Re: RPC over HTTP - one server scenario no ISA

Tech-Archive recommends: Fix windows errors by optimizing your registry

From: Brian Ladley (bladley_removethispart_at_cfl.rr.com)
Date: 03/31/04 

Date: Tue, 30 Mar 2004 22:59:52 -0500

I've tried everything you mentioned since I have a similar setup; 1 Win2K3
server DC/GC/Ex2003 behind Broadband router. Ports 443, 6001-6004 wide
open. Default web site is accessible outside the router with HTTPS as well
as OWA under HTTPS. I've been able to connect to the server from an XP box
behind the router over HTTP according to /rpcdiag. When I try it from
outside the router, the /rpcdiag option shows that it can't even connect at
all. I verified the PID's and found them to be as you stated in the message
below. I'm still stumped. I've been at this for a week.

Brian Ladley

"Tim Hackbart [MSFT]" <Timhack@online.microsoft.com> wrote in message
news:eD9D5leDEHA.3472@TK2MSFTNGP09.phx.gbl...
> Guy
>
> Here is a great article that may help
> 833401 How to configure RPC over HTTP in Exchange Server 2003
> http://support.microsoft.com/?id=833401
>
> Here is the big picture:
> Valid Ports key- this is crucial, if all the ports or servers are not
listed
> correctly, it will fail.
> You need access to the following ports
> 6001 Exchange Information store UUID A4F1..
> 6002 Global Catalog Referral UUID 1544.. this is the service that OL2003
> talks to in order to find out which Global Catalog to connect to
> 6004 Directory service- UUID F5CC..
> If you have an all in one box, lets call it "server.domain.com" both the
> Exchange server and Global Catalog you need to make sure your Valid Ports
> key includes the following,
> "server:6001-6004;server.domain.com:6001-6004" without quotes
> That way you have covered all three ports and both the netbios name of the
> server and the FQDN
>
> Once you make sure that you have the correct ports and names listed in the
> Valid Ports key, then make sure the correct Ports are listening and that
the
> correct Services are listening on those ports
> In 2003 we have extended netstat with a "o" option that gives you the
> Process Identifier(PID) of the service listening on the port.
> So go to the command prompt and run "netstat -ano"
> Note down the PIDS of the services listening on 6001, 6002 and 6004
> Then go to Task Manager and Processes then View-Select Columns and check
> "PID Process Identifier"
> In all cases 6001 should map to the STORE.EXE process and 6002 to the
> MAD.EXE process.
> If the server is a Global Catalog, then 6004 should map to LSASS.exe,
which
> I think is your case.
> IF the server is a Member Server, then 6004 should map to MAD.EXE
>
> In your case, if 6004 is not listening or not matched to lsass, I would
> delete and then add the NTDS parameters key back and reboot, until you see
> 6004 mapped to lsass.exe
>
> This is all covered in the KB as well.
>
> Hope this helps.
>
> --
> Tim Hackbart M.C.S.E.
> This posting is provided "AS IS" with no warranties, and confers no
rights.
>
> Please do not send email directly to this alias. This alias is for
newsgroup
> purposes only.
>
> "Guy Whistler" <guy@bluetomato.uk.com> wrote in message
> news:1079705031.723655@localhost.localdomain...
> > Hi, Sorry of I am covering the same ground here.
> >
> > I have a system which is a newly installed. It is a one server system
with
> > Windows 2K3 and Exchange 2K3. I have followed the usual instructions for
> RPC
> > over HTTP by doing the following:
> >
> > Setup SSL (I just used MS selfSSL) - tested ok using OWA
> > Install RPC proxy
> > Set to basic authentication
> > Set valid ports in registry using my server's internal names and ports
> 6001
> > and 6004 and even its public IP for good measure.
> > Also set the other reg key under
> > HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters as
> per
> > the MS deployment scenarios guide.
> >
> > I have set the firewall to allow through ports 80 and 443.
> >
> > I feel sure the server settings are correct (or nearly). I am not sure
> what
> > to put in the outlook proxy settings. Do I use the server's internal
> name -
> > or public IP or what?
> >
> > I have tried several different scenarios and none of them seem to work
at
> > all.
> >
> > All help much appreciated.
> >
> > Guy
> >
> >
>
>

Relevant Pages

  • Re: Simultaneous DSL and cable modem access on a SBS network...sorf ot.
    ... Internet Connection wizard on the SBS box, ... "More Information" button on what ports need to be opened to the SBS. ... The server and the fax (the line the DSL modem ... The cable modem already has a router attached to it as well, ...
    (microsoft.public.windows.server.sbs)
  • Re: SBS 20003 R2 Newbie
    ... Try using a smarthost to send outbound mail from your SBS server. ... you may have better luck using the Earthlink ... In the router, you need to forward some ports to your SBS NIC: ...
    (microsoft.public.windows.server.sbs)
  • Re: Set up Remote Connection
    ... To know what ports you need to forward for RWW and/or OWA, VPN, etc: ... Configuring Virtual Servers on Belkin Router: ... run my internet connection directly from the cable modem to the ... server, and then to the router through the second NIC. ...
    (microsoft.public.windows.server.sbs)
  • Re: Home Networking Question: Bridging/IP Forwarding between 2 LAN segments
    ... WAN port to the switch. ... Connect server 6 to the Westell and configure as necessary to allow ... Connect the WAN port on the Linksys router to the Westell device (or ... Linksys LAN ports. ...
    (microsoft.public.win2000.networking)
  • Re: Whats a decent modem/router for tech savy user?
    ... It is not possible to route or deny traffic to specific ports based on the source IP address. ... But it wont route back inside the LAN - needs internal DNS server spoofing. ... Normally, this option should be Enabled, so that an Internet connection will be made automatically, whenever Internet-bound traffic is detected. ... Specifying a Default DMZ Server allows you to set up a computer or server that is available to anyone on the Internet for services that you haven't defined. ...
    (uk.telecom.broadband)