Go Premium for a chance to win a PS4. Enter to Win

x
?
Solved

RPC Proxy Server troubleshooting

Posted on 2004-03-30
17
Medium Priority
?
3,454 Views
Last Modified: 2012-05-04
I have a single W2k3 server running a single Exchange server 2k3 installation and I am trying to get RPC over HTTP working... but with no luck.

- The RPC Proxy is running on the same machine.
- I've made all the registry changes detailed in Microsoft's RPC over HTTP deployment document.

I'm pretty sure it's a problem with the proxy and I've been using rpcping to try to make sense of it all. What I really need is some help troubleshooting the error I'm getting back.

I'm using rpping like this:

rpcping -t ncacn_http -s ExchServer -o RpcProxy=RPCProxyServer -P "user,domain,*" -I "user,domain,*" -H 2 -u 10 -a connect -F 3 -v 3 -E -R none

... and I'm getting this back:

401: Client is not authorized to ping RPC proxy

... and Microsoft say this:

You receive this response if the RPC Ping Utility test failed. The PRC Ping Utility test may have failed if HTTP access is denied, if there are incorrect credentials on the –P switch, or if the user does not exit.

So basically, if you can get me pinging the proxy...you get the points.
0
Comment
Question by:dmjabbo
  • 10
  • 7
17 Comments
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10717881
Did you run rpings on the server first?
0
 

Author Comment

by:dmjabbo
ID: 10718010
no - what does that do...?
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10718145
0
Veeam Disaster Recovery in Microsoft Azure

Veeam PN for Microsoft Azure is a FREE solution designed to simplify and automate the setup of a DR site in Microsoft Azure using lightweight software-defined networking. It reduces the complexity of VPN deployments and is designed for businesses of ALL sizes.

 
LVL 11

Expert Comment

by:ewtaylor
ID: 10718217
Shoot just saw you are running 2k3 do not think you need it then sorry...
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10718270
Are you using certificates?
0
 

Author Comment

by:dmjabbo
ID: 10721936
Yep, I'm using certificates and the default website (containing the RPC dir) is protected by SSL.

Does that mean I need some extra switches when running rpcping?
0
 

Author Comment

by:dmjabbo
ID: 10723111
I have changed the -H switch from 2 to 1. This uses basic auth instead of NTLM and the server is set to use basic auth.

So, now it seems to authenticate but now I get error 501 returned.

MS say this about error 501:

The PRC Ping Utility test may have failed because the RcpProxy.dll could not be contacted, because the wrong virtual root folder (Vroot) was being accessed, if a RPC Proxy server has not been installed, or if Vroot is not accessible.

Any clues?
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10723685
Try adding this switch

-B Mutual authentication. You must specify the server certificate subject that is being used.
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10723695
The syntax is

–B msstd:server_certificate_subject
0
 

Author Comment

by:dmjabbo
ID: 10723725
No change I'm afraid - still an error 501
0
 
LVL 11

Accepted Solution

by:
ewtaylor earned 1200 total points
ID: 10723777
On the RPC Proxy server computer, click Start, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
Expand your domain, double-click Default Web Site, right-click RPC, and then click Properties.
Click the Directory Security tab, and then click View Certificate.
Make sure that the certificate is issued to the same server that is used by the client for authentication.
0
 

Author Comment

by:dmjabbo
ID: 10723983
I've fixed it - I have SharePoint running on the same sever and I hadn't defined the rpc virtual dir as an excluded path in the SharePoint admin.

Thanks for your help with rpcping - am I allowed to just give you the points?
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10724370
Ahh nice, sure.
0
 

Author Comment

by:dmjabbo
ID: 10724459
There you go... enjoy. Thanks again.
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10724535
Thanks, are you using a sharepoint server? If so what do you think of it?
0
 

Author Comment

by:dmjabbo
ID: 10724811
It's just the free one, not the full blown portal server but it seems brilliant - exactly what a lot of companies have been wanting for a long time...
0
 
LVL 11

Expert Comment

by:ewtaylor
ID: 10724826
I just received my technet beta's and that and the comm server are both I would like to setup and try.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A brief overview to explain gateways, default gateways and static routes OR NO - you CANNOT have two default gateways on the same server, PC or other Windows-based network device. In simple terms a gateway is formed when a computer such as a serv…
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Despite its rising prevalence in the business world, "the cloud" is still misunderstood. Some companies still believe common misconceptions about lack of security in cloud solutions and many misuses of cloud storage options still occur every day. …

971 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question