I have been having this issue with two of my domain controllers, trying to connect to machines that were only on the network temporarily, and especially trying to connect to non-windows devices (and hence non-domain clients) on the WiFi network. I
was getting two or three of these DCOM 10009 errors every few seconds and it was choking the hell out of my System log.
I also reviewed the previous totally-not-really-answered thread and the exchange about the Labtech management software is what clued me in to a solution.
For those who don't want to go back and review that thread (here)
the short version is that the Labtec software was repeatedly running the command
DCDIAG /TEST:DNS /DNSforwarders as part of it's regular health check, and that test was causing the
RPC service to try to communicate with the server
in question (an external DNS server, so, obviously, no RPC connection.)
This made me think about services on the DC that I've been having this issue on (two of them actually) and which of those
services might be trying to force a connection to every device on the LAN for some reason. For example, I checked to see if there was a Spiceworks agent on the server that might be at fault.
It turned out to be a service associated with our newly deployed Palo Alto Networks firewall, and specificaly the User
Agent service that was installed on the two DCs experiencing the problem. In brief, it was running something called WMI-Probing for any device sending web traffic from a domain-authenticated host (including devices connected to WiFi using users' domain
credentials.)
Palo Alto's description of the issue is
here,
but the lesson to be learned is that if you've got this DCOM error, it's because something on the computer (doesn't have to be the DC) is trying to initiate a connection to the target IP. If you look through your services list, you're probably going
to find it. I found it by running Process Monitor on one of the DCs and looking for activity immediately preceding the attempted network RPC EPMAP actions and for every single one I saw an action by the Palo Alto User Agent service. Five seconds on Google
with "Palo Alto Dcom 10009" put up the answer. If you've got this error, betcha you've got some service running that's trying to make that RPC connection at whatever frequency the error is popping up.
Good luck!