RE: RPC over HTTP authentication woes

  • From: "Jim Harrison" <Jim@xxxxxxxxxxxx>
  • To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
  • Date: Thu, 17 Nov 2005 12:55:55 -0800

That code is a WinError:
"The specified network name is no longer available" 

This means the connection between the ISA and the Exch has been broken.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx] 
Sent: Thursday, November 17, 2005 12:51
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

The ISA log has 64 for HTTP status code and 0xa03 for error information.
there's just a "-" in the filter information field.

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, November 17, 2005 3:33 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

What's the code for the "failed" connection?
What's in the "Filter data" field for the failed connection?

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx]
Sent: Thursday, November 17, 2005 12:27
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

I'm seeing 200's in the W3SVC1 logs on the Exchange front end server. 

On the ISA server logs I see two "initated connection" HTTPS entries from ISA 
to FE.

These are immediately followed by the "allowed connection" (RPC_OUT_DATA) and 
"failed connection" (RPC_IN_DATA) attempt log entries from my "RPC over HTTP" 
rule.

Finally, two "Closed connection" entries for the HTTPS connections.

Then the whole thing repeats as it tries to connect again.

I'm thinking something is still screwed up with my ISA configuration; RPC over 
HTTP is working internally.

Jeff

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, November 17, 2005 11:44 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

..maybe - it depends on the error code. 
If you're seeing "200", then it's coming from the Exch server.

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx]
Sent: Thursday, November 17, 2005 07:50
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

same rule; is the data in the error code information column on the ISA logs the 
value it is getting back from rpcproxy.dll? 



-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Wednesday, November 16, 2005 6:15 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

Unless you see different rules quoted for each, now you're troubleshooting 
Exchange... 
..

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx]
Sent: Wednesday, November 16, 2005 15:12
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

Thanks Jim, I knew 200 was a good thing, so hoped I was making some progress.

I'm running outlook with the rpcdiag switch on the client.  Upon launching, 
Outlook prompts me for credentials and I and see status of "connecting" for the 
exchange proxy and the directory in the server connection status dialog.
These disappear after a little while and I get the "your exchange server is 
unavailable" dialog.

On the proxy server logs, I'm seeing "Failed Connection Attempt" on the 
RPC_IN_DATA queries and "Allowed Connection" on the RPC_OUT_DATA URL.  

Jeff


-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Wednesday, November 16, 2005 5:39 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

Er..

Result codes of "200" are success codes. 
What exactly is the client experience?
Whjat do you find in the ISA logs for those recent tests?

-------------------------------------------------------
   Jim Harrison
   MCP(NT4, W2K), A+, Network+, PCG
   http://isaserver.org/Jim_Harrison/
   http://isatools.org
   Read the help / books / articles!
-------------------------------------------------------
 

-----Original Message-----
From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx]
Sent: Wednesday, November 16, 2005 14:32
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes

http://www.ISAserver.org

Tom,
 
I had it set for all users.  I tried switching it to only authenticated & 
forward basic authentication and did get 200 result codes in the front end 
server WWW logs, but it is still failing.

Thanks,
Jeff
 
________________________________

From: Thomas W Shinder [mailto:tshinder@xxxxxxxxxxx]
Sent: Wednesday, November 16, 2005 4:50 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: RPC over HTTP authentication woes


http://www.ISAserver.org

Hi Jeff,
 
Are you forcing authentication at the ISA firewall, or does the Web Publishing 
Rule allow access to "all users"?
 
Thomas W Shinder, M.D.
Site: www.isaserver.org <http://www.isaserver.org/>
Blog: http://spaces.msn.com/members/drisa/
Book: http://tinyurl.com/3xqb7 <http://tinyurl.com/3xqb7> MVP -- ISA Firewalls 
**Who is John Galt?**

 


________________________________

        From: Bunting, Jeff [mailto:BUNTING@xxxxxxxxxxxx] 
        Sent: Wednesday, November 16, 2005 3:42 PM
        To: [ISAserver.org Discussion List]
        Subject: [isalist] RPC over HTTP authentication woes
        
        
        http://www.ISAserver.org
        

        I have ISA 2004 sitting on the outside, with rules to allow RPC over 
HTTP access to the Exchange FE server.  I think this is all configured OK.
RPC over HTTP is working OK internally.  I also have OWA working using a 
different listener (FBA).

        Whenever I try to make an external RPC connection it is failing.
I'm seeing my username shown in the ISA logs, but in the WWW logs for the 
exchange proxy server  I am seeing entries with status 401.2 and win32 error 
2148074254, so I think something is wrong with the user authentication.
from the logs (with time/date and ip info removed):

        RPC_IN_DATA /rpc/rpcproxy.dll frontend.andassoc.com:6002 443 - 
xxx.xxx.xxx.xxx MSRPC 401 2 2148074254 
        RPC_OUT_DATA /rpc/rpcproxy.dll frontend.andassoc.com:6002 443 - 
xxx.xxx.xxx.xxx MSRPC 401 2 2148074254 

        I have the RPC listener set to use basic authentication as well as the 
exchange IIS rpc virtual directory.  The RPC listener also has a certificate 
bearing the FQDN of the exchange front end server.

        Any help appreciated. This might not be an ISA issue since I seem to be 
reaching the internal Exchange proxy. 

        Jeff 


        ------------------------------------------------------
        List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
        ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
        ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
        ------------------------------------------------------
        Visit TechGenix.com for more information about our other sites:
        http://www.techgenix.com
        ------------------------------------------------------
        You are currently subscribed to this ISAserver.org Discussion List
as: tshinder@xxxxxxxxxxxxxxxxxx
        To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
        Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bunting@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bunting@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bunting@xxxxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bunting@xxxxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
bunting@xxxxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx To unsubscribe visit 
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.

Other related posts:

  1. Home
  2. isalist
  3. Archive
  4. 11-2005