Internet (outlook anywhere) -> IIS ARR -> exchange 2010sp1
Hi
Is this possible. I have got the owa, active sync to work, is the rpc over http that has me stumped now....
Is it possible ?
Thanks
Alex
December 22nd, 2011 4:42am
What is with RPC over HTTP?Gulab | MCITP: Exchange 2010-2007 | Lync Server 2010 | Windows Server 2008 | Skype: Exchange.Ranger | Blog: www.ExchangeRanger.Blogspot.com
Free Windows Admin Tool Kit Click here and download it now
December 26th, 2011 4:39am
I can't connect. i have tried the web site outlook any where testing and it seems like I can't create an end point.
not sure why it has to be so hard to diagnose or to configure... i am pretty sure the RP is working, when I point my browser to https://<outside address>/Rpc/rpcproxy.dll I provide a password and I get a blank page... I can see it in the logs on RP
and Exchange box.
December 26th, 2011 5:10am
Hello,
You need to diagnose your connection to the server, Go to Outlook icon > right click and Test connection status.
After that go to the same place and Test Email Configuration.
When you receive the answers of the tests you can know why you can't connect.
Thanks.
www.windows8israel.com
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2011 1:22am
I can't connect. i have tried the web site outlook any where testing and it seems like I can't create an end point.
Hi Alex,
Did you go to https://www.testexchangeconnectivity.com/ to do the test?
Please post the test result here.
Frank Wang
TechNet Community Support
December 27th, 2011 2:05am
The results weren't helpful
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2011 5:28am
Testing RPC/HTTP connectivity.
The RPC/HTTP test failed.
Test Steps
Attempting to resolve the host name secure.somedomain.com in DNS.
The host name resolved successfully.
Additional Details
IP addresses returned: XXX.YYY.XXX.YYY
Testing TCP port 443 on host secure.somedomain.com to ensure it's listening and open.
The port was opened successfully.
Testing the SSL certificate to make sure it's valid.
The certificate passed all validation requirements.
Test Steps
ExRCA is attempting to obtain the SSL certificate from remote server secure.somedomain.com on port 443.
ExRCA successfully obtained the remote SSL certificate.
Additional Details
Remote Certificate Subject: CN=secure.somedomain.com, OU=X Pty Ltd, O=X Pty Ltd, L=S, S=W, C=ZZ, Issuer: CN=Thawte SSL CA, O="Thawte, Inc.", C=US.
Validating the certificate name.
The certificate name was validated successfully.
Additional Details
Host name secure.somedomain.com was found in the Certificate Subject Common name.
Certificate trust is being validated.
The certificate is trusted and all certificates are present in the chain.
Test Steps
ExRCA is attempting to build certificate chains for certificate CN=secure.somedomain.com, OU=X Pty Ltd, O=X Pty Ltd, L=S, S=S, C=ZZ.
One or more certificate chains were constructed successfully.
Additional Details
A total of 3 chains were built. The highest quality chain ends in root certificate CN=thawte Primary Root CA, OU="(c) 2006 thawte, Inc. - For authorized use only", OU=Certification Services Division, O="thawte, Inc.", C=US.
Analyzing the certificate chains for compatibility problems with versions of Windows.
No Windows compatibility problems were identified.
Additional Details
The certificate chain has been validated up to a trusted root. Root = E=premium-server@thawte.com, CN=Thawte Premium Server CA, OU=Certification Services Division, O=Thawte Consulting cc, L=Cape Town, S=Western Cape, C=ZA.
Testing the certificate date to confirm the certificate is valid.
Date validation passed. The certificate hasn't expired.
Additional Details
The certificate is valid. NotBefore = 12/12/2011 12:00:00 AM, NotAfter = 2/1/2012 11:59:59 PM
Checking the IIS configuration for client certificate authentication.
Client certificate authentication wasn't detected.
Additional Details
Accept/Require Client Certificates isn't configured.
Testing HTTP Authentication Methods for URL https://secure.somedomain.com/rpc/rpcproxy.dll.
The HTTP authentication methods are correct.
Additional Details
ExRCA found all expected authentication methods and no disallowed methods. Methods found: Basic
Testing SSL mutual authentication with the RPC proxy server.
Mutual authentication was verified successfully.
Additional Details
Certificate common name secure.somedomain.com matches msstd:secure.somedomain.com.
Attempting to ping RPC proxy secure.somedomain.com.
RPC Proxy was pinged successfully.
Additional Details
Completed with HTTP status 200 - OK
Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server dc1intadc8201.somedomain.com.
The attempt to ping the endpoint failed.
Tell me more about this issue and how to resolve it
Additional Details
The RPC_S_SERVER_UNAVAILABLE error (0x6ba) was thrown by the RPC Runtime process.
I think I am just about all the way there... the rpcping seems to be failing.
I have changed the domain names and the ip address for some annon
December 27th, 2011 5:33am
Hello,
You have issue with your port or and DNS name.
Please use this link to resolve you issue:
http://technet.microsoft.com/en-us/library/dd439392(EXCHG.80).aspx
http://itclouds.us/2011/12/27/the-rpc-server-unavailable-error-0x6ba/
Thanks.
www.windows8israel.com
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2011 6:23am
Attempting to ping RPC endpoint 6001 (Exchange Information Store) on server servername.somedomain.com.
The attempt to ping the endpoint failed.
Additional Details
An RPC error was thrown by the RPC Runtime process. Error 1818 1818
So failed again. I checked the registry and the port setup is there, I can telnet to it and on those port 6001,6002 and 6004. I reconfigured with the exchange shell.
I didn't do the ipv6 fix, as it seems to be related to port 6004 and I can't get past 6001 test yet
alex
December 27th, 2011 6:57pm
did some more testing with rpcping
on the exchange box I can rpcping using itself as a rpc proxy
i tried from the reverse proxy
Exception 5 (0x00000005)
Number of records is: 1
ProcessID is 2516
System Time is: 12/28/2011 4:46:1:299
Generating component is 2
Status is 0x5, 5
Detection location is 1750
Flags is 0
NumberOfParameters is 1
Long val: 0x5
fail and again from the testing site again 1818.....
Something i have done though, which i didn't mention is I haven't actually setup a farm, I am just using the rewrite rules.
why -> the farm only allows rules at the top level and I only want to rewrite a virtual directory on a virtual site...
Free Windows Admin Tool Kit Click here and download it now
December 27th, 2011 11:47pm
I did some more testing.
I configure outlook to just use rpc-http, but I pointed it at the exchange server instead of via the proxy.
it worked.
I have owa/ecp all the to the other exchange we related things working through the RP (IIS), so the config is working. I am making a ssl connection from the RP -> exchange ....
Alex
edit:
does the internal name have to be the same as the external name
so i have something like outsideexch.domain.com and insideexch.domain.com
the RP handles outsideexch (and has ssl certs for that), the inside has a cert for insideexch
This is very frustrating
December 28th, 2011 12:39am
Gave up way to hard, used TMG instead, just worked out of the box..
so if you get here via google... look at tmg (another MS product)
Free Windows Admin Tool Kit Click here and download it now
January 2nd, 2012 7:41pm