Problem: You receive an error in the VPSA GUI that the RPC service is unavailable and the domain join fails.
Explanation: Active directory broadcasts its SVC DNS record to all domain controllers. Therefore, when you try to join a computer to the domain it can choose any number of the domain controllers in your forest to try and join the domain from. If there is no connectivity to all the domain controllers your domain join may fail. This is especially true if you are utilizing Active Directory Sites and Services.
Work Around: You can add the VPSA subnet into Sites and Services and associate it with the domain controllers you want to contact. This ensures that during the domain join the DNS query will look for the domain in that Site. Instructions are below on how to add a subnet into AD Sites and Services.
Instructions:
- Go to Active Directory Sites and Services
- Locate Subnets and then Right Click and select new Subnet
- Enter the VPSA subnet range in CIDR notation. This can be provided by Zadara Support. In addition, make sure you select the appropriate site that has the Domain Controllers you want the VPSA to communicate with.
- After this is complete you can run a manual sync if needed by navigating into the domain Controller and then right clicking on NTDS settings. Select the appropriate sync action you wish to take. Be sure to select any domain controllers in that Site.
In addition, you can perform this operation using repadmin command line utility to force this replication. To run the repadmin commands you must be in an elevated command prompt. Command would be:
repadmin /syncall