Q7250010: For one of my Windows servers, I get the error: "Unable to connect to [myserver]; WMI Error 0x800706BA: The RPC server is unavailable"
Most common reason are:
Firewall settings on the monitored server block all RPC data
Alternate credentials are used, but the account used is not the built-in local Administrator
The solutions are described below.
Firewall Settings
If you use a third-party firewall on the monitored server, check the appropriate settings. If you do not use a third-party firewall, type 'Windows Defender Firewall' in the Search bar of the monitored server, and open the 'Windows Defender Firewall with Ad...
Network Monitor > Monitoring Windows / WMI (DCOM)Q7250020: For one of my Windows servers, I get the error: "Unable to connect to [myserver]; WMI Error 0x80070005: Access is denied"
In most situation, the credentials do not suffice. Make sure that the credentials, used for the ActiveXperts Network Monitor Engine service to login, have full permissions on the monitored server.
Or use alternate credentials for the particular check, so that ActiveXperts doesn't use the service credentials but the alternate credentials instead to login and monitor the remote server.
To verify, check WMI without ActiveXperts by running the Windows built-in WMIC utility from the command-line (replace...
Network Monitor > Monitoring Windows / WMI (DCOM) Q7250005: What ports do I need to open in the firewall to enable communication between the ActiveXperts Network Monitor server and the monitored servers?
The ports used when monitoring a server using ActiveXperts Network Monitor depend on the type of monitor function that is being done. For example, monitoring a web site usually requires one port - port 80, monitoring an SMTP server requires port 25, monitoring DNS requires port 53(udp).
WMI (or more correctly RPC/DCOM) uses TCP ports 135 and 445 as well
as dynamically-assigned ports above 1024. WMI is used for many Windows-based checks.
When checking which ports must be opened on the firewall, one ...
Network Monitor > Monitoring Windows / WMI (DCOM) Q7250060: We've raised the authentication level to require RPC_C_AUTHN_LEVEL_PKT_INTEGRITY on all of our Windows servers. Is ActiveXperts able to handle it?
By default, ActiveXperts uses the RPC_C_AUTHN_LEVEL_DEFAULT level to connect to remote Windows Servers. This will not suffice for servers that require RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication.
You need to change the following registry entry:
HKLM\Software\ActiveXperts\Network Monitor\Server\DCOM\AuthenticationLevel
and set the value to 5, which means: RPC_C_AUTHN_LEVEL_PKT_INTEGRITY
This requires a restart of the 'ActiveXperts Network Monitor Engine' service!
Please note that this ...
Network Monitor > Monitoring Windows / WMI (DCOM) Q7250065: We receive the following error when executing a Windows check: "Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application."
Microsoft has strengthened the authentication used between DCOM clients and servers, ensuring that none of the data transferred between the client and server has been modified.
More more information, see FAQ #Q7250060
Network Monitor > Monitoring Windows / WMI (DCOM) Q7250025: I'm getting an error saying that 'Win32_Service' does not exist. Other basic WMI classes like 'Win32_LogicalDisk' do not exist either. Any idea?
Most probably, your WMI repository needs to be rebuild or repaired. For instructions, see support.quest.com/vworkspace/kb/88861.
Network Monitor > Monitoring Windows / WMI (DCOM) Q7250040: I'm not able to monitor any Win32_PerfRawData counters. However, I'm sure they are installed on the monitored system. I can also see those counters in the Administrative Tools\Performance tools. What should I do?
This problem occurs because Windows Management Instrumentation (WMI) uses AutoDiscovery/AutoPurge (ADAP) to build its internal performance counter table. If a particular service on the monitored computer was not started when the WMI ADAP process is started, the performance counters are not transferred to WMI.
Please run the following command from the command line on the monitored computer:
wmiadap /f
and then restart the wmi-service.
Network Monitor > Monitoring Windows / WMI (DCOM) Q7250070: Is there a way to bypass the DCOM hardening changes that forces RPC_C_AUTHN_LEVEL_PKT_INTEGRITY authentication?
Yes you can. First of all, you need to make sure you have the September 2021 patches or later installed.
Registry setting to enable or disable the hardening changes for CVE-2021-26414, you can use the following registry key:
Path : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole\AppCompat
Value Name: "RequireIntegrityActivationAuthenticationLevel"
Type: dword
Value Data: default = 0x00000000 means disabled. 0x00000001 means enabled. If this value is not defined, it will default to enabled.
T...
Network Monitor > Monitoring Windows / WMI (DCOM) Q7250050: When I try to monitor my TMG server, ActiveXperts tells me that the RPC Server is unavailable (error 0x800706BA). What can I do?
Incoming WMI requests are denied by the TMG policy by default. To enable RPC, open the 'Configure RPC protocol policy' configuration window, and disable the 'Enforce strict RPC compliance' option. This way, the policy will allow RPC type protocol such as DCOM.
Network Monitor > Monitoring Windows / WMI (DCOM)
|