Solved

i have set up rpc over http and followed al the instructions. i am not using ssl just port 80 to do some testing. When I try to log on the password prompt keeps coming back. if i turn auditing on i ca

Posted on 2009-04-07
6
215 Views
Last Modified: 2012-06-27
i have set up rpc over http and followed al the instructions. i am not using ssl just port 80 to do some testing. When I try to log on the password prompt keeps coming back. if i turn auditing on i can see the user logging on so the proxy server is passing the request to the mail server but it does not appear to be going back to the client.
0
Comment
Question by:tjwoollard
6 Comments
 
LVL 4

Expert Comment

by:StefanKittel
Comment Utility
Hello,

have a look a this: http://www.petri.co.il/how-can-i-configure-rpc-over-https-on-exchange-2003-single-server-scenario.htm
You need to turn off security for some parts.

IIS tries to connect internaly to the exchange which does not support this (wired).

Stefan
0
 
LVL 3

Expert Comment

by:stealthwifi12
Comment Utility
One little trick to try before all of the below.
Login like this:
Username: DOMAIN\username
password: (enter your password here)

The trick is use the full domain\username in the username box, that will get it working.

Are you using Outlook 2003 or 2007 for this?

Be sure you Outlook account settigns are correct:
Under Account - More Settings
Connection tab ensure "Connect to Microsoft Exchange using HTTP"
Click Exchange Proxy Settings ...
Ensure your URL is correct (Un check SSL as you said you are using port 80)
Check the appropriate fas and slow network boxes (probably both need to be checked for you)

Under Proxy Authentication you should have Basic Authentication selected.
Ensure Encryption box is checked on the Security tab (better than nothing).

On the Security tab for Logon network security:
Set it to NTLM. If that does not work try Negotiate Authentication

That should do it for you. Ensure you are not blocking port 80 on your firewall (sounds like you are getting the connection screen so you should be set there) and it's forwraded to the correct server.

0
 
LVL 65

Accepted Solution

by:
Mestha earned 500 total points
Comment Utility
This feature should be called RPC over HTTPS - using an SSL certificate is pretty much mandatory. While there are people who claim to get it working on HTTP, it is not supported and is a lot of work. While I appreciate that you are testing it, you really need to deploy it as designed - using a commercial SSL certificate. It will save you a lot of headaches in getting it to work because everything is expecting to work over port 443 - Outlook included.
A self signed certificate is not enough, that will cause you as many headaches, it needs to be a trusted certificate.
RapidSSL do trial 30 day certificates, but the cheapest ongoing is GoDaddy: https://CertificatesForExchange.com/

Simon.
0
How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

 
LVL 3

Expert Comment

by:stealthwifi12
Comment Utility
I have done with Self Signed certificate and it is not much more of a headache, I currently have a small branch office running that way. Work great.
0
 

Author Comment

by:tjwoollard
Comment Utility
i have just read this :-

IIS authenticates the HTTP request using Basic authentication or NTLM authentication, depending on the Outlook profile setting. After IIS authenticates the request, it sends the request to RpcProxy.dll. RpcProxy.dll only accepts authenticated requests. Even if IIS is configured to allow anonymous users, RpcProxy.dll does not forward an anonymous request to the Exchange server. Additionally, RpcProxy.dll only accepts HTTP requests over SSL. If the HTTP session does not use SSL, RpcProxy.dll blocks the request

It clearly states I must use SSL so am I wasing my time trying to use port 80 ?
0
 
LVL 65

Expert Comment

by:Mestha
Comment Utility
As I wrote above - you are wasting your time trying to get it work on port 80.
While it is possible to get the feature to work on self signed certificates, I don't see the point in doing so. I can get this feature to work, from scratch, in less than 30 minutes, including the time to get an SSL certificate. Now I don't know about how much people's time is worth, but the hours getting it to work with a self signed certificate, then talking remote people through the certificate installation, then repeating it when that certificate expires makes it a no brainer in my eyes. A certificate costs US$30/year!

Simon.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

This process describes the steps required to Import and Export data from and to .pst files using Exchange 2010. We can use these steps to export data from a user to a .pst file, import data back to the same or a different user, or even import data t…
Learn to move / copy / export exchange contacts to iPhone without using any software. Also see the issues in configuration of exchange with iPhone to migrate contacts.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now