RPC over HTTP Client Prompt for Password over and over never connecting

I have an Exchange server which is not a Global Catalog Server.  I have tested RPC through the firewall by going to http://server.domain.com/rpc and http://server.domain.com/rpc/rpcproxy.dll per Microsoft Article 833401.  I have configured the Exchange server RPCPROXY Registry Key per http://www.amset.info/exchange/rpc-http-server.asp following the section Dual Server Installation.  Now when I open the outlook client and configure it I get prompted for authentication, I put in DomainName\UserName and my password, it then pops right backup and asks for it again and never connects to the server.  What am I missing, my single server install works flawlessly!
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Have you tested this inside?
I presume that you mean https://server.domain.com/rpc - ie over the secure connection?

There are a number of reasons for the repeated authentication prompt. They are elsewhere on my web site...

If the client machine and Outlook installation is part of the same domain as the Exchange server then you shouldn't get any username and password prompts.


Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
acasgarAuthor Commented:
Actually no we are running HTTP right now, we are waiting for the SSL Certificate.  I can replicate this issue on the server I have it working on if I change the authentication on RPC from NTLM to Basic.  If I leave it as NTLM then my RPC over HTTP works great.  The only difference in the two networks is one server is a Global Catalog server, the other is not.  In both cases the machine connecting is not a member of either domain.
Are you sure that RPC over HTTPS is working?

Outlook falls back to TCP/IP connections if it fails to make a connection over HTTPS.
You have to verify it inside using the rpcdiag switch.

I have never deployed RPC over HTTP without an SSL certificate - I believe it requires some heavy hacking around that isn't supported - therefore I doubt whether you are working correctly.

You are waiting for an SSL certificate? I can usually have mine in less than an hour after making the request.

Starting with Angular 5

Learn the essential features and functions of the popular JavaScript framework for building mobile, desktop and web applications.

acasgarAuthor Commented:
We are using NETSOL for the SSL and they said up to 24 hours.  The one server running HTTP is working flawlessly and connecting VIA HTTP not HTTPS.  I did not have to do any hacking to get it to work other than on the RPC directory has ONLY the Integrated Windows Authentication checked.  I followed Microsoft Article 833401 and it came right up without HTTPS.  You can not change Authentication to Basic on RPC if you want to use HTTP.  

I can reproduce the issue on my server (RPC over HTTP) of multiple password prompts if I change the authentication to Basic per the article and your site.
acasgarAuthor Commented:
After speaking with Microsoft they can't figure out how I got it to work using straight HTTP, the key note is that is really should be called RPC over HTTPS.  It works now that I have the SSL certificate installed.  Go figure that I got it to work using HTTP and stumped Microsoft.
acasgarAuthor Commented:
I am awarding the points to Sembee because he has an excellent website on the configuration!  Only suggestion I have for you is a sample line on the registry hacks, no spaces single line and you do NOT need to have a ; at the end of the configuration (I am not sure if that was your site I got that from or another could have been a typo).  

In my final configuration you also do NOT need to put the DC's on the Exchange server in the registry hacks, just need to point to it as its NetBIOS name and Fully qualified "Local" domain (a total of 4 entries per Microsoft Tech support, so take it with a grain of salt, all networks are different).  

Still think it is excellent site and resource on the subject.  Sembee, I am writing some documentation with screenshots for my company, if you’re interested in including parts on your site please let me know.
The registry changes are debatable.

I have seen them posted in various different formats.

However my registry changes are taken from a live server and are what I use myself when configuring the feature for my clients. I have used them just this weekend twice while building a demonstration site for a client.

Thank you for the offer on the documentation, but I have my own. Not everything I write is on the web site... some things are kept exclusive for my clients (like the OWA/OMA user guide I have written).

It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.