We help IT Professionals succeed at work.

Exchange 2003 - Outlook RPC over HTTP fails

I'm performing a migration from Exchange 2003 to Office 365.  I therefore need to get connectivity from the Internet to the Exchange server up and running.

I've installed an SSL cert from a commercial CA, and that's working fine for Outlook Web Access.  The problem is that Outlook "RPC over HTTP" connectivity isn't working, and I think this needs to work for my upcoming migration.

I've run the Outlook connectivity test at https://testconnectivity.microsoft.com, and it fails with the following message.

Testing HTTP Authentication Methods for URL https://mail.domain.co.uk/rpc/rpcproxy.dll?mail.domain.co.uk:6002.
 	The HTTP authentication test failed.
 	 Tell me more about this issue and how to resolve it
 	
	Additional Details
 	
The Initial Anonymous HTTPS request didn't fail, but Anonymous isn't a supported authentication method for this scenario.
HTTP Response Headers:
MicrosoftOfficeWebServer: 5.0_Pub
Content-Length: 0
Content-Type: text/html
Date: Thu, 05 Mar 2015 08:55:10 GMT
Location: https://login.passport.com/ppsecure/secure.srf?lc=1033&id=1&ru=https://mail.domain.co.uk/rpc/rpcproxy.dll%3Fmail.johnston-engineering.co.uk:6002&tw=1800&fs=1&kv=1&ct=1425545710&cb=&seclog=10&ver=2.1.6000.1&rn=VPFW5mwl&tpf=94afb2ed470611f6228e012864f0dec3
Server: Microsoft-IIS/6.0
WWW-Authenticate: Passport1.4 lc=1033,id=1,tw=1800,fs=1,ru=https://mail.domain.co.uk/rpc/rpcproxy.dll%3Fmail.domain.co.uk:6002,ct=1425545710,kv=1,ver=2.1.6000.1,seclog=10,rn=X5lkRu!Y,tpf=653b54838becf5f2da5d2be65428b841
X-Powered-By: ASP.NET
Elapsed Time: 12844 ms.

Open in new window


If I go into IIS Manager on the server, into Default Web Site, right-click on "RPC" and choose Properties, then look at the authentication methods selected for that directory, ".NET Passport authentication" is checked, "Enable anonymous access" is unchecked, and all other methods (Integrated Windows authentication, Digest authentication, and Basic authentication) are unchecked and grayed out.

How can I get this working, please?  I just need it to work long enough to migrate the data out!
Comment
Watch Question

Alan HardistyCo-Owner
Top Expert 2011

Commented:
What is the version of .net framework showing in the properties of the RPC virtual directory?

To get this working, you need basic and integrated Auth enabled.

Alan

Author

Commented:
Hi Alan,

Thanks for the reply.  Version of ASP.NET displayed is 1.1.4322.

Basic and Integrated auth types are grayed out, unfortunately:

Auth methods
Alan HardistyCo-Owner
Top Expert 2011

Commented:
If you untick .net auth - can you then tick others?

.net 1.1 is good :)

Author

Commented:
Hah!  Nice one Alan - I didn't think of that.  So I've now got the right authentication methods on the RPC directory.  And now it's getting past that point in the Remote Connectivity Analyser... and then failing later on!

Now it says:

	Attempting to ping the MAPI Mail Store endpoint with identity: mail.domain.co.uk:6001.
 	The attempt to ping the endpoint failed.
 	 Tell me more about this issue and how to resolve it
 	
	Additional Details
 	
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
Elapsed Time: 3807 ms.

Open in new window

Co-Owner
Top Expert 2011
Commented:
Please have a read through the following article:

http://www.petri.com/how-can-i-configure-rpc-over-https-on-exchange-2003-single-server-scenario.htm

Make sure you have the Registry settings as per the article - but with the relevant FQDN of your server instead.

If you have and it fails, then it could be a DNS issue.

Alan

Author

Commented:
Worked through the article, and it didn't initially work.   Your hint that DNS issues could also be involved led me to try setting up split DNS by configuring the internal DNS server to resolve the external FQDN of the server to the LAN IP address of the Exchange server.  (as in, for example, "mail.domain.co.uk --> 192.168.1.1").  This worked, and all is now up and running as it should be.  Many thanks for your help, Alan!
Alan HardistyCo-Owner
Top Expert 2011

Commented:
Excellent news - well done and happy migrating to 365.  Should be plain sailing from now on, but let me know if it isn't - done a few myself so can help out if you need it.

Best wishes

Alan