RE: Global Catalog Server

• From: Rick Boza <rickb@xxxxxxxxxxxxxxx>
• To: Exchange List <exchangelist@xxxxxxxxxxxxx>
• Date: Wed, 02 Mar 2005 18:13:43 -0500

Limiting the scope of my response to the client trusting your internal CA
from outside your environment, yes it will work.


On 3/2/05 4:44 PM, "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx> wrote:

> http://www.MSExchange.org/
> 
> Rick, 
> 
> So this will work if the client is a external machine from the LAN
> right? 
> 
> Andrew
> 
> -----Original Message-----
> From: Rick Boza [mailto:rickb@xxxxxxxxxxxxxxx]
> Sent: Wednesday, March 02, 2005 3:49 PM
> To: [ExchangeList]
> Subject: [exchangelist] RE: Global Catalog Server
> 
> http://www.MSExchange.org/
> 
> Check 
> http://www.microsoft.com/resources/documentation/WindowsServ/2003/standa
> rd/p
> roddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/
> stan
> dard/proddocs/en-us/sag_pkpuncertroot.asp for some info on the GPO to
> which
> I'm referring.
> 
> 
> On 3/2/05 2:59 PM, "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
> wrote:
> 
>> http://www.MSExchange.org/
>> 
>> Hi Rick, 
>> 
>> Yes I have created my own Cert which like under OWA with SSL you are
>> prompted for the OKAY. But like you said RPC over HTTP doesn't support
>> that. Were can I find some info on doing this "install your CA as a
>> trusted source via GPO" so that the few clients I have don't have to
> go
>> through the hassle (hopefully) of brining their machines to me so I
> can
>> install the Cert for them??
>> 
>> Thanks
>> Andrew
>> 
>> 
>> -----Original Message-----
>> From: Rick Boza [mailto:rickb@xxxxxxxxxxxxxxx]
>> Sent: Wednesday, March 02, 2005 2:47 PM
>> To: [ExchangeList]
>> Subject: [exchangelist] RE: Global Catalog Server
>> 
>> http://www.MSExchange.org/
>> 
>> Wait, are you saying you're trying to get Outlook 2003 to hit your
>> server
>> over an SSL connection, yet you're using an untrusted root CA?  Well,
>> that
>> certainly could be your problem (although I recall you've mucked
> around
>> with
>> virtual servers and web sites from past messages you've sent out, but
>> let's
>> put that aside for the moment).
>> 
>> There's not a way for Outlook to prompt you as to the unverified
>> certificate
>> (IIRC) - instead the connection simply fails.  Having said that, you
> can
>> install your CA as a trusted source via GPO, which is what I do for
>> clients
>> all the time if they want to use a cert of their own rather than one
>> from
>> verisign, Entrust, or whomever.
>> 
>> If the cert isn't installed, RPC/HTTPS is broken, without a doubt.
>> 
>> 
>> On 3/2/05 2:36 PM, "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx>
>> wrote:
>> 
>>> http://www.MSExchange.org/
>>> 
>>> What can cause Outlook 2003 to report that your Exchange server is
>>> unavailable when you try to connect to it via an external source?
>>> 
>>> I have:
>>> 
>>> 
>> 
> exchange:6001-6002;exchange.myserver.ca:6001-6002;exchange:6004;exchange
>>> .myserver.ca:6004
>>> 
>>> in my exchanges registry under ....rpc\rpcproxy
>>> 
>>> and
>>> 
>>> the other GC setting on my DC/GC box which is a multi string value
>> with
>>> NSPI interface protocol sequences, value of ncacn_http:6004 under
>>> .....NTDS\Parameters in the registry.
>>> 
>>> The only thing I have not done is install the enterprise ca cert on
>> the
>>> client machine because I was hoping that I wouldn't have to do that
>>> since I want to ideally have others access the site who are not going
>> be
>>> accessing RPC over HTTP from the inside ever.
>>> 
>>> Andrew
>>> 
>>> 
>>> -----Original Message-----
>>> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
>>> Sent: Wednesday, March 02, 2005 1:57 PM
>>> To: [ExchangeList]
>>> Subject: [exchangelist] RE: Global Catalog Server
>>> 
>>> http://www.MSExchange.org/
>>> 
>>> Since no where that I know of is it required for rpc proxy that
>> Exchange
>>> has
>>> to be on a DC, you can deduce the answer is yes.
>>> 
>>> John Tolmachoff
>>> Engineer/Consultant/Owner
>>> eServices For You
>>> 
>>> 
>>>> -----Original Message-----
>>>> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
>>>> Sent: Wednesday, March 02, 2005 9:35 AM
>>>> To: [ExchangeList]
>>>> Subject: [exchangelist] RE: Global Catalog Server
>>>> 
>>>> http://www.MSExchange.org/
>>>> 
>>>> So using another box such as my DC as the GC for rpc proxy is okay?
>>>> 
>>>> Andrew
>>>> 
>>>> 
>>>> -----Original Message-----
>>>> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
>>>> Sent: Wednesday, March 02, 2005 12:18 PM
>>>> To: [ExchangeList]
>>>> Subject: [exchangelist] RE: Global Catalog Server
>>>> 
>>>> http://www.MSExchange.org/
>>>> 
>>>> Then chances are you do not understand what you are doing.
>>>> 
>>>> That means the Exchange servers was a DC prior to installing
> Exchange
>>>> but
>>>> was not a GC. You did not follow installation instructions.
>>>> 
>>>> If you install Exchange on a DC, it must be a GC before installing
>>>> otherwise
>>>> you will have problems.
>>>> 
>>>> John Tolmachoff
>>>> Engineer/Consultant/Owner
>>>> eServices For You
>>>> 
>>>>> -----Original Message-----
>>>>> From: Bruce J. Rose [mailto:brose@xxxxxxxxxxx]
>>>>> Sent: Wednesday, March 02, 2005 5:52 AM
>>>>> To: [ExchangeList]
>>>>> Subject: [exchangelist] RE: Global Catalog Server
>>>>> 
>>>>> http://www.MSExchange.org/
>>>>> 
>>>>> I added GC to my rebuilt exchange box fixed problems and has not
>>> seem
>>>> to
>>>>> cause any...Yet>
>>>>> 
>>>>> Bruce
>>>>> 
>>>>> -----Original Message-----
>>>>> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
>>>>> Sent: Tuesday, March 01, 2005 9:27 PM
>>>>> To: [ExchangeList]
>>>>> Subject: [exchangelist] RE: Global Catalog Server
>>>>> 
>>>>> http://www.MSExchange.org/
>>>>> 
>>>>> Andrew, if you have a stand alone Exchange server not belonging to
> a
>>>>> domain...
>>>>> 
>>>>> GC server can only be a DC!
>>>>> 
>>>>> If making their Exchange server a GC fixed problems, their problems
>>>> are
>>>>> rooted deeper than they think.
>>>>> 
>>>>> If the Exchange server is going to be a DC, it must be fully
>>>> configured
>>>>> properly as a DC including GC BEFORE installing Exchange.
>>>>> 
>>>>> John Tolmachoff
>>>>> Engineer/Consultant/Owner
>>>>> eServices For You
>>>>> 
>>>>> 
>>>>>> -----Original Message-----
>>>>>> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx]
>>>>>> Sent: Tuesday, March 01, 2005 4:32 PM
>>>>>> To: [ExchangeList]
>>>>>> Subject: [exchangelist] Global Catalog Server
>>>>>> 
>>>>>> http://www.MSExchange.org/
>>>>>> 
>>>>>> I am wondering how I would go about install the GC on my
>>> standalone
>>>>>> Exchange box? I've been having a lot of problems with RPC over
>>> HTTP
>>>>> and
>>>>>> notice a lot people who install GC on their exchange servers
>>> (2003)
>>>>>> noticed the problems got fixed.
>>>>>> 
>>>>>> Andrew
>>>>>> 
>>>>>> 
>>>>>> ------------------------------------------------------
>>>>>> List Archives:
>>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>>>> Exchange Newsletters:
>>> http://www.msexchange.org/pages/newsletter.asp
>>>>>> Exchange FAQ:
>>> http://www.msexchange.org/pages/larticle.asp?type=FAQ
>>>>>> ------------------------------------------------------
>>>>>> Other Internet Software Marketing Sites:
>>>>>> World of Windows Networking: http://www.windowsnetworking.com
>>>>>> Leading Network Software Directory: http://www.serverfiles.com
>>>>>> No.1 ISA Server Resource Site: http://www.isaserver.org
>>>>>> Windows Security Resource Site: http://www.windowsecurity.com/
>>>>>> Network Security Library: http://www.secinf.net/
>>>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>>>>> ------------------------------------------------------
>>>>>> You are currently subscribed to this MSEXchange.org Discussion
>>> List
>>>>> as:
>>>>>> johnlist@xxxxxxxxxxxxxxxxxxx
>>>>>> To unsubscribe visit
>>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>>>> Report abuse to listadmin@xxxxxxxxxxxxxx
>>>>> 
>>>>> 
>>>>> ------------------------------------------------------
>>>>> List Archives:
>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>>> Exchange Newsletters:
> http://www.msexchange.org/pages/newsletter.asp
>>>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>>>>> ------------------------------------------------------
>>>>> Other Internet Software Marketing Sites:
>>>>> World of Windows Networking: http://www.windowsnetworking.com
>>>>> Leading Network Software Directory: http://www.serverfiles.com
>>>>> No.1 ISA Server Resource Site: http://www.isaserver.org
>>>>> Windows Security Resource Site: http://www.windowsecurity.com/
>>>>> Network Security Library: http://www.secinf.net/
>>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>>>> ------------------------------------------------------
>>>>> You are currently subscribed to this MSEXchange.org Discussion List
>>>> as:
>>>>> brose@xxxxxxxxxxx
>>>>> To unsubscribe visit
>>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>>> Report abuse to listadmin@xxxxxxxxxxxxxx
>>>>> 
>>>>> 
>>>>> 
>>>>> ------------------------------------------------------
>>>>> List Archives:
>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>>> Exchange Newsletters:
> http://www.msexchange.org/pages/newsletter.asp
>>>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>>>>> ------------------------------------------------------
>>>>> Other Internet Software Marketing Sites:
>>>>> World of Windows Networking: http://www.windowsnetworking.com
>>>>> Leading Network Software Directory: http://www.serverfiles.com
>>>>> No.1 ISA Server Resource Site: http://www.isaserver.org
>>>>> Windows Security Resource Site: http://www.windowsecurity.com/
>>>>> Network Security Library: http://www.secinf.net/
>>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>>>> ------------------------------------------------------
>>>>> You are currently subscribed to this MSEXchange.org Discussion List
>>>> as:
>>>>> johnlist@xxxxxxxxxxxxxxxxxxx
>>>>> To unsubscribe visit
>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>>> Report abuse to listadmin@xxxxxxxxxxxxxx
>>>> 
>>>> 
>>>> ------------------------------------------------------
>>>> List Archives:
>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
>>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>>>> ------------------------------------------------------
>>>> Other Internet Software Marketing Sites:
>>>> World of Windows Networking: http://www.windowsnetworking.com
>>>> Leading Network Software Directory: http://www.serverfiles.com
>>>> No.1 ISA Server Resource Site: http://www.isaserver.org
>>>> Windows Security Resource Site: http://www.windowsecurity.com/
>>>> Network Security Library: http://www.secinf.net/
>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>>> ------------------------------------------------------
>>>> You are currently subscribed to this MSEXchange.org Discussion List
>>> as:
>>>> andrew@xxxxxxxxxxxxxxxxxxxxxx
>>>> To unsubscribe visit
>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>> Report abuse to listadmin@xxxxxxxxxxxxxx
>>>> 
>>>> ------------------------------------------------------
>>>> List Archives:
>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
>>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>>>> ------------------------------------------------------
>>>> Other Internet Software Marketing Sites:
>>>> World of Windows Networking: http://www.windowsnetworking.com
>>>> Leading Network Software Directory: http://www.serverfiles.com
>>>> No.1 ISA Server Resource Site: http://www.isaserver.org
>>>> Windows Security Resource Site: http://www.windowsecurity.com/
>>>> Network Security Library: http://www.secinf.net/
>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>>> ------------------------------------------------------
>>>> You are currently subscribed to this MSEXchange.org Discussion List
>>> as:
>>>> johnlist@xxxxxxxxxxxxxxxxxxx
>>>> To unsubscribe visit
>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>>> Report abuse to listadmin@xxxxxxxxxxxxxx
>>> 
>>> 
>>> ------------------------------------------------------
>>> List Archives:
>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>>> ------------------------------------------------------
>>> Other Internet Software Marketing Sites:
>>> World of Windows Networking: http://www.windowsnetworking.com
>>> Leading Network Software Directory: http://www.serverfiles.com
>>> No.1 ISA Server Resource Site: http://www.isaserver.org
>>> Windows Security Resource Site: http://www.windowsecurity.com/
>>> Network Security Library: http://www.secinf.net/
>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>> ------------------------------------------------------
>>> You are currently subscribed to this MSEXchange.org Discussion List
>> as:
>>> andrew@xxxxxxxxxxxxxxxxxxxxxx
>>> To unsubscribe visit
>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>> Report abuse to listadmin@xxxxxxxxxxxxxx
>>> 
>>> ------------------------------------------------------
>>> List Archives:
>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>>> ------------------------------------------------------
>>> Other Internet Software Marketing Sites:
>>> World of Windows Networking: http://www.windowsnetworking.com
>>> Leading Network Software Directory: http://www.serverfiles.com
>>> No.1 ISA Server Resource Site: http://www.isaserver.org
>>> Windows Security Resource Site: http://www.windowsecurity.com/
>>> Network Security Library: http://www.secinf.net/
>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>>> ------------------------------------------------------
>>> You are currently subscribed to this MSEXchange.org Discussion List
>> as:
>>> rickb@xxxxxxxxxxxxxxx
>>> To unsubscribe visit
>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>>> Report abuse to listadmin@xxxxxxxxxxxxxx
>> 
>> 
>> ------------------------------------------------------
>> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>> ------------------------------------------------------
>> Other Internet Software Marketing Sites:
>> World of Windows Networking: http://www.windowsnetworking.com
>> Leading Network Software Directory: http://www.serverfiles.com
>> No.1 ISA Server Resource Site: http://www.isaserver.org
>> Windows Security Resource Site: http://www.windowsecurity.com/
>> Network Security Library: http://www.secinf.net/
>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>> ------------------------------------------------------
>> You are currently subscribed to this MSEXchange.org Discussion List
> as:
>> andrew@xxxxxxxxxxxxxxxxxxxxxx
>> To unsubscribe visit
>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>> Report abuse to listadmin@xxxxxxxxxxxxxx
>> 
>> ------------------------------------------------------
>> List Archives:
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
>> ------------------------------------------------------
>> Other Internet Software Marketing Sites:
>> World of Windows Networking: http://www.windowsnetworking.com
>> Leading Network Software Directory: http://www.serverfiles.com
>> No.1 ISA Server Resource Site: http://www.isaserver.org
>> Windows Security Resource Site: http://www.windowsecurity.com/
>> Network Security Library: http://www.secinf.net/
>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
>> ------------------------------------------------------
>> You are currently subscribed to this MSEXchange.org Discussion List
> as:
>> rickb@xxxxxxxxxxxxxxx
>> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
>> Report abuse to listadmin@xxxxxxxxxxxxxx
> 
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List as:
> andrew@xxxxxxxxxxxxxxxxxxxxxx
> To unsubscribe visit
> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx
> 
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> World of Windows Networking: http://www.windowsnetworking.com
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 ISA Server Resource Site: http://www.isaserver.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this MSEXchange.org Discussion List as:
> rickb@xxxxxxxxxxxxxxx
> To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
> Report abuse to listadmin@xxxxxxxxxxxxxx

Other related posts:

• » Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » RE: Global Catalog Server
• » Global Catalog Server
• » RE: Global Catalog Server
• » Re: Global Catalog Server

1. Home
2. exchangelist
3. Archive
4. 03-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---