HTTP ove RPC

Sp00n · 23 Jun 2008 at 11:51

I have a a problem trying to setup rpc over http, the password prompt in outlook never accept my password but it does prompt so it shows that i have configured it "almost" right.

What have i missed?

quackers · 23 Jun 2008 at 12:49

Try it with DOMAIN\username

Sp00n · 23 Jun 2008 at 14:17

Lol... tried that, doesnt work. Just continually prompts.

Tried all sorts of permissions on the rcp folder in iis, setup the rpcproxy etc... but it just won't accept the pass.

madman045 · 23 Jun 2008 at 16:19

What you connecting to Spoon, 2003 or SBS?

Im assuming your machine is on the domain and you have a certificate of some sorts?

I only had the same issue as you when my laptop was not on the domain and I didnt have the certificate installed that was in IIS for exchange.

This might help you find what you have missed

http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm

wasc · 23 Jun 2008 at 19:32

Sp00n said:
I have a a problem trying to setup rpc over http, the password prompt in outlook never accept my password but it does prompt so it shows that i have configured it "almost" right.

What have i missed?

In your outlook settings, change it to use Basic authentication instead of NTLM.

Also, do you have a front end, back end config, or do you have a single exchange server? if it's a single exchange server, do you have a proper url you use (e.g webmail.mydomain.com)? if so, you will need to download and run this tool -> http://www.petri.co.il/software/rpcnofrontend.zip in order to add in your external URL (e.g webmail.mydomain.com) into the registry on the exchange server. A reboot is needed after doing this.

To give credit where due it came from this site -> http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm

If you are still stuck, add me to msn and i will be able to assist tomorrow between 9 and 5 while i'm at work. Msn is in trust.

Sp00n · 23 Jun 2008 at 20:17

Currently there are 2 exchange servers but the back end is being removed so its being setup as a "single" server environment with a separate DC.

I have run the registry editor which amends all the rpcproxy settings to the correct ones.

It used to work before with NTLM but since we added the new exchange server in its all kinda bawlsed up.

It's almost like it can't authenticate the domain/user/pass against the DC, hmm...

wasc · 23 Jun 2008 at 20:35

Sp00n said:
Currently there are 2 exchange servers but the back end is being removed so its being setup as a "single" server environment with a separate DC.

I have run the registry editor which amends all the rpcproxy settings to the correct ones.

It used to work before with NTLM but since we added the new exchange server in its all kinda bawlsed up.

It's almost like it can't authenticate the domain/user/pass against the DC, hmm...

Ok. Three things I can think of

1) Check your new (single) exchange server has the "RPC back end" option ticked in exchange system manager (as per the screenshot here -> http://www.petri.co.il/images/rpc_over_http_sp1_1.gif )

2) Double check all your permissions and settings in IIS as per this site -> http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm

3) Check your DNS. e.g if in outlook you entered in "webmail.mydomain.com" as the exchange server, then ping webmail.mydomain.com - if you get an internal ip address (e.g. 192.168.1.1) then everything is looking good. If you have an external IP as the result (e.g 81.82.83.84) then it may be your firewall is not liking your traffic going out and back in again and may be blocking something. If necessary, test this by ammending your hosts file in windows\system32\drivers\etc on one machine. If this fixes it, then add a new zone to your active directory DNS for "webmail.mydomain.com" pointing to the IP of your exchange (e.g 192.168.1.1) so that all computers asking for your webmail.mydomain.com get your internal ip address of your exchange.

If all that fails, then I'd advise following every single step on that website very carefully and to the letter because you only need one small setting wrong for it to fail.

Sp00n · 24 Jun 2008 at 12:05

I tried using basic auth and it works no problem, but it used to work via NTLM and I'd rather not tell the client he has to change a setting.

My machine isn't on the domain, or any domain for that matter. Is that why the NTLM won't accept my password even though its correct?

*edit*

NTLM wasn't enabled on RPC within IIS, ticked this, tried again and shock horror it works! lol.

Thanks for all your help guys