[isalist] Re: RPC over HTTP (Almost there...)

From: "Tom Rogers" <trogers@xxxxxxxxxxxxxxxxxx>
To: <isalist@xxxxxxxxxxxxx>
Date: Sun, 25 Jun 2006 11:34:02 -0400
 

________________________________

From: isalist-bounce@xxxxxxxxxxxxx on behalf of Thomas W Shinder
Sent: Sun 6/25/2006 10:06 AM
To: isalist@xxxxxxxxxxxxx
Subject: [isalist] Re: RPC over HTTP (Almost there...)


>Hi Tom,
 
>OK, 
 
> 1. What is the ACTUAL common/subject name on the Web site certificate bound 
> to the Web listener?
*.companyname.biz
 
>2. What is the ACTUAL common/subject name on the Exchange Web site?
owa.companyname.biz
 
>3. What is the ACTUAL name on the Public Name tab?
owa.companyname.com
 
>4. What is the ACTUAL name on the To tab?
owa.companyname.com
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/> 
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> 
MVP -- ISA Firewalls

 


________________________________

        From: isalist-bounce@xxxxxxxxxxxxx 
[mailto:isalist-bounce@xxxxxxxxxxxxx] On Behalf Of Tom Rogers
        Sent: Sunday, June 25, 2006 12:32 AM
        To: isalist@xxxxxxxxxxxxx
        Subject: RE: [isalist] RPC over HTTP (Almost there...)
        
        
        I ran a filter on the ISA monitoring for the OWA rule. This is what 
happens when I tried to authenticate 3 times...
         
        Original Client IP Client Agent Authenticated Client Service Server 
Name Referring Server Destination Host Name Transport MIME Type Object Source 
Source Proxy Destination Proxy Bidirectional Client Host Name Filter 
Information Network Interface Raw IP Header Raw Payload Source Port Processing 
Time Bytes Sent Bytes Received Result Code HTTP Status Code Cache Information 
Error Information Log Record Type Log Time Destination IP Destination Port 
Protocol Action Rule Client IP Client Username Source Network Destination 
Network HTTP Method URL
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 312 0 326  10054  0x4000008 0xc02 Web Proxy Filter 
06/25/2006 1:21:46 AM 192.168.1.5 443 https Failed Connection Attempt 
companyname OWA 74.67.214.74 anonymous External  RPC_IN_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 1 1933 306  401  0x44000008 0xc00 Web Proxy Filter 
06/25/2006 1:21:49 AM 192.168.1.5 443 https Allowed Connection companyname OWA 
74.67.214.74 anonymous External  RPC_IN_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 1 1933 307  401  0x44000008 0xc00 Web Proxy Filter 
06/25/2006 1:21:49 AM 192.168.1.5 443 https Allowed Connection companyname OWA 
74.67.214.74 anonymous External  RPC_OUT_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 15 1933 306  401  0x44000008 0xc00 Web Proxy Filter 
06/25/2006 1:21:52 AM 192.168.1.5 443 https Allowed Connection companyname OWA 
74.67.214.74 anonymous External  RPC_IN_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 1 0 307  10054  0x4000008 0xc02 Web Proxy Filter 
06/25/2006 1:21:52 AM 192.168.1.5 443 https Failed Connection Attempt 
companyname OWA 74.67.214.74 anonymous External  RPC_OUT_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 1 1933 306  401  0x44000008 0xc00 Web Proxy Filter 
06/25/2006 1:22:00 AM 192.168.1.5 443 https Allowed Connection companyname OWA 
74.67.214.74 anonymous External  RPC_IN_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 1 1933 307  401  0x44000008 0xc00 Web Proxy Filter 
06/25/2006 1:22:00 AM 192.168.1.5 443 https Allowed Connection companyname OWA 
74.67.214.74 anonymous External  RPC_OUT_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 1 1933 306  401  0x44000008 0xc00 Web Proxy Filter 
06/25/2006 1:22:03 AM 192.168.1.5 443 https Allowed Connection companyname OWA 
74.67.214.74 anonymous External  RPC_IN_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 156 1933 327  401  0x44000008 0xc00 Web Proxy Filter 
06/25/2006 1:21:46 AM 192.168.1.5 443 https Allowed Connection companyname OWA 
74.67.214.74 anonymous External  RPC_OUT_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        0.0.0.0 MSRPC No Reverse Proxy SPISA  owa.companyname.biz TCP text/html 
Internet - -  - Compression: client=No, server=No, cache=No, compress rate=0% 
decompress rate=0% - - - 0 1 0 307  10054  0x4000008 0xc02 Web Proxy Filter 
06/25/2006 1:22:03 AM 192.168.1.5 443 https Failed Connection Attempt 
companyname OWA 74.67.214.74 anonymous External  RPC_OUT_DATA 
http://OWA.companyname.BIZ:443/rpc/rpcproxy.dll?owa.companyname.biz:6002 
<http://owa.companyname.biz:443/rpc/rpcproxy.dll?owa.companyname.biz:6002> 
        
        -TRogers

         
________________________________

        From: isalist-bounce@xxxxxxxxxxxxx on behalf of Jim Harrison
        Sent: Sat 6/24/2006 9:04 PM
        To: isalist@xxxxxxxxxxxxx
        Subject: RE: [isalist] RPC over HTTP (Almost there...)
        
        
        Don't
        Do 
        It
        <period>
        It's a disaster waiting to happen.
         
        What's in the ISA logs for those attempts?
        What's in the IIS logs for those attempts?
        How did you create the OWA pub rule; manually or via the Exch 
publishing weirdzard?
         
        BTW, I reviewed the case logs and spoke with the engineer you worked 
with.
        At no time was there any mention of making your Exch server a DC/GC.

________________________________

        From: isalist-bounce@xxxxxxxxxxxxx on behalf of Tom Rogers
        Sent: Sat 6/24/2006 5:29 PM
        To: isalist@xxxxxxxxxxxxx
        Subject: [isalist] RPC over HTTP (Almost there...)
        
        
        I think I am so close to having this work that I can taste 
it....anyway, my Outlook 2003 SP2 client (on Win XP Pro SP2) keeps asking for 
user credentials - I can type them in a hundred times (not that I did), but it 
keeps asking for my login credentials.
         
        My RPC Proxy is set for ONLY Basic Authentication also. Any ideas? 
Everything is setup according to all the docs you all have sent me. The only 
thing that I have not tried yet, is to make my Exch box a DC/GC. That is next 
if no solution now.
         
        And I know you all said this is a BAD idea (Exch box as DC/DC, but I 
have seen documentation from Microsoft AND Tom Shinder's documentation (his lab 
example - although he does point out it is not recommended).
         
        TIA,
         
        -TRogers
Follow-Ups:
- [isalist] Re: RPC over HTTP (Almost there...)
  - From: Stefaan Pouseele
References:
- [isalist] Re: RPC over HTTP (Almost there...)
  - From: Thomas W Shinder
[isalist] Re: RPC over HTTP (Almost there...)

Other related posts:
