RPC over HTTP

RPC over HTTP is set up automatically when you run the Configure Email and Internet Connection Wizard.  It also generates a customized instruction sheet for configuring Outlook clients which you will find on the main menu page of Remote Web Workplace.  (http://servername/remote)

More details: http://msmvps.com/blogs/bradley/archive/2006/05/15/95217.aspx

Jeff
TechSoEasy

ok so I have followed instructions and it works but only if I make a new VPN connection - when connected using a VPN connection, the local settings work fine but if I put the public IP/exchange server name then it cannot resolve - do I need to open a port on my router?

You shouldn't make ANY VPN connection for RPC over HTTPS.  That defeats the whole purpose of the protocol.

You do need to make sure that port 443 is open on the Server's Router, and that you've "trusted" the SSL certificate by installing it on the remote machine per the instructions.

Also, there are TWO FQDN's that need to be entered (one of them is entered twice with a "msstd:" prefex) because the protocol proxies the connection.  You need BOTH your server.domain.local as well as the servername.domain.com per the instructions as shown here (I've just copied the pertinent parts):

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++      
4.      In the Microsoft Exchange Server box, type the local name of the Exchange server:

sbs.yourdomain.local

5.      In the User Name box, type the user name that you use to log on to the Remote Web Workplace.
                Do not click Check Name.

6.      In the Exchange Server settings page, click More Settings.

7.      On the Connection tab, under Exchange over the Internet, select Connect to my Exchange mailbox using HTTP, and then click Exchange Proxy Settings. The Exchange Proxy Settings dialog box appears.

8.      Under Use this URL to connect to my proxy server for Exchange, type the following URL:

sbs.yourdomain.com

9.      Select Connect using SSL only, and then select Mutually authenticate the session when connecting with SSL.

10.      In the Principal name for proxy server box, type the following text:

msstd:sbs.yourdomain.com

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Of course, sbs.yourdomain.com will not resolve unless you have a CNAME and A record in your publicly available DNS Zone File (usually at your ISP or domain registrar) which points the name to your SBS's External IP.  I'd assume you have this since you are already receiving mail there.

Jeff
TechSoEasy

still no joy - it says it cannot find the exchange server to resolve the name - if I go to IE and type the IP I get the company's sbs front page so I know the IP is fine.

they do not have an A record publicly so presumably I just put in their public IP address in place of it?

HELP - this is so frustrating!

Sorry, I took a couple days off!  :-)

So, yes, you would put the public IP address for steps 8 and 10, keeping your local FQDN in step 4.

However if you have a domain name (which I assume you do for email), why don't you just add a record to your public zone file pointing at your server?

(http://sbsurl.com/pop2smtp explains much of this)

Jeff
TechSoEasy

I am wondering if this is a certificate issue?  I have a cert installed on the server but a MS article suggests that this is the reason why it is not communicating with the server but I have no idea what to do about it?

http://support.microsoft.com/default.aspx?scid=kb;en-us;555261

I really need to nail this asap. :(

any ideas?

Did you follow this part of the detailed instructions?  

"   Verify that the computer trusts the certificate used by the server
     Open Internet Explorer, and then in the address bar type:
     https://sbs.yourdomain.com/remote


     If the certificate is trusted, a certificate warning does not appear.
     In this case, continue with step 1 under Ensure that you have an Outlook profile configured for the server.
     If the certificate is not trusted, a warning appears. Click View Certificate, click Install Certificate, and then follow the instructions. "


Jeff
TechSoEasy

is there ANY chance we could chat by phone? I am soooo confused!

I am only able to provide advice in this forum.  As per the membership agreement of EE, it's not appropriate to solicit employment within these forums either.  But it's really not that confusing... considering I require a 10-hour minimum engagement -- this is really not something that would take much time at all if you just follow the EXACT steps as outlined in the link on your Remote Web Workplace main menu.

I'd suggest that you print this out and check off the steps to make sure you are doing it correctly.

Jeff
TechSoEasy

.... still not working - I have checked everything and it is all correct - I have server.domainname.local in the Exchange Server Name and in the Proxy settings the ip address only.

When I open Outlook I get

The connection to the Microsoft Exchnage Server is unavailable.  Outlook must be online or connected to complete this action.

???

???? still waiting for solution - can you help any further please?

You say you have the IP address ONLY in the connection settings?  There are two boxes which need information there, the second one which is "mutually authenticate...." needs to have msstd: in front of the IP Address.  Is it there?

Jeff
TechSoEasy

yes it is there - I have all the information in all the boxes but am using IP address in bottom 2 and .local address is top 2

There are four boxes??? What version of Outlook are you using?

Jeff
TechSoEasy

sorry I mean 2 boxes - both have public Ip in them with the bottom one having the msstd:  - I have done exactly what the instructions say.  In the Exchange Server address I have put server.localdomain.local

despite installing the certificate on my PC if I reboot it still comes up prompting me for a certificate.  When I install it says it is installed successfully.

Does the certificate have the IP address as it's issuing source?

If not you need to rerun the Configure Email and Internet Connection Wizard to issue a new certificate with the IP.  Then you need to rerun the Configure Remote Access wizard.

Jeff
TechSoEasy

I get the following error when running the Remote Access Wizard:

(part of the rras txt file)

*** Running IExpress to build the package returned ERROR 80004005
*** ERROR: Cannot delete temp directory CMP1779.tmp
Specifying error location (in CMAK) returned OK
*** CRRASCommit::CommitCMAK returned ERROR 80004005
*** CRRASCommit::CommitEx returned ERROR 80004005

Just to be clear, do you mean this is from this file:
C:\Program Files\Microsoft Windows Small Business Server\Support\rraslog.txt   ??

Jeff
TechSoEasy

If you are getting those errors... then I would surmise that you installed Windows Server 2003 SP1 without Small Business Server 2003 Service Pack 1.  (or your clientapps folder has been moved from the default location).

Known issues for installing Windows Server 2003 SP1 by itself:
http://support.microsoft.com/kb/897342

I'd guess its the former, however...

You need to follow SBS's procedure for installing SP1:  http://sbsurl.com/sp1

Jeff
TechSoEasy

sp1 is installed already

will re-install now

made no difference

error is:

*** Running IExpress to build the package returned ERROR 80004005
*** ERROR: Cannot delete temp directory CMP66.tmp
Specifying error location (in CMAK) returned OK
*** CRRASCommit::CommitCMAK returned ERROR 80004005
*** CRRASCommit::CommitEx returned ERROR 80004005

I noticed IIS was not running - all working fine now.  Thanks