Limiting the scope of my response to the client trusting your internal CA from outside your environment, yes it will work. On 3/2/05 4:44 PM, "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx> wrote: > http://www.MSExchange.org/ > > Rick, > > So this will work if the client is a external machine from the LAN > right? > > Andrew > > -----Original Message----- > From: Rick Boza [mailto:rickb@xxxxxxxxxxxxxxx] > Sent: Wednesday, March 02, 2005 3:49 PM > To: [ExchangeList] > Subject: [exchangelist] RE: Global Catalog Server > > http://www.MSExchange.org/ > > Check > http://www.microsoft.com/resources/documentation/WindowsServ/2003/standa > rd/p > roddocs/en-us/Default.asp?url=/resources/documentation/WindowsServ/2003/ > stan > dard/proddocs/en-us/sag_pkpuncertroot.asp for some info on the GPO to > which > I'm referring. > > > On 3/2/05 2:59 PM, "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx> > wrote: > >> http://www.MSExchange.org/ >> >> Hi Rick, >> >> Yes I have created my own Cert which like under OWA with SSL you are >> prompted for the OKAY. But like you said RPC over HTTP doesn't support >> that. Were can I find some info on doing this "install your CA as a >> trusted source via GPO" so that the few clients I have don't have to > go >> through the hassle (hopefully) of brining their machines to me so I > can >> install the Cert for them?? >> >> Thanks >> Andrew >> >> >> -----Original Message----- >> From: Rick Boza [mailto:rickb@xxxxxxxxxxxxxxx] >> Sent: Wednesday, March 02, 2005 2:47 PM >> To: [ExchangeList] >> Subject: [exchangelist] RE: Global Catalog Server >> >> http://www.MSExchange.org/ >> >> Wait, are you saying you're trying to get Outlook 2003 to hit your >> server >> over an SSL connection, yet you're using an untrusted root CA? Well, >> that >> certainly could be your problem (although I recall you've mucked > around >> with >> virtual servers and web sites from past messages you've sent out, but >> let's >> put that aside for the moment). >> >> There's not a way for Outlook to prompt you as to the unverified >> certificate >> (IIRC) - instead the connection simply fails. Having said that, you > can >> install your CA as a trusted source via GPO, which is what I do for >> clients >> all the time if they want to use a cert of their own rather than one >> from >> verisign, Entrust, or whomever. >> >> If the cert isn't installed, RPC/HTTPS is broken, without a doubt. >> >> >> On 3/2/05 2:36 PM, "Andrew English" <andrew@xxxxxxxxxxxxxxxxxxxxxx> >> wrote: >> >>> http://www.MSExchange.org/ >>> >>> What can cause Outlook 2003 to report that your Exchange server is >>> unavailable when you try to connect to it via an external source? >>> >>> I have: >>> >>> >> > exchange:6001-6002;exchange.myserver.ca:6001-6002;exchange:6004;exchange >>> .myserver.ca:6004 >>> >>> in my exchanges registry under ....rpc\rpcproxy >>> >>> and >>> >>> the other GC setting on my DC/GC box which is a multi string value >> with >>> NSPI interface protocol sequences, value of ncacn_http:6004 under >>> .....NTDS\Parameters in the registry. >>> >>> The only thing I have not done is install the enterprise ca cert on >> the >>> client machine because I was hoping that I wouldn't have to do that >>> since I want to ideally have others access the site who are not going >> be >>> accessing RPC over HTTP from the inside ever. >>> >>> Andrew >>> >>> >>> -----Original Message----- >>> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] >>> Sent: Wednesday, March 02, 2005 1:57 PM >>> To: [ExchangeList] >>> Subject: [exchangelist] RE: Global Catalog Server >>> >>> http://www.MSExchange.org/ >>> >>> Since no where that I know of is it required for rpc proxy that >> Exchange >>> has >>> to be on a DC, you can deduce the answer is yes. >>> >>> John Tolmachoff >>> Engineer/Consultant/Owner >>> eServices For You >>> >>> >>>> -----Original Message----- >>>> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] >>>> Sent: Wednesday, March 02, 2005 9:35 AM >>>> To: [ExchangeList] >>>> Subject: [exchangelist] RE: Global Catalog Server >>>> >>>> http://www.MSExchange.org/ >>>> >>>> So using another box such as my DC as the GC for rpc proxy is okay? >>>> >>>> Andrew >>>> >>>> >>>> -----Original Message----- >>>> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] >>>> Sent: Wednesday, March 02, 2005 12:18 PM >>>> To: [ExchangeList] >>>> Subject: [exchangelist] RE: Global Catalog Server >>>> >>>> http://www.MSExchange.org/ >>>> >>>> Then chances are you do not understand what you are doing. >>>> >>>> That means the Exchange servers was a DC prior to installing > Exchange >>>> but >>>> was not a GC. You did not follow installation instructions. >>>> >>>> If you install Exchange on a DC, it must be a GC before installing >>>> otherwise >>>> you will have problems. >>>> >>>> John Tolmachoff >>>> Engineer/Consultant/Owner >>>> eServices For You >>>> >>>>> -----Original Message----- >>>>> From: Bruce J. Rose [mailto:brose@xxxxxxxxxxx] >>>>> Sent: Wednesday, March 02, 2005 5:52 AM >>>>> To: [ExchangeList] >>>>> Subject: [exchangelist] RE: Global Catalog Server >>>>> >>>>> http://www.MSExchange.org/ >>>>> >>>>> I added GC to my rebuilt exchange box fixed problems and has not >>> seem >>>> to >>>>> cause any...Yet> >>>>> >>>>> Bruce >>>>> >>>>> -----Original Message----- >>>>> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] >>>>> Sent: Tuesday, March 01, 2005 9:27 PM >>>>> To: [ExchangeList] >>>>> Subject: [exchangelist] RE: Global Catalog Server >>>>> >>>>> http://www.MSExchange.org/ >>>>> >>>>> Andrew, if you have a stand alone Exchange server not belonging to > a >>>>> domain... >>>>> >>>>> GC server can only be a DC! >>>>> >>>>> If making their Exchange server a GC fixed problems, their problems >>>> are >>>>> rooted deeper than they think. >>>>> >>>>> If the Exchange server is going to be a DC, it must be fully >>>> configured >>>>> properly as a DC including GC BEFORE installing Exchange. >>>>> >>>>> John Tolmachoff >>>>> Engineer/Consultant/Owner >>>>> eServices For You >>>>> >>>>> >>>>>> -----Original Message----- >>>>>> From: Andrew English [mailto:andrew@xxxxxxxxxxxxxxxxxxxxxx] >>>>>> Sent: Tuesday, March 01, 2005 4:32 PM >>>>>> To: [ExchangeList] >>>>>> Subject: [exchangelist] Global Catalog Server >>>>>> >>>>>> http://www.MSExchange.org/ >>>>>> >>>>>> I am wondering how I would go about install the GC on my >>> standalone >>>>>> Exchange box? I've been having a lot of problems with RPC over >>> HTTP >>>>> and >>>>>> notice a lot people who install GC on their exchange servers >>> (2003) >>>>>> noticed the problems got fixed. >>>>>> >>>>>> Andrew >>>>>> >>>>>> >>>>>> ------------------------------------------------------ >>>>>> List Archives: >>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>>>> Exchange Newsletters: >>> http://www.msexchange.org/pages/newsletter.asp >>>>>> Exchange FAQ: >>> http://www.msexchange.org/pages/larticle.asp?type=FAQ >>>>>> ------------------------------------------------------ >>>>>> Other Internet Software Marketing Sites: >>>>>> World of Windows Networking: http://www.windowsnetworking.com >>>>>> Leading Network Software Directory: http://www.serverfiles.com >>>>>> No.1 ISA Server Resource Site: http://www.isaserver.org >>>>>> Windows Security Resource Site: http://www.windowsecurity.com/ >>>>>> Network Security Library: http://www.secinf.net/ >>>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >>>>>> ------------------------------------------------------ >>>>>> You are currently subscribed to this MSEXchange.org Discussion >>> List >>>>> as: >>>>>> johnlist@xxxxxxxxxxxxxxxxxxx >>>>>> To unsubscribe visit >>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>>>> Report abuse to listadmin@xxxxxxxxxxxxxx >>>>> >>>>> >>>>> ------------------------------------------------------ >>>>> List Archives: >>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>>> Exchange Newsletters: > http://www.msexchange.org/pages/newsletter.asp >>>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >>>>> ------------------------------------------------------ >>>>> Other Internet Software Marketing Sites: >>>>> World of Windows Networking: http://www.windowsnetworking.com >>>>> Leading Network Software Directory: http://www.serverfiles.com >>>>> No.1 ISA Server Resource Site: http://www.isaserver.org >>>>> Windows Security Resource Site: http://www.windowsecurity.com/ >>>>> Network Security Library: http://www.secinf.net/ >>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >>>>> ------------------------------------------------------ >>>>> You are currently subscribed to this MSEXchange.org Discussion List >>>> as: >>>>> brose@xxxxxxxxxxx >>>>> To unsubscribe visit >>>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>>> Report abuse to listadmin@xxxxxxxxxxxxxx >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------ >>>>> List Archives: >>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>>> Exchange Newsletters: > http://www.msexchange.org/pages/newsletter.asp >>>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >>>>> ------------------------------------------------------ >>>>> Other Internet Software Marketing Sites: >>>>> World of Windows Networking: http://www.windowsnetworking.com >>>>> Leading Network Software Directory: http://www.serverfiles.com >>>>> No.1 ISA Server Resource Site: http://www.isaserver.org >>>>> Windows Security Resource Site: http://www.windowsecurity.com/ >>>>> Network Security Library: http://www.secinf.net/ >>>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >>>>> ------------------------------------------------------ >>>>> You are currently subscribed to this MSEXchange.org Discussion List >>>> as: >>>>> johnlist@xxxxxxxxxxxxxxxxxxx >>>>> To unsubscribe visit >>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>>> Report abuse to listadmin@xxxxxxxxxxxxxx >>>> >>>> >>>> ------------------------------------------------------ >>>> List Archives: >>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp >>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >>>> ------------------------------------------------------ >>>> Other Internet Software Marketing Sites: >>>> World of Windows Networking: http://www.windowsnetworking.com >>>> Leading Network Software Directory: http://www.serverfiles.com >>>> No.1 ISA Server Resource Site: http://www.isaserver.org >>>> Windows Security Resource Site: http://www.windowsecurity.com/ >>>> Network Security Library: http://www.secinf.net/ >>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >>>> ------------------------------------------------------ >>>> You are currently subscribed to this MSEXchange.org Discussion List >>> as: >>>> andrew@xxxxxxxxxxxxxxxxxxxxxx >>>> To unsubscribe visit >>>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>> Report abuse to listadmin@xxxxxxxxxxxxxx >>>> >>>> ------------------------------------------------------ >>>> List Archives: >>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp >>>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >>>> ------------------------------------------------------ >>>> Other Internet Software Marketing Sites: >>>> World of Windows Networking: http://www.windowsnetworking.com >>>> Leading Network Software Directory: http://www.serverfiles.com >>>> No.1 ISA Server Resource Site: http://www.isaserver.org >>>> Windows Security Resource Site: http://www.windowsecurity.com/ >>>> Network Security Library: http://www.secinf.net/ >>>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >>>> ------------------------------------------------------ >>>> You are currently subscribed to this MSEXchange.org Discussion List >>> as: >>>> johnlist@xxxxxxxxxxxxxxxxxxx >>>> To unsubscribe visit >>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>>> Report abuse to listadmin@xxxxxxxxxxxxxx >>> >>> >>> ------------------------------------------------------ >>> List Archives: >> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp >>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >>> ------------------------------------------------------ >>> Other Internet Software Marketing Sites: >>> World of Windows Networking: http://www.windowsnetworking.com >>> Leading Network Software Directory: http://www.serverfiles.com >>> No.1 ISA Server Resource Site: http://www.isaserver.org >>> Windows Security Resource Site: http://www.windowsecurity.com/ >>> Network Security Library: http://www.secinf.net/ >>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >>> ------------------------------------------------------ >>> You are currently subscribed to this MSEXchange.org Discussion List >> as: >>> andrew@xxxxxxxxxxxxxxxxxxxxxx >>> To unsubscribe visit >>> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>> Report abuse to listadmin@xxxxxxxxxxxxxx >>> >>> ------------------------------------------------------ >>> List Archives: >> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp >>> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >>> ------------------------------------------------------ >>> Other Internet Software Marketing Sites: >>> World of Windows Networking: http://www.windowsnetworking.com >>> Leading Network Software Directory: http://www.serverfiles.com >>> No.1 ISA Server Resource Site: http://www.isaserver.org >>> Windows Security Resource Site: http://www.windowsecurity.com/ >>> Network Security Library: http://www.secinf.net/ >>> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >>> ------------------------------------------------------ >>> You are currently subscribed to this MSEXchange.org Discussion List >> as: >>> rickb@xxxxxxxxxxxxxxx >>> To unsubscribe visit >> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >>> Report abuse to listadmin@xxxxxxxxxxxxxx >> >> >> ------------------------------------------------------ >> List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp >> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Other Internet Software Marketing Sites: >> World of Windows Networking: http://www.windowsnetworking.com >> Leading Network Software Directory: http://www.serverfiles.com >> No.1 ISA Server Resource Site: http://www.isaserver.org >> Windows Security Resource Site: http://www.windowsecurity.com/ >> Network Security Library: http://www.secinf.net/ >> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >> ------------------------------------------------------ >> You are currently subscribed to this MSEXchange.org Discussion List > as: >> andrew@xxxxxxxxxxxxxxxxxxxxxx >> To unsubscribe visit >> http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >> Report abuse to listadmin@xxxxxxxxxxxxxx >> >> ------------------------------------------------------ >> List Archives: > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >> Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp >> Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ >> ------------------------------------------------------ >> Other Internet Software Marketing Sites: >> World of Windows Networking: http://www.windowsnetworking.com >> Leading Network Software Directory: http://www.serverfiles.com >> No.1 ISA Server Resource Site: http://www.isaserver.org >> Windows Security Resource Site: http://www.windowsecurity.com/ >> Network Security Library: http://www.secinf.net/ >> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com >> ------------------------------------------------------ >> You are currently subscribed to this MSEXchange.org Discussion List > as: >> rickb@xxxxxxxxxxxxxxx >> To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist >> Report abuse to listadmin@xxxxxxxxxxxxxx > > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 ISA Server Resource Site: http://www.isaserver.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this MSEXchange.org Discussion List as: > andrew@xxxxxxxxxxxxxxxxxxxxxx > To unsubscribe visit > http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Report abuse to listadmin@xxxxxxxxxxxxxx > > ------------------------------------------------------ > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Exchange Newsletters: http://www.msexchange.org/pages/newsletter.asp > Exchange FAQ: http://www.msexchange.org/pages/larticle.asp?type=FAQ > ------------------------------------------------------ > Other Internet Software Marketing Sites: > World of Windows Networking: http://www.windowsnetworking.com > Leading Network Software Directory: http://www.serverfiles.com > No.1 ISA Server Resource Site: http://www.isaserver.org > Windows Security Resource Site: http://www.windowsecurity.com/ > Network Security Library: http://www.secinf.net/ > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com > ------------------------------------------------------ > You are currently subscribed to this MSEXchange.org Discussion List as: > rickb@xxxxxxxxxxxxxxx > To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=exchangelist > Report abuse to listadmin@xxxxxxxxxxxxxx