No announcement yet.

Exchange 2003 over RPC over HTTPS (then ultimately to iPhone)

  • Filter
  • Time
  • Show
Clear All
new posts

  • Exchange 2003 over RPC over HTTPS (then ultimately to iPhone)


    Thanks for taking the time to read this, I'm about 8 hours into trying to work this out and while I feel I'm fairly close to getting the job done, 95% is as good as nothing.

    We have a single server environment which is Windows Server 2003 SP2 (and is fully patched), running Exchange 2003 SP2. Internal clients and external clients who use the VPN have no issues, the server is working fine. The issue arises when trying to connect remotely using RPC over HTTPS. Outlook is always 2007 and the clients are mainly XP SP3, with some Vista SP1, no Windows 7.

    When setting up the SSL and RPC, I followed 2 guides on this site:

    SSL: (the cert we have is a 90 day free trial from an online CA)

    As far as I can tell, everything went through fine. Indeed, if I use and perform the "Outlook Anywhere (RPC over HTTP)" test, it says everything completes fine.

    That, however, is where the good stops. On the same site, if I run the "Exchange ActiveSync" test, that fails as below:

    Attempting an ActiveSync session with server
    ---Attempting FolderSync command on ActiveSync session
    ------Exchange ActiveSync returned an HTTP 500 response.

    This error lead me to but following the article didn't fix the issue.

    When I try and create a profile in Outlook 2007 to the server, I get continually prompted to enter a username and password, even though I'm entering valid details. Sometimes the external FQDN of gets resolved to the internal FQDN of servername.domain.local and the username is underlined, sometimes not. This is still the case when I've been into 'More Settings' and set up Exchange over RPC.

    Finally, when launching Outlook with this /rpcdiag switch, I get asked for a username and password again, only see 1 line in the connection status box (which stays on a status of 'Connecting') and can't see the mailbox.

    Once this is working I believe the iPhones will also be able to work properly as they use the same or very similar methods.

    Any help would be great appreciated. I'm able to give you Remote Control of the server and test account usernames and passwords should you need it.



  • #2
    Re: Exchange 2003 over RPC over HTTPS (then ultimately to iPhone)

    I wouldn't recommend giving out remote access to some schlub on a forum. Only give that out to paid contractors who you can hold liable. We'll certainly try to help you out though, but you'll have to do the actual work (and hopefully learn from it in the process).
    ** Remember to give credit where credit is due and leave reputation points where appropriate **


    • #3
      Re: Exchange 2003 over RPC over HTTPS (then ultimately to iPhone)

      Looks like a challenge here....lets fix it then


      Check the below for me please:

      1. Location: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy

      Whats the value of this key??

      The value should be:

      Mailboxserver_NETBIOS:6001-6002;Mailboxserver_NETBIOS:6004;Mailboxserver_FQDN :6001-6002;Mailboxserver_FQDN:6004 (no spaces in the above format)

      2. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\NTDS\Parameters

      Type REG_MULTI_SZ
      Name: NSPI Interface protocol sequences
      Value: ncacn_http:6004

      Let me know if it works for you or not after making the above changes.

      Last edited by jedi001; 20th January 2010, 23:59.
      Technical Director
      Ex-Microsoft (Exchange Client & Server Infrastructure Team), MCSA, MCSE, MCITP, MCTS & ITIL Foundation certified


      • #4
        Re: Exchange 2003 over RPC over HTTPS (then ultimately to iPhone)

        I would leave the iPhone out of the equation for now, as it will connect over ActiveSync rather than RPC over HTTPS. RPC over HTTPS (or Outlook Anywhere as it is now rather more intuitively named) allows your laptop users to connect back to their mailboxes over the internet using Outlook rather than using OWA.

        Does RPC over HTTPS work internally? What authentication do you have set on the clients, Basic or NTLM? Also is the trial cert you've got from a trusted Root CA that your clients are already configured to trust? The updates for trusted Root CAs are optional in Windows Update, so don't get installed automatically.
        BSc, MCSA: Server 2008, MCSE, MCSA: Messaging, MCTS
        Cruachan's Blog


        • #5
          Re: Exchange 2003 over RPC over HTTPS (then ultimately to iPhone)

          I feel I may have ventured down an a path that I don't need to in regards of the Outlook Anywhere. All clients that connect to Exchange using Outlook will do so either internally or over a VPN (as they have other applications that require this connection). I, mistakenly, thought that the iPhone would use RPC to connect, and if that's not the case, then is doesn't need to be fix. The end goal is to get iPhone to work with Exchange, not RPC.

          If it's still useful, the values from the reg keys you mentioned are as I would expect- the same values as you've got in your post (expect that the mailserver is named)

          I've been using Basic authentication, but don't have any requirement to use either, whichever works I'm happy with. The certificate is from a CA that is trusted by default in IE6+ and I've not seen any issues there.

          Would I be better off starting a new thread that specifically deals with the iPhone/Exchange issue, or can we continue from here?

          Thanks for the help so far,



          • #6
            Re: Exchange 2003 over RPC over HTTPS (then ultimately to iPhone)

            Good news

            I revisited this document: as I felt that the ActiveSync issue was probably why the iPhones weren't working.

            Turns out I'd put the registry entry for the '/exchange-oma' as 'exchange-oma'. When I changed this (as well as checking the other 24 steps in the guide), everything worked.

            Hope this can help someone else, but I'm happy as larry!