Announcement

Collapse
No announcement yet.

RPC over http/s problem. Outlook will not connect.

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • RPC over http/s problem. Outlook will not connect.

    Hello there.

    I've followed the document "how can i configure RPC over HTTP/S on Exchange 2003 single server.

    Afterwards i am trying to connect to the server from a wan location.
    (PS: my webmail works fine).
    I get the loginname and password question but thats it.

    What should i do to test or find out where i went wrong?

    Thanks all that can help me.

    Greetings, Ronald.

  • #2
    Re: RPC over http/s problem. Outlook will not connect.

    A little clairification-

    You can connect to OWA through the web, and you get the login/password screen?

    If so, use your domain\username and then your password to log into OWA.

    Can you connect to OWA from inside the network? Can you log on to OWA from insode the network?

    Good luck

    Pete C

    Comment


    • #3
      Re: RPC over http/s problem. Outlook will not connect.

      Thanks for the reply.

      The following is happening.
      I've installaled sp1 exchange 2003 and followed the installation manual to use OUtlook2003 over http using rpc.

      It's now working in my local network. So i can start outlook while using HTTP.

      The problem is that it will not work behind a firewall.

      To clarify that i have port 80 open and working i told you that i CAN use OWA to the same server.

      So what can be the problem with the firewall / adsl router?

      Thanks again

      Comment


      • #4
        Re: RPC over http/s problem. Outlook will not connect.

        What about port 443? RPC over HTTP/S is actually SSL-based.
        Cheers,

        Daniel Petri
        Microsoft Most Valuable Professional - Active Directory Directory Services
        MCSA/E, MCTS, MCITP, MCT

        Comment


        • #5
          Re: RPC over http/s problem. Outlook will not connect.

          I don't think i'm clear about the problem.

          I'trying to use outlook over RPC/HTTP.

          OWA WORKS FINE!!!

          I've found out that it works wen you connect the client computer for the first time to the lan directly or through an VPN.
          Than create the profile within the outlook client.

          Disconnect the computer from the lan ( phiscaly or disconnect the VPN)
          Launch outlook and the rpc http connection works fine.

          So i have a work around but it's not the way to do it.

          Thanks for your responces

          Comment


          • #6
            Re: RPC over http/s problem. Outlook will not connect.

            Well yes, you are not clear as to the problem, what works, what doesn't work, what you did and why you did it.

            We'd like to help, but we don't read minds. Please try to post the whole story from the start, this time with ALL the relevant info.
            Cheers,

            Daniel Petri
            Microsoft Most Valuable Professional - Active Directory Directory Services
            MCSA/E, MCTS, MCITP, MCT

            Comment


            • #7
              Re: RPC over http/s problem. Outlook will not connect.

              Originally posted by rlinden
              Hello there.

              I've followed the document "how can i configure RPC over HTTP/S on Exchange 2003 single server.

              Afterwards i am trying to connect to the server from a wan location.
              (PS: my webmail works fine).
              I get the loginname and password question but thats it.

              What should i do to test or find out where i went wrong?

              Thanks all that can help me.

              Greetings, Ronald.
              we have the same problem over here any solutions?

              Comment


              • #8
                Re: RPC over http/s problem. Outlook will not connect.

                If you try to connect to http://servername/rpc, what happens?
                Are you prompted for user/pass?

                Comment


                • #9
                  Re: RPC over http/s problem. Outlook will not connect.

                  Hello I've the same problem.
                  I've read many, many assignments, howto's and so on and have still no solution.

                  I've installed also Windows 2003 SBS Premium SP1 and Exchange Server 2003 SP1.
                  I've set up all configuration hints by MS or others e.g. installed HTTP over RPC over network services. Open the only necessary (MS said) port 443 for HTTP/s over RPC.
                  There is a connection attempt i see with netstat through the internet to the server.
                  But later on the connection failed.
                  What also happens is that the name in the mail profile can be resolved by the login. Outlook puts in later on the right internal server name (FQDN).
                  For that the connection itself is successful i suppose.

                  I checked with the Windows 2003 RK (in this case "Winhttptracecfg") the HTTP-Traffic and got this:

                  19:16:35.031 ::*0000074* :: "ralph-henrich.dyndns.org" resolved
                  19:16:35.156 ::*0000074* :: Winsock/RPC/SSL/Transport error: 0x90312 [SEC_I_CONTINUE_NEEDED]
                  19:16:35.156 ::*0000074* :: sending data:
                  19:16:35.156 ::*0000074* :: 70 (0x46) bytes
                  19:16:35.156 ::*0000074* :: <<<<-------- HTTP stream follows below ----------------------------------------------->>>>
                  19:16:35.156 ::*0000074* :: ....A...=..C.......r..........a.gA..3I1.sw........ .
                  19:16:35.156 ::*0000074* :: ...d.b.........c..
                  19:16:35.156 ::*0000074* :: <<<<-------- End ----------------------------------------------->>>>
                  19:16:35.296 ::*0000074* :: received data:
                  19:16:35.296 ::*0000074* :: 1024 (0x400) bytes
                  .
                  .
                  .
                  .
                  .
                  .
                  .
                  .
                  .
                  later on:
                  19:16:35.531 ::*0000074* :: <<<<-------- HTTP stream follows below ----------------------------------------------->>>>
                  19:16:35.531 ::*0000074* :: HTTP/1.1 302 Object moved
                  19:16:35.531 ::*0000074* :: Date: Tue, 06 Sep 2005 17:15:02 GMT
                  19:16:35.531 ::*0000074* :: Server: Microsoft-IIS/6.0
                  19:16:35.531 ::*0000074* :: X-Powered-By: ASP.NET
                  19:16:35.531 ::*0000074* :: MicrosoftOfficeWebServer: 5.0_Pub
                  19:16:35.531 ::*0000074* :: Content-Type: text/html
                  19:16:35.531 ::*0000074* :: Location: https://login.passport-ppe.com/ppsec...0f1d4b3c5f1340
                  19:16:35.531 ::*0000074* :: Content-Length: 0
                  19:16:35.531 ::*0000074* :: WWW-Authenticate: Passport1.4 lc=1033,id=1,tw=1800,fs=1,ru=https://ralph-henrich.dyndns.org/rpc/rpcproxy.dll%3FSRVIQC03:593,ct=1126026902,kv=1,ver =2.1.6000.1,seclog=10,rn=oLBT0TvT,tpf=25560444cc74 400bd8a0157be7f8f75e
                  19:16:35.531 ::*0000074* ::
                  19:16:35.531 ::*0000074* ::
                  19:16:35.531 ::*0000074* :: <<<<-------- End ----------------------------------------------->>>>
                  19:16:35.531 ::*0000074* :: WINHTTP_CALLBACK_STATUS_REQUEST_ERROR: Failure API = API_RECEIVE_RESPONSE, Error = ERROR_WINHTTP_FORCE_RETRY

                  ...and more.

                  But I have no solution for this.

                  OWA is working fine with certificates.

                  Have anybody a suggestion how to solve this prob?
                  I have no more idea's!
                  Thanx alot!

                  Comment


                  • #10
                    Re: RPC over http/s problem. Outlook will not connect.

                    Has the Exchange 2003 system been made a GC?
                    1 1 was a racehorse.
                    2 2 was 1 2.
                    1 1 1 1 race 1 day,
                    2 2 1 1 2

                    Comment


                    • #11
                      Re: RPC over http/s problem. Outlook will not connect.

                      Has the Exchange 2003 system been made a GC?
                      I made it to an Back-End Server.
                      Is that what you mean with GC( Global catalog server)?
                      This issue i haven't considered.
                      I will try this.
                      Thanx!

                      Comment


                      • #12
                        Re: RPC over http/s problem. Outlook will not connect.

                        I'm sorry,
                        I looked in the AD-Server NTDS-settings and there was a hook set at
                        GC.
                        What i don't understand is that OWA is working and HTTP over RPC not.
                        Where's the difference?
                        Depends it on the certification authority?
                        I don't know....

                        Comment


                        • #13
                          Re: RPC over http/s problem. Outlook will not connect.

                          I have the same problem twice - One Live server and one Test server
                          I have it working on my Domain at home, but that is a different OS (SBS 2003) and easier to setup.

                          I set up a client on Win 2K3 SP1 and Exchange 2K3 SP1.

                          Followed the configuration White Sheet and opened Ports 80 and 443.

                          When this did not work I setup a registered Test Domain name and a Test server.

                          Configured the Test server following the RPC over HTTP/s single server White Sheet.
                          Received the Certificate.
                          Trusted the Web Site.
                          Tested OWA.
                          Started Outlook, get a prompt for the Username/Password and then nothing.
                          Start a VPN and it works.
                          Disconnect VPN and it does not work.

                          What’s the point in using it if you have to use a VPN to get it working?
                          The biggest difference I can see is that at home I don't use a Sonicwall and on the Live and Test site I am using a Sonicwall.

                          Yes its a GC, Domain, DNS, RPC Certificate, Back End server, the internal Domain name is different to the External,

                          Comment


                          • #14
                            Re: RPC over http/s problem. Outlook will not connect.

                            Here are the issues you need to consider, all posters should check to see if this is ok in their setup:

                            -- FW opens TCP port 443 from ANY IP to the IP of the RPC PROXY, which in most simple scenarios is also the Front End server, or to the Back End server in case you only have one Exchange server.

                            -- If the RPC PROXY is in the DMZ and the Front End/Back End server is in the corporate network (as it should be) then you will need to enable RPC communication from the RPC PROXY to the Front End/Back End server. The RPC PROXY takes the encapsulated RPC over HTTPS packets and passes the RPC to the Front End server (or to the Back End, if there is only one Exchange server).

                            -- If Front End server/RPC PROXY is inside the DMZ, then you also must allow it to connect with regular RPC to the GC (Global Catalog) servers (all of them).

                            -- Make sure the client(s) trust the CA from where the SSL Cert was issued. If this is a 3rd-party CA, then ok, but if it's an internal CA, make sure either the client(s) are part of that domain, or at least import the CA's root cert to these machines. Connection will fail if client does not trust CA.

                            -- Make all the required registry changes on the Exchange servers and on all the CGs (see http://www.petri.com/configure_rpc_o...gle_server.htm)

                            -- Test the RPC virtual folder (see above article for info, and see http://www.petri.com/rpc_over_http_e..._2003_sp1.htm).

                            -- Use OUTLOOK /RPCDIAG to test connectivity (see http://www.petri.com/testing_rpc_ove...onnection.htm).

                            -- Test RPC over HTTPS internally, not just OWA, but the whole thing. See above link for info on how to do this. Make sure tht internally it works. Don't assume it does, check. If it does, then we move on.

                            -- Make sure you check your MTU/MSS settings (read http://www.broadbandreports.com/faq/695). Although not many talk about this issue, I've seen this happen dozens of times. Because of the extra encapsulation, some simple routers (home routers, cheap routers and so on) cannot handle the fragmentation well. Other traffic seems to work, but RPC over HTTPS might not. I suggest you use tools like http://www.dslreports.org and http://www.dslreports.org/drtcp to check and perhaps modify the MTU/MSS settings of the remote computers. In most so-called "lost cases" lowering the MTU to 1492 and the MSS to 1452 has immediately solved the issue.
                            Last edited by danielp; 18th October 2005, 02:27.
                            Cheers,

                            Daniel Petri
                            Microsoft Most Valuable Professional - Active Directory Directory Services
                            MCSA/E, MCTS, MCITP, MCT

                            Comment


                            • #15
                              Re: RPC over http/s problem. Outlook will not connect.

                              We Solved our problem

                              It was our root certificate not being added to Trusted sites.
                              The Root certificate was issued to the server Netbios name and the Website name.
                              The root certificate must be issued the mx mail.xxxx.com server name only.

                              Read MS Knowledge ID 297681 to create a Web Page script to add the root certificate to the correct location.
                              Unless you want to uninstall Certificate services and re-install.

                              After we created the web page script RPC over HTTP worked perfectly

                              Comment

                              Working...
                              X