Solved

RPC over HTTP to Exchange cluster

Posted on 2007-12-03
7
1,175 Views
Last Modified: 2012-05-05
Hi
We've been running Exchange in a cluster for a while now and we would like to get RPC over HTTP to work. OWA amd mobile synch is already running. They do not use HTTPS and we thought we'd get RPC over HTTP to work without certificates first.
Like hundreds before me I've tried following the recipies online, without any luck. Can't even get it to work in the LAN.

Our setup:
Firewall : Ports 80 and 443 open to domains external IP-adress, routed to exchange servers (SC2)  internal IP.

Exchange server: Two Windows 2003 SP2 Enterprise Edition servers (S1 and S2) in a cluster (SC2).
S2 is the standard physical server that owns the Exchange services whith S1 taking over in case of emergency.

Domain Controller: Two Windows 2003 SP2 Standard Edition. (D1 and D2)

The way I thought I'd set it up was to set Exchange server (SC2) as a back-end server in the Exchange System Manager, and connect directly to this server via RPC over HTTP on port 80.
In the IIS I have noticed though that the RPC "directory" was created in Default Web Site while the rest of exchange ones are in "Exchange Virtual Server (SC2)" Have tried making another RPC in the virtual server without any luck.

The RPC Directory Security is set to not allow anonymous access, Integrated and Basic authentication.
In the registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy: Valid Ports" on the Exchange server (SC2) I set ports 593,6001-6002, and 6004 to different combinations of exchange server (SC2) and DC1 and DC2 with and without local domain. Also same ports to external domain.

On both DC in registry key "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters" i set "NSPI interface protocol sequences"  to "ncacn_http:6004"

I have tried testing on a Windows Vista PC with outlook 2007. In the exchange proxy settings I have set "http://mail.externaldomain.com" as proxy server for exchange, no SSL, ticked to use HTTP first and NTLM authentication.
When trying to run outlook.exe /rpcdiag it tries to connect to SC2.internaldomain.com and all I get is window askin for username and password to the exchange server. Whatever I enter this just pops back with no error message. Haven't been able to find anything useful in any of the server logs either.

Does anyone have any experience with the same setup as I'm trying to get to work, or have an idea of where I'm going wrong? Don't quite know where and how to start testing to pin down the error.

Any assistance will be greatly appreciated :)






0
Comment
Question by:heilage
7 Comments
 
LVL 6

Expert Comment

by:msghaleb
Comment Utility
Please download this Doc. and read it, it's very long but you will need may be 10% of it to get it working.

http://www.microsoft.com/downloads/details.aspx?FamilyId=F7D2D6E5-579F-4779-A6B8-7EF931EC02A5&displaylang=en

MG
0
 
LVL 104

Accepted Solution

by:
Sembee earned 500 total points
Comment Utility
First - RPC over HTTPS cannot be used without an SSL certificate. There are few unsupported workarounds, but they are exactly that - unsupported. Otherwise the feature is expecting to use HTTPS.

Do you not have a frontend server? If you are using a cluster I would have thought you would have a frontend server. If you do, that makes things much easier to deploy, rather than hacking around with the registry.

It looks like you have everything configured, except for the lack of an SSL certificate. Don't try and waste your time with a self generated SSL certificate. Get a trial certificate from RapidSSL.com to test it with before purchasing a certificate.

Simon.
0
 
LVL 22

Expert Comment

by:ATIG
Comment Utility
I would also not recommend doing so since your credentials will be sent accross in plain text if using basic Auth...
0
Do email signature updates give you a headache?

Do you feel like all of your time is spent managing email signatures? Too busy to visit every user’s desk to make updates? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today!

 
LVL 1

Author Comment

by:heilage
Comment Utility
Thanks for the prompt replies.

No we don't have a front end server.
I will try with a 3rd party certificate next and see how it works out.
Will keep you posted :)
0
 
LVL 1

Author Closing Comment

by:heilage
Comment Utility
Hi again
Worked like a charm after I bought a certificate. Really angry with myself now for working for days trying to get it to work without SSL. For some reason I thought that would be easier to configure, and that I could just add the certificate later.

Thanks again :)
0
 
LVL 7

Expert Comment

by:ingetic
Comment Utility
have you resolved your issue  ?

0
 
LVL 1

Author Comment

by:heilage
Comment Utility
Hi
Yes the issue was resolved. My problem was that I was trying to make it work without an SSL certificate. Once I bought one of those it worked like a charm.

0

Featured Post

Do email signature updates give you a headache?

Do you feel like you are constantly making changes to email signatures? Are the images not formatting how you want them to? Want high-quality HTML signatures on all devices, including on mobiles and Macs? Then, let Exclaimer solve all your email signature problems today.

Join & Write a Comment

"Migrate" an SMTP relay receive connector to a new server using info from an old server.
Local Continuous Replication is a cost effective and quick way of backing up Exchange server data. The following article describes the steps required to configure Local Continuous Replication. Also, the article tells you how to restore from a backup…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now