Solved

RPC over HTTP Directory portion not working

Posted on 2004-10-27
328 Views
Last Modified: 2011-10-03
I have installed RPC over HTTP and it seemed to go ok.  I have Exchange 2003 server with SP1 installed.  After the install, it works fine on my laptop which is part of the domain computers, but only connects mail and not directory (found by holding ctrl over the connected icon and choosing status).  When I try to connect my home pc via RPC over HTTPS it doesnt connect at all (my guess is directory is the authentication portion and since my laptop has cached credentials it works).

Does anyone know why just the directory portion is not working and how I can fix it.  The Exchange server is not a domain controller if that matters.
0
Question by:ecfmis
    12 Comments
     
    LVL 104

    Expert Comment

    by:Sembee
    First rule is to get it working on your LAN, before moving outside of your network.

    Make sure that Outlook is configured to use HTTP connections for both slow and fast connections.

    Close Outlook completely, checking that outlook.exe has gone from the Task Manager.

    Then click start, run and type:

    outlook /rpcdiag

    Press enter.
    Outlook will start normally, but with an additional dialogue box.
    Each connection item should say https. If any say TCP/IP then RPC/HTTP isn't working correctly.
    (If you want to see screenshots of this process: http://www.amset.info/exchange/rpc-http-diag.asp)

    How did you configure RPC/HTTPS? Registry entries or GUI in ESM?

    Simon.
    0
     

    Author Comment

    by:ecfmis
    Ok, I know how to do the rpc status.  That  is how I knew that the Directory service was not connecting.  Internally, Mail connects via HTTPS and Directory via TCP/IP.  Externally I only get the mail from my laptop.

    And I configured RPC over HTTPS with both registry and gui in ESM.  

    Any ideas?

    I wondered if it might be how I setup the SSL Certificate?  
    0
     
    LVL 104

    Accepted Solution

    by:
    I haven't seen the directory component alone fail before. I have just tried to simulate that failure on a test system and cannot.
    I think you might have to resort to a registry change. The list of changes is quite extensive.
    turn the GUI back to Not part of RPC/HTTP setup.
    Then take a look here:
    http://www.amset.info/exchange/rpc-server.asp
    I have listed all the registry changes that need to be made. There is one that needs to be made on your domain controller as well, which is probably the one that hasn't taken.

    Simon.
    0
     

    Author Comment

    by:ecfmis
    That is a dead link but I will give it a try when it works :)
    0
     

    Author Comment

    by:ecfmis
    Ok I just followed your domain links and found your webpage at: http://www.amset.info/exchange/rpc-http-server.asp

    I followed the instructions to the T (we have GC DS seperate from Exchange Server).

    HEre is the Valid ports entry where ECFSRV6 = Exchange Server and ECFSRV1 = PDC + GC and ECFINC.com = domain.

    ECFSRV6:6001-6002;ECFSRV6.ecfinc.com:6001-6002;ECFSRV1:6001-6002;ECFSRV1.ecfinc.com:6001-6002;ECFSRV6:6004;ECFSRV6.ecfinc.com:6004;ECFSRV1:6004;ECFSRV1.ecfinc.com:6004;mail.ecfinc.com:6001-6002;mail.ecfinc.com:6004;ECFSRV1:593;ECFSRV1.ecfinc.com:593;ECFSRV6:593;ECFSRV6.ecfinc.com:593;mail.ecfinc.com:593;

    And here is a screen shot of my status after running the test:
    http://64.186.60.28/tim/rpc.jpg

    Do i need to restart the information store or the server after the registry settings (I did have it set for a single server i think and I changed it to the 2 server per your instructions).  I also took it off of rpc in the GUI.  The dc has had the change for awhile, in fact i made this registry entry on all of my dc's here.  Should it only be on one?
    0
     

    Author Comment

    by:ecfmis
    When installing the thawte certificate they also gave me this:

    This is the SSL123 Intermediate CA certificate which must also be installed on your
    web server:

    Which i have not used yet.  Do i need to and what is it for?  I have already installed the standard certificate on the default website.
    0
     

    Author Comment

    by:ecfmis
    I figured out the intermediate thing, and also found this:
    http://forums.msexchange.org/ultimatebb.cgi?ubb=get_topic;f=15;t=002518

    I have the EXACT same symptoms as this guy, but my DC is definetly a GC.  Is there a way to test this to make certain?  We did recently upgrade to 2003 from 2000 on this server.

    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Serves me right for doing the link from memory. Now need to put a redirect in...
    The correct link is this one: http://www.amset.info/exchange/rpc-http-server.asp
    My own web site as well!

    The registry change only needs to be on the GC that you are pointing the RPC proxy at.
    If you have other domain controllers, such as one that was a clean Windows 2003 build and is a gc, try switching the references in the registry to the other one.

    Simon.
    0
     

    Author Comment

    by:ecfmis
    Ok I am still at a loss, I re-installed RPC service and did exactly what you said and still the directory connects at TCP/IP this is bizarre.  Should I promote the Exchange server to a dc and make it a gc server?  Wont this cause uneccisary traffic?
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    I wouldn't promote the Exchange server.
    Two reasons.
    1. Exchange is a lot happier on a member server.
    2. It isn't supported. The role of the server at the point of Exchange install must remain the same.
    If you make/install Exchange server a DC then it must be a GC as Exchange will not look to any other machine.

    You have installed the RPC-Proxy on the Exchange server?
    Made the registry changes on both the Exchange server and the global catalog DC?

    I am trying to think what would force Outlook to use TCP/IP for the directory access.
    How have you got the client configured? Is it like I have on my web site at http://www.amset.info/exchange/rpc-http-client.asp? (right link this time)

    Simon.
    0
     
    LVL 104

    Expert Comment

    by:Sembee
    Are you still having problems with this?
    I have been working on RPC/HTTPS for most of the last two days and have rewritten my RPC/HTTPS server setup article. It now includes information on how to setup RPC/HTTPS on a single Exchange server with SP1 installed.

    Simon.
    0
     

    Author Comment

    by:ecfmis
    I was finally able to get it working by reinstalling the certificate, and following your info to the "T."  Then I rebooted all DC's and the email server (by pure luck because the KDC CA server crashed and screwed up the DC's so all needed rebooting.  When they came back up RPC over HTTP worked for the directory).
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Want to promote your upcoming event?

    Are you going to an event? Are you going to be exhibiting at a tradeshow? Talking at a conference? Using a promotional banner in your email signature ensures that your organization’s most important contacts stay in the know and can potentially spread the word about the event.

    You might have come across a situation when you have Exchange 2013 server in two different sites (Production and DR). After adding the Database copy in ECP console it displays Database copy status unknown for the DR exchange server. Issue is strange…
    Get an idea of what you should include in an email disclaimer with these Top 5 email disclaimer tips.
    In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
    In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…

    846 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    9 Experts available now in Live!

    Get 1:1 Help Now