No announcement yet.

RPC Over HTTP Authentication Issue

  • Filter
  • Time
  • Show
Clear All
new posts

  • RPC Over HTTP Authentication Issue

    I'm sure hoping someone here can help me out as I've been beating my head against a wall for almost a week now.

    I've successfully set up RPC over HTTP on my 2003 Exchange server (sp2). Exchange is on on Windows 2003 sp2 server and serves as a backup DC for another Windows 2003 sp2 server. Both are GC's.

    I can successfully connect Outlook using:
    1. Windows XP sp3 / Outlook 2003 / LAN (HTTPS connection verified)
    2. Windows Vista / Outlook 2007 / WAN

    However, on my Lenova laptop which is running Windows XP sp3, I cannot connect Outlook using RPC either on the LAN or the WAN. I can connect to OWA. I get the expected results when going to and I can successfully rpcping using the -E switch.

    However, if I try the -e 6004 switch or if I try to connect using Outlook, I get 529 and 680 failures on the Exchange server.

    The 529 error:
    Logon Failure:
    Reason: Unknown user name or bad password
    User Name: username
    Domain: domain
    Logon Type: 3
    Logon Process: NtLmSsp
    Authentication Package: NTLM
    Workstation Name: machine name
    Caller User Name: -
    Caller Domain: -
    Caller Logon ID: -
    Caller Process ID: -
    Transited Services: -
    Source Network Address: external ip address
    Source Port: 0

    The 680 error:
    Logon account: username
    Source Workstation: machine name
    Error Code: 0xC000006A

    The credentials I'm using work from other machines both on the LAN and WAN. It seems that they just don't work from this one particular machine. Can anyone help me understand why so that I can get this fixed?

  • #2
    Re: RPC Over HTTP Authentication Issue

    That error suggests you are using NTLM authentication. Change it to Basic and you should be all set.
    BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
    Cruachan's Blog


    • #3
      Re: RPC Over HTTP Authentication Issue

      Basic authentication is selected and I'm using Basic Authentication in the RpcPing. Here's the command I'm using:

      rpcping -t ncacn_http -s Exchange ServerName -o RpcProxy=external FQDN -P "username,domainname,password" -I "username,domainname,password" -H 1 -u 10 -a connect -F 3 -v 3 -e 6004

      RpcPing fails with an Exception 5 which is an authentication error. Again, the Exchange server is showing the 529 and 680 failures in the Security Event Log.

      When I run the same command from a machine that works, I get successful 540 and 680 events that correspond to the failures on the Lenovo. I'm not sure what these authentication events are for but it is almost like the machine that is failing is corrupting the password or something.


      • #4
        Re: RPC Over HTTP Authentication Issue - SOLUTION

        Problem finally solved! Through much toil and tribulation, I found the problem to be a Local Policy Setting conflict.

        The server hosting the Exchange server had itsNetwork security: LAN Manager authentication level Properties set to Sent NTLMv2 response only\refuse LM & NTLM.

        The workstation that was failing authentication had the same policy property set to Send LM & NTLM.

        Using gpedit.msc on the client machine and navigating to Local Computer Policy -> Computer Configuration -> Windows Setting -> Security Settings -> Local Policies ->Security Options -> Network Security: LAN Manager authentication level, I updated the value from Send LM & NTLM to Sedn NTLMv2 response only\refuse LM & NTLM. I then restarted the machine and viola! Outlook connected using RPC over HTTP.