AboutPricingCommunityTeamsStart Free TrialLog in
Avatar of PTVenom
PTVenom
 asked on

Cannot connect using RPC over HTTPS, Keeps prompting for username and password

i am having issues connecting to my Exchange server via RPC over HTTPS.  This was working for over two years, and for some reason or another, it is now not authenticating clients trying to logon.  They are repeatedly prompted for usaername and password.  Things I have tested and verified:
1.  OWA is working correctly.  I can successfully authenticate and logon.
2. Browsing to HTTPS://DNS_Servername/rpc in IE responds with "401.3 error message".
3. Permissions on the RPC virtual directory are set to Integrated and Basic only. Anonymous access is disabled.
4. The "Home Directory" tab, the directory is set to use the "DefaultAppPool" (whichwhich is greyed out) and is also set to Scripts and Executables.
5. Using RPCPING utility gives me the correct response using the following command line arguments:
"rpcping -t ncacn_http -s ExchServer -o RpcProxy=RPCProxyServer -P "user,domain,*" -I "user,domain,*" -H 2 -u 10 -a connect -F 3 -v 3 -E -R none"

RPCPinging proxy server SERVER_NAME with Echo Request Packet
Sending ping to server
Response from server received: 200
Pinging successfully completed in 1498 ms

6. I am using selfSSL for the certificate and have NEVER had an issue previously.  I have recreated the cert more than 5 times now to no resolution.

  So now I am at my wits end trying to resolve this issue.  The server is configured as follows:
Windows SBS 2003 sp2
Exchange 2003 sp2
HP Proliant ML350
Xeon 3Ghz proc
2 GB Ram
C:\  35GB
D:\  72GB
Also using a Linksys Router for testing purposes.

Any more info needed please ask.
I am in a bind here so quick responses would be great.
SBSExchangeWindows Server 2003
Avatar of undefined
Last Comment
PTVenom
8/22/2022 - Mon
Sembee
I never recommend using a self generated certificate.
As this is SBS, have you re-run the Connect to the Internet and Email wizard to ensure that the settings are correct? You should not be trying to change things manually. Then follow the instructions for Outlook over the Internet in RWW.

Simon.
PTVenom
ASKER
OK, i have installed the RapidSSl free Cert, and now when performing the RPCPing test to Port:6001, Using this comman;
C:\Program Files\Windows Resource Kits\Tools>rpcping -t ncacn_http -s server1.domain.local -o RpcProxy=mail.FQDN.org -P "UName,Domain.local,*" -I "UName,domain.local,*" -H 1 -F 3 -a connect -u 10 -v 3 -e 6001 -B msstd:FQDN

I recieve  the following:
>>>>Exception 5 (0x00000005)<<<<
Number of records is: 2
ProcessID is 7252
System Time is: 4/10/2008 19:31:31:726
Generating component is 14
Status is 5
Detection location is 1398
Flags is 0
NumberOfParameters is 2
Long val: 4
Long val: 5
ProcessID is 7252
System Time is: 4/10/2008 19:31:31:726
Generating component is 13
Status is 5
Detection location is 1418
Flags is 0
NumberOfParameters is 0

This error specifies the following:
You receive this response when you have incorrect P credentials, you have incorrect I credentials, if the user account is disabled, or if the Mutual Authorization failed. For more details about this response, use the E argument.

Now i'm confused, as this account has been verified via OWA.
PTVenom
ASKER
Stupid question, how do I enable logging to view the connection status of RPC on the exchange server?
Experts Exchange has (a) saved my job multiple times, (b) saved me hours, days, and even weeks of work, and often (c) makes me look like a superhero! This place is MAGIC!
Walt Forbes
ASKER CERTIFIED SOLUTION
Sembee
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
PTVenom
ASKER
No, I get a login screen, and i login and get the 401.3 error. (mentioned above).
PTVenom
ASKER
Ok, I installed a Real Certificate from rapidSSL, and now I get the following error:
  "There is a problem with the proxy server's security certificate.  the name on the security certificate is invalid or does not match the name of the target site Mail.Server.org."
  "Outlook is unable to connect to the proxy server. (error code 0)"
 
 i have deleted the certificates related to this in IE, and Cleared the CACHE as well, but still this error.
PTVenom
ASKER
 RESOLVED!!  I rebooted the Server, checked with another SBS server that I have running and working, and needed to modify some of the registry keys, Rebooted the server again, and I am in with multiple user accounts.  Thanks for all your help Sembee.
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
Plans and Pricing
Resources
Product
Podcasts
Careers
Contact Us
Teams
Certified Expert Program
Credly Partnership
Udemy Partnership
Privacy Policy
Terms of Use

© 1996-2023 Experts Exchange, LLC. All rights reserved. Covered by US Patent