Share via

RPC Server Unavailable (0x800706ba) when adding Certificate Template on Local CA/DC

Jorenzo Lucero 0 Reputation points
2025-10-22T23:48:49.2733333+00:00

I'm encountering an issue when trying to add a new certificate template to issue on my Certification Authority (CA) server. The CA is installed on a local server that also functions as a Domain Controller (DC) in my environment.

When I navigate to certsrv.msc -> Certificate Templates -> New -> Certificate Template to Issue, I receive the error: "The template information on the CA cannot be modified at this time. This is most likely because the CA service is not running or there are replication delays. The RPC server is unavailable. 0x800706ba (WIN32: 1722 RPC_S_SERVER_UNAVAILABLE)"

CA Service Status: Verified that "Active Directory Certificate Services" (certsvc) is running.

PS C:\> Get-Service certsvc  
Status   Name               DisplayName  
------   ----               -----------  
Running  certsvc            Active Directory Certificate Services
  1. CA Type: Confirmed it's an Enterprise Root CA.
PS C:\> certutil -cainfo | findstr /i "Type"  
CA type: 0 -- Enterprise Root CA
Windows for business | Windows Server | Directory services | Certificates and public key infrastructure (PKI)
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Harry Phan 11,010 Reputation points Independent Advisor
    2025-10-23T01:18:05.5133333+00:00

    The error you're encountering, 0x800706ba (RPC_S_SERVER_UNAVAILABLE), typically points to a communication issue between the Certification Authority (CA) and Active Directory. Even though the CA service is running, this can happen if:

    There are replication delays between Domain Controllers.

    The Domain Controller hosting the CA is experiencing network or DNS resolution issues.

    The RPC service or required ports (like TCP 135) are blocked by a firewall or security policy.

    Here are a few steps you can try:

    Restart the CA and DC services, or reboot the server to clear any lingering RPC sessions.

    Run dcdiag and repadmin /replsummary to check for AD replication health.

    Ensure the RPC and DCOM services are running and not restricted by firewall rules.

    Confirm that the CA server has proper permissions to read certificate templates in Active Directory.

    If this helps resolve the issue, feel free to hit “Accept Answer” so others can benefit too 😊.

    0 comments
  2. Harry Phan 11,010 Reputation points Independent Advisor
    2025-10-25T04:19:56.72+00:00

    Hi @Jorenzo Lucero

    Has your issue been solved? If it has, please accept the answer so that others know this is a quality answer and can help similar issue. If not, is there anything I can help you with? Please let me know.

    Harry.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.