Solved

Exhange over http

Posted on 2006-07-14
23
320 Views
Last Modified: 2010-07-27
My exchange over HTTP works just about everywhere except at my home.  I have COX at home and I know that they block ports 135, 25 and 445.  Why won't it work there I tought it used 443?

Wes
0
Comment
Question by:hmcnasty
  • 13
  • 5
  • 5
23 Comments
 
LVL 6

Expert Comment

by:Michael S
Comment Utility
Is your SSL certificate generated by your server's CA, or did you purchase one from a Trusted Authority?  If it was generated by your server, you need to install it on your PC at home first.

Jay
0
 

Author Comment

by:hmcnasty
Comment Utility
I think it's the one from my server but what I'm more concerned with is why it works everywhere but home other offices, clients offices, starbucks, the moon etc...  Any ideas?

Wes
0
 
LVL 6

Expert Comment

by:Michael S
Comment Utility
Try going to https://yourservername/rpc/rpcproxy.dll from your PC - do you get a Security Warning box?  If so, you don't have the certificate installed.

Jay
0
 

Author Comment

by:hmcnasty
Comment Utility
Jay,

I get a log in box. Is that what you mean?  Then if I enter my username and password  I get page can not be displayed.


0
 

Author Comment

by:hmcnasty
Comment Utility
Oh never mind I knwo what you mean...yeah I just get a windows log in.
0
 
LVL 6

Expert Comment

by:Michael S
Comment Utility
If you go to https://yourexternalsite/rpc it should prompt you for a login 3 times and give you a 401.3 error.  If you just get a Page cannot be displayed error, then something is not configured right in IIS.

But if you say you can connect outside your network everywhere else except your house, then it is probably a DNS error somewhere.  That's where I would start if that's the case.
0
 

Author Comment

by:hmcnasty
Comment Utility
I would give anything to figure this out.

Ok...if I type in https://mydomain.com/rpc is asked once then I get a page can not be displayed.  So it must not be configured properly.  I've been through this and through this and I can 't seem to get it right.  However I figure out why it works.

Wes
0
 

Author Comment

by:hmcnasty
Comment Utility
actually I get:

 You are not authorized to view this page
You might not have permission to view this directory or page using the credentials you supplied.

--------------------------------------------------------------------------------

If you believe you should be able to view this directory or page, please try to contact the Web site by using any e-mail address or phone number that may be listed on the prismsolutionsgroup.com home page.

You can click  Search to look for information on the Internet.




HTTP Error 403 - Forbidden
Internet Explorer  


But only after 1 try not 3

What do you think?

0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
Make sure that the /rpc virtual directory has integrated and basic authentication enabled - nothing else.
Also make sure that when you are prompted for a username and password in the above test, you are using the format of domain\username - not just username.

Simon
0
 

Author Comment

by:hmcnasty
Comment Utility
Simon,

I should propagate that down to the RPCproxy child node as well?

0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
I only tend to suggest that the folder is set - no other changes are required.

Simon.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 

Author Comment

by:hmcnasty
Comment Utility
SO what should the RPC proxy.dll sercurity settings be set to?

Wes
0
 
LVL 6

Accepted Solution

by:
Michael S earned 250 total points
Comment Utility
The RPC proxy file should have the same settings as the RPC virtual directory does, which is the Integrated Windows and Basic Authentication, that's it.

When you're looking at the rpcproxy.dll file in the window in IIS, right click the file and choose Browse.  Your browser should open with a 401.3 error.  Then when you change http to https, it should be a blank window with nothing showing in the window at all.
0
 

Author Comment

by:hmcnasty
Comment Utility
Ok here's where it get's strange.

I go to http://mydomain.com/rpc/rpcproxy.dll    

Then it makes me go to https.

after that I get a log in box. After I put in my credentials instead of a blank screen I get the following:

 The page cannot be displayed  
Explanation: The Web server connection was closed.

--------------------------------------------------------------------------------

Try the following:

Refresh page: Search for the page again by clicking the Refresh button. The timeout may have occurred due to Internet congestion.
Check spelling: Check that you typed the Web page address correctly. The address may have been mistyped.
Access from a link: If there is a link to the page you are looking for, try accessing the page from that link.
Contact website: You may want to contact the website administrator to make sure the Web page still exists. You can do this by using the e-mail address or phone number listed on the website home page.

--------------------------------------------------------------------------------

Technical Information (for support personnel)

Error Code 64: Host not available
Background: The connection to the Web server was lost.
 
I can't figure this out.  This seems to be where things go wrong.

Wes
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
That isn't an Exchange problem.
Do you have something in front of the Exchange server?

Simon.
0
 

Author Comment

by:hmcnasty
Comment Utility
Yes   ISA 2004


0
 

Author Comment

by:hmcnasty
Comment Utility
The RPC proxy file should have the same settings as the RPC virtual directory does, which is the Integrated Windows and Basic Authentication, that's it.

When you're looking at the rpcproxy.dll file in the window in IIS, right click the file and choose Browse.  Your browser should open with a 401.3 error.  Then when you change http to https, it should be a blank window with nothing showing in the window at all.



When I do this I get a seurity warning box.  If Iclick ok then I get a box that asked my to choose a certificate but there isn't one in the box to choose. If I hit ok I get a regular windows log in box.  Then I type in my log in and I get the blank screen.  

What does this mean?
0
 
LVL 104

Assisted Solution

by:Sembee
Sembee earned 250 total points
Comment Utility
The fact that you are getting a security warning box will mean that RPC over HTTPS will fail. Outlook cannot deal with that prompt. You need to deal with that - the usual method is to use a commercial certificate that is trusted by the machine.

The select certificate box means you have use client certificate enabled somewhere, which needs to be disabled. Could be on the ISA server, could be on the Exchange server itself.

Simon.
0
 

Author Comment

by:hmcnasty
Comment Utility
Ok that makes sense.  Thanks Simon

The thing is I'm running SBS 2003.  I tought that that would produce it's own certificate during set up.

How woudl I go about getting a certificate?  I don't have to much experience with these things.

Wes
0
 
LVL 104

Expert Comment

by:Sembee
Comment Utility
SBS does produce its own certificate. However that certificate isn't trusted by anything other than the SBS server itself.

There are guides for requesting the certificate at most of the major providers.
For this kind of job a cheap SSL Certificate from GoDaddy will be fine.
They have a guide that sits you through creating the certificate request and then installing the certificate once you have it.

Simon.
0
 
LVL 6

Expert Comment

by:Michael S
Comment Utility
If you don't want to request an SSL, you can use the one SBS installs, but you have to install it manually on each workstation that's going to be using RPC over HTTPS.
0
 

Author Comment

by:hmcnasty
Comment Utility
How come I can't see the sbs one when I get the security warning box.  Is there a way to find it on the machien somewhere?

w
0
 

Author Comment

by:hmcnasty
Comment Utility
Thank you thank you thank you ....I finally got it working.

Wes
0

Featured Post

Shouldn't all users have the same email signature?

You wouldn't let your users design their own business cards, would you? So, why do you let them design their own email signatures? Think of the damage they could be doing to your brand reputation! Choose the easy way to manage set up and add email signatures for all users.

Join & Write a Comment

Find out how to use Active Directory data for email signature management in Microsoft Exchange and Office 365.
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an Address List in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Organization >> Ad…
This video discusses moving either the default database or any database to a new volume.

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now