Certificate enrollment fails with error: 0x800706ba the RPC server is unavailable

In my situation, this error was caused by insufficient permissions. Basically the “fix” was to make sure that the Authenticated Users and Domain Controllers groups were added to the Builtin/Certificate Service DCOM Access group and that the following groups: INTERACTIVE, Domain Users, and Authenticated Users were all members of the Builtin/Users group. For reference, this was happening on two Windows Server 2012 Domain Controllers — one was the CA and the other (the one that produced the error) was trying to request a new certificate.

Problem with using ExpressMaint with Microsoft SQL Express 2012

If you are trying to use ExpressMaint with Microsoft SQL Express 2012 or later, you will most likely run across the following error:

Unhandled Exception: System.IO.FileNotFoundException: Could not load file or assembly 'Microsoft.SqlServer.Smo, Version=10.0.0.0, Culture=neutral, PublicKeyToken=89845dcd8080cc91' or one of its dependencies. The system cannot find the file specified.

This is easily repaired by installing the following items from the Microsoft® SQL Server® 2008 R2 SP2 Feature Pack:

  • Microsoft® System CLR Types for SQL Server® 2008 R2 (SQLSysClrTypes_x86.msi)
  • Microsoft® SQL Server® 2008 R2 Shared Management Objects (SharedManagementObjects_x86.msi)

Configure Windows Server 2008/2012 To Sync With Internet Time Servers



Question: There is no “Internet Time” tab in the date/time dialog box on Windows Server, is it still possible to configure the server to use NTP? If so, how?

Answer: Yes, as far as I know, you have to do this from the command prompt. Here’s how:

net stop w32time
w32tm /config /syncfromflags:manual /manualpeerlist:"time-a.nist.gov, time-b.nist.gov, time-c.nist.gov, time-d.nist.gov"
w32tm /config /reliable:yes
net start w32time

That will configure the time service to sync with the list of servers (time-*.nist.gov in the above example) and it also tells the server that it is a reliable time source that client machines on your domain can sync with. In other words, these steps configure the server as an NTP server in addition to configuring it to sync with Internet time servers. If you do not want that functionality, do not run the following command:

w32tm /config /reliable:yes

If you need to view the NTP configuration, type the following command from a prompt:

w32tm /query /configuration

This produces the following output:

[Configuration]

EventLogFlags: 2 (Local)
AnnounceFlags: 5 (Local)
TimeJumpAuditOffset: 28800 (Local)
MinPollInterval: 6 (Local)
MaxPollInterval: 10 (Local)
MaxNegPhaseCorrection: 172800 (Local)
MaxPosPhaseCorrection: 172800 (Local)
MaxAllowedPhaseOffset: 300 (Local)

FrequencyCorrectRate: 4 (Local)
PollAdjustFactor: 5 (Local)
LargePhaseOffset: 50000000 (Local)
SpikeWatchPeriod: 900 (Local)
LocalClockDispersion: 10 (Local)
HoldPeriod: 5 (Local)
PhaseCorrectRate: 7 (Local)
UpdateInterval: 100 (Local)


[TimeProviders]

NtpClient (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 1 (Local)
AllowNonstandardModeCombinations: 1 (Local)
ResolvePeerBackoffMinutes: 15 (Local)
ResolvePeerBackoffMaxTimes: 7 (Local)
CompatibilityFlags: 2147483648 (Local)
EventLogFlags: 1 (Local)
LargeSampleSkew: 3 (Local)
SpecialPollInterval: 3600 (Local)
Type: NTP (Local)
NtpServer: time-a.nist.gov, time-b.nist.gov, time-c.nist.gov, time-d.nist.gov (Local)

NtpServer (Local)
DllName: C:\Windows\system32\w32time.dll (Local)
Enabled: 1 (Local)
InputProvider: 0 (Local)
AllowNonstandardModeCombinations: 1 (Local)

VMICTimeProvider (Local)
DllName: C:\Windows\System32\vmictimeprovider.dll (Local)
Enabled: 0 (Local)

If you are still having trouble responding to NTP requests after following these steps, make sure that there are no firewalls blocking udp/123. After you’ve checked your firewall, confirm that your NTP server responds by running the following command on a different Windows machine:

w32tm /stripchart /computer:10.0.8.3 /samples:2

or:

w32tm /stripchart /computer:10.0.8.3 /dataonly /samples:2

In the following screenshot, I have run the two commands above, and then on the third execution, I attempt to query a server that does not exist, just so you can see what the output looks like if the client still can’t connect to your NTP server.

Querying an NTP server from another computer