Repeated Authentication with Outlook 2003 and RPC over HTTPS


Hello all, I'm right on the verge of a migration from Open Exchange to a brand new Exchange 2003 installation. It is a 100% Windows 2003 / XP pro / Exchange 2003 / Outlook 2003 installation. I followed the articles on how to install RPC over HTTPS available here and at Microsoft, with the exception of using "Mutually Authenticate SSL" or whatever that option is. I have tried it with though and that doesn't seem to be it.

Our server is repeatedly asking for username/password authentication from Outlook. It will not save the password, and it wants to re-authenticate every few hours it seems. Is this normal behavior? I really want to tell my users they won't have to do this all the time. It doesn't matter whether they are inside our network or outside, VPN or not. It works as long as they re-authenticate, but it's a PITA to our users.

Any ideas?

Thanks all!


Sponsored Links:



I am having an issue with Outlook 2007 and RPC over Https. The box can
either be XP or Vista with 2007 installed on it. I can connect Outlook when
connected with a VPN but when external it fails to connect. With Outlook
2003 and RPC over Https there are no issues.

It is frustrating that there is no easy searchable solution with MS for this
as this problem exisits on any box we build with any of our clients with
Outlook 2007.

Any ideas?




I'm trying to configure RPC over HTTP and I believe (according to the documentation I've followed) that I have the FE and BE servers setup properly. The problem I'm having is that I don't have the option under the Connection tab in Outlook (2003 with SP1) "Connect to my Exchange mailbox using HTTP". It's not greyed out, it just simply isn't there. I ran the Custom Maintenance Wizard in an attempt to add it and it seemed to run through ok, but still no option. Any thoughts?
TIA, Tony.




Hello I have an SBS2003 Server that I am setting up. I have successfully connected over the internet using Outlook 2003 via rpc over HTTPS.
I was trying different Global Address list settings and know when configure A new client and then try to connect after putting the username & password
Outlook gives me an error "The Bookmark is invalid" and won't connect. I can however connect using a client that was prieviously configured and working.
Only new clients seem to have trouble. I am not sure if yhe global address list has anything to do with it. Any input would be helpful  




Hi

my prospective clients are testing Outlook 2003 (rpc over https) at their
site. Their internet access is through an outsourced proxy server.
For internet access, each user needs to enter a username and password
before they are connected to the websites.

However, when testing Outlook 2003 access(rpc over https), they are not able
to connect to the Exchange server.

For 1 hour, they asked their vendor to lower the security level. That means
internet access do not require proxy authentication.
The Outlook 2003 access(rpc over https) also worked successfully.

However, the security setting was set to the original setting. This is what
the vendor provides for its client... high level security.

Anyone knows if this problem can be overcome?

regards
Raymond




I am trying to setup some of my laptop users to connect to exchange 2003 with
outlook 2003 using RPC over HTTP

we have

1 x windows 2003 server std (Domain controller) 192.168.16.2
1 x windows 2003 server std running exchange 2003 192.168.16.3

my netgear firewall has port 443 open and my domain controller then forwards
this port to the exchange server

we can use OWA ok
we have imported the certificate on the laptop and we run OWA with out it
prompting that the sites not safe...

After I have configured outlook to RPC over HTTP iam keep getting prompted
to enter my password and I never get connected to my mail box

Before i had SSL setup on exchange I connected ok using my PSA windows
mobile 5. I have tried today so get this to synch but it just keeps asking
for my password

Hope you are able to assist further

Thanks




Current Environment one front end and two backend Exchange 2003 servers. https url running on front end for both owa and RPC over HTTP.

Transitioning to Exchange 2007SP1 with HT&CAS –NLB and CCR cluster for mailboxes.

When is the best time to move owa and rpc over http url from Exchange 2003 front end  to Exchange 2007 CAS without affecting users on Exchange 2003? Are there any known issues?

Main concerned is with RPC over HTTP users, few hundred users outlook running with RPC over HTTP settings.

Appreciate sharing your experiences on this.




Current Environment one front end and two backend Exchange 2003 servers. https url running on front end for both owa and RPC over HTTP.

Transitioning to Exchange 2007SP1 with HT&CAS –NLB and CCR cluster for mailboxes.

When is the best time to move owa and rpc over http url from Exchange 2003 front end  to Exchange 2007 CAS without affecting users on Exchange 2003? Are there any known issues?

Main concerned is with RPC over HTTP users, few hundred users outlook running with RPC over HTTP settings.

Appreciate sharing your experiences on this.




I would like to setup my Outlook 2003 to RPC over HTTP. I have Outlook Web
Access and for various reasons would like to be able to access it through my
Outlook as opposed to through IE.

If you could list steps required to set this up I would appreciate it.




I have an environment that now requires the use of Smart Card for logon.  When this is enabled, it eliminates the ability to use OWA and RPC over HTTPS.  Is anyone aware of documentation that would allow these two services to work even with the Smart Card Logon?  (Remember...when you enable this check box in AD, Windows creates a hidden password for the account that it passes to AD when the Smart Card is authenticated.  A user or Admin will never know what that PW is.) 

I know there are "sort of" workarouds out there, but I need something that is solid and supported by MS.

THanks!

CFR




Hi Everyone,
 
i hope you guys can help me, coz i'm quite stumped with this problem i'm encoutering with a client. The network is a SBS 2003 R2 Premium edition that we've setup recently. Exchange (SP2) is responsible for 3 domains, which are setup correctly and are working fine. Workstations are configured with Windows XP SP2 and Office 2007.
 
One user has to have the ability to send e-mails from two different domains (lets call them domainA.com and domainB.com for now). After searching online for a while i've read up on the subject and did the following actions:
- Added a new user account for user@domainB.com and set user@domainB.com as the primary SMTP address
- gave the primary logon account that the user uses Full Mailbox Rights on the useraccount user@domainB.com and gave explicit Send As & Receive As allowed rights. (Yes through AD Users & Computers, Advenced Features, etc...)
- setup automatic forwarding in exchange features for user@domainB.com to send all incoming mail to the primary logon account for the user and added the primary logon account to Send on behalf in user@domainB.com
 
After i waited for Exchange to update it's security policy i tested from my current location with Outlook 2003 using RPC over HTTPS logging on as the primary user account. In this configuration i was able to send mails as user@domainB.com without any problems, just filling in the name in the From field.
 
Now here comes the kicker. When the user logs on on the network, fires up Outlook 2007and tries to send an e-mail using user@domainB.com in the from field she almost immediatly gets an NDR stating she doesnt have the permission to send to these recipients.
 
I have looked everywhere for a solution for this problem, but cant find anything. Short of just installing Outlook 2003 on the users machine i dont have a clue of what i could do to get this working. If anyone could please help me on this, they'd receive instand-god standing in my book ;)
 
Hope for many usefull replies!
 
Kind regards,
Philipp

 




As we are testing out migration to Exchange 2007 from Echange 2003, we have decided to publish OWA, ActiveSync, and Outlook Anywhere using separate URLs. We currently have an Exchange 2003 front-end/back-end environment using one URL for OWA, ActiveSync, and RPC over HTTP. We would like to transition our current Exchange 2003 environment to the multiple URL scenario, but we are having a problem finding any documentation detailing moving from a single URL to a multiple URL environment. Does anyone know of any documentation?




Is there anything that can be done to get instant "echo" back while typing
an email in Outlook when it's connected via RPC over HTTPS?
Now I can type two senteces, see nothing on the screen, wait another minute,
and then of a sudden it all shows up at once...

Very annoying.

Any advice?

TIA!

/ Per




Hi, fellow Outlook users,

I'm using Outlook 2003 on Windows XP SP2 and I'm trying to connect to
an Exchange mailbox using OWA. As far as instructions in MS TechNet and
MSDN are concerned, I should only need to open one port in the client
machine, that is, TCP 80 or 443. I understand that after that, Outlook
should channel ALL its traffic through that port, right?

So I followed the "Configuring Outlook 2003 for RPC Over HTTP" article
(http://office.microsoft.com/en-us/as...402731033.aspx)
word-by-word to set up an account in Outlook, opened port 80 ... and
yet I couldn't log in; the "Connecting to (someserver)" dialog refused
to accept my username and password.

A brief look with the TCPView utility showed that Outlook tried to
connect not only to port 80, but also to 135 (RPC) and several random
ports in the high (1024+) port range. However, I absolutely cannot open
any other ports than 80 or 443 in the client machine, so either I can
somehow trick Outlook into using nothing but those ports, or .. well,
fail miserably and make several people unhappy.

What I'm hoping for, if you'd be so kind, is that you could explain to
me whether I got it all wrong and Outlook in OWA mode must still have
access to as many outgoing ports as it pleases, or is there a way to
persuade it into using only 80 and/or 443.

Thank you for your time, I'll be grateful for your answers.

--
Ivo Thamdrup




I'm having a problem with IIS crashing and taking out OWA and RPC over HTTPS

IIS Admin, FTP, Exchange POP3 and the SMTP services all stop at the same time for no apparent reason i can find the error in the event log are all exactly the same

Event Type: Error
Event Source: Service Control Manager
Event Category: None
Event ID: 7031
Date:  6/03/2007
Time:  7:53:37 AM
User:  N/A
Computer: MAIL
Description:
The IIS Admin Service service terminated unexpectedly.  It has done this 16 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

the service restarts fine but then the WWW service the logs the following 2 message and stops, it is also configured to restart but doesn't

Event Type: Warning
Event Source: W3SVC
Event Category: None
Event ID: 1013
Date:  6/03/2007
Time:  7:55:06 AM
User:  N/A
Computer: MAIL
Description:
A process serving application pool 'ExchangeApplicationPool' exceeded time limits during shut down. The process id was '9944'.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

Event Type: Error
Event Source: W3SVC
Event Category: None
Event ID: 1030
Date:  6/03/2007
Time:  7:55:07 AM
User:  N/A
Computer: MAIL
Description:
Inetinfo terminated unexpectedly and the system was not configured to restart IIS Admin.  The World Wide Web Publishing Service has shut down.
For more information, see Help and Support Center at http://go.microsoft.com/fwlink/events.asp.

any help would be appreciated   even if its just a work around to save me having to manually restart the WWW service as we have a large number of remote users working in different time zones around the world.  and I'm sick of getting call at 2AM to say the mail server is down again !!!!

edit - Typo




So, I've been going through these wlk-thru's, and I have asimple question:

The first time you set up a clients PC for RPC over HTTPs, does the client
need to be on the local network? You know when you go to the Exchange
Server Settings and you put in the Exchange Server name and the User name,
and you clikc on "Check Name"? If you're not on the local network, can you
still complete the setup?

Thanks




When I configure Outlook 2003 for RPC over HTTP it requires me to enter
username/password again. I have already entered it when I logged into the
domain so why should I have to re-enter it? It is very irritating. I am
assuming there is some workaround for this annoyance. Does anybody know how
to get around this problem or have you all accepted retyping your
username/password?
Any suggestions would be greatly appreciated.

Thanks,
Stephen




Greetings and thanks for reading

I recently rebuilt my system and decided to give Office 2007 a try. Works
great except for the RPC over HTTP piece. No configuration I have tried has
seemed to work. Others in my org have had the same issue. The common
pattern has been those that upgraded instead of fresh install work fine.
Those that did a fresh install do not. I have verified and re-verified
settings to no avail. Has anyone run into this issue and solved it?




I'm looking for a programatic way to create an Outlook profile using RPC
over HTTP for full Exchange Client connecting over the Internet.

I currently have a 24 page document explaining the process of creating the
Outlook profile using the Mail utility in Control Panel, but I know my
customers need a programatic method of making the profile quickly and
correctly.

Does anyone have a start of an example program of how to do this or
something similar using C# or VB?

Cyrus




I'm looking for a programatic way to create an Outlook profile using RPC
over HTTP for full Exchange Client connecting over the Internet.

I currently have a 24 page document explaining the process of creating the
Outlook profile using the Mail utility in Control Panel, but I know my
customers need a programatic method of making the profile quickly and
correctly.

Does anyone have a start of an example program of how to do this or
something similar using C# or VB?

Cyrus