RE: RPC over HTTPS failing
- From: Elvis <Elvis@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 24 Feb 2007 17:22:00 -0800
Hi Chase,
I am having quite a struggle today with RPC over HTTPS.
Running SBS 2003 SP1 fully patched.
rpc over https has been working for 8 months not a glitch until yesterday.
The user logs on and it just doesn't connect anymore:
I ran outlook /rpdiag and it never established a connection...strange
because when I got to https://mail.domain.com/rpc and authenticate I get the
403.2 read access is denied which is normal..
I do not get promted for a cert when I got to
https://mail.domain.com/exchange as I have already installed the vert..I have
rerun the CIEW wizard a few times..
verified all settings...everyhting look correct except I cannot connect via
https to the server from outside..I can telnet to port 443 from outside...I
am really stumped on this one and need some expert advice...I consider myself
to be technical..
any help would be greatly appreciated:
My iis log file:2007-02-23 07:49:47 W3SVC1 10.0.0.5 RPC_OUT_DATA
/rpc/rpcproxy.dll FILE.XXXX.local:6001 443 domain\user 63.X.X.X MSRPC 501 0 0
2007-02-23 07:49:47 W3SVC1 10.0.0.5 RPC_IN_DATA /rpc/rpcproxy.dll
FILE.XXXX.local:593 443 domain\user 63.X.X.X MSRPC 501 0 0
I ran rpcping as you recommended and I get "invalid binding option
<rpcproxy=mail.domain.com>. You must specify the rpcproxy.
Thanks
Elvis
MCSE NT4.0/2000/2003
"chace zhang" wrote:
Hi Richard,.
Thank you for posting here again, I'm glad to work with you on this issue.
From your post, I do undersatand after above steps, OWA work smoothly, but
when you access exchange via RPC OVER HTTPS, always trying to conncect. If
I have misunderstood your concern, please feel free to let me know.
Based on my knowledge, in most cases, the RPC over HTTPS issue of the SBS
2003 servers could be caused by the certificate trust. The web server
certificate issued by the SBS CEICW is not trusted by the IE client
natively. When we connect to the SBS server through RPC over HTTPS, since
there is no mechanism to prompt the certificate security alert (as IE does)
to let the user to confirm the connection, if the certificate is not
trusted by the client computer, the RPC-HTTPS would not be established.
Here, I suggest you refer to the instructions in RWW site and then
reconfigure the remote Outlook client. You may open Internet Explorer,
access https://FQDN/remote and input the credentials. Click the link
'Outlook via Internet'. After doing the steps, will you be able to
establish the RPC-HTTPS connection?
If the problem persists, please help to collect the following information
for further analysis:
1. Please try to access the URL: https://company.com/rpc/ Will you get any
security alert regarding the certificate? After inputting the credentials,
what message do you get from the browser?
2. Use the RPCping utility to dialog the RPC over HTTPS traffic from the
external network. What's the result?
831051 How to Use the RPC Ping Utility to Troubleshoot Connectivity Issues
with
http://support.microsoft.com/?id=831051
Install the RPC ping utility on the client computer and then open a command
prompt, run the command as the following example:
rpcping -t ncacn_http -s SBSlocalname -o RpcProxy=www.mydomain.com -P
"user,localdomainname,*" -I "user,localdomainname,*" -H 1 -u 10 -a connect
-F 3 -v 3 -E -R none
I appreciate you taking time to perform the tests. If you have any
questions or concerns, please feel free to let me know. I look forward to
your reply!
Have a nice day!
Best Regards,
Chace Zhang (MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
=====================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
=====================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| Thread-Topic: RPC over HTTPS failing
| thread-index: Acac2QnmBWx/VhILTcGz9z7pRAxlzA==
| X-WBNR-Posting-Host: 70.90.162.125
| From: =?Utf-8?B?UmljaGFyZCBZb3VuZw==?=
<RichardYoung@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Subject: RPC over HTTPS failing
| Date: Fri, 30 Jun 2006 23:39:01 -0700
| Lines: 35
| Message-ID: <C42E8CAF-E4E7-4986-ADEE-667DF0BB9376@xxxxxxxxxxxxx>
| MIME-Version: 1.0
| Content-Type: text/plain;
| charset="Utf-8"
| Content-Transfer-Encoding: 7bit
| X-Newsreader: Microsoft CDO for Windows 2000
| Content-Class: urn:content-classes:message
| Importance: normal
| Priority: normal
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.1830
| Newsgroups: microsoft.public.windows.server.sbs
| Path: TK2MSFTNGXA01.phx.gbl
| Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.windows.server.sbs:278548
| NNTP-Posting-Host: TK2MSFTNGXA01.phx.gbl 10.40.2.250
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| I am working with an SBS 2003 Server SP1 with Exchange SP2.
|
| Recently, the companyweb site was not working on this server, so we
deleted
| the Exchange Vd's in IIS and had Exchange re-create these. Since then we
are
| now back up and running with the companyweb, OWA, and OMA.
|
| However, we are having trouble with RPC over HTTPS, where the client sits
at
| a status of "Trying to Connect".
|
| The client is running XP PRO SP2 and Outlook 2003 SP2.
|
| The client was configured carefully using the instructions found on the
RWW
| site.
|
| When I browse to https://localhost/remote on the server it comes up
| immediately with the login screen for RWW, so it appears that the server
| certificate is being trusted by the server.
|
| My client is configured with an additional outlook profile for rpc over
| https use where it connects to a public A record which resolves to our
public
| IP address and is routed to the SBS server (port 443 is routed to sbs
server).
|
| The exchange proxy is set to msstd:servername.fqdn.com which resolves to
my
| SBS server.
|
| There are no errors logged in either the workstation logs or server logs.
|
| Is there another log I can turn on to further troubleshoot this issue?
|
| Thanks!
| --
| __________________________
| Richard Young, SBSC, CNE
| http://www.relyonit.com
|
|
- Follow-Ups:
- RE: RPC over HTTPS failing
- From: chace zhang
- RE: RPC over HTTPS failing
- Prev by Date: Re: Poor https performance
- Next by Date: Re: WSUS downloading 5GB
- Previous by thread: Re: Poor https performance
- Next by thread: RE: RPC over HTTPS failing
- Index(es):
Relevant Pages
|
Loading
