Discussion:
RPC Over HTTP just not working
(too old to reply)
Jeniffer K
2006-07-06 04:50:38 UTC
Permalink
I've followed all steps outlined in Microsoft's whitepaper on how to set
this up, but its just not working for me...I will be a bit specific on how I
set this up, hopefully someone can jump in and help me out.

My scenario is as follows...Exchange Server 2003 SP2 running on windows 2003
SP1, one single server, no front-end server, back-end running on global
catalog server, the internal NetBios name is MAIN, i will call our internal
domain 'InternalDomain.Local' and external domain 'mail.ExternalDomain.com'

1) Installed RPC-Over-HTTP proxy Windows component
2) In ESM I checked off RPC-HTTP back end server and clicked Yes to auto
configure ports
3)In IIS under Directory Security of the RPC Virtual server, i unchecked
anonymous access and checked basic authentication
4) Verified registry values for NTDS port, here is the value under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters
Name: NSPI interface protocol sequences
Type: REG_MULTI_SZ
Value: ncacn_http:6004
6) Verified registry values for auto configured ports to use for by the
proxy server, i have the following
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Nname: Rpc/HTTP Port
Type: REG_DWORD
Value: 0x1771 (6001)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: HTTP Port
Type: REG_DWORD
Value: 0x1772 (6002)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: Rpc/HTTP NSPI Port
Type: REG_DWORD
Value: 0x1774 (6004)
7) Configure the RPC proxy server to use specified ports for RPC over HTTP,
i have the following
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
Name: ValidPorts
Type: REG_SZ
Value:
main:6001-6002;main.InternalDomain.Local:6001-6002;main:6004;main.InternalDomain.Local:6004
8) When running 'rpccfg /hd' it outputs the following
Server Name Port Settings
----------------------------------------------------
main 6001-6002 6004
main.InternalDomain.Local 6001-6002 6004
9) Installed Microsoft CA on the global catalog server and configured a new
Enterprise Root CA server
10) Obtained a SSL certificate from the above Root CA for IIS and applied
the SSL settings to all virtual server under the 'Default Web site'
11) Tested the new certificate from an outside machine accessing OWA over
HTTPS, test was successful
12) Configured that same outside machine to trust the above Root CA and when
accessing OWA i wasn't given any warnings
13) Created a new Outlook profile (running Outlook 2003 SP1) using the
following settings
*Microsoft Exchange Server: mail.InternalDomain.Local
*UserName: administrator
*Checked "Connect to my Exchange mailbox using HTTP
*Under connection settings...use this URL...mail.ExternalDomain.com
*Connect using SSL only is checked and grayed out
*Checked "Mutually authenticate the session when connecting with SSL"
*Principal name...msstd:ExternalDomain.com
*under Use this authentication i selected "Basic Authentication"

So finally at this point when I click 'Check Name' i get the 'connect to
mail.Internaldomain.Local' logon box, i enter for the UserName:
InternalDomain\administator then type the password...click OK and I get the
standard frustrating error "Outlook could not log on.....The connection to
the Microsoft Exchange Server is unavailable...etc.

This is sooo frustrating, i've spend countless hours trying to figure
this...I would really appreciate anyone's help, oh of course i rebooted the
server after setting it up

thanks loads
Andrew Sword [MVP]
2006-07-06 08:28:54 UTC
Permalink
Try this link it may help.

http://support.microsoft.com/?kbid=827330
Post by Jeniffer K
I've followed all steps outlined in Microsoft's whitepaper on how to set
this up, but its just not working for me...I will be a bit specific on how
I set this up, hopefully someone can jump in and help me out.
My scenario is as follows...Exchange Server 2003 SP2 running on windows
2003 SP1, one single server, no front-end server, back-end running on
global catalog server, the internal NetBios name is MAIN, i will call our
internal domain 'InternalDomain.Local' and external domain
'mail.ExternalDomain.com'
1) Installed RPC-Over-HTTP proxy Windows component
2) In ESM I checked off RPC-HTTP back end server and clicked Yes to auto
configure ports
3)In IIS under Directory Security of the RPC Virtual server, i unchecked
anonymous access and checked basic authentication
4) Verified registry values for NTDS port, here is the value under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters
Name: NSPI interface protocol sequences
Type: REG_MULTI_SZ
Value: ncacn_http:6004
6) Verified registry values for auto configured ports to use for by the
proxy server, i have the following
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Nname: Rpc/HTTP Port
Type: REG_DWORD
Value: 0x1771 (6001)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: HTTP Port
Type: REG_DWORD
Value: 0x1772 (6002)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: Rpc/HTTP NSPI Port
Type: REG_DWORD
Value: 0x1774 (6004)
7) Configure the RPC proxy server to use specified ports for RPC over
HTTP, i have the following
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
Name: ValidPorts
Type: REG_SZ
main:6001-6002;main.InternalDomain.Local:6001-6002;main:6004;main.InternalDomain.Local:6004
8) When running 'rpccfg /hd' it outputs the following
Server Name Port Settings
----------------------------------------------------
main 6001-6002 6004
main.InternalDomain.Local 6001-6002 6004
9) Installed Microsoft CA on the global catalog server and configured a
new Enterprise Root CA server
10) Obtained a SSL certificate from the above Root CA for IIS and applied
the SSL settings to all virtual server under the 'Default Web site'
11) Tested the new certificate from an outside machine accessing OWA over
HTTPS, test was successful
12) Configured that same outside machine to trust the above Root CA and
when accessing OWA i wasn't given any warnings
13) Created a new Outlook profile (running Outlook 2003 SP1) using the
following settings
*Microsoft Exchange Server: mail.InternalDomain.Local
*UserName: administrator
*Checked "Connect to my Exchange mailbox using HTTP
*Under connection settings...use this URL...mail.ExternalDomain.com
*Connect using SSL only is checked and grayed out
*Checked "Mutually authenticate the session when connecting with SSL"
*Principal name...msstd:ExternalDomain.com
*under Use this authentication i selected "Basic Authentication"
So finally at this point when I click 'Check Name' i get the 'connect to
InternalDomain\administator then type the password...click OK and I get
the standard frustrating error "Outlook could not log on.....The
connection to the Microsoft Exchange Server is unavailable...etc.
This is sooo frustrating, i've spend countless hours trying to figure
this...I would really appreciate anyone's help, oh of course i rebooted
the server after setting it up
thanks loads
Jeniffer K
2006-07-12 05:10:57 UTC
Permalink
Thanks for the reply (both of you) I've followed the Microsoft KB step by
step...everything looks perfectly fine, but im still out of luck, I don't
know if I should just give up or not, here is some more info in case it
helps you help me


the IIS log when I try to connect from the outside machine (i've x'ed out
the real IP of the remote machine)
2006-07-12 05:01:35 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:6002 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:35 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:6002 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:35 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:35 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:35 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:6004 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:35 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:6004 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:35 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:35 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:51 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:6002 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:51 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:6002 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:51 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:51 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:51 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:6004 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:51 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:6004 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:51 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:51 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:53 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:6002 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:53 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:6002 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:53 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:53 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:53 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:6004 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:53 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:6004 443 vflooring\administrator x.x.x.x MSRPC - - 404
2 1260
2006-07-12 05:01:53 192.168.217.254 RPC_IN_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260
2006-07-12 05:01:53 192.168.217.254 RPC_OUT_DATA /rpc/rpcproxy.dll
main.vflooring.local:593 443 vflooring\administrator x.x.x.x MSRPC - - 404 2
1260

I've turned on Diagnostic logging to max on all SA categories, here is what
I get what I try to connect...

Event Type: Information
Event Source: MSExchangeSA
Event Category: RPC Calls
Event ID: 3100
Date: 07/12/2006
Time: 12:39:52 AM
User: N/A
Computer: MAIN
Description:
System Attendant has received an RPC call.
Function: ScGetTaskState
User: IntDomain\administrator
Bindings: ncalrpc:MAIN[LRPC00000da4.00000001]

Event Type: Information
Event Source: MSExchangeSA
Event Category: RPC Calls
Event ID: 3101
Date: 07/12/2006
Time: 12:39:52 AM
User: N/A
Computer: MAIN
Description:
System Attendant has finished an RPC call.
Function: ScGetTaskState
Return: 0x00000000

Thanks
Post by Andrew Sword [MVP]
Try this link it may help.
http://support.microsoft.com/?kbid=827330
Post by Jeniffer K
I've followed all steps outlined in Microsoft's whitepaper on how to set
this up, but its just not working for me...I will be a bit specific on
how I set this up, hopefully someone can jump in and help me out.
My scenario is as follows...Exchange Server 2003 SP2 running on windows
2003 SP1, one single server, no front-end server, back-end running on
global catalog server, the internal NetBios name is MAIN, i will call our
internal domain 'InternalDomain.Local' and external domain
'mail.ExternalDomain.com'
1) Installed RPC-Over-HTTP proxy Windows component
2) In ESM I checked off RPC-HTTP back end server and clicked Yes to auto
configure ports
3)In IIS under Directory Security of the RPC Virtual server, i unchecked
anonymous access and checked basic authentication
4) Verified registry values for NTDS port, here is the value under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters
Name: NSPI interface protocol sequences
Type: REG_MULTI_SZ
Value: ncacn_http:6004
6) Verified registry values for auto configured ports to use for by the
proxy server, i have the following
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Nname: Rpc/HTTP Port
Type: REG_DWORD
Value: 0x1771 (6001)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: HTTP Port
Type: REG_DWORD
Value: 0x1772 (6002)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: Rpc/HTTP NSPI Port
Type: REG_DWORD
Value: 0x1774 (6004)
7) Configure the RPC proxy server to use specified ports for RPC over
HTTP, i have the following
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
Name: ValidPorts
Type: REG_SZ
main:6001-6002;main.InternalDomain.Local:6001-6002;main:6004;main.InternalDomain.Local:6004
8) When running 'rpccfg /hd' it outputs the following
Server Name Port Settings
----------------------------------------------------
main 6001-6002 6004
main.InternalDomain.Local 6001-6002 6004
9) Installed Microsoft CA on the global catalog server and configured a
new Enterprise Root CA server
10) Obtained a SSL certificate from the above Root CA for IIS and applied
the SSL settings to all virtual server under the 'Default Web site'
11) Tested the new certificate from an outside machine accessing OWA over
HTTPS, test was successful
12) Configured that same outside machine to trust the above Root CA and
when accessing OWA i wasn't given any warnings
13) Created a new Outlook profile (running Outlook 2003 SP1) using the
following settings
*Microsoft Exchange Server: mail.InternalDomain.Local
*UserName: administrator
*Checked "Connect to my Exchange mailbox using HTTP
*Under connection settings...use this URL...mail.ExternalDomain.com
*Connect using SSL only is checked and grayed out
*Checked "Mutually authenticate the session when connecting with SSL"
*Principal name...msstd:ExternalDomain.com
*under Use this authentication i selected "Basic Authentication"
So finally at this point when I click 'Check Name' i get the 'connect to
InternalDomain\administator then type the password...click OK and I get
the standard frustrating error "Outlook could not log on.....The
connection to the Microsoft Exchange Server is unavailable...etc.
This is sooo frustrating, i've spend countless hours trying to figure
this...I would really appreciate anyone's help, oh of course i rebooted
the server after setting it up
thanks loads
Jason Cui
2006-07-06 12:28:11 UTC
Permalink
Hi Jeniffer,

Don't give up, when i was setting up RPC over HTTP, i spent a week to figure
out what's wrong...
i strongly recommend you to set up it in the test enviroment first, if that
works, move to the production enviroment...
Because in the real world, it's more difficult to isolate the problem...ie,
you need to consider the firewall or dns ect...

but there is one thing for sure, if the client was trying to connect to the
exchange server from 'outside'. you will get the following message.
Outlook could not log on.....The connection to the Microsoft Exchange Server
is unavailable...etc.
Because the client cannot pass the firewall to authenticate
themselves...(Dynamic Ports) just ignore it...

by the way, make sure everything works internally first...

Jason Cui
Post by Jeniffer K
I've followed all steps outlined in Microsoft's whitepaper on how to set
this up, but its just not working for me...I will be a bit specific on how
I set this up, hopefully someone can jump in and help me out.
My scenario is as follows...Exchange Server 2003 SP2 running on windows
2003 SP1, one single server, no front-end server, back-end running on
global catalog server, the internal NetBios name is MAIN, i will call our
internal domain 'InternalDomain.Local' and external domain
'mail.ExternalDomain.com'
1) Installed RPC-Over-HTTP proxy Windows component
2) In ESM I checked off RPC-HTTP back end server and clicked Yes to auto
configure ports
3)In IIS under Directory Security of the RPC Virtual server, i unchecked
anonymous access and checked basic authentication
4) Verified registry values for NTDS port, here is the value under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters
Name: NSPI interface protocol sequences
Type: REG_MULTI_SZ
Value: ncacn_http:6004
6) Verified registry values for auto configured ports to use for by the
proxy server, i have the following
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Nname: Rpc/HTTP Port
Type: REG_DWORD
Value: 0x1771 (6001)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: HTTP Port
Type: REG_DWORD
Value: 0x1772 (6002)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: Rpc/HTTP NSPI Port
Type: REG_DWORD
Value: 0x1774 (6004)
7) Configure the RPC proxy server to use specified ports for RPC over
HTTP, i have the following
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
Name: ValidPorts
Type: REG_SZ
main:6001-6002;main.InternalDomain.Local:6001-6002;main:6004;main.InternalDomain.Local:6004
8) When running 'rpccfg /hd' it outputs the following
Server Name Port Settings
----------------------------------------------------
main 6001-6002 6004
main.InternalDomain.Local 6001-6002 6004
9) Installed Microsoft CA on the global catalog server and configured a
new Enterprise Root CA server
10) Obtained a SSL certificate from the above Root CA for IIS and applied
the SSL settings to all virtual server under the 'Default Web site'
11) Tested the new certificate from an outside machine accessing OWA over
HTTPS, test was successful
12) Configured that same outside machine to trust the above Root CA and
when accessing OWA i wasn't given any warnings
13) Created a new Outlook profile (running Outlook 2003 SP1) using the
following settings
*Microsoft Exchange Server: mail.InternalDomain.Local
*UserName: administrator
*Checked "Connect to my Exchange mailbox using HTTP
*Under connection settings...use this URL...mail.ExternalDomain.com
*Connect using SSL only is checked and grayed out
*Checked "Mutually authenticate the session when connecting with SSL"
*Principal name...msstd:ExternalDomain.com
*under Use this authentication i selected "Basic Authentication"
So finally at this point when I click 'Check Name' i get the 'connect to
InternalDomain\administator then type the password...click OK and I get
the standard frustrating error "Outlook could not log on.....The
connection to the Microsoft Exchange Server is unavailable...etc.
This is sooo frustrating, i've spend countless hours trying to figure
this...I would really appreciate anyone's help, oh of course i rebooted
the server after setting it up
thanks loads
Jeniffer K
2006-07-12 06:15:52 UTC
Permalink
I think I may have found something, I don't see 6004 as a proxy in a RPCDump
output..here is the output (only the ncacn_http portion), i tripled checked
all the reg settings everything is its place

Querying Endpoint Mapper Database...


280 registered endpoints found.


ProtSeq:ncacn_http


Endpoint:6004


NetOpt:


Annotation:IPSec Policy agent endpoint


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6004]


UUID:12345678-1234-abcd-ef00-0123456789ab


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 1 VersMinor 0






ProtSeq:ncacn_http


Endpoint:1027


NetOpt:


Annotation:IPSec Policy agent endpoint


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[1027]


UUID:12345678-1234-abcd-ef00-0123456789ab


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 1 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6004


NetOpt:


Annotation:


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6004]


UUID:12345678-1234-abcd-ef00-01234567cffb


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 1 VersMinor 0






ProtSeq:ncacn_http


Endpoint:1027


NetOpt:


Annotation:


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[1027]


UUID:12345678-1234-abcd-ef00-01234567cffb


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 1 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6004


NetOpt:


Annotation:


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6004]


UUID:12345778-1234-abcd-ef00-0123456789ab


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 0 VersMinor 0






ProtSeq:ncacn_http


Endpoint:1027


NetOpt:


Annotation:


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[1027]


UUID:12345778-1234-abcd-ef00-0123456789ab


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 0 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6004


NetOpt:


Annotation:MS NT Directory NSP Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6004]


UUID:f5cc5a18-4264-101a-8c59-08002b2f8426


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 56 VersMinor 0






ProtSeq:ncacn_http


Endpoint:1027


NetOpt:


Annotation:MS NT Directory NSP Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[1027]


UUID:f5cc5a18-4264-101a-8c59-08002b2f8426


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 56 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6004


NetOpt:


Annotation:MS NT Directory DRS Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6004]


UUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 4 VersMinor 0






ProtSeq:ncacn_http


Endpoint:1027


NetOpt:


Annotation:MS NT Directory DRS Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[1027]


UUID:e3514235-4b06-11d1-ab04-00c04fc2dcd2


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 4 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6002


NetOpt:


Annotation:MS Exchange Directory RFR Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6002]


UUID:1544f5e0-613c-11d1-93df-00c04fd7bd09


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 1 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6002


NetOpt:


Annotation:MS Exchange System Attendant Cluster Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6002]


UUID:f930c514-1215-11d3-99a5-00a0c9b61b04


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 1 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6002


NetOpt:


Annotation:MS Exchange System Attendant Private Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6002]


UUID:83d72bf0-0d89-11ce-b13f-00aa003bac6c


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 6 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6002


NetOpt:


Annotation:MS Exchange System Attendant Public Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6002]


UUID:469d6ec0-0d87-11ce-b13f-00aa003bac6c


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 16 VersMinor 1






ProtSeq:ncacn_http


Endpoint:6001


NetOpt:


Annotation:Exchange 2003 Server STORE EMSMDB Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6001]


UUID:a4f1db00-ca47-1067-b31f-00dd010662da


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 0 VersMinor 81






ProtSeq:ncacn_http


Endpoint:6001


NetOpt:


Annotation:Exchange Server STORE ADMIN Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6001]


UUID:99e64010-b032-11d0-97a4-00c04fd6551d


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 4 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6001


NetOpt:


Annotation:Exchange Server STORE ADMIN Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6001]


UUID:99e64010-b032-11d0-97a4-00c04fd6551d


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 3 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6001


NetOpt:


Annotation:Exchange Server STORE ADMIN Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6001]


UUID:89742ace-a9ed-11cf-9c0c-08002be7ae86


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 2 VersMinor 0






ProtSeq:ncacn_http


Endpoint:6001


NetOpt:


Annotation:Exchange Server STORE ADMIN Interface


IsListening:NOT_PINGED


StringBinding:ncacn_http:192.168.217.254[6001]


UUID:a4f1db00-ca47-1067-b31e-00dd010662da


ComTimeOutValue:RPC_C_BINDING_MIN_TIMEOUT


VersMajor 1 VersMinor 0
Post by Jeniffer K
I've followed all steps outlined in Microsoft's whitepaper on how to set
this up, but its just not working for me...I will be a bit specific on how
I set this up, hopefully someone can jump in and help me out.
My scenario is as follows...Exchange Server 2003 SP2 running on windows
2003 SP1, one single server, no front-end server, back-end running on
global catalog server, the internal NetBios name is MAIN, i will call our
internal domain 'InternalDomain.Local' and external domain
'mail.ExternalDomain.com'
1) Installed RPC-Over-HTTP proxy Windows component
2) In ESM I checked off RPC-HTTP back end server and clicked Yes to auto
configure ports
3)In IIS under Directory Security of the RPC Virtual server, i unchecked
anonymous access and checked basic authentication
4) Verified registry values for NTDS port, here is the value under
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NTDS\Parameters
Name: NSPI interface protocol sequences
Type: REG_MULTI_SZ
Value: ncacn_http:6004
6) Verified registry values for auto configured ports to use for by the
proxy server, i have the following
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeIS\ParametersSystem
Nname: Rpc/HTTP Port
Type: REG_DWORD
Value: 0x1771 (6001)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: HTTP Port
Type: REG_DWORD
Value: 0x1772 (6002)
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\MSExchangeSA\Parameters
Name: Rpc/HTTP NSPI Port
Type: REG_DWORD
Value: 0x1774 (6004)
7) Configure the RPC proxy server to use specified ports for RPC over
HTTP, i have the following
HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy
Name: ValidPorts
Type: REG_SZ
main:6001-6002;main.InternalDomain.Local:6001-6002;main:6004;main.InternalDomain.Local:6004
8) When running 'rpccfg /hd' it outputs the following
Server Name Port Settings
----------------------------------------------------
main 6001-6002 6004
main.InternalDomain.Local 6001-6002 6004
9) Installed Microsoft CA on the global catalog server and configured a
new Enterprise Root CA server
10) Obtained a SSL certificate from the above Root CA for IIS and applied
the SSL settings to all virtual server under the 'Default Web site'
11) Tested the new certificate from an outside machine accessing OWA over
HTTPS, test was successful
12) Configured that same outside machine to trust the above Root CA and
when accessing OWA i wasn't given any warnings
13) Created a new Outlook profile (running Outlook 2003 SP1) using the
following settings
*Microsoft Exchange Server: mail.InternalDomain.Local
*UserName: administrator
*Checked "Connect to my Exchange mailbox using HTTP
*Under connection settings...use this URL...mail.ExternalDomain.com
*Connect using SSL only is checked and grayed out
*Checked "Mutually authenticate the session when connecting with SSL"
*Principal name...msstd:ExternalDomain.com
*under Use this authentication i selected "Basic Authentication"
So finally at this point when I click 'Check Name' i get the 'connect to
InternalDomain\administator then type the password...click OK and I get
the standard frustrating error "Outlook could not log on.....The
connection to the Microsoft Exchange Server is unavailable...etc.
This is sooo frustrating, i've spend countless hours trying to figure
this...I would really appreciate anyone's help, oh of course i rebooted
the server after setting it up
thanks loads
Continue reading on narkive:
Loading...