After initiating a Client Push Install, one or more endpoints display the following error message:
RPC server is unavailable. Please allow WMI through Windows Firewall.
Your Group Policy's firewall does not meet the prerequisites needed for a Client Push Install. Windows Management Instrumentation (WMI) is not enabled on your firewall. Without Windows Management Instrumentation, Remote Procedure Call (RPC) cannot establish a connection between the endpoint and server.
Configure your Group Policy's firewall to meet the following prerequisites:
- Open ports 135, 137, and 445
- Enable Windows Management Instrumentation (WMI)
- Enable Remote Procedure Call (RPC)
To see instructions for Windows Firewall, refer to the article Endpoint Security firewall prerequisites to deploy clients via Group Policy.
You can also use Command Prompt to configure the prerequisites above. Execute the commands below on each endpoint experiencing the error.
Windows XP, Vista, and 7
netsh firewall set service RemoteAdmin enable
Windows 8, 8.1, and 10
netsh advfirewall firewall set rule group="remote administration" new enable=yes
netsh advfirewall firewall set rule group="Windows Remote Management" new enable=yes
netsh advfirewall firewall set rule group="windows management instrumentation (wmi)" new enable=yes