Solved

RPC over HTTP issue

Posted on 2009-07-10
6
1,502 Views
Last Modified: 2012-05-07
We recently lost RPC over HTTP connectivity. I have been troubleshooting this for the last few days following the MS Troubleshooting guide but was unable to find any problems.
I have just managed to restore connectivity by ticking 'Windows Integrated Authentication' in the Directory Security tab of the rpc site Properties.  All other settings left as recommended (ie Basic Authentication also ticked, anonymous access disabled). Basic Authentication is also set on the client machines.
I presume this points to some kind of security problem, but can find no issues with our certificate (GoDaddy) or other security settings.
Hopefully the fact that enabling Windows Integrated Authentication fixes the issue might give someone who understands this better a clue?
0
Comment
Question by:keithxp
  • 3
  • 2
6 Comments
 
LVL 3

Expert Comment

by:mojopojo
ID: 24825226
If you are running SBS 2003 and "lost RPC over HTTP" (means it was working fine and then stopped) that generally suggests a change in your network, ISP or firewall.

First thing in SBS 2003 is to re-run the CEICW wizard from Computer Management and select the proper connection OWA, RWP, etc. ( http://support.microsoft.com/kb/825763 ) That will fix 90% of all SBS 2003 connectivity issues.



0
 

Author Comment

by:keithxp
ID: 24825256
Thanks for the suggestion, I should probably have mentioned that I have re-run the wizard a couple of times without luck.
0
 
LVL 1

Expert Comment

by:Rick_Lewis
ID: 24827534
Your right to tick windows authentication in rpc and make sure your domain is displayed in the default domain box. I always setup the clients thus:

https://remote.yourdoamin.com
Connect using SSL only (Ticked)
Only connect to proxy... (ticked)
msstd:remote.yourdomain.com

On fast networks... (unticked)
On Slow Networks (ticked)

Proxy Authentication set to NTLM Authencation

Additionally, I've found that occasionally the windows authentication and or basic authentication in rpc security gets unticked no idea why, but it does. Just double check your firewall on your router for the usual ports allowed (80,443)
0
6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

 

Author Comment

by:keithxp
ID: 24827575
Hi,
well that configuration seems to be working for me too, but am I going mad or do most guides recommend that the RPC virtual directory security settings are that
- anonymous access is disabled
- only Basic Authentication is ticked
- SSL is enabled
??
At present clients are using Basic Authentication, but you are suggesting it is better to set it to NTLM (presumably to match to the Basic Authentication by NTLM on the virtual directory)?
 
0
 
LVL 1

Accepted Solution

by:
Rick_Lewis earned 250 total points
ID: 24828055
Yes, in my experience using NTLM also enables the remember password box to work on the clients outlook. Especially when the PC's are not joined to the domain. As for guides, well I've read quite a few too but after 6 years of working on SBS2003 this works just fine.
0
 

Author Closing Comment

by:keithxp
ID: 31602383
OK. This is great because I have lost RPC-HTTP connectivity several times in the past, never understood why (ie could not relate it to a particular change on the server etc). Hopefully I can fix it quicker in future. thank you
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

Written by Glen Knight (demazter) as part of a series of how-to articles. Introduction One of the biggest consumers of disk space with Small Business Server 2008(SBS) is Windows Server Update Services, more affectionately known as WSUS. For t…
This guide is intended to provide step by step instructions on how to migrate from Small Business Server 2003 to Small Business Server 2011. NOTE: This guide has been written using the preview version of SBS2011 therefore some of the screens may …
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now