> I'm re-doing the DFSR config for the file servers in our US and AU >> offices. The US has a bunch of directories that will be replicated to AU >> (but not back). No big deal, but the PowerShell script I'm writing is >> killing me. I don't know if I'm running into a time out problem, or what it >> might be. >> >> I'm running the script from Redmond on my laptop. >> >> Here's the script, which should Just Work(tm): >> ---------- >> $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv >> >> New-DfsReplicationGroup -GroupName US2AU-Engineering >> $GroupName = Get-DfsReplicationGroup US2AU-Engineering >> >> Foreach ($Line in $NewDFSR) >> { >> $GroupName = $Line.GroupName >> $SourceComputer = $Line.SourceComputer >> $FolderName = $Line.FolderName >> $SourceContentPath = $Line.SourceContentPath >> $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB >> $SourcePrimaryMember = >> [System.Convert]::ToBoolean($Line.SourcePrimaryMember) >> $DestinationComputer = $Line.DestinationComputer >> $DestinationContentPath = $Line.DestinationContentPath >> $DestinationReadOnly = >> [System.Convert]::ToBoolean($Line.$Line.DestinationReadOnly) >> >> New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName >> Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer, >> $DestinationComputer >> Add-DfsrConnection -GroupName $GroupName -SourceComputerName >> $SourceComputer -DestinationComputerName $DestinationComputer >> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >> -ComputerName $SourceComputer -ContentPath $SourceContentPath >> -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB >> $SourceStagingPathQuotaInMB -Force >> Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName >> -ComputerName $DestinationComputer -ContentPath $DestinationContentPath >> -ReadOnly $DestinationReadOnly -Force >> } >> ---------- >> >> But it fails the Add-DfsrMember command, when trying to add the AU file >> server: >> ---------- >> Add-DfsrMember : Could not add the computer to the replication group. >> Computer: ZAUFS01P Replication group: "US2AU-Engineering" The remote >> procedure call failed >> At C:\BatchFiles\New-DfsrConfiguration.ps1:19 char:2 >> + Add-DfsrMember -GroupName $GroupName -ComputerName >> $SourceCompute ... >> + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> ~~~~~~ >> + CategoryInfo : NotSpecified: (ZAUFS01P:String) >> [Add-DfsrMember], DfsrException >> + FullyQualifiedErrorId : >> Add-DfsrMember.NonTerminatingOMException,Microsoft.Distribut >> edFileSystemReplication.Commands.AddDfsrMemberCommand >> ---------- >> >> However, if I RDP to that file server, I see this, which to me indicates >> that it *is* listening: >> ---------- >> C:\Windows\system32>winrm enumerate winrm/config/listener >> Listener [Source="GPO"] >> Address = * >> Transport = HTTP >> Port = 5985 >> Hostname >> Enabled = true >> URLPrefix = wsman >> CertificateThumbprint >> ListeningOn = 10.212.1.30, 127.0.0.1, ::1, >> fe80::a9e7:6f85:8115:b4ed%16 >> ---------- >> >> Heck, I even stood up wireshark on my laptop, from which I'm running this >> script, and see traffic to that server, though I can't quite figure out the >> conversation - but I have a 48kb capture file detailing the transaction for >> the attempted configuration of a single directory, if anyone wants that. >> >> Kurt >> >> >> >> >> > >
