• RSS
  • Twitter
  • FaceBook

Exchange Server Forums

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Discussion on Outlook MAPI client access article

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [Microsoft Exchange 2003] >> General >> Discussion on Outlook MAPI client access article Page: [1]
Login
Message << Older Topic   Newer Topic >>
Discussion on Outlook MAPI client access article - 26.Sep.2003 5:20:00 PM   
tshinder

 

Posts: 100
Joined: 9.Jul.2002
From: USA
Status: offline
This thread is for discussion on the Outlook MAPI client access article at http://www.msexchange.org/tutorials/2003exchangerpc.html

Thanks!
Tom

[ October 05, 2003, 11:47 PM: Message edited by: Thomas Shinder ]
Post #: 1
RE: Discussion on Outlook MAPI client access article - 2.Oct.2003 12:05:00 PM   
limey

 

Posts: 12
Joined: 7.Aug.2003
From: Richmond
Status: offline
Tom,

I have recently experienced ISPs blocking port 135 to prevent the SLAMMER Worm, how would you work around this?

thanks

(in reply to tshinder)
Post #: 2
RE: Discussion on Outlook MAPI client access article - 5.Oct.2003 11:46:00 PM   
tshinder

 

Posts: 100
Joined: 9.Jul.2002
From: USA
Status: offline
Hi Limey,

You need to explain to them that this is a DoS on their part. Also, ask them to explain why they do not block TCP ports 80 110 119 143 21 and others that carry expliots. Then, threaten suit against them for their DoS if they can't explain why they don't block those other ports that carry expliots.

Always works for me [Smile]

HTH,
Tom

[ October 05, 2003, 11:47 PM: Message edited by: Thomas Shinder ]

(in reply to tshinder)
Post #: 3
RE: Discussion on Outlook MAPI client access article - 6.Oct.2003 10:40:00 PM   
genenius

 

Posts: 106
Joined: 20.Jun.2002
From: Kent, WA
Status: offline
Hey Tom,

I was wondering, how many hours does it take to implement this solution to allow for remote mapi client access? I'm currently pressed for time where I've already upgraded to Exchange 2003 and I need to upgrade the rest of my domain to Windows Server 2003 AD Domain before I can look into implementing the ISA server to allow for this service. We're currently between two e-mail systems and are trying to migrate all users over to Exchange, but due to the mapi restrictions, users (executive level) are refusing to go to Exchange if they're going to have to VPN to get their mail.

- I kinda figure, it depends on the size and number of remote sites in the network huh? Well, I'm about to start testing and find out, but any suggestions would be great. Thanks.

[ October 06, 2003, 10:44 PM: Message edited by: Gene Torres ]

(in reply to tshinder)
Post #: 4
RE: Discussion on Outlook MAPI client access article - 6.Oct.2003 11:34:00 PM   
tshinder

 

Posts: 100
Joined: 9.Jul.2002
From: USA
Status: offline
Hi Gene,

It is actually very quick and easy to publish the Exchange Server using secure Exchange RPC publishing.

However, it depends on your current DNS setup and if its designed to support a split DNS. Its the split DNS infrastrucutre that creates the transparency for users who move between the corpnet and remote locations.

However, if you don't have time for a split DNS, you can quickly add an entry to the HOSTS file and everything works a treat.

Stay tuned to the front page of this site for an announcement regarding an ISA Server 2000 Exchange Server 2000/2003 Secure Remote Access Kit.

HTH,
Tom

(in reply to tshinder)
Post #: 5
RE: Discussion on Outlook MAPI client access article - 7.Oct.2003 6:48:00 PM   
genenius

 

Posts: 106
Joined: 20.Jun.2002
From: Kent, WA
Status: offline
Thanks for the info Tom, I'll keep an eye out for that.

(in reply to tshinder)
Post #: 6
RE: Discussion on Outlook MAPI client access article - 24.Jan.2004 9:41:00 PM   
fbnewtz

 

Posts: 3
Joined: 24.Jan.2004
From: Houston
Status: offline
Do I have to use ISA Server for RPC over HTTP or the Secure MAPI RPC connectivity? I have a netscreen 5GT+ for my firewall and do not want to have to purchase additional software.

If I HAVE TO USE ISA Server can I have ISA installed on the same machine as Exchange and IIS. This is the only server we have (there are only about 10 people total) and purchasing another server is out of the question.

(in reply to tshinder)
Post #: 7
RE: Discussion on Outlook MAPI client access article - 22.Jul.2004 11:15:00 PM   
lmcdole

 

Posts: 1
Joined: 22.Jul.2004
From: California
Status: offline
Tom,

"If there is a NAT router in front of the Outlook MAPI client, then an RPC NAT editor is required. Most NAT routers have a RPC NAT editor installed."

Does a DSL/Cable router fall under this category?

OR:
"If a conventional firewall is in front of the Outlook MAPI client, the firewall administrator will need to configure the conventional firewall to allow a primary connection on TCP 135, and then secondary connections inbound and outbound to and from all ephemeral ports."

Does a DSL/Cable router fall under THIS category? If so, does "allow a primary connection on TCP 135" mean that we need to have port forwarding enabled on the router to forward traffic to the Outlook client?

In short, what configuration changes, if any, must be made to the DSL/Cable Routers found on the market today to make this work? Will this solution even work with them?

Much Thanks!

Lee McDole

[ July 22, 2004, 11:20 PM: Message edited by: Lee McDole ]

(in reply to tshinder)
Post #: 8
RE: Discussion on Outlook MAPI client access article - 23.Oct.2004 6:21:00 PM   
neece

 

Posts: 1
Joined: 23.Oct.2004
From: Singapore
Status: offline
Hi Tom,

Thanks for the great article...
Just wonder.. in a scenario where the remote users (whom clients are in Workgroup) use RPC over HTTP, and they want to change their domain password...
Does the Outlook client need to establish a direct connection with the PDC-emulator DC? Or it will be going through the RPC server as well (after setting the No RFR Service registry key?

TIA [Smile]

(in reply to tshinder)
Post #: 9
RE: Discussion on Outlook MAPI client access article - 22.Dec.2006 8:01:09 AM   
daryan

 

Posts: 1
Joined: 22.Dec.2006
Status: offline
Hi Tom,

Great article, thanks for the time and effort you have put into it. Having read through it a number of times, I still have some areas that need clarification. First though a little background on our setup.

We are running a Windows 2003 domain with separate domain controller, Exchange 2003 server, and ISA 2004 server. Clients are running Outlook 2003. Setting up ISA with the RPC filter was a piece of cake though as detailed in many articles naming resolution has become the one big stumbling block. 
Internally we have DNS configured with domain.local, externally we have a separate public domain name. As this scenario is not the typical split domain as detailed in your article we decided to add a separate zone to the internal DNS to match our public domain. This works a treat for OWA, but still remote Outlook RPC clients when directed to the FQDN of the public host/domain always revert back to the internal NetBIOSname.domain.local. Is their any way to fool or configure Exchange into accepting/resolving to the public FQDN?
Last thing I want to do is rename the entire domain or have to setup hosts files for each client. Im kind of kicking myself here as our old 2000 domain was setup in a split structure though when installing and setting up our 2003 domain it recommended setting up the internal domain as domain.local.

Apologies in advance if this has already been covered.

David

(in reply to tshinder)
Post #: 10

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [Microsoft Exchange 2003] >> General >> Discussion on Outlook MAPI client access article Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts


Follow TechGenix on Twitter