Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 509
  • Last Modified:

RPC not connecting

I am trying to get RPC over HTTP to work.  I have set up 3 or 4 of these systems and have not had ay issues untill now.

System info:
Server 2003 SBE R2
Single Server running Exchange
Cable Internet with static IP

OWA works perfectly using Forms based auth. with SSL.  Outlook works fine inside but will not use HTTP.  I have outlook set to use RPC and is set to use it on slow and fast conecctions but it will not use it.  I have checked the registry keys for the port information.  I have run through the IIS setting and have double checked the Router configuration and everyting seems to be in order.  Does anyone have any ideas where to start trouble shooting?  I have tried to use the RPC ping utility but have had no luck getting it to work.  Any help would be apperciated!!
3 Solutions
What server name are you putting into outlook?

If it is something like server.domain.com, which it should be, then try browsing to https://server.domain.com/rpc and tell me what comes up.

There should be a username and password box (don't bother entering details) and NO certificate prompt.  If you do not get that, then open the command prompt and ping server.domain.com - does it come back with your internal or external IP?
hamel01Author Commented:
for the RPC settings i have mail.server.com and msstd:mail.server.com  i did not try the browsing.  I am moving the server now and as soon as i get it back up i will try.
I expect that it is an internal name resolution problem.

Apparently the SBS' Expert opinion on this is to "deal with it and let it fail over to TCP" but that, in my opinion, is stupid (how can you test that it works!)

So, to resolve this, you will need to use SplitDNS -> http://www.amset.info/netadmin/split-dns.asp

Create a Zone on your server for your real domain, and add Mail as a host (and WWW or whatever other servers you have).

Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

hamel01Author Commented:
That is what i am thinking also but what would be the explanation for it not working outside of the network?  You are correct in saying it is failing over to TCP but when it is external, TCP is not an option.  On the other systems i have, i have done this same thing with the split DNS.  Since this is done internally would it really help the external connections?
So, do you have a name resolution problem?

Let's get it working inside, then worry about outside.

One thing I have seen in testing, is that IIS security CAN do stupid things.  The SBS CEICWizard should configure it properly - have you been using the wizards on this server?
Jeffrey Kane - TechSoEasyPrincipal ConsultantCommented:
Interesting... you've said you did all those things but did not once say you ran the Configure Email and Internet Connection Wizard (CEICW -- linked as "Connect to the Internet on the To-Do list in the Server Management Console) -- which red just mentioned as well.

You need to run this and enable "Outlook over the Internet" in the services configuration screen.

A visual how-to for that is here:  http://sbsurl.com/ceicw

Also, you will find customized instructions that are EXACT for your configuration on the Remote Web Workplace main menu.  Just go to http://localhost/remote on the server to access this.

hamel01Author Commented:
OK i have done the split DNS and i had run through the configuration wizard.  Sorry i didn't mention that.  I think i have narrowed the problem down to useing the home grown SSL cert.  Because of it being home grown you get a error everytime you try to connect to the server websites.  I am guessing this is causing the problem.  I will get a verisign cert if that is the case but are there any cheaper ones that will not cause the error regarding a untrusted cert.?
You don't need to buy one of Verisign's over priced under spec certificates. There is plenty of choice that will work.

RapidSSL: US$60 a year. They have a 30 day trial certificate if you want to see how the process works.  http://www.rapidssl.com/
Instant SSL: US$70 a year depending on source http://www.instantssl.com/ 
GoDaddy: US$20 a year http://www.certificatesforexchange.com/ 

Both GoDaddy and InstantSSL can supply certificates that are compatible with Windows Mobile 5 and higher. GoDaddy by default, Instant SSL you have to ask for it. if you were thinking of using Exchange ActiveSync for push then that is something that you might want to consider.

You can also install the certificate so that you do not get the prompt.  Why you waited until now to tell us you were getting certificate errors, when I asked in my first post, is a little worrying.
hamel01Author Commented:
Well after all of this I have it working.  It was a combination of the DNS and vertificate error.  I'm sorry redseatechnologies that I did not write that earlier.  It was late and I had been working on it for a while and it just slipped my mind.  We could of done without your comment though, I am sorry that I am not as perfect as you are!
Welcome to the list

Featured Post

Upgrade your Question Security!

Your question, your audience. Choose who sees your identity—and your question—with question security.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now