Exchange Server Forums
Forums |
Register |
Login |
My Profile |
Inbox |
RSS
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Problem setting RPC over HTTP
Users viewing this topic:
none
|
Logged in as: Guest
|
Login | |
|
Problem setting RPC over HTTP - 19.Apr.2010 10:38:12 AM
|
|
|
superfred
Posts: 18
Joined: 30.Sep.2009
Status: offline
|
I am trying to configure RPC over HTTP. I have an SBS 2003 with exchange. My user are using outlook 2003 an 2007 I followed Microsoft procedure to set up RPC over HTTP. But it does not work. I think it might me because some port are blocked on the router. I tryed microsoft connectivity test : https://www.testexchangeconnectivity.com/ this what I get Testing RPC/HTTP connectivity RPC/HTTP test failed What should I check to troubleshoot that problem.
|
|
|
RE: Problem setting RPC over HTTP - 19.Apr.2010 11:46:05 AM
|
|
|
Marc.dekeyser
Posts: 225
Joined: 19.Apr.2010
Status: offline
|
Hi Superfred, You might want to start with expanding the report from Testexchangeconnectivity.com as without an error it is kind of hard to analyse things. Additionally following information would help out troubleshooting your issue: * Does it work on your LAN? * What kind of certificate are you using (self-signed or commercial?) * Are ports 6001, 6002 and 6004 open on your firewall? * What error are you getting on https://www.testexchangeconnectivity.com/ (you can expand the RPC/HTTP test failed) * What is your FQDN used for RPC-over-HTTP(I can use the RPC ping to analyze if the proxy is working properly)?
_____________________________
* No rights or priviliges can be taken from my posts. * Always make a backup! * http://kb.geminon.be
|
|
|
RE: Problem setting RPC over HTTP - 19.Apr.2010 1:40:09 PM
|
|
|
superfred
Posts: 18
Joined: 30.Sep.2009
Status: offline
|
It work on the LAN ? Yes but is it using rpc or normal tcp/ip ? I open port 6000 to 6004 on the firewall. and create a routing to my server internal ip addresse What kind of certificate are you using (self-signed or commercial?) I am using a self-signed certificate What is your FQDN used for RPC-over-HTTP(I can use the RPC ping to analyze if the proxy is working properly)? mail.advantagesport.com
|
|
|
RE: Problem setting RPC over HTTP - 19.Apr.2010 1:50:18 PM
|
|
|
superfred
Posts: 18
Joined: 30.Sep.2009
Status: offline
|
Here is the log from https://www.testexchangeconnectivity.com/ Testing RPC/HTTP connectivity RPC/HTTP test failed Test Steps Attempting to test Autodiscover for superfred@advantagesport.com Testing Autodiscover failed Test Steps Attempting each method of contacting the AutoDiscover Service Failed to contact the AutoDiscover service successfully by any method Test Steps Attempting to test potential AutoDiscover URL https://advantagesport.com/AutoDiscover/AutoDiscover.xml Failed testing this potential AutoDiscover URL Test Steps Attempting to resolve the host name advantagesport.com in DNS. Host successfully resolved Additional Details IP(s) returned: 209.172.63.238 Testing TCP Port 443 on host advantagesport.com to ensure it is listening and open. The port was opened successfully. Testing SSL Certificate for validity. The SSL Certificate failed one or more certificate validation checks. Test Steps Validating certificate name Certificate name validation failed Tell me more about this issue and how to resolve it Additional Details Host name advantagesport.com does not match any name found on the server certificate CN=ns15.domaineplus.net, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)09, OU=GT83216155, O=ns15.domaineplus.net, C=CA Attempting to test potential AutoDiscover URL https://autodiscover.advantagesport.com/AutoDiscover/AutoDiscover.xml Failed testing this potential AutoDiscover URL Test Steps Attempting to resolve the host name autodiscover.advantagesport.com in DNS. The Host could not be resolved. Tell me more about this issue and how to resolve it Additional Details Host autodiscover.advantagesport.com could not be resolved in DNS Exception Details: Message: No such host is known Type: System.Net.Sockets.SocketException Stack Trace: at System.Net.Dns.GetAddrInfo(String name) at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6) at System.Net.Dns.GetHostAddresses(String hostNameOrAddress) at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally() Attempting to contact the AutoDiscover service using the HTTP redirect method. Failed to contact AutoDiscover using the HTTP Redirect method Test Steps Attempting to resolve the host name autodiscover.advantagesport.com in DNS. The Host could not be resolved. Tell me more about this issue and how to resolve it Additional Details Host autodiscover.advantagesport.com could not be resolved in DNS Exception Details: Message: No such host is known Type: System.Net.Sockets.SocketException Stack Trace: at System.Net.Dns.GetAddrInfo(String name) at System.Net.Dns.InternalGetHostByName(String hostName, Boolean includeIPv6) at System.Net.Dns.GetHostAddresses(String hostNameOrAddress) at Microsoft.Exchange.Tools.ExRca.Tests.ResolveHostTest.PerformTestReally() Attempting to contact the AutoDiscover service using the DNS SRV redirect method. Failed to contact AutoDiscover using the DNS SRV redirect method. Test Steps Attempting to locate SRV record _autodiscover._tcp.advantagesport.com in DNS. Failed to find AutoDiscover SRV record in DNS. Tell me more about this issue and how to resolve it
|
|
|
RE: Problem setting RPC over HTTP - 19.Apr.2010 3:10:21 PM
|
|
|
superfred
Posts: 18
Joined: 30.Sep.2009
Status: offline
|
What is your FQDN used for RPC-over-HTTP(I can use the RPC ping to analyze if the proxy is working properly)? It could also be exchange.advantagesport.com How can I change it to mail.advantagesport.com. The button server certificate is grayed.
|
|
|
RE: Problem setting RPC over HTTP - 20.Apr.2010 2:57:54 AM
|
|
|
Marc.dekeyser
Posts: 225
Joined: 19.Apr.2010
Status: offline
|
Superfred, You're running on a certificate that is not properly configured for RPC-over-HTTP. Any cert for this use must be a SAN cert (contain multiple Subject Alternative Names) and contain the external FQDN, Internal FQDN, netbios of the server and the autodiscover record. f.e. mail.advantagesport.com, EXCH01.advantagesport.local, EXCH01, autodiscover.advantagesport.com Notice that when generating the request you need to have the external FQDN first. your certificate is invalid for your domain: Host name advantagesport.com does not match any name found on the server certificate CN=ns15.domaineplus.net, OU=Domain Control Validated - RapidSSL(R), OU=See www.rapidssl.com/resources/cps (c)09, OU=GT83216155, O=ns15.domaineplus.net, C=CA Possible solutions: * Buy a new certificate * set up a selfsigned certificate * Break all the rules buy disabling loopbackchecking (and hope it works...) If you want to change your external domainname or FQDN you need to change that in the External DNS
_____________________________
* No rights or priviliges can be taken from my posts. * Always make a backup! * http://kb.geminon.be
|
|
|
RE: Problem setting RPC over HTTP - 22.Apr.2010 9:55:54 AM
|
|
|
superfred
Posts: 18
Joined: 30.Sep.2009
Status: offline
|
Thank you for you answer. But now it realy help to know what to look for. Now that I know I have a problem with mu certificate the question is. How do I set-up a certificate that work ? And first how do I remove the certificate I have now ? The server certificate buton in RPC is grayed Please explain : If you want to change your external domainname or FQDN you need to change that in the External DNS How to do that ?
< Message edited by superfred -- 22.Apr.2010 9:57:34 AM >
|
|
|
RE: Problem setting RPC over HTTP - 22.Apr.2010 10:28:17 AM
|
|
|
Marc.dekeyser
Posts: 225
Joined: 19.Apr.2010
Status: offline
|
On creating a self-signed certificate: http://www.msexchange.org/tutorials/SSL_Enabling_OWA_2003.html Take note that if you use a self-signed cert for RPC you need to install the root CA cert on non-domainjoined computers On changing the external DNS records: contact your ISP or DNS hoster
_____________________________
* No rights or priviliges can be taken from my posts. * Always make a backup! * http://kb.geminon.be
|
|
|
RE: Problem setting RPC over HTTP - 22.Apr.2010 10:42:21 AM
|
|
|
superfred
Posts: 18
Joined: 30.Sep.2009
Status: offline
|
Are you telling me I need to install the certificate on an other computer than my SBS. Do i need to open some port on that other server ? Thank you I am looking at the procedure.
|
|
|
RE: Problem setting RPC over HTTP - 22.Apr.2010 11:04:55 AM
|
|
|
Marc.dekeyser
Posts: 225
Joined: 19.Apr.2010
Status: offline
|
No the certificate needs to be installed on the SBS server but if you have a computer you want to use RPC-over-HTTP on you need to install the root cA cert (from your SBS) on that computer aswell or you will not be able to connect.
_____________________________
* No rights or priviliges can be taken from my posts. * Always make a backup! * http://kb.geminon.be
|
|
|
RE: Problem setting RPC over HTTP - 22.Apr.2010 11:35:53 AM
|
|
|
superfred
Posts: 18
Joined: 30.Sep.2009
Status: offline
|
ok bad start, the certification service is already installed and running. Question 1 Do I need to uninstall it to get to the first configuration screen. It look loike there is already some certificate in use. If I uninstall and reinstall the service will the certificate still be there ? Question 2 How do you set certificat to install on the user computer ?
|
|
|
RE: Problem setting RPC over HTTP - 22.Apr.2010 11:41:11 AM
|
|
|
Marc.dekeyser
Posts: 225
Joined: 19.Apr.2010
Status: offline
|
Superfred, With all due respect, are you performing this on a live environment? If so I suggest you set up a VM environment and try to play around with that before administrating an operational server. Alternatively, if you are not a full time admin you can hire an agency or contact MS PSS to help you out. Giving a step by step follow trough is a bit hard over a forum :)
_____________________________
* No rights or priviliges can be taken from my posts. * Always make a backup! * http://kb.geminon.be
|
|
|
New Messages |
No New Messages |
Hot Topic w/ New Messages |
Hot Topic w/o New Messages |
Locked w/ New Messages |
Locked w/o New Messages |
|
Post New Thread
Reply to Message
Post New Poll
Submit Vote
Delete My Own Post
Delete My Own Thread
Rate Posts |
|