• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1703
  • Last Modified:

RPC HTTPS FQDN Help!

What we are attempting to achieve is to have OUTLOOK users connect to Exchange using RPC and HTTPS.

Setup:

Exchange SP1

What is done so far from http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm

1.      I installed the RPC component on EXCHANGE SP1 and I see RPC and RPCWITHCERT under IIS.

2.      When I browse the RPC virtual directory, it prompted me for a login 3 times and afterwards returns back a HTTP 401.3 Error. This is normal?

3.      A SSL cert is installed from VERISIGN and it is working perfectly for OWA at https://mail.domain.com internally and extenrally

4.      I used  RPCNoFrontEnd from http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm to changed the ports.

Questions:

What is my FQDN?

When I ipconfig/all it is ex.internal.local

My OWA is https://mail.domain.com

What should I put in OUTLOOK to connect thru HTTPS?

Or Am i missing something else?

Thanks in advance!

0
ethanfox
Asked:
ethanfox
  • 3
  • 3
1 Solution
 
poweruser32Commented:
it should be mail.domain.com -the name that it is known as on the internet
0
 
SembeeCommented:
Any reason you are not on Exchange 2003 SP2?
Do you meet the requirements for RPC over HTTPS?

Exchange 2003 on Windows 2003
Domain is at least mixed Windows 2003 with at least one Windows 2003 DC/GC.
Have you made the registry change on the domain controller as well?

The error on the virtual directory is normal. It is used to test for certificate prompts. If you get a certificate prompt then the feature will not work.

The FQDN is what your certificate is issued to. If your certificate is mail.domain.com then that is what you put in to Outlook.

Simon.
0
 
ethanfoxAuthor Commented:
Yes, I'm Sorry...I am on Exchange SP2

Should I install the RPC component on the DC as well?

How should I test afterward? RPCPING from a client computer?

Thanks!
0
Making Bulk Changes to Active Directory

Watch this video to see how easy it is to make mass changes to Active Directory from an external text file without using complicated scripts.

 
SembeeCommented:
You do not need the RPC component on the domain controller. However if this is a single Exchange server deployment then you do need to make a single registry change on the DC for the feature to work.

I don't bother with any other testing apart from browsing to the virtual directory. The feature either works or it doesn't. Once I have made the registry changes, I simply adjust the Outlook client. Take a client configured in the usual way and test. Once you know Outlook is working, add the additional settings that RPC over HTTPS requires. Do not change your usual settings - just add. Then test again, using the rpcdiag switch on Outlook to confirm if the feature is working or not.

Simon.
0
 
ethanfoxAuthor Commented:
Yes!

I did the Registry change on the DC. Tested with outlook.exe /rpcdiag and im connecting thru HTTPS now.

Thanks for the quick response Simon!

0
 
ethanfoxAuthor Commented:
How do connect thru TCP/IP when I'm internal now?

Or should I leave it to connect thru HTTPS internal and external?

Thanks again!
0
 
SembeeCommented:
I always set RPC over HTTPS to work with HTTPS whether inside or outside. The users can come and go as required and it has no impact on the performance of Exchange or Outlook.

Simon.
0

Featured Post

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now