RPC Over HTTPS can't work
Dear All, I tried to add additional function for our email system. Before this, I already deploy ActiveSync function which is publish thru ISA2006. Our Exchange is Exchange 2007. The ActiveSync function works using Self-sign certificate and have external domain mailsync.domain.com. So, my target is to using same domain to use for our HTTP Over HTTPS. Step that I taken : 1) Install network component RPC Proxy Component in CAS.abc.corp.net 2) Enable Outlook Anywhere and set external domain to mailsync.domain.com. Using Basic Authentication. 3) Verify certificate in IIS directory. We use DIgiCert and domain is mail.domain.com. 4) Create new Publishing Rules in ISA 2006 for RPC Over HTTPS. 5) Bind ActiveSync web listener to this Publishing Rules. So, then I tried the Outlook configuration. Here I quit confuse. 1) My proxy server should be : https://mailsync.domain.com 2) Principle name for proxy server : msstd:mailsync.domain.com It is correct? I tried but neither one is works. RPCDiag shows Outlook tried to communicate with HTTPS but it's status connecting.... not success. Then I tried RPCPing: C:\Program Files\Windows Resource Kits\Tools>rpcping -t ncacn_http -s mbserver -o RpcProxy=mailsync.domain.com -P "user,abc.corp.net,Pa$$word" -I "user,abc.corp.net,Pa$$w0rd" -H 1 -F 3 -v 3 -B msstd:mail.domain.com -e 6001 -u 10 -a connect RPCPing v2.12. Copyright (C) Microsoft Corporation, 2002 OS Version is: 5.1, Service Pack 3 Exception 5 (0x00000005) Number of records is: 1 ProcessID is 1248 System Time is: 3/24/2010 17:33:32:476 Generating component is 13 Status is 14 Detection location is 3001 Flags is 0 NumberOfParameters is 1 Long val: 12167 Telnet to mailsync.domain.com port 443 shows it's open. What step that I miss to enable this function.. ActiveSync work perfectlly.. :(carckermania
March 24th, 2010 8:37pm

Hi James Exceptions 5 (0x00000005) Access denied. Please try use rpcping -t ncacn_http -o RpcProxy=cas1.contoso.com -P "user,domain,password" -H 1 -F 3 -a connect -u 9 -v 3 -s mailbox.contoso.com -I " user,domain,password " -e 6004 We use right user credentials ? We also can see on ISA 2006 Allowed traffic on this rules ? We can see denied credentials when you see traffic logging ?
Free Windows Admin Tool Kit Click here and download it now
March 30th, 2010 9:33am

Hi, Please try to ensure the name of the msstd parameter must be same with the Issued to of the certificate. Otherwise, the Outlook Anywhere will be failed. Now please try to access https://www.testexchangeconnectivity.com/, then do the testing and post the log on the forum. Thanks Allen
March 30th, 2010 12:28pm

Hi Sergey, Thanks for your responds. This issue already solved. I tried to using : Internet to ISA - using HTTPS ISA to CAS - using HTTP But cannot work. Maybe it is wrong method. Then when we tried both using HTTPS, the Outlook Anywhere works. Can someone verify either HTTPS > HTTP can work for Outlook anywhere or not? Thanks. carckermania
Free Windows Admin Tool Kit Click here and download it now
March 30th, 2010 12:48pm

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics