Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


RPC over HTTP- client issues.

Posted on 2006-10-30
Medium Priority
Last Modified: 2012-06-21
I'm currently at one of our branch sites trying to get RPC over HTTP
to work on an Outlook 2003 client and haven't had any success.  

As far as I'm aware I'm using exactly the same settings on the
client that I'm using on my own laptop.  My laptop is connecting fine using RPC
over HTTP, but other clients at the remote site are not.

Exchange has been set up using a Front End / Back End Topology.
I've browsed to https://External.FQDN/rpc from the remote site,
have been prompted for credentials and received the "read access denied"
message which apparently is a good sign that everything's working at the
server end.

I've attempted to install a SSL certificate on one of the XP clients having the trouble-
I just copied the certificate being used on our Front End server to the client's
desktop, right clicked and selected "install certificate".  Not sure if this
is the way to do it, but it doesn't seem to have worked in any case.

The remote sites are on a separate domain to the central office where the Exchange
servers live.  I thought this may have been the problem but after joining the remote
client to a temporary workgroup the problem persisted.  My home computer (separate again
to laptop) connects fine to the exchange server using RPC over HTTP, and it is just
on a local workgroup.  

Summary of client settings used (these work on my laptop, but not on clients at remote site):

Microsoft Exchnage server: internal name of Back End server.
Exchange Proxy Settings:
      Use this url to connect to my proxy = external FQDN used for OWA / SSL certificate.
      Mutually authenticate is ticked, with the following entry below it:
            msstd:external FQDN of OWA site.
      Basic Authentication is selected in the bottom drop down box.

At the remote site, when I run outlook /rpcdiag I get the no real output, just:

Server Name            Type            Conn      Status

----                             Directory            ---      Connecting

InternalExchangeSrvName      Referral            ---      Connecting

..these two entries then disappear, then I get a popup saying "Your Microsoft Exchange server is

To me it looks like this has to be a client issue- but I don't know where to begin.  Any help would be great.

Question by:farfo
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
LVL 104

Expert Comment

ID: 17841068
Is the certificate a home grown certificate or a purchased certificate?
If it is a home grown certificate then I strongly advise switching to a purchased certificate, particularly if you are going to be using this with clients who are off the domain.

When you browse to the /rpc virtual directory from one of the clients with a problem, do you get a certificate prompt? Does the padlock icon appear at all?


Author Comment

ID: 17841355
Thanks Simon.  Certificate = Home grown.  Do you have any recommednations for the purchased type?

From memory I did get a certificate prompt on the problem machine- one exclamation marke on top then two green ticks.  Pretty sure I would have got a padlock but not 100%- can get back to you (I'm off site now).

Regarding certificates are you able to tell me what the proper procedure is for installing a certificate on an XP client (i.e. homegrown or otherwise)?

Also- I found this link: http://www.msexchange.org/tutorials/outlookrpchttp.html
In the intro it makes a repeated point that the initial set up on the client needs to be done with the client on the
internal network.  Could this be contributing to my problem at the remote site?  It doesn't really explain why I
can connect without problems from my home machine- but then again I'm pretty sure I connected it to our office's
VPN at some point when I was trying to get RPC over HTTPS to work.
LVL 104

Accepted Solution

Sembee earned 2000 total points
ID: 17841373
If you are getting certificate prompts then this feature will fail. End of Story. RPC over HTTPS cannot deal with certificate prompts.

I never use home grown certificates except in the lab, when I move a file around for them. For a commercial deployment you should use purchased certificates. This is becoming even more important with the built in security features in Internet Explorer 7.0 - which flags home grown certificates.

For Exchange type deployments I use one of two suppliers. For .com/.net/.org you can use GoDaddy. For any other domain (including those) I use RapidSSL (http://www.rapidssl.com).

The setting up of the client on the LAN is a common misconception, but if you had to do that, how would the hosted Exchange operators work? Your machine isn't on their LAN with that type of service.
It can be done off LAN, it just a little more fiddly.



Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will help to fix the below error for MS Exchange server 2010 I. Out Of office not working II. Certificate error "name on the security certificate is invalid or does not match the name of the site" III. Make Internal URLs and External…
The main intent of this article is to make you aware of ‘Exchange fail to mount’ error, its effects, causes, and solution.
In this video we show how to create a Contact in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Contact ta…
In this video we show how to create a mailbox database in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Servers >> Data…
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question