Announcement

Collapse
No announcement yet.

Problms with RPC over HTTP - so close yet so far ...

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problms with RPC over HTTP - so close yet so far ...

    Hi folks.

    _EXCELLENT TUTES_ Daniel Petri! i've been readin your latest RPC over HTTP/S tute vigoursly. On other sites it's been similar but very brief -> you have complete descriptions and images to back it up with highlights --- perfect!

    now to the problem. I've followed your RPC HTTP/S tute i believe to the core.

    as such, i kick in Outlook 2003 and i select the RPC mail profile. I then get a popup window that is asking for Username / password. I try any of them in the format DomainName\UserName and it disappears and repops back .. i try again .. and same thing. it goes on and on .. never accepting my creditials.

    Tech Info.
    Domain: RebelAlliance.local
    Single server setup.
    Exchange 2003 Sp1 on a Windows 2003 sp1 box. IP: 192.168.0.11. Name: HanSolo (eg. internal fqdn == HanSolo.RebelAlliance.local) Has exchange 2003 sp1 and iis6 installed. all private websites are also on this machine.

    Main server = Windows 2003 sp 1. IP: 192.168.0.10. Name: Leia (eg. internal fqdn Leia.RebelAlliance.local). Active directory, internal DNS, DHCP and RAAS (for vpn) are all installed. This was also the first server of the domain.


    Router: port 80/443/25/110 are natted to hansolo (web/exchange machine).

    i'm at a loss to figure out what is going on?!

    also, when i log into OWA, i can log in as [email protected] or (prewindows 2000) RebelAlliance\user.name.


    some things to note: i've _NOT_ installed a digital cert for rpc virtual directory. that's the only thing i've not done in your tute. if i do, i'll try a local CA method.


    i'm at a loss Please help someone!

    -PK-

  • #2
    Notice that my article is specifically named "configuring RPC over HTTP/S".

    You need a certificate for SSL.
    Cheers,

    Daniel Petri
    Microsoft Most Valuable Professional - Active Directory Directory Services
    MCSA/E, MCTS, MCITP, MCT

    Comment


    • #3
      i thought u said you only need a cert if u use BASIC AUTHENTICATION.

      if so, i ment by 'use' was in the outlook 2003 client setup for http (ntml or basic).

      after all - the tute is HTTP/S, with the slash (/) i thought implying it doesn't have to be secure.

      Comment


      • #4
        Sorry to jump in-
        But the Outlook client and Exchange cannot authenticate over the Web using the NTLM method and RPC. The NTLM cannot transverse the Proxy function so no authentication will take place. MS recommends Basic Authentication with SSL.

        But, with that siad- I am posting another item which describes the same pw/login issue. Cannot get past the login but can get to the RPC proxy.

        Thanks we'll see how it goes.

        Comment


        • #5
          problem finally solved.

          i had to put a certificate on the iis/email server. i had a local CA which i made. Once the cert was installed and tested i then had my local client machine goto https://fqdn.server/certsvr and install a user cert.

          now that i get no https warnings, my server was now 'found' in the MAIL\check names test thing.

          so supa sweet.

          i did have probs with my pda + exchange syncing now. This was because my CA is not a real trusted one.

          ms helped -->> http://www.microsoft.com/downloads/d...displaylang=en

          Comment


          • #6
            Glad you sorted this out.

            BTW, I could have helped too:

            http://www.petri.com/adding_root_cer...e_2003_ppc.htm
            Cheers,

            Daniel Petri
            Microsoft Most Valuable Professional - Active Directory Directory Services
            MCSA/E, MCTS, MCITP, MCT

            Comment


            • #7
              ahh! interesting

              /me does a factory reset (i've been wanting to do this for a while actually)....

              ok .. all reset. Now lets active sync. Yep - cert error.
              Ok lets follow your instructions...

              copied cert to storage... ran .exe .. yep it found it .. yep i want to copy/do this...

              ok. requires a soft reboot. i'll just remove the app and cert from storage card first...

              reboot...

              ru-roh

              "Syncronization failed due to an error on the server. Try again.
              Error code: HTTP_500"

              ??

              Comment


              • #8
                found my fix :P

                it seems that my account has a primary email address different to the default policy email address...

                http://support.microsoft.com/default...b;en-us;886346


                registry fix and all is good super wikido!

                thanks DP!

                Comment


                • #9
                  Re: Problms with RPC over HTTP - so close yet so far ...

                  Originally posted by danielp View Post
                  Notice that my article is specifically named "configuring RPC over HTTP/S".

                  You need a certificate for SSL.
                  Mr. Petri, you write in the article "While RPC over HTTP does not require SSL." If it does not require SSL, why cant you configure it with out a certificate? How can I configre the RPC over HTTP without SSL and without a certificate? I searched your site and could not find instructions.

                  Comment

                  Working...
                  X