Microsoft KB Archive/839880

= How to troubleshoot RPC Endpoint Mapper errors =

Article ID: 839880

Article Last Modified on 3/16/2007

-

APPLIES TO


 * Microsoft Windows Server 2003, Web Edition
 * Microsoft Windows Server 2003, Standard Edition (32-bit x86)
 * Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
 * Microsoft Windows Server 2003, Datacenter Edition (32-bit x86)
 * Microsoft Windows 2000 Server
 * Microsoft Windows 2000 Professional Edition
 * Microsoft Windows 2000 Datacenter Server
 * Microsoft Windows 2000 Advanced Server
 * Microsoft Windows XP Professional

-





SUMMARY


You may experience RPC Endpoint Mapper errors when you use specific tools and utilities that are available in the Support folder of the Microsoft Windows Server CD-ROM, available as part of a Windows Server Resource Kit, or available on the Microsoft Web site. These errors can help you troubleshoot RPC Endpoint Mapper issues.

The symptoms that are described in this article do not represent every possible scenario that may result when RPC does not function correctly. RPC is used by several components in Windows Server 2003 and Windows 2000 Server, such as the File Replication Service (FRS), Active Directory Replication, Certificate services, DCOM, Microsoft Message Queuing (also known as MSMQ), and MAPI. Therefore, a variety of errors and symptoms may occur when RPC does not function correctly.



Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:

256986 Description of the Microsoft Windows Registry



IN THIS TASK

 * INTRODUCTION
 * MORE INFORMATION
 * The Dcdiag tool
 * The Netdiag tool
 * The Repadmin tool
 * The Ntdsutil tool
 * The Gpotool tool
 * Event Viewer
 * The Dcpromo tool
 * The Active Directory Migration Tool
 * How to resolve RPC Endpoint Mapper errors
 * REFERENCES



INTRODUCTION
This step-by-step article describes how to troubleshoot Remote Procedure Call (RPC) Endpoint Mapper errors in Windows Server 2003 and Windows 2000 Server by using tools and utilities that are available in the Support folder of the Windows Server 2003 or Windows 2000 Server CD-ROM or that are available as part of the Windows Server 2003 Resource Kit or the Windows 2000 Server Resource Kit. Remote Procedure Call is a protocol that is used by the Windows operating system. RPC provides an inter-process communication mechanism that allows a program running on one computer to run code on a remote system.

In certain situations, when you try to force Active Directory replication by using Active Directory Sites and Services, when you try to promote an additional domain controller by using the Dcpromo tool, or when you run netdom query fsmo from a command line, you may receive an error message that is similar to the following:

There are no more endpoints available from the endpoint mapper.

Other symptoms may include:  When you try to log on to the domain, you may receive an error message that is similar to the following:

The system cannot log you on to this domain because the system's computer account in its primary domain is missing or the password on that account is incorrect.

 You cannot open Group Policy snap-ins. When you try to open Active Directory Administrative Tools, such as Active Directory Users and Computers or Active Directory Sites and Services, you may receive the following error message:

The specified domain either does not exist or could not be contacted.

 You cannot browse the domain in Network Neighborhood. You receive the following error message when you try to map drives or view resources on a remote server:

Access denied.

 File Replication Service (FRS) may be slow or fail completely. For example, the Sysvol folder may fail to replicate between domain controllers. When this occurs, you may receive a message similar to the following in the Ntfrs_000<x>.log files:

RPC Unavailable

</li> Microsoft Outlook may fail when connecting to a Microsoft Exchange server. When this occurs, you may receive username and password prompts when you open Outlook. When you enter valid credentials, you may receive an error message similar to the following:

Your logon information is incorrect

-OR-

Outlook could not logon.

</li> Also, when you click Check Name while creating a new mail account in Outlook, you may receive an error similar to the following:

The name could not be resolved. The name could not be matched to a name in the address list.

</li></ul>

Note If you use a network capture program, such as Network Monitor, to capture network traffic, the computer may not receive a response when it tries to establish an RPC session to another computer by using any port greater than 1024. The sending computer uses the Universal Unique Identifier (UUID) for the RPC Endpoint Mapper. The UUID for the RPC Endpoint Mapper is E1AF8308-5D1F-11C9-91A4-08002B14A0FA.

back to the top

<div class="moreinformation_section">

The Dcdiag tool
The Dcdiag tool analyzes the state of domain controllers in a forest or in an enterprise and reports any problems to help in troubleshooting. You can use the Dcdiag tool to help troubleshoot RPC Endpoint Mapper errors when you run the Dcdiag tool. To do this, follow these steps:
 * 1) Click Start, click Run, type cmd in the Open box, and then click OK.
 * 2) Type dcdiag, and then press ENTER.

If RPC Endpoint Mapper problems exist, the Dcdiag tool may respond with error messages that are similar to the following:

The replication generated an error (1753): There are no more endpoints available from the endpoint mapper.

DsBindWithSpnEx failed with error 1753, There are no more endpoints available from the endpoint mapper.

Directory Binding Error 1753: There are no more endpoints available from the endpoint mapper.

DsBind failed with error 1753, There are no more endpoints available from the endpoint mapper.

DsBindWithSpnEx failed with error 1722, The RPC server is unavailable.

DsBindWithCred failed with error 1753. There are no more endpoints available from the endpoint mapper.

Status is 1722: The RPC server is unavailable.

back to top

The Netdiag tool
You can use the Netdiag tool to help isolate networking and connectivity problems. You can use the Netdiag tool to help troubleshoot RPC Endpoint Mapper problems. To do this, follow these steps:
 * 1) Click Start, click Run, type cmd in the Open box, and then click OK.
 * 2) Type netdiag, and then press ENTER.

If RPC Endpoint Mapper problems exist, the Netdiag tool may respond with error messages that are similar to the following:

[WARNING] Failed to query SPN registration on DC. .

Kerberos test. . . . . . . . . . . : Skipped Your logon domain isn't running Kerberos. (<Domainname>\Administrator) Kerberos cannot be tested.

DC list test. . . . . . . . . . . : Failed [WARNING] Cannot call DsBind to. .intranet (10.55.0.110). [EPT_S_NOT_REGISTERED]

Trust relationship test. . . . . . : Failed Test to ensure DomainSid of domain ' ' is correct. [FATAL] Secure channel to domain ' ' is broken. [ERROR_ACCESS_DENIED]

back to top

The Repadmin tool
You can use the Repadmin tool for Active Directory replication, for troubleshooting Active Directory replication problems, and for troubleshooting RPC Endpoint Mapper problems. To do this, follow these steps:
 * 1) Click Start, click Run, type cmd in the Open box, and then click OK.
 * 2) Type Repadmin /bind, and then press ENTER.

If RPC Endpoint Mapper problems exist, the Repadmin tool may respond with an error message that is similar to the following:

DsBindWithCred to localhost failed with status 1753 (0x6d9): There are no more endpoints available from the endpoint mapper.

back to top

The Ntdsutil tool
Enterprise and domain administrators can use the Ntdsutil tool to manage and repair Active Directory, and to help troubleshoot RPC Endpoint Mapper problems. To help troubleshoot RPC Endpoint Mapper problems, follow these steps:
 * 1) Click Start, click Run, type cmd in the Open box, and then click OK.
 * 2) Type NTDSUtil ?, and then press ENTER.
 * 3) At the ntdsutil: prompt, type Metadata cleanup, and then press ENTER.
 * 4) At the metadata cleanup: prompt, type Connections, and then press ENTER.
 * 5) At the Connections: prompt, type Connect to server localhost, and then press ENTER.

If RPC Endpoint Mapper Problems exist, the Ntdsutil tool may respond with an error message that is similar to the following:

DsBindW error 0x6d9 (There are no more endpoints available from the endpoint mapper.)

back to top

The Gpotool tool
You can use the Gpotool tool to check the consistency of Group Policy objects on domain controllers. The Gpotool tool is contained in the Windows Server 2003 Resource Kit. You can download the Windows Server 2003 Resource Kit by visiting the following Microsoft Web site:

http://www.microsoft.com/downloads/details.aspx?FamilyID=9d467a69-57ff-4ae7-96ee-b18c4790cffd&amp;DisplayLang=en

After you have installed the Resource kit, you can use the Gpotool tool to help troubleshoot RPC Endpoint Mapper problems. To do this, follow these steps:
 * 1) Click Start, point to Programs, click Windows Resource Kit Tools, and then click Command Shell.
 * 2) Type gpotool, and then press Enter.

If RPC Endpoint Mapper Problems exist, the Gpotool tool may respond with an error messages that are similar to the following:

GPOTOOL: e ERROR: GetDCList; DsBindW; hr=800706d9; There are no more endpoints available from the endpoint mapper.

GPOTOOL: + ; Line:728

GPOTOOL: e ERROR: GetDCList; GetDCList failed; hr=800706d9; There are no more endpoints available from the endpoint mapper.

GPOTOOL: + File: ; Line:644

back to top

Event Viewer
The following events may be logged on a domain client, on a member server, or on a domain controller when RPC does not function correctly:

Event ID: 1053

Event Source: Userenv

Description: Windows cannot determine the user or computer name. (There are no more endpoints available from the endpoint mapper. ). Group Policy processing aborted.

Event ID: 1000

Event Source: Userenv

Description: Windows cannot determine the user or computer name. Return value (1753). :

Event ID: 1168

Source: NTDS General

Description: Error -1073741823(c0000001) has occurred (Internam ID 3000b35). Please contact Microsoft Product Support Services for assistance.

Event ID: 1265

Source: NTDS KCC

Description: The attempt to establish a replication link with parameters Partition: CN=Configuration,DC=contoso,DC=com Source DSA DN: CN=NTDS Settings,CN= ,CN=Servers,CN= ,CN=Sites,CN=Configuration,DC=contoso,DC= Source DSA Address: 70863dce-1031-47ea-a567-2f46212dd361._msdcs.securityroot.com Inter-site Transport (if any): CN=IP,CN=Inter-Site Transports,CN=Sites,CN=Configuration,DC=securityroot,DC=net failed with the following status: There are no more endpoints available from the endpoint mapper. The record data is the status code. This operation will be retried.

Event ID: 1656

Event Source: NTDS General Event

Description: The Directory Service was unable to find any RPC protocol sequences installed on this computer, failing with error 1719. The Directory Service will be unable to respond to any RPC requests as long as this condition persists.

Event ID: 10010

Event Source: DCOM

Description: The server {8BC3F05E-D86B-11D0-A075-00C04FB68820} did not register with DCOM within the required timeout.

Event ID: 4097

Event Source: EventSystem

Description: The COM+ Event System detected a bad return code during its internal processing. HRESULT was 80070005 from line 42 of .\eventsystemobj.cpp. Please contact Microsoft Product Support Services to report this error.

Event ID: 1012

Event Source: Winlogon

Description: The automatic certificate enrollment subsystem could not access local resources needed for enrollment. Enrollment will not be performed. (0x800706d9) There are no more endpoints available from the endpoint mapper.

On an enterprise certification authority server, or on a subordinate certification authority server, an event that is similar to the following may be logged:

Event ID: 20

Event Source: KDC

Description: The currently selected KDC certificate was once valid, but now is invalid and no suitable replacement was found. Smartcard logon may not function correctly if this problem is not remedied. Have the system administrator check on the state of the domain's public key infrastructure. The chain status is in the error data.

back to top

The Dcpromo tool
The Active Directory Installation Wizard (Dcpromo.exe) promotes Windows Server-based computers to be domain controllers. When the Dcpromo tool fails because of RPC problems, error messages that are similar to the following may appear in the DCPromo.log file.

Note The Dcpromo.log file is located in the %windir%\Debug folder.

02/07 21:08:48 [INFO] Error - The Directory Service failed to create the object CN= ,CN= ,CN= ,DC= ,DC=. Please check the event log for possible system errors. (1753) 02/07 21:08:49 [INFO] NtdsInstall for  returned 1753 02/07 21:08:49 [INFO] DsRolepInstallDs returned 1753 02/07 21:08:49 [ERROR] Failed to install the directory service (1753)

10/03 10:13:17 [INFO] Error - The Directory Service failed to create the server object for CN=NTDS Settings,CN= ,CN=Servers,CN= ,CN=Sites,CN=Configuration,DC= ,DC= on server   Please ensure the network credentials provided have sufficient access to add a replica. (1753) 10/03 10:13:17 [INFO] NtdsInstall for  returned 1753 10/03 10:13:17 [INFO] DsRolepInstallDs returned 1753 10/03 10:13:17 [ERROR] Failed to install to Directory Service (1753)

06/20 16:41:27 [INFO] Error - The initial LDAP connection to server  failed. (58) 06/20 16:41:27 [INFO] NtdsInstall for  returned 58 06/20 16:41:27 [INFO] DsRolepInstallDs returned 58 06/20 16:41:27 [ERROR] Failed to install the directory service (58)

06/21 11:49:57 [INFO] Error - The Directory Service failed to replicate the partition CN=Schema,CN=Configuration,DC=... (1722) 06/21 11:49:59 [INFO] NtdsInstall for  returned 1722 06/21 11:49:59 [INFO] DsRolepInstallDs returned 1722 06/21 11:49:59 [ERROR] Failed to install the directory service (1722)

06/21 17:08:41 [INFO] NtdsInstall for  returned 1753 06/21 17:08:41 [INFO] DsRolepInstallDs returned 1753 06/21 17:08:41 [ERROR] Failed to install the directory service (1753)

Note These error codes represent the following:
 * Error code 58 represents &quot;The specified server cannot perform the requested operation.&quot;
 * Error code 1722 represents &quot;The RPC server is unavailable.&quot;
 * Error code 1753 represents &quot;There are no more endpoints available from the endpoint mapper.&quot;

Additionally, the DCPromoUI.log may report an error message that is similar to the following:

dcpromoui t:0x0C4 01335 Enter State::SetFailureMessage The operation failed because: The Directory Service failed to create the object CN= ,CN=Partitions,CN=Configuration,DC= ,DC=.

back to top

The Active Directory Migration Tool
The Active Directory Migration Tool (ADMT) may generate events that are similar to the following in the Event Viewer on the computer where the ADMT is run: Event ID: 1540

Event Source: NTDS Replication

Description: Error 1753, DSID 11a05b1, adding SID to object ?.

The log from Clonepr.vbs from %windir%\debug appears as follows:

<pre class="fixed_text">clonepr t:0x5CC 00254       HRESULT = 0x800706D9

clonepr t:0x5CC 00255       Enter GetErrorMessage 800706D9

clonepr t:0x5CC 00256       Exit  GetErrorMessage 800706D9

clonepr t:0x5CC 00257       Enter SetComError Failed to add the source SID to the destination object's SID history. The error was: &quot;There are no more endpoints available from the endpoint mapper. &quot;

clonepr t:0x5CC 00258       Exit  SetComError Failed to add the source SID to the destination object's SID history. The error was: &quot;There are no more endpoints available from the endpoint mapper. &quot;

back to top

How to resolve RPC Endpoint Mapper errors
Warning If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.

The &quot;No more endpoints available&quot; error message means the RPC Endpoint Mapper was not able to use a port greater than 1024 for a service that runs over RPC.

Note RPC Endpoint Mapper runs on port 135.

RPC can use ports up to 65535. By default, all versions of Windows use only ports 1024-5000. To repair the RPC Endpoint Mapper, follow these steps: <ol> Verify the status and startup type for the following services on the server that gets the error:

If you make any changes to the RPC service or to the RPC Locator service settings, restart the computer, and then test for the problem again.</li>  Verify the following keys exist in the registry:

Microsoft Windows XP and Microsoft Windows 2000
Verify the ClientProtocols key exists under the  key and that the ClientProtocols key contains at least the following 5 default values: <ul> ncacn_http REG_SZ rpcrt4.dll</li> ncacn_ip_tcp REG_SZ rpcrt4.dll</li> ncacn_nb_tcp REG_SZ rpcrt4.dll</li> ncacn_np REG_SZ rpcrt4.dll</li> ncacn_ip_udp REG_SZ rpcrt4.dll</li></ul>

Microsoft Windows NT 4.0
Verify the ClientProtocols key exists under the  key and that the ClientProtocols key contains at least the following 6 default values: <ul> ncacn_np REG_SZ rpcltcl.dll</li> ncalrpc REG_SZ ncalrpc</li> ncacn_ip_tcp REG_SZ RpcLtCcm.dll</li> ncadg_ip_udp REG_SZ RpcLtCcm.dll</li> ncadg_nb_tcp REG_SZ rpcltccm.dll</li> ncacn_http REG_SZ rpcltccm.dll</li></ul>

Microsoft Windows 98
Verify the ClientProtocols key exists under the  key and that the ClientProtocols key contains at least the following 4 default values: <ul> <li>ncacn_np REG_SZ rpcltcl.dll</li> <li>ncalrpc REG_SZ ncalrpc</li> <li>ncacn_ip_tcp REG_SZ rpcltc3.dll</li> <li>ncacn_http REG_SZ rpcltccm.dll</li></ul>

For more information about related topics, click the following article number to view the article in the Microsoft Knowledge Base:

325930 How to troubleshoot connectivity issues that are caused by RPC client protocol registry entries

To verify the client registry settings, follow these steps: <ol style="list-style-type: lower-alpha;"> <li>Click Start, click Run, type regedit in the Open box, and then click OK.</li> <li>In Registry Editor, locate the following sub key:

</li> <li>Make sure the five default values listed earlier are present. If some or all the values are missing, you can manually add the missing values when you right-click ClientProtocols, click New, and then click String value.</li></ol> </li> <li>Verify that DNS is working correctly. To do this, follow these steps: <ol style="list-style-type: lower-alpha;"> <li>On the computer that is experiencing error, click Start, click Run, type cmd in the Open box, and then click OK.</li> <li>From the command line, type Netdiag -v or type ping -a to make sure the host record is resolving to the correct computer.</li></ol> </li> <li>Verify that ports greater than 1024 are not blocked. Clients connect to RPC Endpoint Mapper on port 135. RPC Endpoint Mapper then tells the client which randomly assigned port between 1024-65535 a requested service is listening on. The ports may be blocked by a hardware firewall, a Internet Connection Firewall on Windows Server 2003-based computer and on a Windows XP-based computer, third-party firewall software, or antivirus software that has firewall functionality built-in. By default, port 135 TCP/UDP and ports 1024-65535 TCP must be open for RPC to work. However, you can restrict the ports greater than 1024 that RPC uses. However, RPC Endpoint Mapper is always on port 135.

You can also use the Portqry tool to verify that the required ports are open. You must run the Portqry tool on a computer that is not receiving any RPC errors against a computer that is receiving RPC errors by using the -n switch. To this, follow these steps: <ol style="list-style-type: lower-alpha;"> <li>Click Start, click Run, type cmd in the Open box, and then click OK.</li> <li> Type portqry -n  -e 135.

The output will appear similar to the following examples: <pre class="fixed_text">Querying target system called:

problem_server

Attempting to resolve name to IP address...

Name resolved to 169.254.1.1

querying...

problem_server

TCP port 135 (epmap service): LISTENING

Using ephemeral source port

Querying Endpoint Mapper Database...

Server's response:

UUID: f5cc59b4-4264-101a-8c59-08002b2f8426 NtFrs Service ncacn_ip_tcp:65.53.63.16[1094]

UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface ncacn_ip_tcp:65.53.63.16[1025]

UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface ncacn_http:65.53.63.16[1029]

UUID: e3514235-4b06-11d1-ab04-00c04fc2dcd2 MS NT Directory DRS Interface ncacn_http:65.53.63.16[6004] </li></ol>

If port 135 is blocked, the following will appear:

<pre class="fixed_text">TCP port 135 (epmap service): NOT LISTENING

However, for these RPC Endpoint Mapper errors it is likely that ports greater than 1024 are blocked, and not port 135. From the output, you know the DC is using port 1094 for FRS and 1025, 1029, and 6004 for Active Directory replication. You can use the Portqry tool again to check those ports. For example, you can test all the ports at the same time by using the Portqry tool with the -o switch. For example, type portqry -n  -o 1094,1025,1029,6004

If the ports all respond as &quot;LISTENING,&quot; its likely that blocked ports are not causing this problem. If any ports respond as &quot;NOT LISTENING,&quot; the ports are probably blocked.</li> <li>You can use the three REG_DWORD values that can be added to the  subkey to help solve the RPC problem.

Note None of the entries exist by default. <ul> <li>MaxUserPort

This entry makes more ports available.</li> <li>TcpTimedWaitDelay

Reducing this value from its default setting of 240 seconds will make ports expire sooner. This parameter determines the length of time that a connection stays in the TIME_WAIT state when it is being closed. While a connection is in the TIME_WAIT state, the socket pair cannot be reused. This is also known as the 2MSL state because the value should be double the maximum segment lifetime on the network. See RFC 793 for more details.</li> <li>TcpMaxDataRetransmissions

The default value is 5. You may try 4 or 3, but do not try a value that is less than 3. This parameter controls the number of times that TCP retransmits an individual data segment (not connection request segments) before aborting the connection. The retransmission time-out is doubled with each successive retransmission on a connection. It is reset when responses resume. The Retransmission Timeout (RTO) value is dynamically adjusted by using the historical measured round-trip time (Smoothed Round Trip Time, or SRTT) on each connection. The starting RTO on a new connection is controlled by the TcpInitialRtt registry value.</li></ul> </li> <li>If the  registry key exists and has no values listed, then RPC only has one port available. By default, this registry key does not exist and if there are no values listed under this key, delete this key and then restart the server.</li></ol>

Note Other software programs may also cause RPC Endpoint Mapper errors, such as the following:
 * Noblenet Portmapper.

This utility requires a host file pointing to itself to work correctly. Editing the host file may resolve the issue.
 * BMC Patrol agent software using the AD Knowledge Module (KM).

In this case, update to the latest version, at least 1.4.01.
 * Incompatible network adapter drivers.

In this case, upgrade to the latest Windows Hardware Quality Labs (WHQL) signed driver version.

back to top

<div class="references_section">