800706BA The RPC Server is unavailable
Using Powershell Patch/Audit Utility to check the Windows Update status, you receive an error, 800706BA The RPC Server is unavailable. This is a firewall issue on your Windows Server.
Notice the errors 800706ba errors below in the PowerShell window. In the PoshPaig GUI, you will notice Error with Audit in the Notes column.
Navigate to the server where you are trying to perform the PowerShell Patch Audit. Open the firewall on the local drive of the server normally located at “C:\Windows\System32\LogFiles\pfirewall.log”. Once you’ve got the firewall log opened, use a log viewer such as cmtrace.exe (installed with SCCM agent) to filter the log by selecting Tools, then Filter and filter on the From IP address. This is the IP address of the workstation you are running the PoshPaig utility from. In the example below, the workstation’s fake IP address I’m running the PoshPaig utility from is 10.99.99.99.
Now you have a nice clean firewall log to analyze. As you can see below, the firewall on the server with fake IP address 10.111.111.1, is blocking TCP traffic from workstation address 10.99.99.99. The TCP ports are dynamic RPC ports. These RPC ports change all the time and range from port 49152 – 65535.
To resolve this issue, create a new firewall rule with the settings below on your Windows server.
Rule Type: Custom
Program: %windir%\system32\dllhost.exe
Protocol type: TCP
Local port: RPC Dynamic Ports
Remote Port: All Ports
Scope: (I would recommend locking this down to only the computers who need it)
Action: Allow
Profile: Domain
Name: Dynamic RPC
Now you will be able to perform an audit with the PowerShell Patch/Audit Utility.
References
Windows Dynamic Port Range
KjaerIT