Does rpcping agree? From: [email protected] [mailto:[email protected]] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 4:04 PM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config
Seems to be... [Inline image 1] Kurt On Mon, Jul 24, 2017 at 12:50 PM, Ed Ziots <[email protected]<mailto:[email protected]>> wrote: Is tcp 135 open via fw rules on remote host? On Jul 24, 2017 12:21 PM, "Kurt Buff" <[email protected]<mailto:[email protected]>> wrote: So, fixing the MTU mismatch seems not to have worked. I left the physical interface MTUs on both sides at 1500, and set up the MTUs for the tunnel interfaces at 1385, and verified that ping -f -l succeeds at 1357 and fails at 1358 from both sides. I even took a single set of entries from my CSV file and unrolled the loop, manually replacing the variables with values, including FQDNs for the machine names. Same failure: # Add-DfsrMember -GroupName US2AU-Engineering -ComputerName usfs01p.example.com<http://usfs01p.example.com>, aufs01p.example.com<http://aufs01p.example.com> Add-DfsrMember : Could not add the computer to the replication group. Computer: aufs01p.example.com<http://aufs01p.example.com> Replication group: "US2AU-Engineering" The remote procedure call failed At line:1 char:1 + Add-DfsrMember -GroupName US2AU-Engineering -ComputerName usfs01p.exampl ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (aufs01p.example.com:String) [Add-DfsrMember], DfsrException + FullyQualifiedErrorId : Add-DfsrMember.NonTerminatingOMException,Microsoft.DistributedFileSystemReplication.Commands.AddDfsrMemberCommand Additionally, I tried running the script on the DC in the AU office, and get the reciprocal failure (RPC failure, can't resolve the name of the US file server). Kurt On Mon, Jul 24, 2017 at 7:54 AM, Michael B. Smith <[email protected]<mailto:[email protected]>> wrote: Yep, those MTUs. Because inconsistent RPC fragmentation can cause transactions to fail. From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 10:44 AM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config MTUs? As in TCP/IP Maximum Transmission Units? I will check that and post back, but why would a mismatch in MTU show up as this? Kurt On Mon, Jul 24, 2017 at 5:31 AM, Michael B. Smith <[email protected]<mailto:[email protected]>> wrote: I’m certain you can google as well as I can – but after looking at 8-10 results… are you sure you have matching MTUs? From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Kurt Buff Sent: Monday, July 24, 2017 1:10 AM To: ntsysadm Subject: Re: [NTSysADM] RPC not available on remote machine while doing DFSR config Ignore my earlier message from this evening. I've overcome some blindness on my part, and have a bit more information, though I fear it's not enough. I used this page for what looks to be a better way to handle the errors: https://stackoverflow.com/questions/38419325/catching-full-exception-message The red highlighted error is new - but I don't know why that's there. It's very strange, as both are 2012R2 servers, in the same domain, and I'm running this on my Win10 workstation with my DA credentials. ----------Begin revised script---------- $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv New-DfsReplicationGroup -GroupName US2AU-Engineering $GroupName = Get-DfsReplicationGroup US2AU-Engineering Foreach ($Line in $NewDFSR) { $GroupName = $Line.GroupName $SourceComputer = $Line.SourceComputer $FolderName = $Line.FolderName $SourceContentPath = $Line.SourceContentPath $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB $SourcePrimaryMember = [System.Convert]::ToBoolean($Line.SourcePrimaryMember) $DestinationComputer = $Line.DestinationComputer $DestinationContentPath = $Line.DestinationContentPath $DestinationReadOnly = [System.Convert]::ToBoolean($Line.DestinationReadOnly) New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName Try { Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer, $DestinationComputer } Catch { $e = $_.Exception $msg = $e.Message while ($e.InnerException) { $e = $e.InnerException $msg += "`n" + $e.Message } $msg} Add-DfsrConnection -GroupName $GroupName -SourceComputerName $SourceComputer -DestinationComputerName $DestinationComputer -ErrorAction Stop Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $SourceComputer -ContentPath $SourceContentPath -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB $SourceStagingPathQuotaInMB -Force Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $DestinationComputer -ContentPath $DestinationContentPath -ReadOnly $DestinationReadOnly -Force } Set-DfsrConnectionSchedule -GroupName "US2AU-Engineering" -SourceComputerName "USfs01p" -DestinationComputerName "AUfs01p" -Day 1,2,3,4,5 -BandwidthDetail "ffffffffffffffffffffffffffffffffffff66666666666666666666666666666666ffffffffffffffffffffffffffff" Update-DfsrConfigurationFromAD -ComputerName $SourceComputer,$DestinationComputer ---------End Revised Script---------- Relevant output: ---------Begin snipped output---------- Could not add the computer to the replication group. Computer: AUFS01P Replication group: "US2AU-Engineering" The remote procedure call failed The operating system version of server AUFS01P cannot be retrieved. The remote procedure call failed Add-DfsrConnection : The connection could not be added because DFS Replication could not find at least one source and one destination computer in the replication group, or because the source and destination computers were the same. Source computer: USFS01P Destination computer: AUFS01P Replication group: "US2AU-Engineering" At C:\BatchFiles\Configure-NewDFSR2.ps1:32 char:5 + Add-DfsrConnection -GroupName $GroupName -SourceComputerName $Sou ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : ObjectNotFound: (:) [Add-DfsrConnection], DfsrException + FullyQualifiedErrorId : Add-DfsrConnection.NoDistinctMemberPairs,Microsoft.DistributedFileSystemReplication.Commands.AddDfsrConnectionCommand ---------End snipped output---------- On Fri, Jul 21, 2017 at 8:27 PM, Michael B. Smith <[email protected]<mailto:[email protected]>> wrote: What is the InnerException of the error? -----Original Message----- From: [email protected]<mailto:[email protected]> [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Kurt Buff Sent: Friday, July 21, 2017 11:11 PM To: ntsysadm Subject: [NTSysADM] RPC not available on remote machine while doing DFSR config All, I'm re-doing the DFSR config for the file servers in our US and AU offices. The US has a bunch of directories that will be replicated to AU (but not back). No big deal, but the PowerShell script I'm writing is killing me. I don't know if I'm running into a time out problem, or what it might be. I'm running the script from Redmond on my laptop. Here's the script, which should Just Work(tm): ---------- $NewDFSR = import-csv -Delimiter "`t" c:\Batchfiles\data\NewDFSR.csv New-DfsReplicationGroup -GroupName US2AU-Engineering $GroupName = Get-DfsReplicationGroup US2AU-Engineering Foreach ($Line in $NewDFSR) { $GroupName = $Line.GroupName $SourceComputer = $Line.SourceComputer $FolderName = $Line.FolderName $SourceContentPath = $Line.SourceContentPath $SourceStagingPathQuotaInMB = $Line.SourceStagingPathQuotaInMB $SourcePrimaryMember = [System.Convert]::ToBoolean($Line.SourcePrimaryMember) $DestinationComputer = $Line.DestinationComputer $DestinationContentPath = $Line.DestinationContentPath $DestinationReadOnly = [System.Convert]::ToBoolean($Line.$Line.DestinationReadOnly) New-DfsReplicatedFolder -GroupName $GroupName -FolderName $FolderName Add-DfsrMember -GroupName $GroupName -ComputerName $SourceComputer, $DestinationComputer Add-DfsrConnection -GroupName $GroupName -SourceComputerName $SourceComputer -DestinationComputerName $DestinationComputer Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $SourceComputer -ContentPath $SourceContentPath -PrimaryMember $SourcePrimaryMember -StagingPathQuotaInMB $SourceStagingPathQuotaInMB -Force Set-DfsrMembership -GroupName $GroupName -FolderName $FolderName -ComputerName $DestinationComputer -ContentPath $DestinationContentPath -ReadOnly $DestinationReadOnly -Force } ---------- But it fails the Add-DfsrMember command, when trying to add the AU file server: ---------- Add-DfsrMember : Could not add the computer to the replication group. Computer: ZAUFS01P Replication group: "US2AU-Engineering" The remote procedure call failed At C:\BatchFiles\New-DfsrConfiguration.ps1:19 char:2 + Add-DfsrMember -GroupName $GroupName -ComputerName $SourceCompute ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : NotSpecified: (ZAUFS01P:String) [Add-DfsrMember], DfsrException + FullyQualifiedErrorId : Add-DfsrMember.NonTerminatingOMException,Microsoft.DistributedFileSystemReplication.Commands.AddDfsrMemberCommand ---------- However, if I RDP to that file server, I see this, which to me indicates that it *is* listening: ---------- C:\Windows\system32>winrm enumerate winrm/config/listener Listener [Source="GPO"] Address = * Transport = HTTP Port = 5985 Hostname Enabled = true URLPrefix = wsman CertificateThumbprint ListeningOn = 10.212.1.30, 127.0.0.1, ::1, fe80::a9e7:6f85:8115:b4ed%16 ---------- Heck, I even stood up wireshark on my laptop, from which I'm running this script, and see traffic to that server, though I can't quite figure out the conversation - but I have a 48kb capture file detailing the transaction for the attempted configuration of a single directory, if anyone wants that. Kurt
