Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Shaun E on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

RPC over HTTPS front end/back end

Status
Not open for further replies.
BBGCORP

BBGCORP

Technical User
Sep 16, 2003
135
US
I'm having trouble connecting through RPC over HTTPS with the following configuration:
Frontend server - RPC over HTTPS proxy enabled
Backend server - RPC over HTTPS enabled back end server

The front end server has a valid SSL certificate, and is currently used as the OWA server. There is a Win2K3 GC that is on a third server.

I've tried all MS support articles and nothing seems to work. I did notice that the VaildPorts registry entry on the front end server doesn't have a reference to the GC, but only to the backend Exchange server. Any ideas?
 
Sort by date Sort by votes
What happens when you run RPCDIAG? Does your FE server have different internal and external FQDNs? It's ok if it does, but it's easier to slip up if it does.

There are a lot of different things that can go wrong.

They are often in the IIS config. Check the RPC virtual web directory on the FE and see where its home directory is. Should point to RPCPROXY or something like that. And check authentication settings on both front and back ends against the documentation. One helpful thing for me when troubleshooting RPC-over-HTTP is comparing the settings on a working FE/BE pair with the nonworking pair.

ShackDaddy
 
Upvote 0 Downvote
I checked the directory for RPC and everything looked good, right where it was supposed to be (C:\windows\system32\rpcproxy). Maybe I should clarify a bit, I'm trying to set this up for individuals that are outside my LAN, and are connecting via the internet. when I ran the RPCDIAG switch in outlook, I saw the connections being made to my backend Exchange server, and the internal FQDN was resolved, but it would time out trying to authenticate the user.
 
Upvote 0 Downvote
Are all DC's and GC's W2K3?

When setting up the users from outside your LAN, are you using hte netbios name (I suppose the internal FQDN would work too) of the exchange mailbox server in the "Exchange Server Settings" and the FQDN of your FE (the same one as on the cert) only in the RPC over HTTP proxy config. (I did this and it took me forever to find the mistake)

My FE also only has valid port entries for the BE server and is working fine.

Have you run the various connection tests on the FE:
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SWC6284
  • Locked
  • Question
Exchange 2011 - mail bouncing back from from one user sending scans via address book on Fuji Xerox
Replies
0
Views
250
SWC6284
SWC6284
hirussellsmith
  • Locked
  • Question
Unable to Backup data after Exchange Server Down
Replies
1
Views
795
ralphmiller
ralphmiller
GamerDad
  • Locked
  • Question
Deliver email that has oversized attachment with warning
Replies
0
Views
275
GamerDad
GamerDad
CorbinMyMan
  • Locked
  • Question
Lost public folders on production server. Still have db and backups. Best way to restore?
Replies
3
Views
387
CorbinMyMan
CorbinMyMan
m245
  • Locked
  • Question
Failing Over to the Target SCR Server
Replies
2
Views
294
m245
m245

Part and Inventory Search

Sponsor

Back
Top