How to setup rpc

When the Microsoft Windows operating system is installed on a server or client, setup automatically installs the RPC run-time files. No further RPC installation is required.

You must ensure, however, that the version of Windows you install supports all the features used in your distributed application. When you use an RPC application on a Windows 3. Use this disk image to create an install disk for distribution with your RPC application. However, your application's installation program must install the executable files contained in this disk image. Next, an IPsec policy must be created to restrict access to this port range to deny access to all hosts on the network.

Finally, the IPsec policy can be updated to give certain IP addresses or network subnets access to the blocked RPC ports and to exclude all others. To do this, visit the following Microsoft Web site:. The syntax and usage of IPseccmd. For more information about the Windows XP support tools, click the following article number to view the article in the Microsoft Knowledge Base:. At the command prompt, type rpccfg. Note This port range is recommended for use by RPC endpoints because ports in this range are not likely to be allocated for use by other applications.

By default, RPC uses the port range of to for allocating ports for endpoints. However, ports in this range are also dynamically allocated for use by the Windows operating system for all Windows sockets applications and can be exhausted on heavily used servers such as terminal servers and middle-tier servers that make many outgoing calls to remote systems. For example, when Internet Explorer contacts a Web server on port 80, it listens on a port in the range for the response from the server.

A middle-tier COM server that makes outgoing calls to other remote servers also uses a port in this range for the incoming reply to that call. Moving the range of ports that RPC uses for its endpoints to the port range will reduce the chance that these ports will be used by other applications. For more information about ephemeral port usage in Windows operating systems, visit the following Microsoft Web sites. For more information about how to use IPsec to block ports, click the following article number to view the article in the Microsoft Knowledge Base:.

On Windows , use Ipsecpol. For example, on Windows , type the following command from a directory that contains Ipsecpol. On Windows XP and on later operating systems, type the following command from a directory that contains Ipseccmd. For example, type the following command on Windows hosts to block all incoming access to TCP To block all incoming access to TCP , type the following command on Windows XP hosts and on hosts of later Windows operating systems:. Repeat this command for each RPC port that must be blocked by changing the port number that is listed in this command.

Ports that must be blocked are in the range. Note Do not forget to change the port number in the rule name the -r switch and in the filter the -f switch. If you must give specific subnets access to the restricted RPC ports, you must first give these subnets access to the RPC Endpoint Mapper that you blocked earlier. If N, the processes using the default will be assigned ports from the set of intranet-only ports.

In this example, ports through inclusive have been arbitrarily selected to help illustrate how the new registry key can be configured. It isn't a recommendation of a minimum number of ports needed for any particular system. Restart the server. All applications that use RPC dynamic port allocation use ports through , inclusive. You should open up a range of ports above port Port numbers below may already be in use by other applications and could cause conflicts with your DCOM application s.

Furthermore, previous experience shows that a minimum of ports should be opened, because several system services rely on these RPC ports to communicate with each other. The minimum number of ports required may differ from computer to computer. Computers with higher traffic may run into a port exhaustion situation if the RPC dynamic ports are restricted.

Take this into consideration when restricting the port range. If there is an error in the port configuration or there are insufficient ports in the pool, the Endpoint Mapper Service will not be able to register RPC servers with dynamic endpoints. It will log event in this case:. Skip to main content. This browser is no longer supported.

Download Microsoft Edge More info. Contents Exit focus mode. Please rate your experience Yes No. Any additional feedback?