Skip to main content
Skip table of contents

RPC server is unavailable Troubleshooting

The error COMException = The RPC server is unavailable (0x800706BA) occurs when the Cloudamize Agentless Data Collector (ADC) cannot establish a connection to a remote Windows host. This usually indicates a communication breakdown at the network level, a stopped service, or a security block (Firewall/DCOM).

Troubleshooting Steps

Step 1: Verify Network Connectivity & Name Resolution

Before checking services, ensure the ADC can "see" the target host.

  • Ping Test: Ping the target host from the ADC machine. If it fails, check routing.

  • DNS Check: Run nslookup <Hostname> from the ADC. If the IP returned doesn't match the target's actual IP, RPC will fail.

  • Recommendation: Use the IP address instead of the Hostname in the Cloudamize inventory to bypass DNS issues.

Step 2: Check Required Services

On the Target Host, ensure these services are set to Automatic and are Running:

  1. Remote Procedure Call (RPC) (RpcSs)

  2. RPC Endpoint Mapper (RpcEptMapper)

  3. DCOM Server Process Launcher (DcomLaunch)

  4. Windows Management Instrumentation (WMI) (Winmgmt)

Step 3: Firewall & Port Configuration

RPC requires more than just port 135. It uses a dynamic range for data transfer.

  • Port 135 (TCP): For the initial RPC handshake.

  • Port 445 (TCP): For SMB/Named Pipes.

  • Dynamic Port Range:

    • Windows 2008 and later: TCP Ports 49152 – 65535.

    • Windows 2003 and earlier: TCP Ports 1025 – 5000.

  • Quick Fix Command: Run this on the target host to enable the WMI exception: netsh advfirewall set rule group="windows management instrumentation (wmi)" new enable=yes

  • The required port details are also available in our KB here.

  • Also, please refer to the Microsoft article for troubleshooting the RPC error. The steps are in the table for the error 0x800706BA (RPC_S_SERVER_UNAVAILABLE). The link to the Article is available here.

Step 4: DCOM Permissions & Hardening

Recent Windows security updates (DCOM Hardening) may block older collection methods.

  1. DCOM Config:

    • Run dcomcnfg.

    • Go to Component Services > Computers > My Computer > Properties.

    • In the Default Properties tab, ensure Enable Distributed COM on this computer is checked.

    • In COM Security, click Edit Limits for both Access and Launch/Activation. Ensure the service account has Remote Access and Remote Activation permissions.

Step 5: Review Group Policy Objects (GPOs).

In domain environments, local changes are often overridden by GPOs. Review your Domain Controller for policies that might be blocking the ADC:

  • Windows Firewall GPOs: Check Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall. Ensure "Allow inbound remote administration exception" and "Allow inbound WMI exception" are enabled for the ADC IP.

  • Restricted Groups: Ensure the service account hasn't been removed from the local "Administrators" or "Performance Log Users" group via GPO.

  • Update Lag: If you made a local change, run gpupdate /force on the target to see if your fix is reverted by a domain policy.

Step 6: UAC Restrictions (Local Accounts)

If you are using a local administrator account to collect data (rather than a Domain Admin), Windows "Remote UAC" will often strip administrative tokens from the connection, resulting in an "RPC Server is Unavailable" or "Access Denied" error.

Disabling Remote UAC is not recommended for security reasons. However, if it is necessary for the ADC to function, you must set the following registry entry to 1. If the entry does not exist, you must create it

  1. Open Registry Editor (regedit) on the target host.

  2. Navigate to: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System

    Note: A new registry key will be required if the file path does not exist. Please note that this will require administrative privileges.

  3. Right-click the System folder, select New, and then DWORD (32-bit) Value.

Step 7: Third-Party Endpoint Security (EDR/Antivirus)

Modern security suites (CrowdStrike, SentinelOne, Carbon Black) often have "Identity Protection" or "Network Threat Protection" modules that see WMI queries as "Lateral Movement" or "Scanning behavior" and silently drop the RPC connection.

  • The Check: Check the logs of the Antivirus/EDR on the Target Host to see if the ADC's IP address has been flagged or blocked.

  • The Fix: Whitelist the ADC IP address in the security console.

Validation Tool: WBEMTEST

To verify if the fix worked, run the Wbemtest tool from the ADC machine. The detailed steps are available in the Microsoft Article here:

  1. Type wbemtest in the Start menu.

  2. Click Connect.

  3. In the Namespace box, type: \\<Target_IP>\root\cimv2

  4. Enter the credentials used in Cloudamize.

  5. If you get "The RPC server is unavailable" here, the issue is still at the OS/Network level and not within the Cloudamize software.

If the issue persists, please capture a screenshot of the error output and collect the log_backup.txt file from the following directory on the Cloudamize Agentless DC:

C:\Program Files (x86)\CloudamizeAgentlessDc\log_backup.txt

Please attach both the screenshot and the log file in an email to helpdesk@cloudamize.com for further investigation.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close