Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

RPC over HTTPS SBS 2003

Posted on 2011-02-16
23
Medium Priority
?
1,890 Views
Last Modified: 2012-06-21
I'm having issues connecting to my SBS 2003's Exchange server through RPC over HTTPS.  We bought a certificate through Godaddy and imported it.  I've tested that I can go to https://mail.mydomain.com/exchange and get to the OWA site.  Also, in the brwoser, my cert shows up and clearly reads that it's Godaddy and that the security principal is mail.mydomain.com.

I've set up my laptop with Outlook 2010 using the internal name of the SBS server, srv01.domain.local and a test mailbox user.  In the Exchange proxy, I'm using https://mail.mydomain.com, checking every box, using NTLM and then msstd:mymail.domain.com.  When I'm inside the network and connecting through Outlook using the internal name for the server, I can connect no problem.

Outside is my issue.  If I try to connect using the external address of the server, mail.mydomain.com, I get responses that Exchange is unavailable.  Or, I may keep getting prompted to put in a username and password.  I'm not a part of the domain but even as not part of the domain, I can still connect using the internal address.  No DNS problem.  No port forwarding problem.  If I go to https://mail.mydomain.com, I am brought to the SBS home page where you can access the Remote Web Workplace.  If I go to https://mail.mydomain.com/exchange, I am brought to OWA.

I'm at a loss.  Is it possible that the SBS website is conflicting?
0
Comment
Question by:sedberg1
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 12
  • 10
23 Comments
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34910397
Please visit https://testexchangeconnectivity.com and run the RPC over HTTPS test and post the results and that should highlight the issues with any luck.

Alan
0
 
LVL 76

Accepted Solution

by:
Alan Hardisty earned 2000 total points
ID: 34910408
Both the RPC and Exchange Virtual Directories should have Basic and Integrated Windows Authentication enabled and SSL enabled with no IP Address restrictions on them.
0
 
LVL 9

Expert Comment

by:meko72
ID: 34910514
The above links are pointing right.  First installed the cert with your browser then configure RPC over HTTP in the outlook client.
You cannot use RPC over HTTP with a proxy automatic configuration script

Here is a link for the client:  http://www.petri.co.il/configure_outlook_2003_to_use_rpc_over_http.htm

Here is a link for the Server:
http://www.petri.co.il/how-can-i-configure-rpc-over-https-on-exchange-2003-single-server-scenario.htm

I hope this Help
0
Has Powershell sent you back into the Stone Age?

If managing Active Directory using Windows Powershell® is making you feel like you stepped back in time, you are not alone.  For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why.

 

Author Comment

by:sedberg1
ID: 34910619
I ran the Exchange test site, which by the way, thanks because that'll come in handy for A LOT of other times.  It looks like the external address is blocking my IPs.  I enabled access to everyone.  I ran it again and there's a runtime error with port 6001.  I've checked that the Registry keys are correct, name resolution is correct, and I can telnet in on the external name on port 6001 which comes back ncacn_http/1.0
0
 
LVL 76

Assisted Solution

by:Alan Hardisty
Alan Hardisty earned 2000 total points
ID: 34910646
With SBS 2003 - simply re-run the Connect To The Internet Wizard - change nothing and then check your IIS settings as per my comment above.

The wizard can be found in Start> Server Manager> To Do List> Connect to the internet.
0
 

Author Comment

by:sedberg1
ID: 34910809
I don't see the Connect to the Internet Wizard.  There's no Server Manager option on my Start menu.  This is SBS 2003.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34911000
Yes - You should have Server Management (sorry - got the name slightly wrong) at the top of the Start Menu.
0
 

Author Comment

by:sedberg1
ID: 34911047
Yeah, I don't know what they did with it, but it's not there.  Nor is it showing up as a snap-in with MMC.
0
 

Author Comment

by:sedberg1
ID: 34911202
This is a single server instance.  I noticed that on the server's properties dialog box, on the RPC-HTTP tab, the RPC-HTTP back end server option is chosen.  This is the RPC proxy server, so shouldn't this be the first choice - Not part of an Exchange managed RPC-HTTP topology.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34911320
The default is Not part of an Exchange managed RPC-HTTP topology.

So - if Server Management is missing - what else is messed up / missing?

Can you do the following please:

Start> Run {type} mmc /a {press enter}

File> Add/Remove Snap-In> Add Button> Add Small Business Server To Do List> Close> Ok

Select the To Do List and then click on Connect to the internet.
0
 

Author Comment

by:sedberg1
ID: 34911428
I have five options here:
activate your server
add additional client licesnes
add a printer
configure fax
configure backup

But no Connect to the Internet
0
 

Author Comment

by:sedberg1
ID: 34911454
You know, connecting internally with the internal FQDN bears no problem whatsoever.  Does that mean something?
0
 

Author Comment

by:sedberg1
ID: 34911468
But I can telnet into the external FQDN on port 6001, and telnet will bring me right through to the server and give me the ncacn_http/1.0
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34911511
Okay - so you are missing:

View Security Best Practises
Connect to the Internet
Configure Remote Access
Add users and computers
Configure Monitoring

So half the items are missing.

What else doesn't work?
0
 

Author Comment

by:sedberg1
ID: 34911527
Everything else seems to work.  Althought we're not doing much here.
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34911541
What Service Pack is Windows on and what Service pack is Exchange on?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34911553
Can you download and run the SBS 2003 Best Practises Analyzer please and report back any findings:

http://www.microsoft.com/downloads/en/details.aspx?familyid=3874527A-DE19-49BB-800F-352F3B6F2922&displaylang=en
0
 

Author Comment

by:sedberg1
ID: 34912640
It's running SP2 on the OS and SP1 on the Exchange.  The scan came back with some things related to EDNS, offload checksums plus specifically for Exchange, only SP1 is insatlled.  Im' downloading SP2 and will install it when it's done.
0
 

Author Comment

by:sedberg1
ID: 34913199
OK, so this is odd.  I set up a profile inside their network using mymail.domain.local.  Like I said in the original post, that profile would connect.  It was getting through mymail.domain.com, the external FQDN, that failed.  The testexchangeconnectivity.com site is still failing on port 6001.  However, I'm outside their network now, and I tried using the same Outlook profile except putting in the mymail.domain.com address instead of mymail.domain.local.  The .com automatically resolved to .local.  And, I can connect and send and receive email.  Keep in mind, this is outside their network supposedly with the port 6001 problem.

What gives?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34936202
Once you have installed SP2 for Exchange, re-run the Connect To The Internet Wizard and then test again.
0
 

Author Comment

by:sedberg1
ID: 34952467
If I re-run the Wizard, will I have to be on-site?
0
 
LVL 76

Expert Comment

by:Alan Hardisty
ID: 34952575
No - you can do it remotely - you may lose connectivity but should be able to reconnect when it has finished running.
0
 

Author Comment

by:sedberg1
ID: 35072558
All my settings were correct.  The RPC Location Service was not starting.  Changed it to automatic and started the service.  Everything went through.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article lists the top 5 free OST to PST Converter Tools. These tools save a lot of time for users when they want to convert OST to PST after their exchange server is no longer available or some other critical issue with exchange server or impor…
One-stop solution for Exchange Administrators to address all MS Exchange Server issues, which is known by the name of Stellar Exchange Toolkit.
CodeTwo Sync for iCloud (http://www.codetwo.com/sync-for-icloud?sts=6554) automatically synchronizes your Outlook 2016, 2013, 2010 or 2007 folders with iCloud folders available via iCloud Control Panel. This lets you automatically sync them with…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question