Fix: LSA is Unable to Obtain an RPC Connection
Adding a forwarder to the domain should fix this
5 min. read
Updated on
Read the affiliate disclosure page to find out how can you help Windows Report effortlessly and without spending any money. Read more
Key notes
- If the Local Security Authority is unable to obtain an RPC connection error, it might be because of interference from your firewall.
- You can fix this issue by running a few commands on an elevated Command Prompt.
- Another effective solution is to uninstall the shared folder if you use VMware.
Connecting and establishing trust between two Domain Controllers is a popular practice. However, some users are reporting a Local Service Authority is unable to obtain an RPC connection error after entering the Domain FQDN or NetBIOS name.
While this issue can be pretty annoying, it is not the most difficult to fix, as it only requires minor tweaks most times. In this guide, we will show you the steps to follow to fix this issue and establish trust relationships between your servers.
Why is Local Security Authority unable to obtain an RPC connection?
Below are some of the potential causes that can cause LSA to be unable to obtain an RPC connection:
- Firewall interference – One of the first things to check if you are getting this error is Windows Defender Firewall is not blocking the connection. You might need to disable the firewall on the two servers temporarily to fix the issue.
- Issues with Shared folder on VMware – If you are using VMware, this problem might be due to the shared folder. Uninstalling it has proved effective for most users.
- Incorrect time – If the time on the two servers you are trying to connect does not match, you are likely to get the Local Security Authority unable to obtain an RPC connection error.
Now that we know what can cause this issue, let’s fix it by using the solutions below.
What do I do if LSA is unable to obtain an RPC connection error?
Before delving into the fixes in this section, try the following troubleshooting steps:
- Check if the time on the two servers is in sync
- Ensure the passwords of both administrators in different domains are in sync
- Disconnect and reconnect to the domain network
If this does not work, proceed to the solutions below:
1. Disable the firewall temporarily
- Press the Windows key, type firewall, and select Windows Defender Firewall.
- Select Turn Windows Defender Firewall on or off.
- Now, tick the radio buttons for the Turn off Window Defender Firewall button for both the Public and Private network settings.
- Finally, click the OK button.
If the firewall on either of the servers or DCs is active, it might be stopping you from creating trust relationships. This leads to the Local Security Authority is unable to obtain an RPC connection error.
The solution to this is to disable the firewall temporarily and retry the connection.
2. Add a forwarder
- If you have added the DNS of the server (say D2) you want to create trust with to your source server (say D1), you need to remove it.
- Now, open the DNS console under Administrative Tools.
- Right-click on the DNS server node and choose the Properties option.
- Next, click the Forwarders or Forwarding tab at the top, depending on your server.
- Click the New or Edit button under the DNS domain section and enter the name of the domain you want your name server to forward to (e.g., domain2.com).
- Type the forwarder IP address (the remote site’s DNS, which is also the DC for that site), and click the Apply button followed by OK.
- From here, press the Windows key, type cmd, and select Run as administrator under Command Prompt.
- Finally, type the command below and hit Enter to run it:
ipconfig/flushdns
According to some users, you can eliminate the Local Security Authority is unable to obtain an RPC connection error by adding a forwarder IP address to your connection.
3. Try net use
- Press the Windows key + R, type \\domain.com\c$, and click the OK button.
- Now, type your username and password and check what the \\domain.com\c$ opens.
- Finally, try creating trust again with FQDN and not NetBIOS.
4. Uninstall the Shared folder on VMware
- Press the Windows key, type control, and select Control Panel.
- Select Uninstall a program under the Programs option.
- Now, right-click VMware Tools and select Change.
- Click the Next button.
- Finally, untick the box for Shared Folders and reboot your machine.
If you are getting the Local Security Authority is unable to obtain an RPC connection error while trying to establish trust between your Domain Controllers, it might be due to the Shared Folders feature of VMware.
Note that the steps above are for uninstalling the feature on Windows 2003, which is the common version users face this error.
There you have everything you need to get rid of the Local Security Authority is unable to obtain an RPC connection while trying to establish trust between your Domain Controllers. You should now be able to fix this issue provided you follow the steps above.
If you are dealing with a similar error in Local Security Authority cannot be contacted, check our detailed guide to fix it.
Feel free to let us know the solution that helped you fix this issue in the comments below.