RPC over HTTP issues for Exchange 2007 and Outlook 2007

Dear Experts,

Here is the current configuration of my domain:

dc.domain.local = Primary domain controller on Windows 2008 x64, as well as DHCP and DNS server

mail.domain.local = Exchange 2007 SP1 x64 on Windows 2008 x64

isa.domain.local = ISA 2006 server on Windows 2003

FQDN = mail.domain.com

SSL certificate = Wildcard certificate for *.domain.com

client machines = Windows XP Pro SP3 with Outlook 2007 / 2003

I need to get Outlook Anywhere (RPC over HTTP) working on my client machines

First, I have done the following to set it up:

1.      Installed RPC over HTTP proxy on mail.domain.local

2.      Enabled Outlook Anywhere in EMC under Client Access

3.      Set NTLM authentication for Outlook Anywhere

4.      Apply wildcard certificate on mail.domain.local and isa.domain.local on IIS

5.      Setup forwarding rules, SSL web listerners, and so on for isa.domain.local so it will authenticate users and pass them onto mail.domain.local, I was using the wizard for ISA 2006 for RPC over HTTP

6.      I also setup ISA for Outlook Web Access using the wizard.

7.      DNS on our ISP is setup to point to isa.domain.local when using mail.domain.com

Initial, I have some success:

1.      OWA was working on remote client over the internet

2.      Outlook Anywhere was working on remote Outlook 2007 clients  except users cant browser the GAL


3.      Activesync on WM6 devices also working

But now I have the following issues:

1.      I was trying to solve the GAL problem, I noticed on the Outlook 2007 client connection status, it would say connection established for Mail on mail.domain.localm, but there is no connection for Directory for dc.domain.local  so I guess that is why users cant get to the GAL.

2.      I tried to solved the problem by editing the registry key for RpcProxy ValidPorts on mail.domain.local and NSPI Interface protocol sequences on the NTDS server on dc.domain.local, I rebooted both machines  the changes I made are:

On dc.domain.local

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters

Type REG_MULTI_SZ
Name: NSPI Interface protocol sequences
Value: ncacn_http:6004

On mail.domain.local



[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy]
"ValidPorts"="
exchange-server:100-5000;
exchange-server:6001-6002;
exchange-server.domain.local:6001-6002;
dc:6001-6002;
dc.domain.local:6001-6002;
exchange-server:6004;
exchange-server.domain.local:6004;
dc:6004;
dc.domain.local:6004;
mail.external.com:6001-6002;
mail.external.com:6004;
dc:593;
dc.domain.local:593;
exchange-server:593;
exchange-server.domain.local:593;
mail.external.com:593;"


3.      Then I got a whole heap of Event Viewer errors in both machines after the reboot about Exchange having A Transient failure (Event ID 4001) and Group Policy cant be processed because it could find the SysVol on the DC

4.      On DC.domain.local I got errors like DFS Replication failed to connect to domain controller (Event 1202) and DHCP server failed to see a directory server for authorization (Event 1059) and Publishing KMS to the DNS in the domain has failed (Event 12293)  all these errors I didnt get before

5.      I changed the registery keys to what they were before and reboot both machines but the problem persists.

6.      Now every time when I start a remote Outlook 2007, it either say the exchange server is offline, or it keeps on asking me for the login details. The remote Outlook works fine of course when connected to our LAN using VPN to the ISA server.


I would like to

1.      Get RPC over HTTP working again
2.      Get GAL working over RPC over HTTP
3.      Fix the errors I have created  whatever they were!

Thanks

Wayne