Hi,

I still have trouble getting the RPC over HTTPS to work.

I have bought a cert from thawte, but stull the outlook client won't connect

OWA and OMA work on HTTPS, how can I troubleshoot the RPC over HTTPS comms?

Pls respond

Jurgen 

UPDATE;

I have read an article you can check running Outlook with the RPCDIAG switch, but it seems to be not making any connection. All connections listed fail. I also read some post checking the https://webmail.domain.com/rpc

I have tried that using UPN (emailadress), DOMAIN\user_domain and just with the username. No luck

When I check the RPC virtual directory settings, directory security, edit 'authentication and access control' I see a "\" in the domain field. Is this correct?

I have installed a thawte certificate, do I need to disable acess on port 80 to make it work?

I am lost here pls help

ezjurgen:

how can I troubleshoot the RPC over HTTPS comms?

Use rpcping utility from Windows Resource kit.

thanks for replying:

I have tried this and the test is OK

C:\Program Files\Windows Resource Kits\Tools>rpcping.exe -s webmail.domain.be -v 3

RPCPing v2.12. Copyright (C) Microsoft Corporation, 2002

OS Version is: 5.1, Service Pack 2

Completed 1 calls in 63 ms

15 T/S or  63.000 ms/T

That seems correct

But how do users need to authenticathe themselves. What type is correct? DOMAIN\user_hisdomain

is this the right way?

Hi dimitri,

If you mean the script I can download from the https://webmail.domain.be/RCPHTTPConfig

I have run the VBS script and used the mail.prf profile.

So I do not know what went wrong

pls advise

ezjurgen

Hi Anders,

The settings I use is

Exchange settings

server FE01 (in my own working SBS setup it uses a server.domain.local) FE01 was setup by the mail.prf profile what do you use?)

user user@hisowndomain.be

Exchange proxy settings

HTTPS://webmail.domain.be

Mutually auth.... is enabled

msstd:webmail.domain.be

Basic authentication is used.

Are these correct settings?

Thanks for helping

Check this article - http://support.microsoft.com/kb/831051/en-us

To test RPC Proxy server run

rpcping -t ncacn_http -s ExchBackEndServer -o RpcProxy=ExchFrontEndServer -P "user,domain,*" -I "user,domain,*" -H 2 -u 10 -a connect -F 3 -v 3 -E -R none -B msstd:server_certificate_subject

To simulate Outlook connection run

RpcPing -t ncacn_http -s ExchBackEndServer -o RpcProxy=ExchFrontEndServer -P "user,domain,*" -I "user,domain,*"  -H 1 -F 3 -a connect -u 10 -v 3  -e 6001 -B msstd:server_certificate_subject

Hi Dmitri,

1. Just to be on the safe side, users do need to logon like:

FABRICAM\user01_userdomain

Right? Or is it :

user01@userdomain.com ?

2. Only port 443 needs to be enabled on the outside interface of the front end server right?

3. I have tried the RPCping but was unable to get reply, is this just because ping request are blocked on the firewall or does the utility use the 443 port.

4. I tried the RPCping on the client machine outside the network the HE is running is this correct?

ezjurgen:

Hi Dmitri,

1. Just to be on the safe side, users do need to logon like:

FABRICAM\user01_userdomain

Right? Or is it :

user01@userdomain.com ?

In Outlook 2003 - doesn't matter. In RPCPing - "domain,username,password"

ezjurgen:

2. Only port 443 needs to be enabled on the outside interface of the front end server right?

Right

ezjurgen:

3. I have tried the RPCping but was unable to get reply, is this just because ping request are blocked on the firewall or does the utility use the 443 port.

It use RPC. If you specify RPC proxy, than it use RPC over HTTP(S) (port 443).

ezjurgen:

4. I tried the RPCping on the client machine outside the network the HE is running is this correct?

It is correct

Hi,

Can you telnet to port 443 from outside?

Is OWA asks for certificate YES or NO ?

We found it,

It seems I missed a step on the consolidated setup guide to enable the RPC backend option on the BE exchange server. All works well now. Thanks for the help guys.