Kurt, I have followed the amset dozens of times and petri at least that many. Works perfectly each time unless I fat finger something.
I assume on the DC you selected in the name you have the RPC Proxy installed. You have confirmed the perms on the IIS for it. Have you confirmed the ssl cert is enabled for the rpc in iis under the site you have the ssl cert installed on. If the RPC server you specify in Outlook is not matching the certificate name you installed then it will not connect over RPC. IF you ping the external name of the cert does it resolve internally to your Exch server. If not fix that with DNS then try it. Are there any event logs in the DC or the Exchange server when you attempt to connect? BY chance do you have Sharepoint Services or Server running on the Exchange server or the DC? If so have you excluded the rpc virtual directory path from SP. If not SP takes over and ruins your life.. A common issue with the error from RPCping, " Client is not authorized to ping RPC proxy" Greg -----Original Message----- From: Kurt Buff [mailto:[EMAIL PROTECTED] Sent: Thursday, January 24, 2008 10:54 PM To: MS-Exchange Admin Issues Subject: Setting up RPC-HTTPS All, The usual story, I suppose. Exchange 2003 SP2 on Win2k3 R2 SP2, in a Win2k3 R2 SP2 domain. Can't configure my OL2k3 client to connect via RPC-HTTPS - I've only tried over the LAN so far, but from a different subnet than the Exchange server. I've got a GeoTrust cert for the web site, and OWA works just fine, inside and outside of our company network. (I've got two domain controllers, but am only setting up one for now, until I achieve success with the first. If anyone can point to further diagnostics I should perform after reading the material below, I'd appreciate it. I'm following these links: http://amset.info/exchange/rpc-http.asp http://www.petri.co.il/configure_rpc_over_https_on_a_single_server.htm and I believe I've followed all of the steps, and rebooted both my Exchange server and my domain controllers. I've added the following to both of my domain controllers: Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters] "NSPI Interface protocol sequences"=hex(7):6e,00,63,00,61,00,63,00,6e,00,5f,00,68,00,74,00,74,00, 70,00,3a,00,36,00,30,00,30,00,34,00,00,00,00,00 I've added this to my Exchange server (wrapped for readability!): Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\RpcProxy] "ValidPorts"=" exchange:593; exchange.mycompany.com:593; exchange:100-5000; exchange.mycompany.com:100-5000; dc:6001-6002; dc.mycompany.com:6001-6002; dc:6004; dc.mycompany.com:6004; dc:593; dc.mycompany.com:593; dc:6001-6002; dc.mycompany.com:6001-6002; dc:6004; dc.mycompany.com:6004;" When I start OL2k3 with the /rpcdiag switch, I get nothing even close to what I expect. The login prompt comes up, and the output in the dialog box looks like the following - I'm not going to try to attach a screenshot, so this is the manual ASCII version: Activity Server name Type Interface Conn Status Reg/Fail Avg Resp --- Directory --- Connecting exchange Referral --- Connecting --- Directory --- Connecting exchange Referral --- Connecting It never gets any further. I have used rpcping to test from an XP SP2 machine on another subnet - trying to connect with OL2k3 on that box was successful for all of the listed tests in http://support.microsoft.com/default.aspx?kbid=831051, except for the following: C:\Utils>rpcping -t ncacn_http -s exchange -o RpcProxy=exchange -P "kbuff,mycompany,*" -I "kbuff,mycompany,*" -H 2 -u 10 -a connect -F 3 -v 3 -E -R none RPCPing v2.12. Copyright (C) Microsoft Corporation, 2002 OS Version is: 5.1, Service Pack 2 Enter password for server: Enter password for RPC/HTTP proxy: RPCPinging proxy server exchange with Echo Request Packet Sending ping to server Response from server received: 401 Client is not authorized to ping RPC proxy Ping failed. I've changed the RPC-HTTPS tab back and forth under ESM/Administrative Groups/Site/Servers/server/Properties, from "Not part..." to "... back-end server" and rebooted, with no joy. Thoughts? Kurt ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~ ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja ~
