RE: Questions about RPC over HTTP

  • From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
  • To: "[ExchangeList]" <exchangelist@xxxxxxxxxxxxx>
  • Date: Fri, 4 Mar 2005 09:42:35 -0600

Quick tip:
Those docs were written during the Exchange 2003 beta.
 
Tom
www.isaserver.org/shinder <http://www.isaserver.org/shinder> 
Tom and Deb Shinder's Configuring ISA Server 2004
http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 

________________________________

From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] 
Sent: Friday, March 04, 2005 9:37 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Questions about RPC over HTTP


http://www.MSExchange.org/


Hi Michael,

 

I have three servers, ISA 2004, Exchange 2003, and Windows 2003 Server
(DC)

 

I already have OWA with SSL installed on the Exchange 2003, so the cert
is already installed for the default site, unless I need to reinstall it
from scratch after installing the RPC over HTTP proxy on the Exchange
2003 server?

 

The Windows 2003 SE (DC) has the GC registry key. NTDS/Parameters - NSPI
interface protocol sequences - ncacn_http:6004

 

The Exchange server has "back-end server" enabled under RPCHTTP tab in
the server properties under ESM.

The VaildPorts were added to Exchange 2003 registry the new school way
:-) example:

 

tqsex1:6001;tqsex1.tqslogistics.local:6001;tqsex1:6004;tqslogistics.loca
l:6004

 

I created the rule in ISA 2004 Server as to Tom's guidelines in his
Exchange ISA 2004 Kit (chapter 11 in case u want to have a look at it)

 

I then created the proper hosts files, one on ISA server, the other on
the client machine is which connected externally through another ISP all
together.

 

Under Outlook 2003 Sp1, running on top of Windows XP Sp2 I created a new
email account, selected Exchange Server, put in tqsex1.logistics.local
for the exchange server name, put in the administrator account name,
removed cache then clicked on more settings.

 

Under more settings I clicked on Connection, enabled Exchange proxy,
under Exchange proxy I put owa.tqslogistics.com (the cert name and site
name), added the mutually SSL mssdt: thing.. Enable both ON boxes, and
make sure authentication was set to basic. 

 

When I connect to the exchange box, I tried tqslogistics\adminsname and
adminsname@xxxxxxxxxxxxxxxx and password. Each time I would wait for
about 1 min and then get a message "your exchange server is
unavailable". 

 

So I don't know what I have done wrong.. I followed the steps and it
doesn't work for some reason, so I have been banging my head against the
wall for over a month now, almost ready to call India and pay them $250
to fix it if they can. ;)

 

Andrew

 

 

________________________________

From: Michael B. Smith [mailto:michael@xxxxxxxxxx] 
Sent: Friday, March 04, 2005 10:05 AM
To: [ExchangeList]
Subject: [exchangelist] RE: Questions about RPC over HTTP

 

http://www.MSExchange.org/

That is old school - pre-RTM of Exchange 2003.

 

You don't dare open port 593 - and it isn't required anyway - that's
RPC.

And port 6002 is no longer required.

 

You need to talk to the server that is doing the RPC-proxy, and you need
ports 6001 and 6004 and you need the internal FQDN, the external FQDN,
and the NetBIOS name. For some companies the internal FQDN and the
external FQDN are the same. The external FQDN should be the same thing
as whatever FQDN you have the SSL certificate for.

 

________________________________

From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] 
Sent: Friday, March 04, 2005 10:01 AM
To: [ExchangeList]
Subject: [exchangelist] Questions about RPC over HTTP

http://www.MSExchange.org/

I am looking through "Global Learning - Exchange Server 2003 -
Instructor Guide" reading up on what they say about deploying RPC over
HTTP and I have gotten down to the configuration of the rpcproxy
registry entries. This is what they say should be in your Exchange 2003
rpcproxy registry setting for VaildPorts:

 

Back-end:593;back-end.fqdn:593;back-end:6001;back-end.fqdn:6001;back-end
:6002;back-end.fqdn:6002;back-end:6004;back-end.fqdn:6004;GC:539;GC.fqdn
:593;GC:6004;GC.fqdn:6004

 

I see that everyone has their own opinion on how to setup Exchange 2003
especially when it comes to the rpcproxy port values, is there any
correct way of going? Is this the correct way?

 

Andrew

 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
michael@xxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
andrew@xxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp
Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 ISA Server Resource Site: http://www.isaserver.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this MSEXchange.org Discussion List as:
tshinder@xxxxxxxxxxx
To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=exchangelist
Report abuse to listadmin@xxxxxxxxxxxxxx 

Other related posts: