0x800706BA

Fix RPC Server Unavailable Error on Windows Domain Join

Network & Connectivity Intermediate 👁 0 views 📅 May 25, 2026

This error hits when a Windows client can't reach the domain controller's RPC service. Nearly always a DNS or firewall problem.

You're trying to join a Windows 10 or Windows Server machine to a domain, and halfway through you get: "The RPC server is unavailable" (0x800706BA). This usually happens when the client can't connect to the Domain Controller's RPC endpoint mapper on port 135, or the DC itself isn't reachable.

I see this most often right after typing the domain name and clicking OK. The client tries to find a DC via DNS, fails, then bombs out. Another classic trigger: you're on a VPN or a different subnet than the DC, and some firewall or routing rule blocks the RPC traffic.

Root Cause

RPC relies on a bunch of ports. The client first hits port 135 to ask the DC "Where do I talk for domain operations?" The DC replies with a random high port (usually > 49152). If the client can't reach either port — or DNS gives it the wrong DC IP — you get this error.

Nine times out of ten, the culprit is DNS. The client uses its configured DNS server to find the DC's SRV records. If that DNS server doesn't know about your domain, or returns stale data, the client can't connect. Firewalls are second on the list — especially on the DC itself or in the network path.

Step-by-Step Fix

1. Check DNS Resolution on the Client

Open cmd as admin and run:

nslookup yourdomain.com
nslookup _ldap._tcp.dc._msdcs.yourdomain.com

The first command should return the DC's IP. The second should return a list of DCs with their SRV records. If you get server failed or a wrong IP, your DNS is broken.

Fix: Set the client's DNS server to the DC's IP address. On the client's network adapter, go to IPv4 properties and set the preferred DNS to the DC's IP. Don't use 8.8.8.8 or your ISP's DNS — they don't know about your internal domain.

# Quick way via PowerShell
Set-DnsClientServerAddress -InterfaceAlias "Ethernet" -ServerAddresses "192.168.1.10"

2. Verify Connectivity to the DC

From the client, ping the DC by IP and by hostname. If the ping fails by hostname but works by IP, that's a DNS problem again. If both fail, you've got a routing or firewall issue.

ping 192.168.1.10
ping dc01.yourdomain.com

Also test port 135:

telnet 192.168.1.10 135

If the cursor just blinks, you connected. If it says "Could not open connection," the port is blocked.

3. Disable the Firewall Temporarily for Testing

On the client, turn off Windows Firewall:

netsh advfirewall set allprofiles state off

Try the domain join again. If it works, you need to add RPC exceptions to the firewall. The standard rules are:

  • Allow inbound TCP port 135
  • Allow RPC dynamic ports (usually TCP 49152-65535)

On the DC, make sure the Remote Desktop and File and Printer Sharing firewall rules are enabled — they open the needed ports.

4. Check the DC's RPC Service and Ports

On the DC, open services.msc and verify the Remote Procedure Call (RPC) and RPC Endpoint Mapper services are running. They almost always are, but I've seen malware kill them.

From the DC, run:

netstat -an | findstr :135

You should see LISTENING on 0.0.0.0:135. If not, restart the RPC service — but be careful, it'll take down other services.

5. Use PowerShell Directly for Domain Join

Sometimes the GUI wizard is flaky. Try the command line instead:

Add-Computer -DomainName "yourdomain.com" -Credential (Get-Credential) -Restart

This bypasses some GUI-specific RPC calls. If this works but the GUI didn't, you know it's a client-side issue.

What to Check If It Still Fails

If you've done all that and still get the error, here's the short list of remaining suspects:

  • Time Sync: The client's clock must be within 5 minutes of the DC's. Check with w32tm /query /status. Fix with w32tm /resync.
  • Network Profile: The client network must be set to Domain or Private, not Public. Public profiles block RPC by default.
  • IPv6: Disable IPv6 on the client's adapter temporarily. I've seen IPv6 DNS records cause issues in mixed environments.
  • VPN or Proxy: If you're remote, make sure the VPN grants access to the DC's subnet. No split tunneling that excludes the DC.
  • Antivirus: Turn off AV real-time scanning for 5 minutes and test. Some AV firewalls block RPC ports.

Last resort: reboot both the client and the DC. It shouldn't matter, but I've seen RPC mapping tables get corrupted. A cold restart clears them.

Was this solution helpful?

RPC server unavailable 0x800706BA domain join error DNS misconfiguration Windows firewall RPC SMB blocked port 445 DC discovery failure workgroup to domain fix Windows 10 domain join Server 2022 RPC error