- The Netwrix Auditor System Health log (or Netwrix Auditor Windows Server Change Summary in Netwrix Auditor 6.5 or below) contains the following errors/warnings:
- <timestamp>: <server>: The following error occurred on agent installation: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA). Make sure that you have administrative priveleges, and the Windows Management Instrumentation (WMI) service is running on the target server.
- <timestamp>: <server>: The following error occurred when analyzing changes for server <server>. Agent operation failed due to the following error: Failed to update the agent on the following server: <server>.
- Netwrix Auditor Windows Server Change Summary contains the following errors/warnings:
- <timestamp>: <server>: The following error occurred when collecting data from the Microsoft-Windows-TaskScheduler/Operational log: Failed to open log 'Microsoft-Windows-TaskScheduler/Operational' (API used: Vista). Error details: The RPC server is unavailable. (Error number: 0x800706BA)
- <timestamp>: <server>: The WMI Classes data provider failed to get the information on "Win32_<ClassName>" due to the following error: The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)
||The Windows Management Instrumentation (WMI) ports are blocked either by Windows Firewall service of the problematic machine or by the 3rd party Firewall between the Netwrix server and the problematic machine.
||To resolve your issue, perform the following steps:
- Disable the Windows Firewall service (or 3rd party Firewall) on the problematic server.
- Configure Windows Firewall service to allow inbound remote administration connections:
- Launch the Group Policy Object Editor snap-in (gpedit.msc) to edit the Group Policy object (GPO) that is used to manage the Windows Firewall settings in your organization.
- Navigate to Computer Configuration -> Administrative Templates -> Network -> Network Connections -> Windows Firewall, and then open either Domain Profile or Standard Profile, depending on the profile which you want to configure.
- Enable the following exception: "Allow inbound remote administration exception".
- If you use 3rd party Firewall, configure it to allow connections to the following TCP and UDP ports: 135, 445.