outlook anywhere fails because of http rpc

inferno521
inferno521 used Ask the Experts™
on
When I run the test exchange analyzer below is the only error that I get.  Any ideas on what I need to do to resolve this and get OO to work again?

Testing HTTP Authentication Methods for URL https://email2010.domain.com/rpc/rpcproxy.dll.
       The HTTP authentication test failed.
       
      Additional Details
       An HTTP 500 response was returned from Unknown.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
This is not encouraging
http://www.petri.co.il/forums/showthread.php?t=18100

OK, no one came up with anything at all helpful on this or the other 2 forums, and I did a bunch more testing and diagnosing using a bunch of different MS utilities that other places mentioned, none of which really matters, because they all seemed to tell me the same thing: RPC wasn't working.
Not Exchange, not the certificate, not IIS, just RPC wasn't working. So, what I ended up doing was creating a temporary server with Windows 2003 64 bit, installing Exchange 2007 to it, making it a DC (since my other Exch server was the DC, GC and DNS for the domain) I used the migration utility to move the mailboxes from one server to the other.

Then I moved the public folder replicas, deleted the Public folder database on the "bad" server, uninstalled Exch. 2007, dcpromo'd it to remove AD, then removed the server from the Domain. (I also moved all the user directories and files and recreated their shares on the temp server edited the login script, Oh and I made the temp server the operations master for all of the Domain/AD roles as well as a GC.)

With the "bad" server out of the domain and everything functioning just fine on the temp server, I just wiped it clean and reinstalled from scratch.
I installed Windows server 2003 x64, then service packed it, joined the Domain, made it a Domain controller, DCpromo'd it back to a being a DC, moved the DC/AD roles all back to it, made it a GC server, installed DNS and made sure everything synchronised just fine.
Then I reinstalled Exchange 2007 and RPC over HTTP Proxy, created a test account on the newly reinstalled server and voilà! RPC over HTTP/S worked perfectly right out of the box as it is supposed to. I moved the mailboxes back, did everything necessary to make Exchange 2007 be the way it should be and I was done. What a hassle.

But maybe this will encourage someone else to just start over instead of beating their head against a wall, and if it makes it easier for someone else then, this forum will have done its job. By the way someone else on another forum elsewhere insisted that you HAVE to use a certificate from a "real" CA, but this just isn't true.
I created a self signed certificate from my server that has Certificate Services on it and it works just fine for RPC and everything else. Just remember to go to https://yourownserver.com/Certsrv and click on download the certificate chain, then install the certificate chain and you'll be fine for RPC over HTTP with Outlook 2003 & 2007. Don't just do the https: to your server and try to click on "install certificate" you need to actually get your self CA into the trusted roots, not just the certificate.

OK one caveat here, for "locked" mobile devices (the Samsung Blackjack for instance), where they only allow you to install approved apps from the wireless provider, you won't be able to download and install the chain, so for those and (as far as I know) only those locked devices you would need a "real" certificate from a "real" CA that you pay money for. Most other MS active sync or Windows Mobile devices play fair and let you install certificate chains.
DevOps Engineer
Commented:
You have to install the Windows Feature "RPC over HTTP Proxy" on the Client Access Server.
Shreedhar EtteTechnical Manager
Top Expert 2010

Commented:
- Check the SSL settings of /RPC virtual directory, it should be: Require SSL (Checked), Require 128-bit SSL (Unchecked), Client certificates: Ignore.

Author

Commented:
DanArseneau:
Yes it  is install, this was working previously but I ran some autodiscover commands to fix that.  I also stopped a second exchange server from proxing FROM this one.

shreedhar:
That is currently how it is

Every other aspect of the server is working fine

Author

Commented:
Number-1:

I have a purchased cert, and OWA works fine.  I saw that some other people deleted the rpc virtual directory or uninstalled RPC and reinstalled, but I can't restart this server right now
Shreedhar EtteTechnical Manager
Top Expert 2010

Commented:
Browse this url locally https://serverfqdn/rpc/rpcproxy.dll

Psot what you are getting.

Author

Commented:
shreedhar:
I get to a page with a invalid certificate error, and when I enter in my username and password the page is blank

I do have a security cert installed though, and when I go into email via OWA I see that it is sucessfully applied.

Note:  I just turned off outlook anywhere for now so that more user's outlook don't try to use it.

After hours I will uninstalled the rpc feature, reboot, reinstall it, and reenable outlook anywhere

Author

Commented:
One the new server I needed to install rpc over http and reboot.  On the old server I needed to disable OO, reboot, remove rpc over http, reboot,, and install rpc over http and it worked perfectly

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial