acasgar
asked on
RPC over HTTP Client Prompt for Password over and over never connecting
I have an Exchange server which is not a Global Catalog Server. I have tested RPC through the firewall by going to http://server.domain.com/rpc and http://server.domain.com/rpc/rpcproxy.dll per Microsoft Article 833401. I have configured the Exchange server RPCPROXY Registry Key per http://www.amset.info/exchange/rpc-http-server.asp following the section Dual Server Installation. Now when I open the outlook client and configure it I get prompted for authentication, I put in DomainName\UserName and my password, it then pops right backup and asks for it again and never connects to the server. What am I missing, my single server install works flawlessly!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Are you sure that RPC over HTTPS is working?
Outlook falls back to TCP/IP connections if it fails to make a connection over HTTPS.
You have to verify it inside using the rpcdiag switch.
I have never deployed RPC over HTTP without an SSL certificate - I believe it requires some heavy hacking around that isn't supported - therefore I doubt whether you are working correctly.
You are waiting for an SSL certificate? I can usually have mine in less than an hour after making the request.
Simon.
Outlook falls back to TCP/IP connections if it fails to make a connection over HTTPS.
You have to verify it inside using the rpcdiag switch.
I have never deployed RPC over HTTP without an SSL certificate - I believe it requires some heavy hacking around that isn't supported - therefore I doubt whether you are working correctly.
You are waiting for an SSL certificate? I can usually have mine in less than an hour after making the request.
Simon.
ASKER
We are using NETSOL for the SSL and they said up to 24 hours. The one server running HTTP is working flawlessly and connecting VIA HTTP not HTTPS. I did not have to do any hacking to get it to work other than on the RPC directory has ONLY the Integrated Windows Authentication checked. I followed Microsoft Article 833401 and it came right up without HTTPS. You can not change Authentication to Basic on RPC if you want to use HTTP.
I can reproduce the issue on my server (RPC over HTTP) of multiple password prompts if I change the authentication to Basic per the article and your site.
I can reproduce the issue on my server (RPC over HTTP) of multiple password prompts if I change the authentication to Basic per the article and your site.
ASKER
After speaking with Microsoft they can't figure out how I got it to work using straight HTTP, the key note is that is really should be called RPC over HTTPS. It works now that I have the SSL certificate installed. Go figure that I got it to work using HTTP and stumped Microsoft.
ASKER
I am awarding the points to Sembee because he has an excellent website on the configuration! Only suggestion I have for you is a sample line on the registry hacks, no spaces single line and you do NOT need to have a ; at the end of the configuration (I am not sure if that was your site I got that from or another could have been a typo).
In my final configuration you also do NOT need to put the DC's on the Exchange server in the registry hacks, just need to point to it as its NetBIOS name and Fully qualified "Local" domain (a total of 4 entries per Microsoft Tech support, so take it with a grain of salt, all networks are different).
Still think it is excellent site and resource on the subject. Sembee, I am writing some documentation with screenshots for my company, if you’re interested in including parts on your site please let me know.
In my final configuration you also do NOT need to put the DC's on the Exchange server in the registry hacks, just need to point to it as its NetBIOS name and Fully qualified "Local" domain (a total of 4 entries per Microsoft Tech support, so take it with a grain of salt, all networks are different).
Still think it is excellent site and resource on the subject. Sembee, I am writing some documentation with screenshots for my company, if you’re interested in including parts on your site please let me know.
The registry changes are debatable.
I have seen them posted in various different formats.
However my registry changes are taken from a live server and are what I use myself when configuring the feature for my clients. I have used them just this weekend twice while building a demonstration site for a client.
Thank you for the offer on the documentation, but I have my own. Not everything I write is on the web site... some things are kept exclusive for my clients (like the OWA/OMA user guide I have written).
Simon.
I have seen them posted in various different formats.
However my registry changes are taken from a live server and are what I use myself when configuring the feature for my clients. I have used them just this weekend twice while building a demonstration site for a client.
Thank you for the offer on the documentation, but I have my own. Not everything I write is on the web site... some things are kept exclusive for my clients (like the OWA/OMA user guide I have written).
Simon.
ASKER