RPC over HTTP/S - and i have read so many posts already, i hate to ask

Friends,
I have read many posts and have studied and taken heed to Sembee's suggestions through his sites and posts.
I have gone through ever setting and am unable to connect RPC over HTTPS so that I can run Outlook remotely.
I have a third party SSL that works
I can log into the OWA page thru https and have success
i have created a test user that has straight and easy credentials, and set the profile up with no success logging into the exchange account from the remote outlook 2007 client.
On the client, i have the FQDN, username, and have used various settings to get this to work.

Here are the factors that I have not seen in other posts.

I have my dns to the outside world posted as:
Mail.domain.com - server1
www.domain.com - server 2
FQDN.domain.com - server 1
*.domain.com - server 2

With all of the dns entries, i am afraid that i am confusing the program in trying to connect to the server so, i have even created host file entries to ensure that the FQDN was going to the right IP address.
9 hours, $30.00 for an SSL, various attempts and nothing is working.

I will greatly appreciate any assistance in this one.  Like I said in my heading, i have not been lazy in reading other posts, i have actually spent my whole day researching them all and am now to the point of duplicating efforts.  I regretfully have to ask if anyone else can help with this one.

Thanks
Dan
matneycAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

omangmehta99Commented:
hi,

kindly share me following things,

IIS version,
Exchange server Version and service pack
FE and BE are different server or in a single server

Regards,
Umang Mehta
0
matneycAuthor Commented:
I am running IIS 6.0
Exchange 2003 SP2
I am not sure what FE and BE are.  I am running SBS 2003 on a single server with other applicatoin and web servers in the environment.
0
omangmehta99Commented:
hi,

go through following link,

it is Testing RPC over HTTP/S Connection

http://www.petri.co.il/testing_rpc_over_http_connection.htm

Rgd,
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

matneycAuthor Commented:
I just realized that FE/BE is Front End/Back End.  This is a single server solution so, i have set it up according to sembee's suggestion as back end.  i went into my ESM and chose the RPC-HTTP and removed the radio button from the first option of "not part of an exchange managed....." and changed it to RPC-HTTP backend server.
0
omangmehta99Commented:
0
matneycAuthor Commented:
unfortunately, i have already used both of these articles plus the one that sembee states will take 30 minutes to get going have have had no luck.
As i was stating in the original posting, i have read and tried everything that has been posted.  It is dissappointing that I have this weird setup that everyone in the free world can use these suggestions except for me.
I was looking for some brainstorming around the dns possibly.
I have been trying to use the IP address of the server, the fqdn (I registered the fqdn with my public dns servers) and nothing is working at all.  
i have checked all registry yet again last night and made sure that they are good and, they are.
does anyone have any ideas that i can think of or something that could be wrong in the initial configuration?

thanks again
dan
0
jasonhamlettCommented:
ok - did you reboot after making the registry changes? or at least cycle msexchnageIS service?
are you using basic authentication or NTLM (in Outlook) - suggest basic as I NEVER got NTLM to work!
0
matneycAuthor Commented:
Actually, I have rebooted several times. Each time I change anything that seems substantial, and of course, registry changes are.
I have been trying to use both NTLM and Basic both but don't have success either way.
I am not sure what I should have on the server to make each of these work so, I went back to the original setup and stuck with Basic as it seemed to be the over riding thought to use it.
Thanks for providing input, I appreciate anything that you can offer
0
matneycAuthor Commented:
Once again, i have gone thorugh the steps inch by inch and made sure that every registry setting is correct, the RPC directory in IIS is set accordingly, ensured login via the web to https://mail.domain.com and that works.
Now i am looking at ports on my firewall.  While I have read all of the documentation, it says that 80 and 443 are the only ports that need to be open.  I actually believe that 443 should be all that I need but, 80 is open on this server for other needs.  
I saw that someone mentioned that port 135 needs to be open as well.  i have researched vulnerabilities and did not see any so, i opened that port up as well.
I have rebooted the firewall and exchange server (sbs03) which is also the DC and catalog server.
I am not getting anything.

I have run outlook.exe /rpcdiag to see what is happening.
I am not seeing an adapter identified that it is connecting.
Where I should see TCP or HTTPS for the connection type, it just shows --
It shows the servername that it is trying to connect to and lists the type as a referral.
That status never changes from "connecting"

For those of you trying to assist me with this, i hope that this helps.

Thanks
Dan
0
jasonhamlettCommented:
I can confirm only 443 is needed for RPC over HTTPS - suggest you close any other ports.

I assume that your FQDN and your SSL certificate don't match?

0
matneycAuthor Commented:
Nope, they match.  I have ensured that I can log in with the information on the OWA site.  I dont see any problems there whatsoever.  i have tried the FQDN, IP address, and the NETBIOS name and none of those changes seem to make any difference.

thank you for your participation on this.  any other thoughts on this one?

Thanks
Dan
0
jasonhamlettCommented:
you said earlier that you can login to OWA using https://mail.domain.com? (no /exchange in the URL?)  This may play some part as this is the same URL as you'd specifiy in Outlook.

Otherwise, i think this is likely the registry keys. Did you use 'RPCNOFRONTEND.exe' to set the keys? (if not - get it off the net).  if so, mine looks like this;

NETBIOS:6001-6002;FQDN:6001-6002;FQDN:6001-6002;NETBIOS:6004;FQDN:6004;FQDN:6004

be careful - NO SPACES
0
matneycAuthor Commented:
OWA is actually https://mail.domain.com/exchange
I did use the RPCNoFrontEnd.exe applet to configure my registry.  Upon verification that it was right, i rebooted.  I am going to paste mine in now:

server01:6001-6002;server01.domain.com:6001-6002;mail.domain.com:6001-6002;server01:6004;server01.domain.com:6004;mail.domain.com:6004

There are no spaces and except for the name, they are identical.
0
jasonhamlettCommented:
that looks fine...

What form is your login? domain\username or domain.com\username or email address?

Have you tried from an Outlook 2003 client?
0
matneycAuthor Commented:
i have used every form of user name that you have listed with no luck.

it is ironic that you posted the idea of switching to outlook 2003.  i was in the middle of doing the uninstall when this came through.  i will let you know how it goes.

Thanks again for your insight.
Dan
0
matneycAuthor Commented:
Unfortunately, that did not help anything at all.  It is still the same as it ever was.
I ran outlook.exe /rpcdiag to see how it looked and there was no difference.
0
jasonhamlettCommented:
the rpc virtual server in IIS - did this get set to basic authentication?
0
matneycAuthor Commented:
I thought that I had posted this but apparently not.
Nothing changed with 2003 so, back to square 1.
0
matneycAuthor Commented:
Yes, it is set for basic authentication.
0
MesthaCommented:
This is SBS. You should not be setting things manually.
Run the Configure Internet and Email wizard and ensure that Outlook over the Internet is enabled. Then wait for the wizard to finish. Configuration instructions for Outlook are in RWW. You may want to consider a change to a commercial SSL certificate, but thats all.

Simon.
0
matneycAuthor Commented:
mestha - i am not sure what you are referring to with the Config internet and email wizard.  This server has been in place since 04 and works well.  There are some registry changes that are required by several other sources.  Not sure what RWW is.  And i do have a commercial certificate.
0
MesthaCommented:
You are running SBS and you don't know what the Configure Internet and Email wizard is?
It is the core to email functionality in SBS, in the management console. The references you have seen to the registry settings are for standard edition on full product. While SBS uses standard edition of Exchange it is designed to be managed by the wizards.

RWW is the remote web workplace, what you see when you login to http://server/remote

Simon.
0
matneycAuthor Commented:
That question is accurate as a statement.  
The reason that I use this forum is for answers to questions that I have.  I am an MCSE 2000, installed only this single SBS in my entire career 5 years ago and have not touched it since, and have since done all stand alone products (non-SBS).  Perhaps I did run this when I did the setup - not sure.  
Regardless, i will attempt these wizards and see if that helps.  
0
matneycAuthor Commented:
Ok, I was away for a few days and am back at this. I have been successful getting Entourage (mac) to work easily but still nothing on Outlook 2003 or 2007. I did run all of the wizards but did not have any change there. I am using imap and pop3 but still not able to connect via rpc over http.
Any other suggestions?
Thanks.
Dan
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.