OK, Maybe not a Symantec thing but for sure a firewall thing,
So, I removed Endpoint on the client, enabled WMI on the windows firewall and boom, all worked.
As I understand, when endpoint is installed, it takes over all firewalling. This is a domain environment. Odd as heck. Some clients with the EP firewall active work, some don't but if I remove EP and enable the windows firewall on any client that was not working things work.
This doc suggests that random ports are generated and need to be available for RPC to work. is it possible that some of the RPC ports on some cleints are open and some are not. Anyway, an odd issue but this is fact.... if I remove EP and use windows firewall to allow WMI RPC server works. Everytime.
Doc....
http://social.technet.microsoft.com/wiki/contents/articles/4494.windows-server-troubleshooting-the-rpc-server-is-unavailable.aspx
Thanks