RPC Over HTTP Install Windows Server 2003 Configure your Exchange 2003 front-end server as an RPC Proxy server

Similar documents
Outlook 2010 Exchange Setup Guide

Configuring Outlook from an Off-Campus Location to Use Enterprise Exchange

Using the Terminal Services Gateway Lesson 10

App Orchestration 2.6

HOL122 Lab 1: Configuring Microsoft Windows Server 2003 RPC Proxy

Help Document Series: Connecting to your Exchange mailbox via Outlook from off-campus

WatchGuard XCS and Outlook Web Access 2013

Implementing Messaging Security for Exchange Server Clients

Version 1.0 Last updated: August 11, 2017 Author: Albert Wang & Mike Hull

Configuring Firewalls for SiteProtector Traffic

Hosted Microsoft Exchange Client Setup & Guide Book

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER

TestsDumps. Latest Test Dumps for IT Exam Certification

20411D D Enayat Meer

VMware Horizon View Deployment

A 2012 RD Gateway server uses port 443 (HTTPS), which provides a secure connection using a Secure Sockets Layer (SSL) tunnel.

In this article I will show you how to enable Outlook Web Access with forms based authentication in Exchange Server 2007 Beta 2.

Microsoft Installing, Configuring, and Administering Microsoft Exchange 2003 Server Implementing &Managing MS Exchange Server 2003

Configuring Network Composer and workstations for Full SSL Filtering and Inspection

Business Insights Dashboard

ROYAL INSTITUTE OF INFORMATION & MANAGEMENT

Copyright 2017 Softerra, Ltd. All rights reserved

Identity Firewall. About the Identity Firewall

Installing and Configuring vcenter Multi-Hypervisor Manager

Configuring Client Computers for Cisco Unified Communications for RTX

Step-by-Step Configuration

infoxpert Support Article

Microsoft Exchange Proxy Settings Outlook 2010 Gpo

Installing and Configuring vcloud Connector

VMware Enterprise Systems Connector Installation and Configuration. JULY 2018 VMware Identity Manager 3.2 VMware Identity Manager VMware AirWatch 9.

Avaya Modular Messaging Microsoft Outlook Client Release 5.0

Live Data Connection to SAP Universes

How to Set Up External CA VPN Certificates

Step-by-Step Configuration

NetExtender for SSL-VPN

OUTLOOK ANYWHERE CONNECTION GUIDE FOR USERS OF OUTLOOK 2007

This PDF Document was generated for free by the Aloaha PDF Suite If you want to learn how to make your own PDF Documents visit:

Authlogics Forefront TMG and UAG Agent Integration Guide

Workspace ONE UEM Certificate Authentication for EAS with ADCS. VMware Workspace ONE UEM 1902

Using LifeSize Systems with Microsoft Office Communications Server 2007

DEPLOYMENT GUIDE DEPLOYING F5 WITH ORACLE ACCESS MANAGER

How to configure the UTM Web Application Firewall for Microsoft Remote Desktop Gateway connectivity

Installing Active Directory on a Windows 2012 Server

Step-by-Step Configuration

How to Configure SSL Interception in the Firewall

Cisco TelePresence Management Suite Extension for Microsoft Exchange

Deploying F5 with Microsoft Remote Desktop Services

LifeSize Control Installation Guide

Exclaimer Mail Archiver

Owner of the content within this article is Written by Marc Grote

Ekran System High Availability Deployment Guide

DOVICO Timesheet v10 UPGRADE GUIDE

Configuring and Managing WAAS Legacy Print Services

Quick Start Guide - Exchange Database idataagent

Taskbar for Windows. Contents. Overview. Prerequisites. Versions. PositiveID Support. Installer

Implementing Microsoft Internet Security and Acceleration Server 2004

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

DOVICO Timesheet v9 UPGRADE GUIDE

FieldView. Management Suite

Microsoft Dynamics GP Web Client Installation and Administration Guide For Service Pack 1

VMware Enterprise Systems Connector Installation and Configuration

Cisco VPN Software Client Installation Guide for RTP2 Beta-Test

Administration GUIDE. OnePass Agent for Exchange Mailbox. Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 177

Module 9. Configuring IPsec. Contents:

Troubleshooting Policy Client

ISA 2006 and OWA 2003 Implementation Guide

Configure the IM and Presence Service to Integrate with the Microsoft Exchange Server

client configuration guide. Business

User Guide - Exchange Database idataagent

Installation on Windows Server 2008

Version Installation Guide. 1 Bocada Installation Guide

You receive a "The User Profile Service failed the logon error message

Using the Orchestration Console in System Center 2012 R2 Orchestrator

EXAMGOOD QUESTION & ANSWER. Accurate study guides High passing rate! Exam Good provides update free of charge in one year!

MailEnable Connector for Microsoft Outlook

Microsoft Exchange Server 2013 and 2016 Deployment

Deploying a System Center 2012 R2 Configuration Manager Hierarchy

How to Configure SMTP. To clearly document how to configure SMTP to send s from Eclipse.net

This document describes the configuration of Secure Sockets Layer (SSL) decryption on the FirePOWER Module using ASDM (On-Box Management).

Cannot open attachments in Microsoft Outlook

VMware AirWatch Cloud Connector Guide ACC Installation and Integration

CYAN SECURE WEB Installing on Windows

User Guide - Exchange Mailbox Archiver Agent

WAVELINK AVALANCHE REMOTE CONTROL 3.0 QUICK START GUIDE

VMware Notification Service v2.0 Installation and Configuration Guide Configure ENS2 for cloud and on-premises deployments

Optimizing Outlook Anywhere with Juniper WXC

Microsoft Microsoft TS: MS Internet Security & Acceleration Server 2006, Configuring. Practice Test. Version:

Kernel Migrator. for SharePoint. Configuration Guide

Deploying Citrix MetaFrame with the FirePass Controller

WhatsUp Gold 2016 Installation and Configuration Guide

BROWSER-BASED SUPPORT CONSOLE USER S GUIDE. 31 January 2017

App Orchestration 2.0

NETOP HOST ON A TERMINAL SERVER

WORKSTATION CHANGES FOR EXISTING FRAME RELAY SITES MOVING TO GALILEO MANAGED VPN

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

Administration GUIDE. OnePass Agent for NetApp. Published On: 11/19/2013 V10 Service Pack 4A Page 1 of 132

VMware Enterprise Systems Connector Installation and Configuration. Modified 29 SEP 2017 VMware AirWatch VMware Identity Manager 2.9.

DIGIPASS Authentication for Microsoft ISA 2006 Single Sign-On for Sharepoint 2007

Deltek Touch Expense for Ajera. Touch 1.0 Technical Installation Guide

Configuring Claims-based Authentication for Microsoft Dynamics CRM Server. Last updated: May 2015

Transcription:

RPC Over HTTP Exchange 2003 and Outlook 2003, combined with Windows Server 2003, supports the use of RPC over HTTP to access Exchange. Using the Microsoft Windows RPC over HTTP feature eliminates the need for remote office users to use a virtual private network (VPN) to connect to their Exchange servers. Users running Outlook 2003 can connect directly to an Exchange server within a corporate environment over the Internet. The Windows RPC over HTTP feature provides an RPC client (such as Outlook 2003) with the ability to establish connections across the Internet by tunneling the RPC traffic over HTTP. Because RPC is not designed for use on the Internet and does not work well with perimeter firewalls, RPC over HTTP makes it possible to use RPC clients in conjunction with perimeter firewalls. If the RPC client can make an HTTP connection to a remote computer running Internet Information Services (IIS), the client can connect to any available server on the remote network and execute remote procedure calls. Moreover, the RPC client and server programs can connect across the Internet even if both are behind firewalls on different networks. To enable RPC over HTTP for your organization, perform the following steps: Install Windows Server 2003 To use RPC over HTTP, you must install Windows Server 2003 on the computers running Exchange 2003, on the domain controllers, and on the global catalog servers in the Windows domain that has the Exchange servers your remote users will access. For information about how to install Windows Server 2003, see the Windows Server 2003 documentation. Configure your Exchange 2003 front-end server as an RPC Proxy server Your Exchange front-end server will become your RPC Proxy server. This RPC Proxy server specifies the ports that RPC clients use to communicate with the domain controllers, global catalog servers and all Exchange servers. For information about how to configure your Exchange 2003 front-end server as an RPC Proxy server, see Step 1: Configuring Your Exchange Front-End Server to use RPC Over HTTP later in this chapter. Configure your internal network to use RPC over HTTP You must configure your Exchange 2003 servers, as well as the corresponding domain controllers and global catalog servers, to allow users to connect using RPC over HTTP. Additionally, you must configure your perimeter network to allow RPC over HTTP communication. For information about how to configure your internal network to use RPC over HTTP, see Deploying RPC over HTTP later in this chapter.

RPC Over HTTP Deployment Options When you deploy RPC over HTTP in your corporate environment, there are two main deployment options based on where you locate your RPC proxy server: Option 1 (recommended) Deploy an advanced firewall server such as Internet Security and Acceleration [ISA] Server in the perimeter network and position your RPC Proxy server within the corporate network. Note When you use ISA Server as your advanced firewall server, you have several deployment options. For information about how to install ISA Server as an advanced firewall server, see the Exchange online book, Using Microsoft Exchange 2000 Front-End Servers (http://go.microsoft.com/fwlink/?linkid=14575&clcid=0x409). Option 2 Position the Exchange 2003 front-end server acting as an RPC Proxy server in the perimeter network. Each of these options is detailed in the following sections. Option 1: Using ISA Server in the Perimeter Network and Positioning the RPC Proxy Server in the Corporate Network This is the recommended option. By using ISA Server in the perimeter network to route RPC over HTTP requests and positioning the Exchange front-end server in the corporate network, you only need to open port 80 or port 443 on the internal firewall for Outlook 2003 clients to communicate with Exchange. Figure 2.2 illustrates this deployment scenario. Figure 2.2 Deploying RPC over HTTP using ISA Server as a reverse proxy server in the perimeter network When located in the perimeter network, the ISA server is responsible for routing RPC over HTTP requests to the Exchange front-end server acting as an RPC Proxy server. In this scenario, the RPC Proxy server uses specified ports to communicate with other servers that use RPC over HTTP.

Option 2: Positioning the RPC Proxy Server in the Perimeter Network Although not recommended, you can position the Exchange Server 2003 front-end server acting as the RPC Proxy server inside the perimeter network. In this scenario, you specify a limited number of ports that the RPC Proxy server needs. Figure 2.3 illustrates this deployment scenario. Note that in the following example, your Exchange front-end server will still need all of the standard ports to communicate with the internal corporate network in addition to the ports for RPC over HTTP. Figure 2.3 Deploying RPC over HTTP on the Exchange front-end server in the perimeter network For information about how to configure RPC over HTTP deployment options 1 and 2, see Deploying RPC Over HTTP later in this chapter. Again, in this scenario, the RPC Proxy server uses specified ports to communicate with other servers that use RPC over HTTP. RPC Over HTTP System Requirements To use RPC over HTTP, you must run Windows Server 2003 on the following computers: All Exchange 2003 servers that will be accessed with RPC over HTTP. The Exchange 2003 front-end server acting as the RPC Proxy server. All domain controllers that communicate with the Outlook 2003 clients and the Exchange 2003 servers configured to use RPC over HTTP. The global catalog server used by Outlook 2003 clients and the Exchange 2003 servers configured to use RPC over HTTP. Exchange 2003 must be installed on all Exchange servers that are used by the RPC Proxy server. Additionally, all client computers running Outlook 2003 must also be running Microsoft Windows XP Service Pack 1 (SP1) or later with the following hot fix: 331320, "Windows XP Patch: RPC Updates Needed for Exchange Server 2003 Beta" (http://go.microsoft.com/fwlink/?linkid=16687).

Deploying RPC Over HTTP This section provides detailed steps about how to deploy RPC over HTTP in your Exchange 2003 organization. Complete the steps in the following order: 1. Configure your Exchange front-end server as an RPC Proxy server. 2. Configure the RPC virtual directory in Internet Information Services (IIS) on the Exchange front-end server. 3. Configure the registry on the Exchange 2003 computer that communicates with the RPC proxy server to use ports specified by Exchange 2003 for RPC over HTTP communication. 4. Open the specified ports on the internal firewall for RPC over HTTP, as well as the standard ports for Exchange front-end communication. 5. Create a profile for your users to use with RPC over HTTP. Each of these steps is detailed in the following sections. After you have completed these steps, your users can begin using RPC over HTTP to access the Exchange front-end server. Step 1: Configuring Your Exchange Front-End Server to Use RPC Over HTTP The RPC Proxy server processes the Outlook 2003 RPC requests that come in over the Internet. In order for the RPC Proxy server to successfully process the RPC over HTTP requests, you must install the Windows Server 2003 RPC over HTTP Proxy networking component on your Exchange front-end server. To configure your Exchange front-end server to use RPC over HTTP 1. On the Exchange front-end server running Windows Server 2003, click Start, click Control Panel, and then click Add or Remove Programs. 2. In Add or Remove Programs, click Add/Remove Windows Components in the left pane. 3. In the Windows Components Wizard, on the Windows Components page, highlight Networking Services, and then click Details. 4. In Networking Services, select the RPC over HTTP Proxy check box, and then click OK. 5. On the Windows Components page, click Next to install the RPC over HTTP Proxy Windows component.

Step 2: Configuring the RPC Virtual Directory in Internet Information Services Now that you have configured your Exchange front-end server to use RPC over HTTP, you must configure the RPC virtual directory in IIS. To configure the RPC virtual directory 1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager. 2. In Internet Information Services (IIS) Manager, in the console tree, expand the server you want, expand Web Sites, expand Default Web Site, right-click the RPC virtual directory, and then click Properties. 3. In RPC Properties, on the Directory Security tab, in the Authentication and access control pane, click Edit. Note RPC over HTTP does not allow anonymous access. 4. Under Authenticated access, select the checkbox next to Basic authentication (password is sent in clear text), and then click OK. 5. To save your settings, click Apply, and then click OK. Your RPC virtual directory is now set to use Basic authentication. Step 3: Configuring the RPC Proxy Server to Use Specified Ports If your RPC Proxy server is positioned inside the perimeter network, you can configure the RPC Proxy server to use a specific number of ports to communicate with the servers in the corporate network. In this scenario, the RPC proxy server will be configured to use specified ports and the individual computers that the RPC Proxy server communicates with will also be configured to use specified ports when receiving requests from the RPC Proxy server. When you run Exchange 2003 Setup, Exchange is automatically configured to use the ports listed in Table 2.1. Step 3 involves the following two procedures: 1. Configure the RPC Proxy server to use specified ports for RPC over HTTP requests to communicate with servers inside the corporate network. 2. Configure the domain controllers and global catalog servers to use specified ports for RPC over HTTP requests to communicate with the RPC Proxy server inside the perimeter network. Warning Incorrectly editing the registry can cause serious problems that may require you to reinstall your operating system. Problems resulting from editing the registry incorrectly may not be able to be resolved. Before editing the registry, back up any valuable data. To configure the RPC Proxy server to use a specified number of ports for RPC over HTTP

The following ports are the required ports for RPC over HTTP. Table 2.1 Required ports for RPC over HTTP Server Exchange back-end servers Ports (Services) 593 (end point mapper) 6001 (Store) 6002 (DS referral) 6004 (DS proxy) Domain controllers 593 and 6004 Global catalog server 593 and 6004 1. On the RPC Proxy server, start Registry Editor: Click Start, click Run, and then type regedit. 2. In the console tree, navigate to the following registry key: HKEY_LOCAL_MACHINE\Software\Microsoft\Rpc\RpcProxy 3. In the details pane, right-click the ValidPorts subkey, and then click Modify (Figure 2.4). Figure 2.4 The RPCProxy registry settings

4. In Edit String, in the Value data box, type the following information: ExchangeServer:593;ExchangeServerFQDN:593;ExchangeServer:6001-6002;ExchangeServerFQDN:6001-6002;ExchangeServer:6004;ExchangeServerFQDN:6004;DomainController:593;Do maincontrollerfqdn:593;domaincontroller:6004;domaincontrollerfqdn:6004;g lobalcatalogserver:593;globalcatalogserverfqdn:593;globalcatalogserver:6 004;GlobalCatalogServerFQDN:6004 ExchangeServer, DomainController, and GlobalCatalogServer are the NetBIOS names of your Exchange server, domain controller, and global catalog server. ExchangeFQDN, DomainControllerFQDN, and GlobalCatalogServer are the fully qualified domain names (FQDNs) of your Exchange server, domain controller, and global catalog server. In the registry key, continue to list all servers in the corporate network with which the RPC Proxy server will need to communicate. Important To communicate with the RPC Proxy server, all servers accessed by the Outlook client must have set ports. If a server, such as an Exchange public folder server, has not been configured to use the specified ports for RPC over HTTP communication, the client will not be able to access the server. To configure the domain controllers and global catalog servers to use a specified number of ports for RPC over HTTP 1. On the domain controller and global catalog server, start Registry Editor: Click Start, click Run, and then type regedit. 2. Navigate to the following registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Paramet ers 3. From the Edit menu, point to New, and then click Multi-String value. 4. In the details pane, create a multi-string value with the name NSPI interface protocol sequences. 5. Right-click the NSPI interface protocol sequences multi-string value, and then click Modify. 6. In Edit String, in the Value data box, type ncacn_http:6004 7. Restart both the domain controller and global catalog server.

Step 4: Create an Outlook Profile to Use With RPC Over HTTP In order for your users to use RPC over HTTP from their client computer, they must create an Outlook profile that uses the necessary RPC over HTTP settings. These settings enable Secure Sockets Layer (SSL) communication with Basic authentication, which is necessary when using RPC over HTTP. Although optional, it is highly recommended that you use the Use Cached Exchange Mode option for all profiles that will connect to Exchange using RPC over HTTP. To create an Outlook profile to use with RPC over HTTP 1. Click Start and then click Control Panel. 2. In Control Panel, perform one of the following tasks: If you are using Category View, in the left pane, under See Also, click Other Control Panel Options, and then click Mail. If you are using Classic View, double-click Mail. 3. In Mail Setup, under Profiles, click Show Profiles. 4. In Mail, click Add. 5. In New Profile, in the Profile Name box, type a name for this profile, and then click OK. 6. In the E-mail Accounts wizard, click Add a new e-mail account, and then click Next. 7. On the Server Type page, click Microsoft Exchange Server, and then click Next. 8. On the Exchange Server Settings page, perform the following steps: 9. In the Microsoft Exchange Server box, type the name of your back-end Exchange server where your mailbox resides. 10. Check the checkbox next to Use Cached Exchange Mode. 11. In the User Name box, type the user name. 12. Click More Settings. 13. On the Connection tab, in the Exchange over the Internet pane, select the Connect to my Exchange mailbox using HTTP check box. 14. Click Exchange Proxy Settings. 15. On the Exchange Proxy Settings page, under Connections Settings, perform the following steps: a. Enter the fully qualified domain name (FQDN) of the RPC Proxy server in the Use this URL to connect to my proxy server for Exchange box. b. Select the Connect using SSL only check box. c. Select the Mutually authenticate the session when connecting with SSL check box next. d. Enter the FQDN of the RPC Proxy server in the Principle name for proxy server box. Use the format: msstd:fqdn of RPC Proxy Server. e. As an optional step, you can configure Outlook 2003 to connect to your Exchange server using RPC over HTTP by default by checking the checkbox next to On fast networks, connect to Exchange using HTTP first, then connect using TCP/IP. 16. On the Exchange Proxy Settings page, in the Proxy authentication settings window, in the Use this authentication when connecting to my proxy server for Exchange list, select Basic Authentication. 17. Click OK Your users are now configured to use RPC over HTTP.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback