I am trying to deploy RPC over HTTP for Exchange Server 2003 SP1 (FE/BE configuration). I am using the following documents:
1)
2)
3)
When running rpcdump.exe as instructed from above URL (2), Step 8: Verify the Exchange 2003 port configuration, I am getting a ACCESS_DENIED error for all ncacn_http protocols on the back-end server:
ncacn_http(Connection-oriented TCP/IP using Microsoft Internet Information Server as HTTP proxy.)
x.x.x.x[6002] [1544f5e0-613c-11d1-93df-00c04fd7bd09] MS Exchange Directory RFR Interface :ACCESS_DENIED
x.x.x.x[6002] [f930c514-1215-11d3-99a5-00a0c9b61b04] MS Exchange System Attendant Cluster Interface :ACCESS_DENIED
x.x.x.x[6002] [83d72bf0-0d89-11ce-b13f-00aa003bac6c] MS Exchange System Attendant Private Interface :ACCESS_DENIED
x.x.x.x[6002] [469d6ec0-0d87-11ce-b13f-00aa003bac6c] MS Exchange System Attendant Public Interface :ACCESS_DENIED
x.x.x.x[6004] [f5cc5a18-4264-101a-8c59-08002b2f8426] MS Exchange Directory NSPI Proxy :ACCESS_DENIED
x.x.x.x[6001] [a4f1db00-ca47-1067-b31f-00dd010662da] Exchange 2003 Server STORE EMSMDB Interface :ACCESS_DENIED
x.x.x.x[6001] [99e64010-b032-11d0-97a4-00c04fd6551d] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
x.x.x.x[6001] [99e64010-b032-11d0-97a4-00c04fd6551d] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
x.x.x.x[6001] [89742ace-a9ed-11cf-9c0c-08002be7ae86] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
x.x.x.x[6001] [a4f1db00-ca47-1067-b31e-00dd010662da] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
Does anybody know why? A netstat -a shows that ports 6001, 6002, and 6004 are LISTENING though. Since this is a FE/BE configuration, do I need to modify the ValidPorts registry subkey? If so, on the front-end (FE) server or on the back-end (BE) server? I thought the ports only need to be modified if this was a single-server (vs. FE/BE).
1)
2)
3)
When running rpcdump.exe as instructed from above URL (2), Step 8: Verify the Exchange 2003 port configuration, I am getting a ACCESS_DENIED error for all ncacn_http protocols on the back-end server:
ncacn_http(Connection-oriented TCP/IP using Microsoft Internet Information Server as HTTP proxy.)
x.x.x.x[6002] [1544f5e0-613c-11d1-93df-00c04fd7bd09] MS Exchange Directory RFR Interface :ACCESS_DENIED
x.x.x.x[6002] [f930c514-1215-11d3-99a5-00a0c9b61b04] MS Exchange System Attendant Cluster Interface :ACCESS_DENIED
x.x.x.x[6002] [83d72bf0-0d89-11ce-b13f-00aa003bac6c] MS Exchange System Attendant Private Interface :ACCESS_DENIED
x.x.x.x[6002] [469d6ec0-0d87-11ce-b13f-00aa003bac6c] MS Exchange System Attendant Public Interface :ACCESS_DENIED
x.x.x.x[6004] [f5cc5a18-4264-101a-8c59-08002b2f8426] MS Exchange Directory NSPI Proxy :ACCESS_DENIED
x.x.x.x[6001] [a4f1db00-ca47-1067-b31f-00dd010662da] Exchange 2003 Server STORE EMSMDB Interface :ACCESS_DENIED
x.x.x.x[6001] [99e64010-b032-11d0-97a4-00c04fd6551d] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
x.x.x.x[6001] [99e64010-b032-11d0-97a4-00c04fd6551d] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
x.x.x.x[6001] [89742ace-a9ed-11cf-9c0c-08002be7ae86] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
x.x.x.x[6001] [a4f1db00-ca47-1067-b31e-00dd010662da] Exchange Server STORE ADMIN Interface :ACCESS_DENIED
Does anybody know why? A netstat -a shows that ports 6001, 6002, and 6004 are LISTENING though. Since this is a FE/BE configuration, do I need to modify the ValidPorts registry subkey? If so, on the front-end (FE) server or on the back-end (BE) server? I thought the ports only need to be modified if this was a single-server (vs. FE/BE).