RPC with Exchange 2003 - Outlook 2003 - Client Issues

Our network is configured to use RPC with Outlook.  My particular setup works fine.  I'm noticing that for some people though I'm having a problem getting them to authenticate.  It just keeps asking for the password. I know I'm not providing much information, but assuming I'm setting up the clients the exact same way on each person's laptop, what could be going on locally that would screw up the setup?  Is some cert missing, etc?  No errors pop up, it just keeps on asking for the password.

???

gunscheeAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

bigalcraneCommented:
Hi Gunschee

The first question is are they accessing the exchange server directly on a LAN or over the internet via a firewall / proxy?

Also, is the certificate used to encrypt the HTML stream (making it HTTPS) a self signed one or one bought from a publicaly trusted company?

Are the people having trouble part of the same domain and forest as you and the Exchange server?

Please also let me know what the settings you have chosed for their RPC over HTTPS configuration in their profiles.

Thanks

Al
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
saku99Commented:
I've had this problem recently on an SBS 2003 server for a new client. Outlook would keep prompting for password while actually being connected.

One thing that resolved the issue was setting The Proxy Authentication method to Basic, the only downside from the client point of view is that you have to re-enter the password every time you start outlook.

If that fixes your issue and you want to get NTML auth working then the problem is going to be in IIS somewhere. One thing to do is install all the rollup updates for your version of exchange, doing that fixed a problem I had with iPhones recently.
0
bigalcraneCommented:
Another idea is to use the Exchange Server Remote Connectivity Analyzer at https://www.testexchangeconnectivity.com/

This is a vastly underated and underused tool IMO

Please heed the advice is recommends to create a test account for the purpose of testing, as you need to give it a username and password that is live on your exchange server for it to work.

Worth a try. It may do the hard work for you :-)

Let us know how you get on.

Thanks

Al.
0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

gunscheeAuthor Commented:
Sorry, but I didn't set this up.  It's been handed to me, and I've been rolling out as needed.  Sometimes it works for clients, sometimes it doesn't.  Authentication is set to basic.  All the clients are in the same simple domain structure.

Results of Connectivity Analyzer for a failed setup:  (I changed our domain name to "domain" below)

Testing RPC/HTTP connectivity
 RPC/HTTP test failed
 Test Steps
 Attempting to resolve the host name webmail.domain.com in DNS.
 Host successfully resolved
 Additional Details
 IP(s) returned: 67.152.119.89

Testing TCP Port 443 on host webmail.domain.com to ensure it is listening and open.
 The port was opened successfully.
Testing SSL Certificate for validity.
 The certificate passed all validation requirements.
 Test Steps
 Validating certificate name
 Successfully validated the certificate name
 Additional Details
 Found hostname webmail.domain.com in Certificate Subject Common name

Validating certificate trust
 Certificate is trusted and all certificates are present in chain
 Additional Details
 The Certificate chain has be validated up to a trusted root. Root = E=info@valicert.com, CN=http://www.valicert.com/, OU=ValiCert Class 2 Policy Validation Authority, O="ValiCert, Inc.", L=ValiCert Validation Network

Testing certificate date to ensure validity
 Date Validation passed. The certificate is not expired.
 Additional Details
 Certificate is valid: NotBefore = 7/6/2009 2:04:12 AM, NotAfter = 7/6/2014 2:04:12 AM"



Testing Http Authentication Methods for URL https://webmail.domain.com/rpc/rpcproxy.dll
 Http Authentication Test failed
 Additional Details
 Exception Details:
Message: The underlying connection was closed: The connection was closed unexpectedly.
Type: System.Net.WebException
Stack Trace:
at System.Net.HttpWebRequest.GetResponse()
at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.GetSupportedHttpAuthMethods()
at Microsoft.Exchange.Tools.ExRca.Tests.HttpAuthMethodsTest.PerformTestReally()
0
bigalcraneCommented:
Hi Gunchee,

It looks like the authentication methods allowed by the web service are not allowing people to authenticate. Check that anonymous access is removed within IIS and that either digest or windows integrated is enabled (with integrated preferred).

You could check that the permissions and ACLs for the web components have not deviated from a standard install as that could manifest itself as this problem. One way of doing this is to enable auditing (ask if you need help to do this) and assign some blanket audit control lists to the web components. A quick check in the security event log will tell you what objects are being accessed and failing. The rights on these objects may have been changed from standard.

Good luck and keep us posted.

Thanks

Al.

0
gunscheeAuthor Commented:
I'll check IIS, but why would some users be able to get in while others cannot?  Shouldn't it be getting in the way of everyone?
0
gunscheeAuthor Commented:
Are we talking about IIS running on the Exchange server?
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.