RPC over http

Posted on 2004-10-28
Last Modified: 2009-01-08
I have an
-exchange server 2003 installed on Active Directory
-windows 2003
-domain controler

This server is behind NAT.

I want to connect to the serever using RPC over HTTP.

I have succefuly done it in the intranet but not from the internet.

In the internet I get a user-password dialog but cannot pass this stage.

I have done port forwarding port 80 of the exchange server to the internet.

Can you help?
Question by:noam_dz
    LVL 104

    Expert Comment

    It isn't port 80 you need to forward. It is port 443. RPC/HTTP should really be called RPC/HTTPS.

    Have you verified that it is actually working internally?
    Close Outlook completely, checking that it has gone from task manager.

    Then click start, run and type

    outlook.exe /rpcdiag

    This will start Outlook normally but with an additional diagnostics box. ANY references to TCP/IP means RPC/HTTPS isn't working. They should all be HTTPS.

    LVL 12

    Expert Comment


    I'd consider installing SP1 for Exchange if you haven't already ...

    Check out this article for more info -

    A few other articles you might want to read through -

    Deploying RPC over HTTP for Exchange Server 2003 SP1


    Deploying RPC over HTTP for Exchange Server 2003

    RPC over HTTP System Requirements

    Exchange Server 2003 must be installed on all Exchange servers that are used by the RPC proxy server.

    All client computers that are running Outlook 2003 must be running either Windows Server 2003 or Microsoft® Windows® XP Service Pack 1 (SP1) or later with the following update: 331320, "Windows XP Patch: RPC Updates Needed for Exchange Server 2003" (

    Also, the following is recommended when you use RPC over HTTP communication:

    • Use Secure Sockets Layer (SSL) encryption. SSL is required by the RPC proxy server for all client-to-server communication and the servers SSL certificate must be valid and trusted by the client. Outlook will not connect if the certificate is invalid or not trusted.
    • Choose the correct client authentication method. Basic authentication over SSL is firewall-independent and can be used regardless of firewall configuration. NTLM authentication can be used but is dependent on how the firewall handles SSL traffic.

    Note :

    If the firewall does not add a via: header to the HTTP header information, NTLM can be used. If the firewall does add a via: header (as many reverse proxies do), IIS will not allow NTLM authentication.
    • Use an advanced firewall server in front of your Exchange front-end server in the perimeter network. It is recommended that you use a dedicated firewall server such as ISA Server 2000 with Service Pack 1 and Feature Pack 1 or later to secure your messaging environment. For information about using ISA Server 2000 SP1 with Exchange, see the Exchange online book, Using ISA Server 2000 with Exchange Server 2003 (
    LVL 104

    Accepted Solution

    If you are still having problems with getting this to work, then I have just updated my own article on setting it up.
    The article now includes the correct settings required with a single Exchange server running Exchange 2003 SP1.
    All the other information we have posted above still applies, but you may find it useful.


    Expert Comment

    Simon -
    Just to make sure that I check and tripple check, since this is a long registry entry:
    1) how do we determine the domain.local = Internal domain name
    2) the exchange-server = Exchange Server means just the netbios name of the exchange server found by right clicking the "My Computer" and going Computer Name and using the Full computer name?
    3) do we add a ".local" to the name in addition to the local domain name?
    4) does the MX records on the domain registry need to be updated in a special way? mine are

    I almost have this working. Internally when I connect over https everything works - no mention of the tcp/ip - and I am almost there.
    Please advise.
    LVL 104

    Expert Comment

    This is a closed question.
    As you are not the original asker, please post your query in a new question where it will be picked up and dealt with.


    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone. Privacy Policy Terms of Use

    Featured Post

    Top 6 Sources for Identifying Threat Actor TTPs

    Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

    Workplace bullying has increased with the use of email and social media. Retain evidence of this with email archiving to protect your employees.
    Get an idea of what you should include in an email disclaimer with these Top 5 email disclaimer tips.
    To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
    The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

    875 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    14 Experts available now in Live!

    Get 1:1 Help Now