Michael S
asked on
RPC over HTTP Outlook 2007 Exchange 2003
I use Outlook 2007 with Exchange 2003 SP2, and yesterday RPC over HTTP just stopped working all of a sudden. I started getting Security Alerts for autodiscover, pointing to myregisteredsite.com. So I changed our DNS so there were no wildcards thinking this would help. I even removed the split-DNS our server was using just to see if it made a difference, but it hasn't helped. The server is SBS Standard with SP2.
I've run the Internet Connection Wizard several times, removed and replaced the Outlook profile, removed and replaced the cert, which is a 3rd party cert from GoDaddy, and I get as far as /rpcdiag showing the Directory connecting fine with HTTPS but the Mail or Public Folders not showing up at all.
What could have happened to cause this mess?
I've run the Internet Connection Wizard several times, removed and replaced the Outlook profile, removed and replaced the cert, which is a 3rd party cert from GoDaddy, and I get as far as /rpcdiag showing the Directory connecting fine with HTTPS but the Mail or Public Folders not showing up at all.
What could have happened to cause this mess?
When you browse to the exchange server, can you get to web outlook without any certificate errors?
Hi,
Please use the tool www.testexchangeconnectivity.com and check where is it stoping
i belive it is stoping to connect with the global catalog server
1.Please check this registery entry on the global catalog server if it is not there please add it and reboot the Global catalog server
HKLM\System\CurrentControl Set\Servic es\NTDS\Pa rameters
-- Type: REG_MULTI_SZ
-- Name: NSPI interface protocol sequences
-- Value: ncacn_http:6004
2. "Configure ValidPorts registry key: on the CAS server
- HKLM\Software\Microsoft\RP C\RPCProxy
-- Type: REG_SZ
-- Name: ValidPorts
-- Value: cv-mail: 6001-6002;cv-mail.civicven tures.org: 6001-6002; cv-mail:6004;cv- mail.civicventures.org:600 4
Please use the tool www.testexchangeconnectivity.com and check where is it stoping
i belive it is stoping to connect with the global catalog server
1.Please check this registery entry on the global catalog server if it is not there please add it and reboot the Global catalog server
HKLM\System\CurrentControl
-- Type: REG_MULTI_SZ
-- Name: NSPI interface protocol sequences
-- Value: ncacn_http:6004
2. "Configure ValidPorts registry key: on the CAS server
- HKLM\Software\Microsoft\RP
-- Type: REG_SZ
-- Name: ValidPorts
-- Value: cv-mail: 6001-6002;cv-mail.civicven
ASKER
Yes, I can pull up OWA without any cert errors.
All of my registry entries are correct. As I mentioned, everything was working fine for almost a year, then it just stopped this past Monday. Nothing on the server has changed, nothing on my Outlook has changed - just whammo.
On the test site, I'm assuming I'm using the Outlook 2003 test even though I'm using Outlook 2007 because I'm not using Exchange 2007? It fails pinging 6001, even though the registry entries are correct under the Rpcproxy key.
All of my registry entries are correct. As I mentioned, everything was working fine for almost a year, then it just stopped this past Monday. Nothing on the server has changed, nothing on my Outlook has changed - just whammo.
On the test site, I'm assuming I'm using the Outlook 2003 test even though I'm using Outlook 2007 because I'm not using Exchange 2007? It fails pinging 6001, even though the registry entries are correct under the Rpcproxy key.
ASKER
Just an addendum - When I do the same launch of Outlook 2007 from my home PC, with the exact same setup, it prompts for a username and password, meaning it's actually contacting the Virtual folders in IIS I'm assuming? Once I log in, it just shows as Disconnected down at the bottom. Again, RPCDIAG shows 4 or 5 connections to Directory as HTTPS, but no Mail or Public Folder connections.
Upon testing within the environment with RPCDIAG, all connections are made but show up as TCP/IP and not HTTPS.
Then I tried using www.testexchangeconnectivity.com and it comes back saying it failed on the certificate, HOWEVER, the failure is not on the cert name, but on the trust, and comes back with the error "The certificate chain has errors, Chain status = PartialChain ".
Upon testing within the environment with RPCDIAG, all connections are made but show up as TCP/IP and not HTTPS.
Then I tried using www.testexchangeconnectivity.com and it comes back saying it failed on the certificate, HOWEVER, the failure is not on the cert name, but on the trust, and comes back with the error "The certificate chain has errors, Chain status = PartialChain ".
ASKER
Ok, after further testing, I went to look at the IIS logs and noticed that all of the RPC_IN_DATA and RPC_OUT_DATA showed successful connections, ending with the 200 0 0 on ports 593, 6001, and 6002. However, there are no 6004 connections anywhere to be found. So I went and double checked the port assignments in the registry, and unfortunately they are all set correctly for the server netbios name, the server fqdn, and the outside proxy fqdn.
I am also getting the same error from testexchangeconnectivity, and am also using Go-Daddy certificate. I get no errors from the certificates as well. Autodiscover stopped working. Manual configure does work though for Outlook Anywhere.
This seems to be an issue with GoDaddy certificates, but for the life of me I cannot find out why.
This seems to be an issue with GoDaddy certificates, but for the life of me I cannot find out why.
Hi,
it looks like the certificate does not have any problem
Set-OutlookProvider expr -CertPrincipalName msstd:owaurl
manuelly create the profile and make sure you dont put the MSSTD value under the moresetting - connection tab
it looks like the certificate does not have any problem
Set-OutlookProvider expr -CertPrincipalName msstd:owaurl
manuelly create the profile and make sure you dont put the MSSTD value under the moresetting - connection tab
We have Vista clients where Outlook fails to connect after installing Office 2007 SP2.
Either of the following 2 MS hotfixes may remedy this.
kb 933493
kb 968858
rg
Either of the following 2 MS hotfixes may remedy this.
kb 933493
kb 968858
rg
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.