Solved

Outlook over RPC

Posted on 2009-06-30
35
552 Views
Last Modified: 2012-06-27
Hi All,

For the past few days users who connect to our exchange using outlook over RPC are complaining that outlook keeps on asking for a password, and once you input the password it keeps asking again. after couple of hours they can connect with no problems and after an hour or 2 problem persists again.  When you go to OWA it works fine. Users connecting to exchange locally have no problems. My laptop is configured to connect over RPC and even tho im on local LAN it still asks me for password, once i input password it asks me again and again.

any idea ?
0
Comment
Question by:aucklandnz
  • 21
  • 14
35 Comments
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
sounds like the times might be out across the machines? Are you times syncronized?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
but it happens to all machines at once then all of them can access and again i get a call from same users at once that its down again
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
here is a RPC troubleshooting guide to work through.
http://technet.microsoft.com/en-us/magazine/2007.07.howitworks.aspx

Anything in the event logs?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
The mailbox server [exchange.mydomain.local] has its [vir] virtual directory set to require SSL.  Exchange ActiveSync cannot access the server if SSL is set to be required.  For information about how to correctly configure Exchange virtual directory settings, see Microsoft Knowledge Base article 817379, "Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003" (http://go.microsoft.com/fwlink/?linkid=3052&kbid=817379).
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
not following..

Were you setting up for activesync when this occurred?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
no, it was just only one event related to exchange

sorry
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
any Kerbose messages in system on the server or workstations?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
no event about Kerbose
 it still happens few times a day. When Outlook dosent work OWA is still  working so its not certificate.
and when it happens it happens to all mobile users at the same time.

0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
did you follow the troubleshooting guide?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
yes i did...no luck


it is down now again and when i try to RDC to exchange server i get 2 different errors
(see attachement for one error)

second error :

The system cannot log you on due to the following error:
The Network Address is invalid.
Please try again later or consult you system administrator

when i go physically to the server i can log in with no problems


thanks
error1.jpg
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
when i resterted IIS users can log in again

Thanks
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
try this from the console:
netdiag /v /f > c:\netdiag.txt
and post results please..
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
this is netdiag from the server that gives me the following error:

The system cannot log you on due to the following error:
The Network Address is invalid.
Please try again later or consult you system administrator



Usage: netdiag [/Options]>
   /q - Quiet output (errors only)
   /v - Verbose output
   /l - Log output to NetDiag.log
   /debug - Even more verbose.
   /d:<DomainName> - Find a DC in the specified domain.
   /fix - fix trivial problems.
   /DcAccountEnum - Enumerate DC machine accounts.
   /test:<test name>  - tests only this test. Non - skippable tests will still be run
   Valid tests are :-
        Ndis - Netcard queries Test
        IpConfig - IP config Test
        Member - Domain membership Test
        NetBTTransports - NetBT transports Test
        Autonet - Autonet address Test
        IpLoopBk - IP loopback ping Test
        DefGw - Default gateway Test
        NbtNm - NetBT name Test
        WINS - WINS service Test
        Winsock - Winsock Test
        DNS - DNS Test
        Browser - Redir and Browser Test
        DsGetDc - DC discovery Test
        DcList - DC list Test
        Trust - Trust relationship Test
        Kerberos - Kerberos Test
        Ldap - LDAP Test
        Route - Routing table Test
        Netstat - Netstat information Test
        Bindings - Bindings Test
        WAN - WAN configuration Test
        Modem - Modem diagnostics Test
        Netware - Netware Test
        IPX - IPX Test
        IPSec - IP Security Test
   /skip:<TestName> - skip the named test.  Valid tests are:
        IpConfig - IP config Test
        Autonet - Autonet address Test
        IpLoopBk - IP loopback ping Test
        DefGw - Default gateway Test
        NbtNm - NetBT name Test
        WINS - WINS service Test
        Winsock - Winsock Test
        DNS - DNS Test
        Browser - Redir and Browser Test
        DsGetDc - DC discovery Test
        DcList - DC list Test
        Trust - Trust relationship Test
        Kerberos - Kerberos Test
        Ldap - LDAP Test
        Route - Routing table Test
        Netstat - Netstat information Test
        Bindings - Bindings Test
        WAN - WAN configuration Test
        Modem - Modem diagnostics Test
        Netware - Netware Test
        IPX - IPX Test
        IPSec - IP Security Test

0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
i have this event aswell

Event Type:      Error
Event Source:      Winlogon
Event Category:      None
Event ID:      1219
Date:            6/07/2009
Time:            11:02:21 a.m.
User:            N/A
Computer:      BLACK
Description:
Logon rejected for mydomain\administrator. Unable to obtain Terminal Server User Configuration. Error: The network address is invalid.
 

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
Data:
0000: ab 06 00 00               ...    
0
 
LVL 23

Accepted Solution

by:
debuggerau earned 500 total points
Comment Utility
oops, yes, that was a little dated, try
netdiag /v /fix
instead..
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
I run command on exchange server but at this stage usewrs can connect to outlook

when i tried to run netdiag on my other server that was giving me the network invalid message i m getting 'netdiag' is not recogniszed as an internal or external command....
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
Install Windows Support Tools off the CD..
http://support.microsoft.com/kb/892777
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
i run dcdiag /v /fix

what i have noticed that trust relationship is failed . i think we are narrowing down the problem
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
is the account locked out?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
no
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
i have this event
Event Type:      Error
Event Source:      Userenv
Event Category:      None
Event ID:      1053
Date:            4/07/2009
Time:            11:59:52 p.m.
User:            NT AUTHORITY\SYSTEM
Computer:      BROWN
Description:
Windows cannot determine the user or computer name. (The RPC server is unavailable. ). Group Policy processing aborted.

For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
Do you know how to restart the trust relationship by resetting the passwords with netdom?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
no i do not... would you be able to help me with it ?

thanks
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
Just to add

I have 3 x 2003 windows servers (SP2)
1 Domain Contoller, 1 Exchange and 1 file server
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
Thats exactly what I'm thinking, although were you trying to get access to a machine over the trust link?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
sorry im a bit confused ?

"over the trust link"?

i can log in when i go physically to the machine but i cannot log in when i try RDC to it .
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
im just looking at the link on how to to reset password using netdom.

step 3 says
Remove the Kerberos ticket cache on the domain controller where you receive the errors. You can do this by restarting the computer or by using the KLIST, Kerbtest, or KerbTray tools


the thing is i didnt receive any errors on my domain controller, only on my oter server that are not DCs
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
yes, but is it in your domain or the trusted domain?

If it is in your domain, have you tried removing and reinserting it back into the domain?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
should i do it by joining workgroupo and thn joing domain again ?

if i will do it on the server that is running my exchange ....would it effect mail server  ?
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
definitely...


Have you disabled ssl yet?

Where is this trust you mentioned?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
i havent done anything just yet. im worry that if i will re-join my MS exchange server to my domain it will effect emails.

when i run netdiag /v on my exchange server while users cant connect im getting trust relationship faild so i guess the trust is on DC
0
 
LVL 23

Expert Comment

by:debuggerau
Comment Utility
it may be defunt, but without posting the logs, I cant tell..
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
which logs should i post ?
0
 
LVL 3

Author Comment

by:aucklandnz
Comment Utility
i rejoined the domain on opne of the servers and it fixed the problem

thanks for all your inputs
0

Featured Post

Are your corporate email signatures appalling?

Is it scary how unprofessional your email signatures look? Do users create their own terrible designs and give themselves stupid job titles? You can make this a lot easier for yourself by choosing an email signature management solution from Exclaimer today.

Join & Write a Comment

Not sure what the best email signature size is? Are you worried about email signature image size? Follow this best practice guide.
Marketers need statistics and metrics like everybody else needs oxygen. In this article we explain how to enable marketing campaign statistics for Microsoft Exchange mail.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
To add imagery to an HTML email signature, you have two options available to you. You can either add a logo/image by embedding it directly into the signature or hosting it externally and linking to it. The vast majority of email clients display l…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now