Обнаружена следующая ошибка сервер rpc недоступен 0x800706ba

Вы можете столкнуться с ошибкой Сервер RPC недоступен (Исключение из HRESULT: 0x800706BA) / The RPC server is unavailable (Exception from HRESULT: 0x800706BA) при попытке подключения к удаленному компьютеру или серверу через определенную MMC оснастку управления, WMI инструмент, PowerShell WinRM или другой протокол удаленного управления.

Проще всего проверить доступность службы RPC на удаленном компьютере с помощью простого WMI запроса. В моем случае я попытаюсь опросить удалённый компьютер через WMI из консоли PowerShell.

Get-WmiObject Win32_ComputerSystem –ComputerName 192.168.0.114

На скриншоте, видно, что удаленный компьютер не доступен по RPC.

Get-WmiObject : Сервер RPC недоступен. (Исключение из HRESULT: 0x800706BA)
строка:1 знак:1
+ Get-WmiObject Win32_ComputerSystem –ComputerName 192.168.0.114
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [Get-WmiObject], COMException
+ FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

Что нужно проверить, чтобы исправить ошибку «Сервер RPC недоступен 0x800706BA»:

1. Проверьте, возможно вы указали неверный IP адрес / имя компьютера, или удаленный компьютер находится в состоянии выключения или еще только загружается.
2. Убедитесь, что на удаленном компьютере запушены службы Удаленный вызов процедур (RPC) (Remote Procedure Call (RPC) ) и Инструментарий управления Windows (Windows Management Instrumentation). Вы можете проверить статус служб с помощью команд: sc query Winmgmt и sc query rpcss. В том случае, если эти службы запущены команды вернут Состояние: 4 RUNNING. Если службы остановлены, запустите их командой: net start rpcss & net start Winmgmt
   
3. Возможно доступ к удаленному компьютеру через порты RPC блокируется на сетевом уровне файерволом (это очень распространённая причина). В том случае, если в вашей сети нет файерволов, попробуйте временно отключить Windows Firewall (а также антивирусы, т.к. файервол может быть встроен в них) на стороне клиента и сервера и проверить соединение. Дополнительно, для работы протокола RPC вы должны проверить доступность TCP порта 135 на стороне сервера. Проще всего это сделать командлетом Test-NetConnection: Test-NetConnection 192.168.1.15 -port 135. Если служба RPC включена и доступ к ней не блокируется межсетевым экранов, в строке TcpTestSucceeded будет указано True.
   

Если вы столкнулись с ошибкой «Сервер RPC недоступен 0x800706BA» при выполнении автоматической регистрации сертификата на контроллере домена или в центре сертификации, то при этом в журнале приложений сервера скорее всего присутствует такая ошибка:

Source: CertificateServicesClient-CertEnroll Event ID: 13

Certificate enrollment for Local system failed to enroll for a DomainController certificate with request ID N/A from mskCA.vmblog.ru mskCA (The RPC server is unavailable. 0x800706ba (WIN32: 1722))

Или

Source: CertificateServicesClient-AutoEnrollment EventID: 6
Automatic certificate enrollment for local system failed (0x800706ba) The RPC server is unavailable.

У данной проблемы может быть несколько вариантов решения, но в большинстве случае причина ошибки заключается в том, что у вашего сервера отсутствует доступ к DCOM на сервере со службой сертификации либо на DCOM установлены некорректные права.

1. Убедитесь, что в вашем домене AD с центром сертификации существует группа CERTSVC_DCOM_ACCESS или Certificate Service DCOM Access.
2. Добавьте в группу CERTSVC_DCOM_ACCESS/Certificate Service DCOM Access следующие доменные группы: Domain Users, Domain Controllers, Domain Computers.
3. Выполните обновление настроек безопасности DCOM на сервере с ролью центра сертификации с помощью команд:
   certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDATED_FLAG
net stop certsvc
net start certsvc
4. На хосте с развернутым центром сертификации проверьте разрешения во вкладке безопасность COM. Для указанной выше группы должны быть разрешены Удаленный доступ и Удаленная активация.

После этого попробуйте перезагрузить компьютер и проверить выдачу сертификата.

Remote Procedure Call (RPC) is a technology present since the emergence of computers and utilizes the interprocess communication technique. Its primary purpose is to enable a client and a server to communicate with each other over the network. Some users after completing an upgrade to a newer version of Windows 11/10 might notice that executing any remote command fails with the error message The RPC server is unavailable, Error 0x800706BA – prior to the upgrade these remote commands execute successfully. In this post, we will identify the potential causes and then provide the possible solutions that you can try to help remediate this issue.

The error message The RPC Server is unavailable can be triggered by any of the following:

• One or more services required by RPC are disabled.
• Remote assistance is disabled by the Firewall.
• IPV6 or File Printer Sharing is disabled.
• The IP address is crashing the RPC server.
• RPC services are disabled via Registry.

Read: How to troubleshoot Remote Procedure Call errors & problems.

If you are faced with this error, you can try the recommended solutions below.

1. Check RPC service on your computer
2. Enable Remote Desktop/Assistance in Firewall
3. Change Startup Selection from Selective startup to Normal startup
4. Enable IPV6 and File & Printer Sharing for the connected network
5. Flush DNS & Renew
6. Force RPC services to start using Registry Editor.
7. Other sugegstions.

Now, let’s delve into the detailed steps of these solutions.

1] Check RPC service on your computer

This solution implies that conflicts with other third-party applications or changing the system systems might force the RPC service to go from the default (Automatic) value to manual. This means that RPC might not start automatically when needed.

To check RPC service on your computer, do the following:

• Press Windows + R, type services.msc in the dialog box and hit Enter.
• Once in the Services window, search for the following processes:

Remote Procedure Call (RPC)

RPC Endpoint Mapper or Remote Procedure Call (RPC) Locator

DCOM Service Process Launcher

• Right-click on each service one by one and select Properties.
• Once in properties, make sure that the service is Started and the Startup type is set as Automatic.
• Save changes and exit.

Restart your computer and see if the issue is resolved.

2] Enable Remote Desktop/Assistance in Firewall

To allow Remote Assistance in firewall on your computer, do the following:

• Press Windows key + R, type control in the dialog box and hit Enter.
• Once the control panel pops up, type Firewall in the search bar at the top-right side of the window and hit Enter.
• From the results, click on Allow an app through Windows Firewall which is a subcategory underneath Windows Firewall.
• Click on Change settings and make sure that entries enforcing RPC are checked such as Remote Assistance.

Restart your computer and see if the issue is resolved.

3] Change Startup Selection from Selective startup to Normal startup

The selective startup is a booting method which allows your computer to turn on with a minimal number of items loaded. This is usually done when troubleshooting issues with your computer which might involve other third-party applications. However, whenever you boot using selective startup, your computer will also not load all the RPC components onto your computer. In this case, we will select the normal startup and see if this fixes the issue. Here’s how:

• Press Windows key + R, type msconfig in the dialog box and hit Enter.
• Once in the startup configuration, select the tab General and choose the option Normal startup.
• Click Apply > OK to save changes and exit.

You will be prompted for a restart. Restart immediately using the popped-up window and check if the error message is resolved.

4] Enable IPV6 and File & Printer Sharing for the connected network

In some cases, you might encounter the Error 1722: The RPC server is unavailable issue in instances where there’s a network connection interruption caused by one or multiple settings. In this case, enabling IPV6 and File & Printer Sharing for the connected network could resolve the issue. Do the following:

• Press Windows key + R and then type ncpa.cpl in the Run dialog box and hit Enter to open up the Network Connections window.
• Inside the Network Connections window, right-click on the network that you’re currently connected to and hit Properties.
• Once you get to the Properties of your network connection, go to the Networking tab and scroll down through the list of items.
• Locate File and Printer Sharing for Microsoft Networks and Internet Protocol Version 6 (TCP/IPv6) and make sure that both associated boxes are checked.
• Click Ok to save the changes.

Restart your computer and see if the issue is resolved at the next startup.

5] Flush DNS & Renew

This solution requires you to ensure that the services involved in the RPC connection are running (as outlined in solution 1 above) before you proceed to flush the DNS and renew the connection.

If you’re certain that the required services are running, then follow the instructions below to flush the DNS and renew the connection.

• Launch command prompt in elevated mode.
• Inside the elevated Command prompt, type the following command and hit Enter to flush the current IP Configuration:

ipconfig /flushdns

• Once the command is successfully registered, type the following command and hit Enter to renew the IP Configuration:

ipconfig /renew

Once the IP has been renewed, close the elevated Command Prompt and execute remote commands and see if the issue has been resolved.

6] Force RPC services to start using Registry Editor

To use Registry Editor to force RPC services to start, do the following:

• Launch Registry Editor.
• Inside the Registry Editor, use the left-hand pane to navigate to the following location:

HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRpcSs

• With the RpcSs key selected, move down to the right-hand pane and double-click on Start to edit its properties.
• In the properties box, set the Base to Hexadecimal and the Value data to 2.
• Click OK to enable the Remove Procedure Call (RPC).

Next, use the left-hand pane or the navigation bar at the top (paste the registry path and hit Enter) to navigate to this location:

ComputerHKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesDcomLaunch

• Once you get to that location, double-click on Start from the right-hand pane.
• Then, set the Base to Hexadecimal and the value data to 2.
• Click OK in order to enable the DCOM Server Process Launcher.

Lastly, navigate to the following location by using the navigation bar at the top or by using the left-hand pane:

ComputerHKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesRpcEptMapper

• Move over to the right-hand pane and double-click on Start.
• Then, set the Base to Hexadecimal and the Value Data to 2.
• Click OK.

Close the Registry Editor, restart your computer and see if the ‘The RPC server is unavailable’ issue has been resolved at the next system startup.

7] Other suggestions

• Check for incorrect DNS settings.
• Check for incorrect Time and Time zone settings.
• Ensure that TCP/IP NetBIOS Helper service is running.
• Ensure that Remote Registry service is running.

How do I enable RPC server?

Open Windows Service Manager, locate the Remote Procedure Call (RPC) service, and double-click on it to open it Properties. Ensure that its Startup type is set to Automatic. Click on the Start button to start the service.

The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

If you see The RPC server is unavailable. (Exception from HRESULT: 0x800706BA) error message then it could mean that either your RPC service is not working properly or that your RPC packets are blocked by firewall.

• Restart the Remote computer
• Run the following command to check if your Port 15 is open – Test-NetConnection -ComputerName MyComputer -Port 135
• Ensure that all the RPC Services are working OK
• Check your Firewall settings and logs and see if thr protocol is being blocked.

Similar error code: Windows Update error 0x800706ba

Check these related posts if you receive:

1. How to fix Remote Procedure Call errors & problems
2. The Remote Procedure Call Failed error for Microsoft Store apps
3. The Remote Procedure Call Failed while making PIN as Sign-in Option
4. The remote procedure call failed error while using DISM.

• 

  Ошибка RPC обычно означает неправильные настройки DCOM.

  Какая ось стоит на этих машинах? Domain или workgroup?

  Вот ссылка, проверь настройки DCOM на этих машинах:

  http://community.spiceworks.com/education/projects/Setting_The_Default_DCOM_Properties_And_Security

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  Да, все компьютеры в домене. Ось стоит в основном WinXP SP3, но есть несколько машин с WIN7. Эта проблема есть и на тех и на других. Настройки DCOM нормальные, проверял. и права на доступ к WMI тоже

  http://community.spiceworks.com/education/projects/Setting_The_Default_WMI_Namespace_Security

  где дальше копать?

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  C:UsersFNaumenko>wmic /user:»shbk.localAdministrator» /password:******* /nod

  e:10.250.168.20 systemenclosure get serialnumber

  Node — 10.250.168.20

  ERROR:

  Description = Сервер RPC недоступен.

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  Хорошо, для начала проверь следующий ключ регистра и на ХР и на семерке:

  HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsaforceguest

  должен быть 0.

  Плюс на семерке еще зайди в ветку

  HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem

  и измени либо создай, если нету, ключ LocalAccountTokenFilterPolicy, тип ключа DWORD и значение должно быть 1.

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  Строка слишком длинная — вот разбил на две:

  HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows

  CurrentVersionpoliciessystem

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  кажется проблема была в DNS.

  У меня на проблемных компьютерах не выполнялось условие

  «Nslookup desktopcomputername» = «Nslookup IP_address». 

  После удаления противоречивой записи в DNS удалось выполнить команды wmic на машине с XP. На счет WIN7 проверю завтра. Сегодня уже голова раскалывается. Возможно в том же проблема. Но в любом случаи спасибо за помощь!

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  Ага, понятно. DNS был у меня дальше по списку. =)

  Отлично! Напиши завтра в том же проблема была с Win7 или нет, если что, дальше будем разбираться.

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  Все проблемы разрешились. Появлялась ошибка  «Отказано в доступе. Windows #80070005»

  Исправил в локальных политиках безопасности на сервере домена параметр модель совместного доступа и безопасности на «обычная», за это еще отвечает

  ключ forceguest в регистре в ветке

  HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa

  Несмотря на то, что все компьютеры находятся в домене, почему-то стояла «гостевая».

  После этого почти все ошибки сканирования исчезли. Осталось всего пару машин, но думаю там я разберусь в чем дело. Возможно антивирус блокирует.

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  Рад, что все заработало. Будут еще вопросы — обращайся!

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  добрый день, у меня та же проблема, на всех машинах с семеркой ошибка «Сервер RPC недоступен. Windows #800706BA»

  совместный доступ обычный, с ДНСом все в порядке, AD сервер 2008

  на машинах с ХРшкой все работает, ключ «LocalAccountTokenFilterPolicy» создал, не помогает

  есть ещё какие-нибудь варианты ?

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  Илья, каким фаерволом пользуешься? Если Виндошным, то смотри здесь:

  http://community.spiceworks.com/education/projects/Windows_Firewall

  Также для общей информации:

  http://community.spiceworks.com/help/Resolving_Unknown_Devices

  В будущем, посоветую, создавать новый топик для вопроса, т.к. для старого вполне могут быть откулючены оповещения, т.е. просто можешь не дождаться ответа.

  
  Was this post helpful?
  thumb_up
  thumb_down
  

• 

  спасибо за статьи. мне помогло исполнение команд «netsh firewall set service remoteadmin enable» на клиентах

  
  Was this post helpful?
  thumb_up
  thumb_down
  

Most likely, a lot of you already faced an error The RPC server is unavailable. (Exception from HRESULT: 0x800706BA). This happens when you try to connect to a remote computer or server through a specific MMC snap-in, WMI, PowerShell, WinRM, or another remote management tool.

Troubleshooting RPC server unavailable error 0x800706BA

The easiest way to test the RPC connectivity between the local and remote computer is to run a simple WMI query against a remote host.

In our case, we tried to query a remote computer through WMI from the PowerShell console.

PS C:Windowssystem32> Get-WmiObject Win32_ComputerSystem –ComputerName 192.168.0.14

Get-WmiObject : The RPC server is unavailable. (Exception from HRESULT: 0x800706BA)

At line:1 char:1

+ Get-WmiObject Win32_ComputerSystem –ComputerName 192.168.0.14

+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

+ CategoryInfo          : InvalidOperation: (:) [Get-WmiObject], COMException

+ FullyQualifiedErrorId : GetWMICOMException,Microsoft.PowerShell.Commands.GetWmiObjectCommand

In this example, you can see that the remote computer is not accessible via RPC.

Note. If the RPC communication between your hosts is working fine, you should get the remote computer info in the command output:

Several common problems can cause the RPC server unavailable error:

• The remote computer is switched off or there are other connectivity issues when the RPC client cannot reach the server due to a general network problem;
• The RPC service is stopped/failed on the remote computer;
• The RPC Endpoint Mapper port TCP/135 is not accessible on the remote computer;
• The Dynamic RPC port range is blocked by firewalls between your computer and the remote computer.

First of all, make sure RPC Endpoint Mapper port 135 is listening on a remote computer. Use the following command:

netstat -ano | find "135"

Now you need to check the next things in order to fix the error The RPC server is unavailable 0x800706BA:

1. Check if you have entered the correct IP address or computer name; check if the remote computer is not currently in a shutdown/startup state;
2. Verify that the Remote Procedure Call (RPC) and Windows Management Instrumentation services are running on the remote computer. You can check the status of the services using the following commands: sc query Winmgmt and sc query rpcss. If these services are started, the commands should return STATE: 4 RUNNING. If the services are stopped, run them with the command:

   net start rpcss & net start Winmgmt

3. Or you can run the Service management console GUI (services.msc) and make sure that the Remote Procedure Call (RPC) and DCOM Server Process Launcher services are in the running state and configured to start automatically.
   
   

Firewalls may block access to the remote computer through RPC ports (this is a very common reason). If there are no firewalls on your network, try temporarily disabling the firewall apps (including Windows Defender Firewall with Advanced Security) on both the client and server sides and check the RPC connectivity. Additionally, for the RPC protocol to operate, you must check the availability of port TCP/135 (RPC Endpoint Mapper) on the remote computer side. The easiest way to test for open/closed ports is to use the following PowerShell command:

Test-NetConnection 192.168.1.14 -port 135

If the RPC service is enabled and access to it is not blocked, the TcpTestSucceeded line should contain True.

If port 135 (RPC Endpoint Mapper) is available, but the error “The RPC server is unavailable” is still present, you need to ensure that firewalls are not blocking communication on a dynamic RPC port range. The RPC Dynamic Ports is a TCP port ranging from 49152 to 65535, that must be open for RPC technology to work properly.

Check that the Windows Defender firewall has rules that allow inbound traffic on port 135 (RPC Endpoint Mapper) and the TCP RPC Dynamic Ports range. If there are no rules for inbound RPC traffic (they have been removed), you will need to create them manually.

In Windows 2003 and Windows XP, the range of ports that are used for RPC is 1024 — 65535. In current versions of Windows, the Dynamic RPC port range uses ports from 49152 to 65535. Windows allows you to change the available RPC port range via the registry. This is often used when you need to restrict the open port range for RPC on the firewall.

For example, to restrict RPC ports to a range of 6000-6100, create the following registry settings in the HKEY_LOCAL_MACHINESoftwareMicrosoftRpc key:

You can force Windows Defender Firewall to open the specified range of TCP ports.

Restart all services and applications that use dynamic RPC port allocation.

You can use a small command-line tool PortQry from Microsoft to get a list of RPC Dynamic ports used by the RPC Mapper service. Use the following command to get the list of RPC endpoints from a remote Endpoint Mapper Database:

PortQry.exe -e 135 -n 192.168.1.201

In this case, 151 endpoints were found. Each RPC point has a dynamic TCP port number next to it that it is listening on. You can check the availability of the RPC port for the desired service using the PowerShell command:

Test-NetConnection 192.168.1.201 -port 49703

Many firewalls block RPC and SMB/NetBIOS even if you have any-any rules enabled. In this case, you must specifically create a rule/policy to explicitly allow RPC dynamic ports.

Note. Windows RPC/DCOM connections often don’t work correctly when NAT is used. Try to connect to your RPC server directly, without using NAT.

Certificate Enrollment Error – 0x800706ba The RPC server is unavailable

If you are facing an error The RPC server is unavailable 0x800706ba when performing the automatic registration of a certificate on a domain controller or in a certification authority, you can find the following error event in the Event Viewer > Application log on the server:

Source: CertificateServicesClient-CertEnroll Event ID: 13
Certificate enrollment for the Local system failed to enroll for a DomainController certificate with request ID N/A from ServerCA.contoso.com ServerCA (The RPC server is unavailable. 0x800706ba (WIN32: 1722))

Or:

Source: CertificateServicesClient-AutoEnrollment EventID: 6
Automatic certificate enrollment for the local system failed (0x800706ba) The RPC server is unavailable.

When you try to enroll the certificate you can see the following message:

An error occurred while enrolling for a certificate.
The certificate request could not be submitted to the certification authority.
The RPC server is unavailable. 0x800706ba (WIN32: 1722 RPC_S_SERVER_UNAVAILABLE)

In this case, the domain controller or other client fails to enroll for certificates from the CA.

This problem can have several solutions, but in most cases, the source of the problem is that your computer is not a member of the DCOM access group (allows access to the certificate service via DCOM) or incorrect permissions are issued. This most commonly occurs when the CA is installed on a DC.

Follow the next steps:

1. On the domain controller on which the certification service is deployed, you need to make sure there is an  Active Directory group CERTSVC_DCOM_ACCESS or Certificate Service DCOM Access.
   Note. If the CERTSVC_DCOM_ACCESS security group has been accidentally deleted, open the ADUC console and manually create it in the Users container (Group scope: Domain local, Group type: Security).
2. Add the following domain groups to the CERTSVC_DCOM_ACCESS/Certificate Service DCOM Access group: Domain Users, Domain Controllers, Domain Computers;
   
3. Update the DCOM security settings on the server with the CA role using the commands:

   certutil -setreg SetupStatus -SETUP_DCOM_SECURITY_UPDATED_FLAG
   
   net stop certsvc & net start certsvc

4. On a server where the CA is deployed, check the COM security permissions. This group must have Remote Access and Remote Activation permissions allowed;
5. After that, try to restart the computer and check the certificate enrollment.

Then check the DCOM Permissions on the server running the CA role. In some cases, even if RPC is configured correctly, incorrect DCOM permissions can block remote authentication.

1. Run the command dcomcnfg.exe;
2. Expand the section Component Services > Computers > My computer;
3. Open the properties of My computer, go to the Default Properties tab, and ensure that the option Enable Distributed COM on this computer is checked;
4. Then navigate to the COM Security tab and click on the Edit Limits button in the Access Permissions section. Check that the Certificate Service DCOM Access security group has Local Access and Remote Access permissions;
   
5. Then click the Edit Limits button in the Launch and Activation Permission section and check that the Certificate Service DCOM Access group is allowed for Local Activation and Remote Activation.

If the above solution doesn’t work, use the nltest command to find out problems with netlogon calls to a domain controller:

Nltest /Server:dc01 /query

Then check that the Active Directory CA request interface is responding:

Certutil -ping

Server “test-DC01-CA” ICertRequest2 interface is alive (62ms)

CertUtil: -ping command completed successfully.

In order to trigger the renewal of a certificate on the CA, run the following command:

certutil –pulse

If you receive the error “Server could not be reached: The RPC server is unavailable. 0x800706ba (WIN32: 1722)” from the non-domain joined computer, ensure that the “Authenticated Users” group is added to the “Certificate Service DCOM Access” group on the CA server.

RPC Server Unavailable Error when Updating Group Policy Settings

When you remotely update Group Policy settings on domain computers from the Group Policy Management Console (gpmc.msc), you may receive error codes 8007071a: The remote procedure call was canceled and 800706ba:The RPC server is unavailable.

To resolve this issue, you must enable the following rules in Windows Defender Firewall:

• Remote Scheduled Tasks Management (RPC);
• Remote Scheduled Tasks Management (RPC-EPMAP);
• Windows Management Instrumentations (ASync-In);
• Windows Management Instrumentations (DCOM-In);
• Windows Management Instrumentations (WMI-In);
• Windows Management Instrumentations (DCOM-In);
• Windows Remote Management (HTTP-In).

You can create a new GPO and enable these rules manually (Computer Configuration > Windows Settings > Security Settings > Windows Defender Firewall > Inbound Rules).

Or you can activate the following default Starter GPOs:

• Group Policy Remote Update Firewall Ports;
• Group Policy Reporting Firewall Ports.

These policies contain all the necessary Windows Defender Firewall rules to remotely update Group Policy settings.

Go to the Starter GPOs section, click on each of the items, and select New GPO from Starter GPO. Create new GPOs and assign them to Organizational Units with target computers or servers.

After a while, try a remote Group Policy update. The error should disappear.