Solved

RPC OVER HTTPS

Posted on 2006-11-21
20
488 Views
Last Modified: 2010-04-19
hey guys i need help  i have windows sbs 2003 and it brought exchange, ive been trying to setup rpc over http, ive read a couple of articles and followed the instructions to the t . but still nothing, im learning exchange and well got the rest working accept this,  heres what i have done so far

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy]
"ValidPorts"="server:100-5000;
exchange:6001-6002;
exchange:6004;
exchange.test.local:6001-6002;
exchange.test.local:6004;
externaldomain.com:6001-6002;
externaldomain.com:6004;"

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters]
"NSPI Interface protocol sequences"=hex(7):6e,00,63,00,61,00,63,00,6e,00,5f,00,\
  68,00,74,00,74,00,70,00,3a,00,36,00,30,00,30,00,34,00,00,00,00,00

im using a selfsigned cert, and i have it trusted on my local pc
0
Comment
Question by:efrenmartinez
  • 11
  • 9
20 Comments
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17990757
There are no articles to read, and there is nothing to set up other than running the Configure Email and Internet Connection Wizard (CEICW -- which is linked as Connect to the Internet in the Server Management Console > Internet and Email) and enabling "Outlook via the Internet".

Then, open your Remote Web Workplace and look on the Main Menu for the link which says "Configure Outlook via the Internet" which will have specific instructions on how to configure Outlook with your server's settings.

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 17991001
done that , but i still connect via tcp/ip and not via https
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17991461
What do you mean?  When you add an Exchange Mail Account to Outlook 2003 on a remote PC, then you will configure the connection according to the instructions.

Your comment stating that you connect via tcp/ip versus https doesn't make sense.  https uses tcp/ip.

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 17991811
on the client side i configured exchange over the internet, put in the ip of the server which also happends to be on the cert,  i run   outlook.exe /rpcdiag  and i get the connection as tcp/ip, ive read a bunch of articles and they say it should say  https, im going crazy here lol
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17992045
Well, just for a minute, please ignore all those articles you read and help me to help you.

When you run the /rpcdiag, what does it say under "Server Name"?

Also, you say that you "put in the ip of the server".  Where did you do this?  Because, if your Exchange Server is configured for SMTP email, it must have a FQDN pointing to it.  Or are you using the POP3 Connector on Exchange?

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 17995342
ok, so i re did the exchange heres the current settings took screen shots of it

http://www.pcbnetworkinc.com/cert.bmp <--- test machine windows xp pro sp2

http://www.pcbnetworkinc.com/outlook.bmp  <--- test machine windows xp pro sp2

http://www.pcbnetworkinc.com/outlook2.bmp  <--- test machine windows xp pro sp2

http://www.pcbnetworkinc.com/outlook3.bmp  <--- test machine windows xp pro sp2

http://www.pcbnetworkinc.com/ipconfig.bmp   <-- servers

=]
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 17996882
Well, this really isn't a valid configuration.  I do realize that you are trying to test things out, but as I stated before, if you don't have a FQDN (ie, server.domain.com) then you don't really have SMTP email operating.

Your server doen't actually have an EXTERNAL connection, so you are connecting over it's LAN IP.

Can you please explain what you are trying to test here?  Because you don't actually have the ability to connect from a remote comptuer... so I'm a bit confused.

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 17998820
can you please tell me the steps needed for me to get this working,  i can get a (server.domain.com)  where do i point it?
0
 
LVL 74

Accepted Solution

by:
Jeffrey Kane - TechSoEasy earned 500 total points
ID: 18000312
How is your server connected to the Internet?  It's not apparent from your IPCONFIG /ALL that you have any Internet connection at all.

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 18007861
ok, i modifed the server network card heres the new info, im also connected behind a soho firewall ive open the pors to let the information in

IP ADDRESS  = 172.16.111.4
SUB = 255.255.255.0
GATEWAY= 172.16.111.1
DNS = 172.16.111.1
WINS SERVER = 172.16.111.4
0
Enabling OSINT in Activity Based Intelligence

Activity based intelligence (ABI) requires access to all available sources of data. Recorded Future allows analysts to observe structured data on the open, deep, and dark web.

 

Author Comment

by:efrenmartinez
ID: 18008147
I GOT IT WORKING  YAY!!!!!!!!!!!!!!!!!!!!!!!!!!!!!  HERES WHAT I DID

-Server-
i went to iis and checked the rpc access, it had it on passport dont know why,  i changed it to basic authentication and i also checked intregrated windows authentication, then clicked on Default domain.


-Client-

to logon in for user name   test.local\name
0
 

Author Comment

by:efrenmartinez
ID: 18008163
thnx  jeff for all your help and i hope you had a good thanks giving   =]
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18008186
HUH?  Why did you change the DNS server on your NIC?  You need to have it set as the SBS's IP, not your router's.  I mearly asked you how it was connected... I didn't state that you needed to change anything... please change it back.

Also, in the future when you need to post something like an IPCONFIG /ALL,  open a command prompt and enter IPCONFIG /ALL.  Then, right click on the title bar of that window to access edit > select all, then hit the ENTER key to copy.  You can paste to notepad and edit if you like... before pasting it into your post.  This works much better than images, and it will provide more complete information.

Just so we are clear, the following ports are what needs to be open on your firewall/router:

25 - SMTP
443 - HTTPS (for RWW and OWA)
444 - SharePoint
1723 - PPTP VPN
3389 - RDP for remote administration
4125 - Remote Web Workplace

After opening these, you MUST run the CEICW as noted above.  A visual how-to is here:  http://sbsurl.com/ceicw and a full networking overview for SBS is at http://sbsurl.com/msicw

Within that wizard you'll see a "more information" button on each screen that has invaluable help in deciding which options to select.  
Be sure to check those out as well.

What it looks like you are doing is using your INTERNAL IP Address in this wizard for the SSL Certificate.  172.16.111.4 is not a routable IP address.  You cannot reach this address from outside your LAN.  You must use your EXTERNAL IP address here.  This is why I asked how you are connected to the Internet.  If your external IP is not static (meaning it changes), then you must use a Dynamic IP Service to create a FQDN that you can use to access your server from the Internet.  (Such as DynDNS.org).  If you register your own name and have a STATIC IP address, then you would point that FQDN (server.domain.com) to your STATIC EXTERNAL IP.

Details of all of these things are in http://sbsurl.com/net101

Jeff
TechSoEasy

0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18008190
So, you are only testing this from INSIDE your LAN?  That's not really a test of RPC over HTTPS, just fyi.

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 18008376
yea i tested it on lan and also wan  heres the results

http://www.pcbnetworkinc.com/outlookworking.bmp

also yea i got it all working now in lan and wan =]~  , as for the fqdn  i made a sub-domain and played with the dns settings recreated a type a record and pointed it to my server.


quick question, if i put the ipadress of the server on the dns part i lose internet =[.
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18008901
"as for the fqdn  i made a sub-domain and played with the dns settings recreated a type a record and pointed it to my server."

Where did you make this sub-domain, and what dns settings were you changing?

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 18020304
the subdomain i made it via the company we bought the domain name, i use it for testing purposes , there was a setting that said advanced dns settings then i saw a option which said A record and i enter the ip of the server
0
 

Author Comment

by:efrenmartinez
ID: 18020312
o is there any other way not to enter  username: exchange\administrator  when connecting to the exchange server via outlook ?
0
 
LVL 74

Expert Comment

by:Jeffrey Kane - TechSoEasy
ID: 18025198
You shouldn't be using exchange\administrator because there's no such thing as a local account on an SBS.  Therefore, if anything it would be test\administrator because your domain name is "test".

Jeff
TechSoEasy
0
 

Author Comment

by:efrenmartinez
ID: 18028941
ok cool i got it  =]~  . thanks man, i have learned alot hehe
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

A lot of problems and solutions are available on the net for the error message "Source server does not meet minimum requirements for migration" while performing a migration from Small Business Server 2003 to SBS 2008. This error pops up just before …
This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now