PC Review


Reply
Thread Tools Rate Thread

Trying to get RPC over HTTP for Outlook working

 
 
Daniel Mazur
Guest
Posts: n/a
 
      28th Sep 2008
having trouble seeing my exchange server via outlook 2007 over the internet
connecting to my Exchange Enterprise Server 2003. Have followed Microsoft
instructions, testing first without use of of SSL certificates. I may be a
bit confused about front end and backend servers. I have one PC, a domain
controller at our office, a seperate PC with Exchange Only on it, connecting
to the Domain Controller, and another PC with Blackberry Enterprise
installed. The purpose of this is to get away from use of the VPN
connection required to be part of the local network for Exchange User access
off property. Sounds good configuring settings into the Outlook only and
preventing other local access this way. Any ideas? Again, cannot get the
Outlook to see the Exchange Server during the logon name and password to
server process.



 
Reply With Quote
 
 
 
 
neo [mvp outlook]
Guest
Posts: n/a
 
      29th Sep 2008
You should be asking this question over in one of the
microsoft.public.exchange support groups. Also, you will need to clarify
your post a bit. Based on the below, I would assume that you have a single
Exchange server setup. If my understanding is right, you high level checks
would be...

1) Ensure that the RPC proxy component is installed on your Windows 2003
(SP1/SP2)/Exchange 2003 SP2 server

2) Enable the Exchange server as an RPC/HTTPS backend server. (Exchange
System Manager > Right click on server object > Properties > RPC-HTTP tab)
You may have to add the necessary registry keys to get this working.
Location in registry is:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy

The DWORD value Enabled should be set to 1
The REG_SZ value ValidPorts would be set to
ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004

To explain the ValidPort line better, assume that the name of the Exchange
server is EXCH01 and the domain name I'm working with is contoso.com. The
ValidPorts entry would be:

exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004


3) I would test the connection on the internal network before testing from
the internet.

Other than that, test with SSL enabled and if you are using a private
(internal) certificates to secure the web/rpc proxy services, make sure that
a copy of the signing certificate authority is installed on the
workstations. The client operating system (assuming Windows XP SP2 or
newer) will verify the SSL certificate back to the issuing certificate
authority.

"Daniel Mazur" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> having trouble seeing my exchange server via outlook 2007 over the
> internet
> connecting to my Exchange Enterprise Server 2003. Have followed Microsoft
> instructions, testing first without use of of SSL certificates. I may be
> a
> bit confused about front end and backend servers. I have one PC, a domain
> controller at our office, a seperate PC with Exchange Only on it,
> connecting
> to the Domain Controller, and another PC with Blackberry Enterprise
> installed. The purpose of this is to get away from use of the VPN
> connection required to be part of the local network for Exchange User
> access
> off property. Sounds good configuring settings into the Outlook only and
> preventing other local access this way. Any ideas? Again, cannot get the
> Outlook to see the Exchange Server during the logon name and password to
> server process.
>
>
>



 
Reply With Quote
 
 
 
 
Daniel Mazur
Guest
Posts: n/a
 
      8th Oct 2008
Thanks,

Your reply was most thorough. Got it working!


"neo [mvp outlook]" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> You should be asking this question over in one of the
> microsoft.public.exchange support groups. Also, you will need to clarify
> your post a bit. Based on the below, I would assume that you have a
> single Exchange server setup. If my understanding is right, you high
> level checks would be...
>
> 1) Ensure that the RPC proxy component is installed on your Windows 2003
> (SP1/SP2)/Exchange 2003 SP2 server
>
> 2) Enable the Exchange server as an RPC/HTTPS backend server. (Exchange
> System Manager > Right click on server object > Properties > RPC-HTTP tab)
> You may have to add the necessary registry keys to get this working.
> Location in registry is:
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>
> The DWORD value Enabled should be set to 1
> The REG_SZ value ValidPorts would be set to
> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>
> To explain the ValidPort line better, assume that the name of the Exchange
> server is EXCH01 and the domain name I'm working with is contoso.com. The
> ValidPorts entry would be:
>
> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>
>
> 3) I would test the connection on the internal network before testing from
> the internet.
>
> Other than that, test with SSL enabled and if you are using a private
> (internal) certificates to secure the web/rpc proxy services, make sure
> that a copy of the signing certificate authority is installed on the
> workstations. The client operating system (assuming Windows XP SP2 or
> newer) will verify the SSL certificate back to the issuing certificate
> authority.
>
> "Daniel Mazur" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> having trouble seeing my exchange server via outlook 2007 over the
>> internet
>> connecting to my Exchange Enterprise Server 2003. Have followed
>> Microsoft
>> instructions, testing first without use of of SSL certificates. I may be
>> a
>> bit confused about front end and backend servers. I have one PC, a
>> domain
>> controller at our office, a seperate PC with Exchange Only on it,
>> connecting
>> to the Domain Controller, and another PC with Blackberry Enterprise
>> installed. The purpose of this is to get away from use of the VPN
>> connection required to be part of the local network for Exchange User
>> access
>> off property. Sounds good configuring settings into the Outlook only and
>> preventing other local access this way. Any ideas? Again, cannot get
>> the
>> Outlook to see the Exchange Server during the logon name and password to
>> server process.
>>
>>
>>

>
>



 
Reply With Quote
 
Evans Leung
Guest
Posts: n/a
 
      20th Oct 2008
Neo,

I have a similar situation, my domain is company.local, server name is
exchange

with respect to your suggestion to change ValidPorts entry:

at the moment I have:

exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004

do I need to change the above entry?

the outlook 2007 (installed in Windows XP SP2) rpc-over-http only works
outside the network only if it VPN in (we use ISA2004 here)

thanks,
Evans

"neo [mvp outlook]" <(E-Mail Removed)> wrote in message
news:%(E-Mail Removed)...
> You should be asking this question over in one of the
> microsoft.public.exchange support groups. Also, you will need to clarify
> your post a bit. Based on the below, I would assume that you have a
> single Exchange server setup. If my understanding is right, you high
> level checks would be...
>
> 1) Ensure that the RPC proxy component is installed on your Windows 2003
> (SP1/SP2)/Exchange 2003 SP2 server
>
> 2) Enable the Exchange server as an RPC/HTTPS backend server. (Exchange
> System Manager > Right click on server object > Properties > RPC-HTTP tab)
> You may have to add the necessary registry keys to get this working.
> Location in registry is:
>
> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>
> The DWORD value Enabled should be set to 1
> The REG_SZ value ValidPorts would be set to
> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>
> To explain the ValidPort line better, assume that the name of the Exchange
> server is EXCH01 and the domain name I'm working with is contoso.com. The
> ValidPorts entry would be:
>
> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>
>
> 3) I would test the connection on the internal network before testing from
> the internet.
>
> Other than that, test with SSL enabled and if you are using a private
> (internal) certificates to secure the web/rpc proxy services, make sure
> that a copy of the signing certificate authority is installed on the
> workstations. The client operating system (assuming Windows XP SP2 or
> newer) will verify the SSL certificate back to the issuing certificate
> authority.
>
> "Daniel Mazur" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> having trouble seeing my exchange server via outlook 2007 over the
>> internet
>> connecting to my Exchange Enterprise Server 2003. Have followed
>> Microsoft
>> instructions, testing first without use of of SSL certificates. I may be
>> a
>> bit confused about front end and backend servers. I have one PC, a
>> domain
>> controller at our office, a seperate PC with Exchange Only on it,
>> connecting
>> to the Domain Controller, and another PC with Blackberry Enterprise
>> installed. The purpose of this is to get away from use of the VPN
>> connection required to be part of the local network for Exchange User
>> access
>> off property. Sounds good configuring settings into the Outlook only and
>> preventing other local access this way. Any ideas? Again, cannot get
>> the
>> Outlook to see the Exchange Server during the logon name and password to
>> server process.
>>
>>
>>

>
>



 
Reply With Quote
 
neo [mvp outlook]
Guest
Posts: n/a
 
      20th Oct 2008
ISA2004 adds a layer of complexity, but
http://www.isaserver.org/tutorials/2...owamobile.html might be helpful to
you.


"Evans Leung" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Neo,
>
> I have a similar situation, my domain is company.local, server name is
> exchange
>
> with respect to your suggestion to change ValidPorts entry:
>
> at the moment I have:
>
> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>
> do I need to change the above entry?
>
> the outlook 2007 (installed in Windows XP SP2) rpc-over-http only works
> outside the network only if it VPN in (we use ISA2004 here)
>
> thanks,
> Evans
>
> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
> news:%(E-Mail Removed)...
>> You should be asking this question over in one of the
>> microsoft.public.exchange support groups. Also, you will need to clarify
>> your post a bit. Based on the below, I would assume that you have a
>> single Exchange server setup. If my understanding is right, you high
>> level checks would be...
>>
>> 1) Ensure that the RPC proxy component is installed on your Windows 2003
>> (SP1/SP2)/Exchange 2003 SP2 server
>>
>> 2) Enable the Exchange server as an RPC/HTTPS backend server. (Exchange
>> System Manager > Right click on server object > Properties > RPC-HTTP
>> tab) You may have to add the necessary registry keys to get this working.
>> Location in registry is:
>>
>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>
>> The DWORD value Enabled should be set to 1
>> The REG_SZ value ValidPorts would be set to
>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>
>> To explain the ValidPort line better, assume that the name of the
>> Exchange server is EXCH01 and the domain name I'm working with is
>> contoso.com. The ValidPorts entry would be:
>>
>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>
>>
>> 3) I would test the connection on the internal network before testing
>> from the internet.
>>
>> Other than that, test with SSL enabled and if you are using a private
>> (internal) certificates to secure the web/rpc proxy services, make sure
>> that a copy of the signing certificate authority is installed on the
>> workstations. The client operating system (assuming Windows XP SP2 or
>> newer) will verify the SSL certificate back to the issuing certificate
>> authority.
>>
>> "Daniel Mazur" <(E-Mail Removed)> wrote in message
>> news:%(E-Mail Removed)...
>>> having trouble seeing my exchange server via outlook 2007 over the
>>> internet
>>> connecting to my Exchange Enterprise Server 2003. Have followed
>>> Microsoft
>>> instructions, testing first without use of of SSL certificates. I may
>>> be a
>>> bit confused about front end and backend servers. I have one PC, a
>>> domain
>>> controller at our office, a seperate PC with Exchange Only on it,
>>> connecting
>>> to the Domain Controller, and another PC with Blackberry Enterprise
>>> installed. The purpose of this is to get away from use of the VPN
>>> connection required to be part of the local network for Exchange User
>>> access
>>> off property. Sounds good configuring settings into the Outlook only
>>> and
>>> preventing other local access this way. Any ideas? Again, cannot get
>>> the
>>> Outlook to see the Exchange Server during the logon name and password to
>>> server process.
>>>
>>>
>>>

>>
>>

>
>



 
Reply With Quote
 
Evans Leung
Guest
Posts: n/a
 
      20th Oct 2008
thanks for your reply, it puzzeles me that the current setup has been
working well with Outlook 2003 but not Outlook 2007...

Evans

"neo [mvp outlook]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> ISA2004 adds a layer of complexity, but
> http://www.isaserver.org/tutorials/2...owamobile.html might be helpful
> to you.
>
>
> "Evans Leung" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Neo,
>>
>> I have a similar situation, my domain is company.local, server name is
>> exchange
>>
>> with respect to your suggestion to change ValidPorts entry:
>>
>> at the moment I have:
>>
>> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>>
>> do I need to change the above entry?
>>
>> the outlook 2007 (installed in Windows XP SP2) rpc-over-http only works
>> outside the network only if it VPN in (we use ISA2004 here)
>>
>> thanks,
>> Evans
>>
>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>> news:%(E-Mail Removed)...
>>> You should be asking this question over in one of the
>>> microsoft.public.exchange support groups. Also, you will need to
>>> clarify your post a bit. Based on the below, I would assume that you
>>> have a single Exchange server setup. If my understanding is right, you
>>> high level checks would be...
>>>
>>> 1) Ensure that the RPC proxy component is installed on your Windows 2003
>>> (SP1/SP2)/Exchange 2003 SP2 server
>>>
>>> 2) Enable the Exchange server as an RPC/HTTPS backend server. (Exchange
>>> System Manager > Right click on server object > Properties > RPC-HTTP
>>> tab) You may have to add the necessary registry keys to get this
>>> working. Location in registry is:
>>>
>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>>
>>> The DWORD value Enabled should be set to 1
>>> The REG_SZ value ValidPorts would be set to
>>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>>
>>> To explain the ValidPort line better, assume that the name of the
>>> Exchange server is EXCH01 and the domain name I'm working with is
>>> contoso.com. The ValidPorts entry would be:
>>>
>>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>>
>>>
>>> 3) I would test the connection on the internal network before testing
>>> from the internet.
>>>
>>> Other than that, test with SSL enabled and if you are using a private
>>> (internal) certificates to secure the web/rpc proxy services, make sure
>>> that a copy of the signing certificate authority is installed on the
>>> workstations. The client operating system (assuming Windows XP SP2 or
>>> newer) will verify the SSL certificate back to the issuing certificate
>>> authority.
>>>
>>> "Daniel Mazur" <(E-Mail Removed)> wrote in message
>>> news:%(E-Mail Removed)...
>>>> having trouble seeing my exchange server via outlook 2007 over the
>>>> internet
>>>> connecting to my Exchange Enterprise Server 2003. Have followed
>>>> Microsoft
>>>> instructions, testing first without use of of SSL certificates. I may
>>>> be a
>>>> bit confused about front end and backend servers. I have one PC, a
>>>> domain
>>>> controller at our office, a seperate PC with Exchange Only on it,
>>>> connecting
>>>> to the Domain Controller, and another PC with Blackberry Enterprise
>>>> installed. The purpose of this is to get away from use of the VPN
>>>> connection required to be part of the local network for Exchange User
>>>> access
>>>> off property. Sounds good configuring settings into the Outlook only
>>>> and
>>>> preventing other local access this way. Any ideas? Again, cannot get
>>>> the
>>>> Outlook to see the Exchange Server during the logon name and password
>>>> to
>>>> server process.
>>>>
>>>>
>>>>
>>>
>>>

>>
>>

>
>



 
Reply With Quote
 
neo [mvp outlook]
Guest
Posts: n/a
 
      22nd Oct 2008
Interesting. What kind of certificate are you using on the ISA box?
(wildcard, san, .etc)

"Evans Leung" <(E-Mail Removed)> wrote in message
news:e7%23Eq$(E-Mail Removed)...
> thanks for your reply, it puzzeles me that the current setup has been
> working well with Outlook 2003 but not Outlook 2007...
>
> Evans
>
> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> ISA2004 adds a layer of complexity, but
>> http://www.isaserver.org/tutorials/2...owamobile.html might be helpful
>> to you.
>>
>>
>> "Evans Leung" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> Neo,
>>>
>>> I have a similar situation, my domain is company.local, server name is
>>> exchange
>>>
>>> with respect to your suggestion to change ValidPorts entry:
>>>
>>> at the moment I have:
>>>
>>> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>>>
>>> do I need to change the above entry?
>>>
>>> the outlook 2007 (installed in Windows XP SP2) rpc-over-http only works
>>> outside the network only if it VPN in (we use ISA2004 here)
>>>
>>> thanks,
>>> Evans
>>>
>>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>>> news:%(E-Mail Removed)...
>>>> You should be asking this question over in one of the
>>>> microsoft.public.exchange support groups. Also, you will need to
>>>> clarify your post a bit. Based on the below, I would assume that you
>>>> have a single Exchange server setup. If my understanding is right, you
>>>> high level checks would be...
>>>>
>>>> 1) Ensure that the RPC proxy component is installed on your Windows
>>>> 2003 (SP1/SP2)/Exchange 2003 SP2 server
>>>>
>>>> 2) Enable the Exchange server as an RPC/HTTPS backend server. (Exchange
>>>> System Manager > Right click on server object > Properties > RPC-HTTP
>>>> tab) You may have to add the necessary registry keys to get this
>>>> working. Location in registry is:
>>>>
>>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>>>
>>>> The DWORD value Enabled should be set to 1
>>>> The REG_SZ value ValidPorts would be set to
>>>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>>>
>>>> To explain the ValidPort line better, assume that the name of the
>>>> Exchange server is EXCH01 and the domain name I'm working with is
>>>> contoso.com. The ValidPorts entry would be:
>>>>
>>>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>>>
>>>>
>>>> 3) I would test the connection on the internal network before testing
>>>> from the internet.
>>>>
>>>> Other than that, test with SSL enabled and if you are using a private
>>>> (internal) certificates to secure the web/rpc proxy services, make sure
>>>> that a copy of the signing certificate authority is installed on the
>>>> workstations. The client operating system (assuming Windows XP SP2 or
>>>> newer) will verify the SSL certificate back to the issuing certificate
>>>> authority.
>>>>
>>>> "Daniel Mazur" <(E-Mail Removed)> wrote in message
>>>> news:%(E-Mail Removed)...
>>>>> having trouble seeing my exchange server via outlook 2007 over the
>>>>> internet
>>>>> connecting to my Exchange Enterprise Server 2003. Have followed
>>>>> Microsoft
>>>>> instructions, testing first without use of of SSL certificates. I may
>>>>> be a
>>>>> bit confused about front end and backend servers. I have one PC, a
>>>>> domain
>>>>> controller at our office, a seperate PC with Exchange Only on it,
>>>>> connecting
>>>>> to the Domain Controller, and another PC with Blackberry Enterprise
>>>>> installed. The purpose of this is to get away from use of the VPN
>>>>> connection required to be part of the local network for Exchange User
>>>>> access
>>>>> off property. Sounds good configuring settings into the Outlook only
>>>>> and
>>>>> preventing other local access this way. Any ideas? Again, cannot get
>>>>> the
>>>>> Outlook to see the Exchange Server during the logon name and password
>>>>> to
>>>>> server process.
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>

>>
>>

>
>



 
Reply With Quote
 
Evans Leung
Guest
Posts: n/a
 
      22nd Oct 2008
Verisign

"neo [mvp outlook]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Interesting. What kind of certificate are you using on the ISA box?
> (wildcard, san, .etc)
>
> "Evans Leung" <(E-Mail Removed)> wrote in message
> news:e7%23Eq$(E-Mail Removed)...
>> thanks for your reply, it puzzeles me that the current setup has been
>> working well with Outlook 2003 but not Outlook 2007...
>>
>> Evans
>>
>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> ISA2004 adds a layer of complexity, but
>>> http://www.isaserver.org/tutorials/2...owamobile.html might be
>>> helpful to you.
>>>
>>>
>>> "Evans Leung" <(E-Mail Removed)> wrote in message
>>> news:(E-Mail Removed)...
>>>> Neo,
>>>>
>>>> I have a similar situation, my domain is company.local, server name is
>>>> exchange
>>>>
>>>> with respect to your suggestion to change ValidPorts entry:
>>>>
>>>> at the moment I have:
>>>>
>>>> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>>>>
>>>> do I need to change the above entry?
>>>>
>>>> the outlook 2007 (installed in Windows XP SP2) rpc-over-http only works
>>>> outside the network only if it VPN in (we use ISA2004 here)
>>>>
>>>> thanks,
>>>> Evans
>>>>
>>>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>>>> news:%(E-Mail Removed)...
>>>>> You should be asking this question over in one of the
>>>>> microsoft.public.exchange support groups. Also, you will need to
>>>>> clarify your post a bit. Based on the below, I would assume that you
>>>>> have a single Exchange server setup. If my understanding is right,
>>>>> you high level checks would be...
>>>>>
>>>>> 1) Ensure that the RPC proxy component is installed on your Windows
>>>>> 2003 (SP1/SP2)/Exchange 2003 SP2 server
>>>>>
>>>>> 2) Enable the Exchange server as an RPC/HTTPS backend server.
>>>>> (Exchange System Manager > Right click on server object > Properties >
>>>>> RPC-HTTP tab) You may have to add the necessary registry keys to get
>>>>> this working. Location in registry is:
>>>>>
>>>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>>>>
>>>>> The DWORD value Enabled should be set to 1
>>>>> The REG_SZ value ValidPorts would be set to
>>>>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>>>>
>>>>> To explain the ValidPort line better, assume that the name of the
>>>>> Exchange server is EXCH01 and the domain name I'm working with is
>>>>> contoso.com. The ValidPorts entry would be:
>>>>>
>>>>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>>>>
>>>>>
>>>>> 3) I would test the connection on the internal network before testing
>>>>> from the internet.
>>>>>
>>>>> Other than that, test with SSL enabled and if you are using a private
>>>>> (internal) certificates to secure the web/rpc proxy services, make
>>>>> sure that a copy of the signing certificate authority is installed on
>>>>> the workstations. The client operating system (assuming Windows XP
>>>>> SP2 or newer) will verify the SSL certificate back to the issuing
>>>>> certificate authority.
>>>>>
>>>>> "Daniel Mazur" <(E-Mail Removed)> wrote in message
>>>>> news:%(E-Mail Removed)...
>>>>>> having trouble seeing my exchange server via outlook 2007 over the
>>>>>> internet
>>>>>> connecting to my Exchange Enterprise Server 2003. Have followed
>>>>>> Microsoft
>>>>>> instructions, testing first without use of of SSL certificates. I
>>>>>> may be a
>>>>>> bit confused about front end and backend servers. I have one PC, a
>>>>>> domain
>>>>>> controller at our office, a seperate PC with Exchange Only on it,
>>>>>> connecting
>>>>>> to the Domain Controller, and another PC with Blackberry Enterprise
>>>>>> installed. The purpose of this is to get away from use of the VPN
>>>>>> connection required to be part of the local network for Exchange User
>>>>>> access
>>>>>> off property. Sounds good configuring settings into the Outlook only
>>>>>> and
>>>>>> preventing other local access this way. Any ideas? Again, cannot
>>>>>> get the
>>>>>> Outlook to see the Exchange Server during the logon name and password
>>>>>> to
>>>>>> server process.
>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>

>>
>>

>
>



 
Reply With Quote
 
neo [mvp outlook]
Guest
Posts: n/a
 
      22nd Oct 2008
Not quite what I'm asking. A wildcard certificate shows that the name the
certificate was issued to is *.some.domain. A subject alternatitive name
(SAN) is where the certificate is multiple fqdn server names. For example,
you can have a certificate that can be used for owa.some.domain,
autodiscovery.some.domain, smtp.some.domain, pop3.some.domain, .etc.

"Evans Leung" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Verisign
>
> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Interesting. What kind of certificate are you using on the ISA box?
>> (wildcard, san, .etc)
>>
>> "Evans Leung" <(E-Mail Removed)> wrote in message
>> news:e7%23Eq$(E-Mail Removed)...
>>> thanks for your reply, it puzzeles me that the current setup has been
>>> working well with Outlook 2003 but not Outlook 2007...
>>>
>>> Evans
>>>
>>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>>> news:(E-Mail Removed)...
>>>> ISA2004 adds a layer of complexity, but
>>>> http://www.isaserver.org/tutorials/2...owamobile.html might be
>>>> helpful to you.
>>>>
>>>>
>>>> "Evans Leung" <(E-Mail Removed)> wrote in message
>>>> news:(E-Mail Removed)...
>>>>> Neo,
>>>>>
>>>>> I have a similar situation, my domain is company.local, server name is
>>>>> exchange
>>>>>
>>>>> with respect to your suggestion to change ValidPorts entry:
>>>>>
>>>>> at the moment I have:
>>>>>
>>>>> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>>>>>
>>>>> do I need to change the above entry?
>>>>>
>>>>> the outlook 2007 (installed in Windows XP SP2) rpc-over-http only
>>>>> works outside the network only if it VPN in (we use ISA2004 here)
>>>>>
>>>>> thanks,
>>>>> Evans
>>>>>
>>>>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>>>>> news:%(E-Mail Removed)...
>>>>>> You should be asking this question over in one of the
>>>>>> microsoft.public.exchange support groups. Also, you will need to
>>>>>> clarify your post a bit. Based on the below, I would assume that you
>>>>>> have a single Exchange server setup. If my understanding is right,
>>>>>> you high level checks would be...
>>>>>>
>>>>>> 1) Ensure that the RPC proxy component is installed on your Windows
>>>>>> 2003 (SP1/SP2)/Exchange 2003 SP2 server
>>>>>>
>>>>>> 2) Enable the Exchange server as an RPC/HTTPS backend server.
>>>>>> (Exchange System Manager > Right click on server object > Properties
>>>>>> > RPC-HTTP tab) You may have to add the necessary registry keys to
>>>>>> get this working. Location in registry is:
>>>>>>
>>>>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>>>>>
>>>>>> The DWORD value Enabled should be set to 1
>>>>>> The REG_SZ value ValidPorts would be set to
>>>>>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>>>>>
>>>>>> To explain the ValidPort line better, assume that the name of the
>>>>>> Exchange server is EXCH01 and the domain name I'm working with is
>>>>>> contoso.com. The ValidPorts entry would be:
>>>>>>
>>>>>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>>>>>
>>>>>>
>>>>>> 3) I would test the connection on the internal network before testing
>>>>>> from the internet.
>>>>>>
>>>>>> Other than that, test with SSL enabled and if you are using a private
>>>>>> (internal) certificates to secure the web/rpc proxy services, make
>>>>>> sure that a copy of the signing certificate authority is installed on
>>>>>> the workstations. The client operating system (assuming Windows XP
>>>>>> SP2 or newer) will verify the SSL certificate back to the issuing
>>>>>> certificate authority.
>>>>>>
>>>>>> "Daniel Mazur" <(E-Mail Removed)> wrote in message
>>>>>> news:%(E-Mail Removed)...
>>>>>>> having trouble seeing my exchange server via outlook 2007 over the
>>>>>>> internet
>>>>>>> connecting to my Exchange Enterprise Server 2003. Have followed
>>>>>>> Microsoft
>>>>>>> instructions, testing first without use of of SSL certificates. I
>>>>>>> may be a
>>>>>>> bit confused about front end and backend servers. I have one PC, a
>>>>>>> domain
>>>>>>> controller at our office, a seperate PC with Exchange Only on it,
>>>>>>> connecting
>>>>>>> to the Domain Controller, and another PC with Blackberry Enterprise
>>>>>>> installed. The purpose of this is to get away from use of the VPN
>>>>>>> connection required to be part of the local network for Exchange
>>>>>>> User access
>>>>>>> off property. Sounds good configuring settings into the Outlook
>>>>>>> only and
>>>>>>> preventing other local access this way. Any ideas? Again, cannot
>>>>>>> get the
>>>>>>> Outlook to see the Exchange Server during the logon name and
>>>>>>> password to
>>>>>>> server process.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>

>>
>>

>
>



 
Reply With Quote
 
Evans Leung
Guest
Posts: n/a
 
      23rd Oct 2008
not a wild card one, just one, owa."company.com"

"neo [mvp outlook]" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Not quite what I'm asking. A wildcard certificate shows that the name the
> certificate was issued to is *.some.domain. A subject alternatitive name
> (SAN) is where the certificate is multiple fqdn server names. For
> example, you can have a certificate that can be used for owa.some.domain,
> autodiscovery.some.domain, smtp.some.domain, pop3.some.domain, .etc.
>
> "Evans Leung" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
>> Verisign
>>
>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>> news:(E-Mail Removed)...
>>> Interesting. What kind of certificate are you using on the ISA box?
>>> (wildcard, san, .etc)
>>>
>>> "Evans Leung" <(E-Mail Removed)> wrote in message
>>> news:e7%23Eq$(E-Mail Removed)...
>>>> thanks for your reply, it puzzeles me that the current setup has been
>>>> working well with Outlook 2003 but not Outlook 2007...
>>>>
>>>> Evans
>>>>
>>>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>>>> news:(E-Mail Removed)...
>>>>> ISA2004 adds a layer of complexity, but
>>>>> http://www.isaserver.org/tutorials/2...owamobile.html might be
>>>>> helpful to you.
>>>>>
>>>>>
>>>>> "Evans Leung" <(E-Mail Removed)> wrote in message
>>>>> news:(E-Mail Removed)...
>>>>>> Neo,
>>>>>>
>>>>>> I have a similar situation, my domain is company.local, server name
>>>>>> is exchange
>>>>>>
>>>>>> with respect to your suggestion to change ValidPorts entry:
>>>>>>
>>>>>> at the moment I have:
>>>>>>
>>>>>> exchange:6001-6002;exchange.company.local:6001-6002;exchange:6004;exchange.company.local:6004
>>>>>>
>>>>>> do I need to change the above entry?
>>>>>>
>>>>>> the outlook 2007 (installed in Windows XP SP2) rpc-over-http only
>>>>>> works outside the network only if it VPN in (we use ISA2004 here)
>>>>>>
>>>>>> thanks,
>>>>>> Evans
>>>>>>
>>>>>> "neo [mvp outlook]" <(E-Mail Removed)> wrote in message
>>>>>> news:%(E-Mail Removed)...
>>>>>>> You should be asking this question over in one of the
>>>>>>> microsoft.public.exchange support groups. Also, you will need to
>>>>>>> clarify your post a bit. Based on the below, I would assume that
>>>>>>> you have a single Exchange server setup. If my understanding is
>>>>>>> right, you high level checks would be...
>>>>>>>
>>>>>>> 1) Ensure that the RPC proxy component is installed on your Windows
>>>>>>> 2003 (SP1/SP2)/Exchange 2003 SP2 server
>>>>>>>
>>>>>>> 2) Enable the Exchange server as an RPC/HTTPS backend server.
>>>>>>> (Exchange System Manager > Right click on server object > Properties
>>>>>>> > RPC-HTTP tab) You may have to add the necessary registry keys to
>>>>>>> get this working. Location in registry is:
>>>>>>>
>>>>>>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy
>>>>>>>
>>>>>>> The DWORD value Enabled should be set to 1
>>>>>>> The REG_SZ value ValidPorts would be set to
>>>>>>> ServerNETBIOSName:6001-6002;ServerNETBIOSName:6004;ServerFQDNName:6001-6002;ServerFQDNName:6004
>>>>>>>
>>>>>>> To explain the ValidPort line better, assume that the name of the
>>>>>>> Exchange server is EXCH01 and the domain name I'm working with is
>>>>>>> contoso.com. The ValidPorts entry would be:
>>>>>>>
>>>>>>> exch01:6001-6002;exch01:6004;exch01.contoso.com:6001-6002;exch01.contoso.com:6004
>>>>>>>
>>>>>>>
>>>>>>> 3) I would test the connection on the internal network before
>>>>>>> testing from the internet.
>>>>>>>
>>>>>>> Other than that, test with SSL enabled and if you are using a
>>>>>>> private (internal) certificates to secure the web/rpc proxy
>>>>>>> services, make sure that a copy of the signing certificate authority
>>>>>>> is installed on the workstations. The client operating system
>>>>>>> (assuming Windows XP SP2 or newer) will verify the SSL certificate
>>>>>>> back to the issuing certificate authority.
>>>>>>>
>>>>>>> "Daniel Mazur" <(E-Mail Removed)> wrote in message
>>>>>>> news:%(E-Mail Removed)...
>>>>>>>> having trouble seeing my exchange server via outlook 2007 over the
>>>>>>>> internet
>>>>>>>> connecting to my Exchange Enterprise Server 2003. Have followed
>>>>>>>> Microsoft
>>>>>>>> instructions, testing first without use of of SSL certificates. I
>>>>>>>> may be a
>>>>>>>> bit confused about front end and backend servers. I have one PC, a
>>>>>>>> domain
>>>>>>>> controller at our office, a seperate PC with Exchange Only on it,
>>>>>>>> connecting
>>>>>>>> to the Domain Controller, and another PC with Blackberry Enterprise
>>>>>>>> installed. The purpose of this is to get away from use of the VPN
>>>>>>>> connection required to be part of the local network for Exchange
>>>>>>>> User access
>>>>>>>> off property. Sounds good configuring settings into the Outlook
>>>>>>>> only and
>>>>>>>> preventing other local access this way. Any ideas? Again, cannot
>>>>>>>> get the
>>>>>>>> Outlook to see the Exchange Server during the logon name and
>>>>>>>> password to
>>>>>>>> server process.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>
>>>

>>
>>

>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
RPC over HTTP -- Outlook over Internet option not showing Craig Microsoft Outlook 2 29th Aug 2007 03:52 PM
RPC over HTTP not working Dale Walker Windows XP Work Remotely 0 9th Aug 2005 02:06 AM
Rules not working in RPC over HTTP mode =?Utf-8?B?RG91ZyBHcmllc2JhdW0=?= Microsoft Outlook Discussion 0 1st Jun 2004 05:26 PM
sorting rule not working in RPC over HTTP mode =?Utf-8?B?RG91ZyBHcmllc2JhdW0=?= Microsoft Outlook Interoperability 0 1st Jun 2004 05:11 PM
Outlook 2002 crashes over and over and over and over and over and over typoo Microsoft Outlook Discussion 5 7th Mar 2004 08:12 PM


Features
 

Advertising
 

Newsgroups
 


All times are GMT +1. The time now is 11:10 AM.