Connect exchange mailbox using http "Outlook 2003"

Hi,

I am running Exchange Server 2003 and am trying to connect via http using
rpc over http from my laptop using Outlook 2003.

I have set up the connection to my mailbox from outlook inside our lan but I
am trying to create an http connection from outlook to exchange for when I am
not in the office.

I can connect, externally to "Remote Web Workplace" on our server using
https://servername.domain.com/remote so the https passthrough seems to be
fine.

I have set all the setting up for connecting via http correctly and the rpc
over https service is running. I get as far as opening outlook and entering
my password and outlook say "trying to connect" but after a few seconds I am
once again prompted to enter my password.....and so on..... The username and
password are definately correct but I can't make the connection.

I am running Windows XP SP2 from the laptop running windows firewall. I am
also running AVG anti virus on the laptop and the server. The server has no
firewall running on it but I am running a hardware firewall on the router.

Please help.

Steve

If you are using a self signed certificate (or internal certificate
authority) to ensure that the https protocol works, two things must be
insured...

1) You should not receive any type of security alert dialog if you open your
web browser and type:
https://servname.domain.com/rpc

2) Outlook will verify the certificate back to the Certificate Authority
that signed it. Therefore this CA certificate must exist in the Trusted
Root store of the workstation.

3) Last but not least, some firewall based devices munge NTLM
authentication. Make sure that the /rpc folder in IIS only accepts Basic
Auth.

"Lambo" wrote in message
...
Hi,

I am running Exchange Server 2003 and am trying to connect via http using
rpc over http from my laptop using Outlook 2003.

I have set up the connection to my mailbox from outlook inside our lan but
I
am trying to create an http connection from outlook to exchange for when I
am
not in the office.

I can connect, externally to "Remote Web Workplace" on our server using
https://servername.domain.com/remote so the https passthrough seems to be
fine.

I have set all the setting up for connecting via http correctly and the
rpc
over https service is running. I get as far as opening outlook and
entering
my password and outlook say "trying to connect" but after a few seconds I
am
once again prompted to enter my password.....and so on..... The username
and
password are definately correct but I can't make the connection.

I am running Windows XP SP2 from the laptop running windows firewall. I
am
also running AVG anti virus on the laptop and the server. The server has
no
firewall running on it but I am running a hardware firewall on the router.

Please help.

Steve

Hi Neo,

I have tested all that and everything appears to be set up perfectly. Basic
Autentication only is selected in the RPC folder of Default Web Site in IIS.

I browsed to https://servernam.domain.com/rpc and I was presented with the
username and password box again but this did the same thing - it would not
accept my details and kept displaying the username and password box.

I don't receive a security alert when browsing to
https://servername.domain.com - I did originally but I have now installed the
certificate on my laptop and the connection just goes straight in now.

I am not sure how to find if the certificate exists in the trusted root of
my laptop but I went into internet explorer toolsinternet
optionscontenttrusted root certificate and the certificate for the
connection was there and installed properly.

Do you have any other suggestions?

Kindest thanks,

Steve

"neo [mvp outlook]" wrote:

If you are using a self signed certificate (or internal certificate
authority) to ensure that the https protocol works, two things must be
insured...

1) You should not receive any type of security alert dialog if you open your
web browser and type:
https://servname.domain.com/rpc

2) Outlook will verify the certificate back to the Certificate Authority
that signed it. Therefore this CA certificate must exist in the Trusted
Root store of the workstation.

3) Last but not least, some firewall based devices munge NTLM
authentication. Make sure that the /rpc folder in IIS only accepts Basic
Auth.

"Lambo" wrote in message
...
Hi,

I am running Exchange Server 2003 and am trying to connect via http using
rpc over http from my laptop using Outlook 2003.

I have set up the connection to my mailbox from outlook inside our lan but
I
am trying to create an http connection from outlook to exchange for when I
am
not in the office.

I can connect, externally to "Remote Web Workplace" on our server using
https://servername.domain.com/remote so the https passthrough seems to be
fine.

I have set all the setting up for connecting via http correctly and the
rpc
over https service is running. I get as far as opening outlook and
entering
my password and outlook say "trying to connect" but after a few seconds I
am
once again prompted to enter my password.....and so on..... The username
and
password are definately correct but I can't make the connection.

I am running Windows XP SP2 from the laptop running windows firewall. I
am
also running AVG anti virus on the laptop and the server. The server has
no
firewall running on it but I am running a hardware firewall on the router.

Please help.

Steve

I'm still leaning that the cert didn't get stored in the right place. Try
this to make sure that it is in the computers trusted root store.

start run mmc.exe ok button. File Add/remove snapin add button
select certificates add button computer account next local computer
finish button close button ok button ok button. Expand Certificates
Expand Trusted Root Certificates. This is where a copy of the
self-signed or internal certificate authority cert needs to be.



"Lambo" wrote in message
...
Hi Neo,

I have tested all that and everything appears to be set up perfectly.
Basic
Autentication only is selected in the RPC folder of Default Web Site in
IIS.

I browsed to https://servernam.domain.com/rpc and I was presented with the
username and password box again but this did the same thing - it would
not
accept my details and kept displaying the username and password box.

I don't receive a security alert when browsing to
https://servername.domain.com - I did originally but I have now installed
the
certificate on my laptop and the connection just goes straight in now.

I am not sure how to find if the certificate exists in the trusted root of
my laptop but I went into internet explorer toolsinternet
optionscontenttrusted root certificate and the certificate for the
connection was there and installed properly.

Do you have any other suggestions?

Kindest thanks,

Steve

"neo [mvp outlook]" wrote:

If you are using a self signed certificate (or internal certificate
authority) to ensure that the https protocol works, two things must be
insured...

1) You should not receive any type of security alert dialog if you open
your
web browser and type:
https://servname.domain.com/rpc

2) Outlook will verify the certificate back to the Certificate Authority
that signed it. Therefore this CA certificate must exist in the Trusted
Root store of the workstation.

3) Last but not least, some firewall based devices munge NTLM
authentication. Make sure that the /rpc folder in IIS only accepts Basic
Auth.

"Lambo" wrote in message
...
Hi,

I am running Exchange Server 2003 and am trying to connect via http
using
rpc over http from my laptop using Outlook 2003.

I have set up the connection to my mailbox from outlook inside our lan
but
I
am trying to create an http connection from outlook to exchange for
when I
am
not in the office.

I can connect, externally to "Remote Web Workplace" on our server using
https://servername.domain.com/remote so the https passthrough seems to
be
fine.

I have set all the setting up for connecting via http correctly and the
rpc
over https service is running. I get as far as opening outlook and
entering
my password and outlook say "trying to connect" but after a few seconds
I
am
once again prompted to enter my password.....and so on..... The
username
and
password are definately correct but I can't make the connection.

I am running Windows XP SP2 from the laptop running windows firewall.
I
am
also running AVG anti virus on the laptop and the server. The server
has
no
firewall running on it but I am running a hardware firewall on the
router.

Please help.

Steve

Hi Neo,

I looked at the trusted root certificate node in the certificate snap-in on
my laptop and the certificate was not there. I copied the certificate from
the SBS 2003 server to my laptop and imported it in to the trusted root
certificate node but still no joy!!

All I did was copy the certificate from the c:\ClientAppds\SBScerts folder
on the SBS 2003 server to the desktop on my laptop. I then opened the
certificate snap-in and imported the certificate from the desktop into the
trusted root certificate node.

Is there anything else I should have or need to do?

Kindest Regards

Steve
"neo [mvp outlook]" wrote:

I'm still leaning that the cert didn't get stored in the right place. Try
this to make sure that it is in the computers trusted root store.

start run mmc.exe ok button. File Add/remove snapin add button
select certificates add button computer account next local computer
finish button close button ok button ok button. Expand Certificates
Expand Trusted Root Certificates. This is where a copy of the
self-signed or internal certificate authority cert needs to be.



"Lambo" wrote in message
...
Hi Neo,

I have tested all that and everything appears to be set up perfectly.
Basic
Autentication only is selected in the RPC folder of Default Web Site in
IIS.

I browsed to https://servernam.domain.com/rpc and I was presented with the
username and password box again but this did the same thing - it would
not
accept my details and kept displaying the username and password box.

I don't receive a security alert when browsing to
https://servername.domain.com - I did originally but I have now installed
the
certificate on my laptop and the connection just goes straight in now.

I am not sure how to find if the certificate exists in the trusted root of
my laptop but I went into internet explorer toolsinternet
optionscontenttrusted root certificate and the certificate for the
connection was there and installed properly.

Do you have any other suggestions?

Kindest thanks,

Steve

"neo [mvp outlook]" wrote:

If you are using a self signed certificate (or internal certificate
authority) to ensure that the https protocol works, two things must be
insured...

1) You should not receive any type of security alert dialog if you open
your
web browser and type:
https://servname.domain.com/rpc

2) Outlook will verify the certificate back to the Certificate Authority
that signed it. Therefore this CA certificate must exist in the Trusted
Root store of the workstation.

3) Last but not least, some firewall based devices munge NTLM
authentication. Make sure that the /rpc folder in IIS only accepts Basic
Auth.

"Lambo" wrote in message
...
Hi,

I am running Exchange Server 2003 and am trying to connect via http
using
rpc over http from my laptop using Outlook 2003.

I have set up the connection to my mailbox from outlook inside our lan
but
I
am trying to create an http connection from outlook to exchange for
when I
am
not in the office.

I can connect, externally to "Remote Web Workplace" on our server using
https://servername.domain.com/remote so the https passthrough seems to
be
fine.

I have set all the setting up for connecting via http correctly and the
rpc
over https service is running. I get as far as opening outlook and
entering
my password and outlook say "trying to connect" but after a few seconds
I
am
once again prompted to enter my password.....and so on..... The
username
and
password are definately correct but I can't make the connection.

I am running Windows XP SP2 from the laptop running windows firewall.
I
am
also running AVG anti virus on the laptop and the server. The server
has
no
firewall running on it but I am running a hardware firewall on the
router.

Please help.

Steve

Assuming that you are using the same certificate to secure OWA and RPC.
Access OWA and then click on the gold lock. What does the Issued To and
Issued By read? The reason that I ask is 2 fold.

1) You already know that the Issued To will be the FQDN of customers will
access https://servername.domain.com. The Issued By is the certificate
authority that issued it. Since you have put a copy of the "Issued By"
certificate in the trusted root store the next likely step might be...

2) Where you are trying to access the server by a different name from the
outside. By this I mean, if the certificate was issued to
servername.domain.com, then you can't access from the outside by
www.domain.com. Outlook fails this silently. (By the way, we are talking
about the servername that is listed in the Exchange proxy settings in
Outlook.)


"Lambo" wrote in message
...
Hi Neo,

I looked at the trusted root certificate node in the certificate snap-in
on
my laptop and the certificate was not there. I copied the certificate
from
the SBS 2003 server to my laptop and imported it in to the trusted root
certificate node but still no joy!!

All I did was copy the certificate from the c:\ClientAppds\SBScerts folder
on the SBS 2003 server to the desktop on my laptop. I then opened the
certificate snap-in and imported the certificate from the desktop into the
trusted root certificate node.

Is there anything else I should have or need to do?

Kindest Regards

Steve
"neo [mvp outlook]" wrote:

I'm still leaning that the cert didn't get stored in the right place.
Try
this to make sure that it is in the computers trusted root store.

start run mmc.exe ok button. File Add/remove snapin add button

select certificates add button computer account next local
computer
finish button close button ok button ok button. Expand
Certificates
Expand Trusted Root Certificates. This is where a copy of the
self-signed or internal certificate authority cert needs to be.



"Lambo" wrote in message
...
Hi Neo,

I have tested all that and everything appears to be set up perfectly.
Basic
Autentication only is selected in the RPC folder of Default Web Site in
IIS.

I browsed to https://servernam.domain.com/rpc and I was presented with
the
username and password box again but this did the same thing - it would
not
accept my details and kept displaying the username and password box.

I don't receive a security alert when browsing to
https://servername.domain.com - I did originally but I have now
installed
the
certificate on my laptop and the connection just goes straight in now.

I am not sure how to find if the certificate exists in the trusted root
of
my laptop but I went into internet explorer toolsinternet
optionscontenttrusted root certificate and the certificate for the
connection was there and installed properly.

Do you have any other suggestions?

Kindest thanks,

Steve

"neo [mvp outlook]" wrote:

If you are using a self signed certificate (or internal certificate
authority) to ensure that the https protocol works, two things must be
insured...

1) You should not receive any type of security alert dialog if you
open
your
web browser and type:
https://servname.domain.com/rpc

2) Outlook will verify the certificate back to the Certificate
Authority
that signed it. Therefore this CA certificate must exist in the
Trusted
Root store of the workstation.

3) Last but not least, some firewall based devices munge NTLM
authentication. Make sure that the /rpc folder in IIS only accepts
Basic
Auth.

"Lambo" wrote in message
...
Hi,

I am running Exchange Server 2003 and am trying to connect via http
using
rpc over http from my laptop using Outlook 2003.

I have set up the connection to my mailbox from outlook inside our
lan
but
I
am trying to create an http connection from outlook to exchange for
when I
am
not in the office.

I can connect, externally to "Remote Web Workplace" on our server
using
https://servername.domain.com/remote so the https passthrough seems
to
be
fine.

I have set all the setting up for connecting via http correctly and
the
rpc
over https service is running. I get as far as opening outlook and
entering
my password and outlook say "trying to connect" but after a few
seconds
I
am
once again prompted to enter my password.....and so on..... The
username
and
password are definately correct but I can't make the connection.

I am running Windows XP SP2 from the laptop running windows
firewall.
I
am
also running AVG anti virus on the laptop and the server. The
server
has
no
firewall running on it but I am running a hardware firewall on the
router.

Please help.

Steve