Description
After applying new Venio licenses, services aren't starting or jobs are not being picked up. Alternatively, you are unable to stop, start, and/or restart services from the Distributed Services Manager.
Workaround
Remote into the servers and manually restart the services or perform a reboot of the services' server.
Understanding the Issue
This is likely due to remote RPC not being enabled or being blocked by firewalls or antivirus, or the service account used for venio not having sufficient permissions to run RPC commands. The "remote RPC Windows is not enabled" error typically occurs when attempting to manage services (like restarting them) on a remote Windows machine using tools like `sc.exe`, PowerShell, Venio, or other custom software. Venio relies on the Remote Procedure Call (RPC) protocol, which requires the RPC service to be running and Windows Firewall to allow inbound RPC traffic. If either is misconfigured, remote service management fails with errors like "RPC server is unavailable."
Below are step-by-step instructions to enable remote RPC on the target (remote) machine. These assume you're logged in as the venio service account, and that the service account is an administrator on that machine. Perform these changes on each remote machine as needed. After applying, test from your local machine while logged in as the venio service account (e.g., `sc \\<remote-hostname> query` to verify connectivity).
Step 1: Ensure the RPC Service is Running
The core RPC service (RpcSs) must be started and set to automatic startup.
1. Press `Win + R`, type `services.msc`, and press Enter.
2. Find Remote Procedure Call (RPC) in the list.
3. Right-click it > Properties.
4. Set Startup type to Automatic.
5. If it's not running, click Start.
6. Click OK and restart the machine if prompted.
This ensures the RPC endpoint mapper (port 135) listens for remote requests.
Step 2: Enable Windows Firewall Rules for Remote RPC
Windows Firewall blocks RPC by default for security. Enable the predefined rules for remote service management.
1. Press `Win + R`, type `wf.msc`, and press Enter (opens Windows Firewall with Advanced Security).
2. In the left pane, click Inbound Rules.
3. In the middle pane, search for and enable these rules (right-click > **Enable Rule**):
- Remote Service Management (RPC) – Allows dynamic RPC ports (1024–65535) for service control.
- Remote Service Management (RPC-EPMAP) – Allows the RPC endpoint mapper on TCP port 135.
4. If these rules aren't visible or enabled, you can create them:
- Right-click Inbound Rules > New Rule.
- Select Predefined > Remote Service Management > Next > Check both rules > Finish.
For domain-joined machines, these can also be managed via Group Policy (Computer Configuration > Policies > Windows Settings > Security Settings > Windows Firewall with Advanced Security).
Step 3: Additional Checks and Troubleshooting
- Permissions: Ensure the venio service account has administrative rights on the remote machine. Use `runas` or specify credentials in your software (e.g., `sc \\remote config <service> start= auto` with domain\username).
- Network Profile: These firewall rules apply to the correct profile (Domain/Private/Public). If on a public network, switch to Private for testing.
- Test Remotely: From your local machine, open Command Prompt as the venio service account and run:
```
sc \\<remote-hostname> query
```
If it lists services, RPC is working. To restart a specific service:
```
sc \\<remote-hostname> stop <service-name>
sc \\<remote-hostname> start <service-name>
```
- Dynamic Ports: If using a strict firewall, restrict RPC to a port range via registry (HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\Internet) – but only if needed, as it adds complexity.
- Common Pitfalls:
- Antivirus/third-party firewalls may block RPC; temporarily disable to test.
- If on Windows Server, ensure WinRM is configured if using PowerShell remoting (`Enable-PSRemoting -Force`).
- Reboot the remote machine after changes.
If these steps don't resolve it, provide more details like your Windows version, exact error message, or software used for further troubleshooting.
Comments
0 comments
Please sign in to leave a comment.