Active Directory: MSRPC Bindings

All AD operations except Kerberos authentication involve one or more MSRPC bindings with the remote AD server. Oracle ZFS Storage Appliance must successfully bind to the remote MSRPC services running on the AD server before making any MSRPC requests. Any connection issues with the AD server are normally seen as failures during MSRPC bind exchanges.

This statistic shows the total number of successful or failed MSRPC bind exchanges at a point in time, and measures the MSRPC bind rate in operations per second for a period of time.

The AD MSRPC bindings statistic should be used only to diagnose issues that might be related to smbd. AD analytics should not be run continuously because they will unnecessarily consume system resources. You could generate an alert if the average latency substantially increases for a period of time, and the alert will appear on the dashboard. To set a threshold alert, see Configuring a Threshold Alert - BUI, CLI.

When to Check Active Directory MSRPC Bindings

The MSRPC binding hostname breakdown can identify:

  • Slow or misbehaving AD servers

  • Both the failed and alternate AD servers that were used before and after a DC failover event

The MSRPC binding result breakdown can identify:

  • SMB client authentication issues caused by incorrect user password specified during AD domain join

  • Connection timeout

Active Directory MSRPC Bindings Breakdowns

This statistic can be broken down by hostname and result.

Table 5-7 Breakdowns of MSRPC Binding Exchanges

Breakdown Description


The hostname of the AD server.


The result of the MSRPC bind. Examples:



  • smb/client authentication failed

  • Connection timed out

  • NT status

  • Locate trust account

Further Analysis