|
| 1 | +--- |
| 2 | +title: Status Code 0x6bf or 0xc002001c |
| 3 | +description: Provides troubleshooting steps for resolving the remote procedure call (RPC) status code 0x6bf or 0xc002001c when you join a workgroup computer to a domain. |
| 4 | +ms.date: 04/24/2025 |
| 5 | +manager: dcscontentpm |
| 6 | +audience: itpro |
| 7 | +ms.topic: troubleshooting |
| 8 | +ms.reviewer: kaushika, raviks, herbertm, dennhu, eriw, v-lianna |
| 9 | +ms.custom: |
| 10 | +- sap:active directory\on-premises active directory domain join |
| 11 | +- pcy:WinComm Directory Services |
| 12 | +--- |
| 13 | +# Status code 0x6bf or 0xc002001c: The remote procedure call failed and did not execute |
| 14 | + |
| 15 | +This article provides troubleshooting steps for resolving the remote procedure call (RPC) status code 0x6bf or 0xc002001c when you join a workgroup computer to a domain. |
| 16 | + |
| 17 | +When you join a workgroup computer to a domain, you receive the following error message: |
| 18 | + |
| 19 | +> The remote procedure call failed and did not execute. |
| 20 | +
|
| 21 | +When you check the **NetSetup.log** file, you see the following entries. For example: |
| 22 | + |
| 23 | +```output |
| 24 | +NetpGetLsaHandle: LsaOpenPolicy on \\<DC name>.<domain>.<tld> failed: 0xc002001c |
| 25 | +NetpGetLsaPrimaryDomain: status: 0xc002001c |
| 26 | +NetpJoinDomain: initiaing a rollback due to earlier errors |
| 27 | +NetpJoinDomain: status of disconnecting from '\\<DC name>.<domain>.<tld>': 0x0 |
| 28 | +NetpDoDomainJoin: status: 0x6bf |
| 29 | +``` |
| 30 | + |
| 31 | +## Network device rejects network packets |
| 32 | + |
| 33 | +This error occurs when a network device (router, firewall, or virtual private network (VPN) device) rejects network packets between the client being joined and the domain controller (DC). |
| 34 | + |
| 35 | +Error 0x6ba (RPC_S_SERVER_UNAVAILABLE) is different. When error 0x6ba occurs, the device can't create the TCP session to the server port. Error 0x6bf indicates that the TCP session can be created, but the RPC request message can't be delivered successfully, and the TCP session is reset. |
| 36 | + |
| 37 | +Another variation of an RPC network session problem is error 0x6be (RPC_S_CALL_FAILED). In this case, the RPC request message can be delivered, but the TCP session is reset before the response is received. |
| 38 | + |
| 39 | +## Verify and test the connection |
| 40 | + |
| 41 | +To troubleshoot this issue, use the following steps: |
| 42 | + |
| 43 | +1. Verify the connectivity between the client being joined and the target DC over the required ports and protocols. |
| 44 | + |
| 45 | + |Server port |Service/Protocol | |
| 46 | + |---------|---------| |
| 47 | + |Transmission Control Protocol (TCP) 135 |RPC Endpoint Mapper | |
| 48 | + |TCP 49152 - 65535 |RPC (dynamic ports allocation) | |
| 49 | + |TCP 445 |Server Message Block (SMB) | |
| 50 | + |User Datagram Protocol (UDP)/TCP 389 |Lightweight Directory Access Protocol (LDAP) | |
| 51 | + |
| 52 | + Refer to the list of required ports in [How to configure a firewall for Active Directory domains and trusts](config-firewall-for-ad-domains-and-trusts.md). |
| 53 | + |
| 54 | +2. Test the connection between the client and the DC by running the following cmdlet: |
| 55 | + |
| 56 | + ```powershell |
| 57 | + Test-NetConnection <IP_address_of_the_DC> -Port 389 |
| 58 | + ``` |
| 59 | +
|
| 60 | + The expected output is shown as follows: |
| 61 | +
|
| 62 | + ```output |
| 63 | + ComputerName : <ComputerName> |
| 64 | + RemoteAddress : <RemoteAddress> |
| 65 | + RemotePort : 389 |
| 66 | + InterfaceAlias : Ethernet 2 |
| 67 | + SourceAddress : <SourceAddress> |
| 68 | + TcpTestSucceeded : True |
| 69 | + ``` |
| 70 | +
|
| 71 | + The output indicates that the LDAP port TCP 389 is open between the client and the DC. |
| 72 | +
|
| 73 | +3. Identify if a port (TCP/UDP) is blocked on a DC by using the [PortQry](https://www.microsoft.com/download/details.aspx?id=17148) command-line tool. For more information, see [Using the PortQry command-line tool](../networking/portqry-command-line-port-scanner-v2.md). |
| 74 | +
|
| 75 | + Here are some example syntaxes: |
| 76 | +
|
| 77 | + - `portqry -n <problem_server> -e 135` |
| 78 | + - `portqry -n <problem_server> -e 445` |
| 79 | + - `portqry -n <problem_server> -e 389` |
| 80 | + - `portqry -n <problem_server> -p UDP -e 389` |
| 81 | + - `portqry -n <problem_server> -r 49152:65535` |
| 82 | +
|
| 83 | + Here are some example outputs: |
| 84 | +
|
| 85 | + If the connection to TCP 135 port on the DC is blocked, you see the following output: |
| 86 | +
|
| 87 | + ```output |
| 88 | + C:\PortQryV2>portqry -n dc2 -e 135 |
| 89 | + Querying target system called: |
| 90 | + Dc2 |
| 91 | + Attempting to resolve name to IP address… |
| 92 | + Name resolved to 192.168.1.2 |
| 93 | + querying... |
| 94 | + TCP port 135 <epmap service>: FILTERED |
| 95 | + ``` |
| 96 | +
|
| 97 | + If the connection to TCP 389 port on the DC is successful, you see the following output: |
| 98 | +
|
| 99 | + ```output |
| 100 | + C:\PortQryV2>portqry -n dc2 -e 389 |
| 101 | + Querying target system called: |
| 102 | + Dc2 |
| 103 | + Attempting to resolve name to IP address… |
| 104 | + Name resolved to 192.168.1.2 |
| 105 | + querying... |
| 106 | + TCP port 389 <ldap service>: LISTENING |
| 107 | + ``` |
| 108 | +
|
| 109 | +To determine if there are any further network connectivity problems, collect a network trace if necessary when reproducing the issue. You can use `netsh trace` to generate an ETL file, and [convert the ETL file to a PCAP file](https://techcommunity.microsoft.com/blog/coreinfrastructureandsecurityblog/converting-etl-files-to-pcap-files/1133297), which Wireshark can read. |
0 commit comments