asked on

RPC - HTTP Stopped working on SBS2003 Exchange Server Again!

RPC over HTTP stopped working for all remote users using outlook.
OWA works just fine.

I previously opened a case here on Experts Exchange and the issue was resolved by enabling Integrated Authentication in IIS Manager on the RPC Virtual Directory of the Default Website.

Now the issue is occurring again, but only for Outlook 2010 remote users. Everyone using outlook 2003 or outlook 2007 is fine. Please help.

murgroup

Are you using a self signed SSL cert?

Alan Hardisty

What authentication do you have set for the Outlook 2010 users in the proxy settings in Outlook and what settings have you got in Outlook 2003/2007?

Are they different?

MIT-Techs

ASKER

@murgroup: In administrative tools under CA I see a valid Self Signed cert for identity.
Is there another place I look for an SSl cert?

MIT-Techs

ASKER

@alanhardisty:

On the outlook 2003 and 2007 clients they are set to connect using SSL only and it works. I have tried connecting with and without SSL on 2010 with no luck.

murgroup

Go to administrative tools, IIS manager. Right click the default website and go to properties. Click the directory security tab and click view certificate. That will give you the info of who issued the cert.
Outlook 2010 doesn't like self signed certificates and I've found the best way to resolve this is to install a valid SSL cert from GoDaddy or others. If you don't want to do that you will have to manually install it on each machine running Outlook 2010 using the mmc and certificate snap-in.

Alanhardisty could be on to something. In the http proxy settings are you using basic authentication?

murgroup

Can Outlook 2010 clients connect interally?

MIT-Techs

ASKER

@murgroup: There is a Go Daddy cert that is valid until 2012. The Outlook 2010 clients are currently set to NTLM with SSL, but I have also tried Basic authentication.

Note: When using basic authentication the client connects, but none of the inbox items download. It just sits there.

MIT-Techs

ASKER

Forgot to mention, all users are remote and none actually work inside the LAN. No way of knowing if the users with 2010 can connect on the local LAN.

murgroup

Ok have you tried using this site to troubleshoot connectivity issues? Don't use the administrator account just a user account.

https://www.testexchangeconnectivity.com/#

MIT-Techs

ASKER

@murgroup: I just ran the test. Everything passed.

      Connectivity Test Successful

Test Details
      Testing RPC/HTTP connectivity.
     The RPC/HTTP test completed successfully.

      Test Steps

      Attempting to resolve the host name dci.crowell.cc in DNS.
     The host name resolved successfully.

      Additional Details
      Testing TCP port 443 on host dci.crowell.cc to ensure it's listening and open.
     The port was opened successfully.
      Testing the SSL certificate to make sure it's valid.
     The certificate passed all validation requirements.

      Test Steps
      Checking the IIS configuration for client certificate authentication.
     Client certificate authentication wasn't detected.

      Additional Details
      Testing HTTP Authentication Methods for URL https://dci.crowell.cc/rpc/rpcproxy.dll.
     The HTTP authentication methods are correct.

      Additional Details
      Testing SSL mutual authentication with the RPC proxy server.
     Mutual authentication was verified successfully.

      Additional Details
      Attempting to ping RPC proxy dci.crowell.cc.
     RPC Proxy was pinged successfully.

      Additional Details
      Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server dci.crowellfinehomes.com.
     The endpoint was pinged successfully.

      Additional Details
      Testing the Name Service Provider Interface (NSPI) on the Exchange Mailbox server.
     The NSPI interface was tested successfully.

      Test Steps
      Testing the Referral service on the Exchange Mailbox server.
     The Referral service was tested successfully.

      Test Steps
      Testing the Exchange Information Store on the Mailbox server.
     ExRCA successfully tested the Information Store.

Alan Hardisty

Please screen dump your proxy settings on a client (Outlook) that isn't working and hide the domain part.

MIT-Techs

ASKER

@ alanhardisty How do I screen dump proxy settings on outlook and hide the domain?

MIT-Techs

ASKER

New information: I discovered that e-mail on phones will not work inside the network. E-mail on cell phones will only work when outside the network.

I also set up a remote user on a VPN connection. Outlook 2010 does work inside the LAN.
This just gets more odd.

Alan Hardisty

Alt + Prt Scrn, then paste into Paintbrush, save as a .png file and upload to EE.

Please read the following article re the lack of Activesync on your WiFi:

https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_3703-Use-iPhone-on-wifi-network-without-the-need-to-reconfigure.html

MIT-Techs

ASKER

Here is a screen shot of the settings on Outlook 2010.

Alan Hardisty

Was the "https://" field and the "Only connect to proxy server that have......" filled out with the correct information?

If so - what format were you using for both fields?

ASKER CERTIFIED SOLUTION

MIT-Techs

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

MIT-Techs

ASKER

Thank you for helping Alan. This was a very odd issue that resolve by something totally unexpected.

Alan Hardisty

Glad you got it sorted. Out of interest - what firewall do you have?

Alan

MIT-Techs

ASKER

The firewall with issues was a Cisco Small Business RV120W. It was the issue. It was replaced with a Sonicwall TZ100.

Alan Hardisty

And you would think the Cisco would be better!