• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 427
  • Last Modified:

RPC Over HTTP

Hi

I'm having trouble setting up RPC over HTTP on Outlook 2003. I have followed notes from around 10 different websites and it is set up according to them (one of them being Microsoft).

I can connect to exchange locally via the network.
However connecting using internet via HTTPS doesn't work.
When I bring up the Exchange server connection status (right click on the small outlook icon next to the time). It says that both the directory's are connected via HTTPS but it will not connect mail.

It is not the firewall, as it is allowing all the correct traffic through.

OWA and OMA are both working fine and I can collect email.
0
herman3
Asked:
herman3
  • 10
  • 8
1 Solution
 
SembeeCommented:
First off... getting it working internally first. What is probably happening is that Outlook is falling back to TPC/IP connections internally (because it can). Use the rpcdiag switch to verify what is happening.
There is no point trying external to the network if internal doesn't work.

If it is connecting to the directories on HTTPS but the email server then I suspect the registry entries aren't correct. Did you look at my web site for the registry entries (http://www.amset.info/exchange)?

Simon.
0
 
herman3Author Commented:
Thanks for the reply.

Internally it works correctly using the TCP/IP connections, using the rpcdiag proves this.

I will look at the registry entries to see if that is the problem.
0
 
herman3Author Commented:
Just checked again, the connection is via tcp/ip even when slow and fast connections should go through HTTPS. I looked at you site for the registry enteries and have found the server:100-5000 entry. I am still at a loss! As it only works via tcp/ip does this mean that the client setup is wrong or the server?
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
SembeeCommented:
If it only works on TCP/IP then the server settings are wrong. RPC/HTTPS should work on HTTPS whether you are inside or outside the network - that is the beauty of the feature - allowing users to move between on lan and off lan without any changes to their configuration.

My instinct would say that it was a server setting that was wrong. Make sure that the server passes the server diagnostics I have outlined on my web site.

Simon.
0
 
herman3Author Commented:
Im greatful for your help Simon, however I cannot find the server diagnostics that you have mentioned?
0
 
SembeeCommented:
From: http://www.amset.info/exchange/rpc-http-diag.asp

1. Check the permissions on the RPC virtual directory. They should be Integrated and Basic only. Anonymous access should be disabled.
2. Browse to "http://<server>/rpc" from a workstation. You should be prompted for credentials. After entering valid credentials for the domain, you will get error "403.2 - Forbidden: Read access denied". That shows that the proxy is working correctly.
3. When you connect to the server path above, if you get any prompts for certificates then RPC/HTTP will not work. Outlook cannot acknowledge the certificate error message so will just fail.

Simon.
0
 
herman3Author Commented:
Sorry about the short repsonse but I had typed it once and then lost it, so am having to type it again. Thanks again for your help.

I have gone through your list, and your first point i have checked the RPC directory and the details are correct. The second point I enter HTTPS://email.pearl-coutts.co.uk/rpc (please note the HTTPS) and got the following error;

 You are not authorized to view this page
You might not have permission to view this directory or page using the credentials you supplied.

--------------------------------------------------------------------------------

If you believe you should be able to view this directory or page, please try to contact the Web site by using any e-mail address or phone number that may be listed on the email.pearl-coutts.co.uk home page.

You can click  Search to look for information on the Internet.




HTTP Error 403 - Forbidden
Internet Explorer  

Your final point regarding certificates, when I logged on to the HTTPS://email.********.co.uk/rpc it asked me to install the certificate which I did, restarted explorer and it worked.

I still get the error message;

[url]http://www.pearl-coutts.co.uk/remove/error.jpg[/url]
0
 
herman3Author Commented:
Sorry the link is http://www.pearl-coutts.co.uk/remove/error.jpg, can't find out how to edit posts.
0
 
SembeeCommented:
"it asked me to install the certificate which I did"

That is your problem.
The recommendation is to use a purchased certificate, not a home grown certificate. If you get any certificate prompts at all, then RPC/HTTPS will not work.

Simon.
0
 
herman3Author Commented:
After you install the cert on the computer it does not ask again because it is then trusted.
0
 
SembeeCommented:
While you can use home grown certificates, from vast experience with this feature, and numerous posts on this web site and others the general consensus is that there are less problems with using a purchased certificate. It also makes implementation much easier on the client side.

Looking at your screenshot, however it is still failing to connect to the Exchange server.

Simon.
0
 
herman3Author Commented:
I cannot get a valid cert on this server as this is only our test server to make sure that the rpc over http is what we are looking for.

I realise that it is not connecting to the exchange server and I am looking for the solution.
0
 
SembeeCommented:
For testing purposes RapidSSL provide 30 day trial certificates. That is what I use in test scenarios - I even use a trial certificate when doing a new live install, once I know it is working, then I purchase the real certificate.

Something is obviously not setup correctly on the Exchange server. I would actually consider ripping out the feature totally (removing RPC proxy from Add/Remove Programs etc), rebooting the server and starting again. Flush the registry changes out as well before continuing.

Simon.
0
 
herman3Author Commented:
I will try rapid ssl and also add remove the RPC. I will keep you posted. Thank you for your help.
0
 
herman3Author Commented:
I have installed a proper cert and can log on to OWA and OMA with no problems. However I am still getting the same problem as shouwn in the link above.
0
 
SembeeCommented:
You have reset the RPC Proxy element and the registry entries?

Are you conforming to the requirements - Windows 2003/Exchange 2003 on the Exchange server, Exchange pointing to a Windows 2003 GC/DC?

Simon.
0
 
herman3Author Commented:
Hi Simon

How would I reset the RPC proxy! I removed the registry enteries and reinputted them.

We are running Windows 2003 and Exchange 2003 on one server, that is also our DC.
0
 
SembeeCommented:
Remove RPC Proxy from Add/Remove Programs. Then reboot.
Make sure that the registry entries have also been removed. If not remove them and then reboot again.

Install the RPC Proxy from Add/Remove programs and put the registry entries in once again.

As you are a single server then you need to make both the Exchange Server and Domain Controller registry entries on the same server.

Simon.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

  • 10
  • 8
Tackle projects and never again get stuck behind a technical roadblock.
Join Now