A Microsoft Office (Excel, Word) forum. OfficeFrustration

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » OfficeFrustration forum » Microsoft Outlook » Installation & Setup
Site Map Home Register Authors List Search Today's Posts Mark Forums Read  

RPC over HTTP with Basic Authentication and no SSL



 
 
Thread Tools Display Modes
  #1  
Old June 3rd, 2006, 03:43 AM posted to microsoft.public.outlook.installation
erezy
external usenet poster
 
Posts: 3
Default RPC over HTTP with Basic Authentication and no SSL

hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as checked, which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least i am
assuming its that since i checked both checkboxes saying on slow and fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the VPN, but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez
  #2  
Old June 3rd, 2006, 02:31 PM posted to microsoft.public.outlook.installation
neo [mvp outlook]
external usenet poster
 
Posts: 352
Default RPC over HTTP with Basic Authentication and no SSL

You will not be able to connect unless the folks that run Exchange downgrade
the security or get a SSL certificate installed on the website/server. Just
so you know why I'm saying this is that Microsoft designed Outlook 2003/7
and Exchange 2003/7 to be more secure out of the box, and ensuring that
traffic goes across via SSL falls under that default design when it comes to
RPC over HTTPS.

"erezy" wrote in message
...
hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as checked, which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least i am
assuming its that since i checked both checkboxes saying on slow and fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the VPN,
but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez



  #3  
Old June 3rd, 2006, 04:11 PM posted to microsoft.public.outlook.installation
erezy
external usenet poster
 
Posts: 3
Default RPC over HTTP with Basic Authentication and no SSL

"he folks that run Exchange downgrade the security" -
does this mean the ppl at my company?
that would mean its possible, the question is how.

my logic says that if our OWA is only available using http anyways, why
wouldnt the RPC over HTTP accpet that?
what is the difference?

"neo [mvp outlook]" wrote:

You will not be able to connect unless the folks that run Exchange downgrade
the security or get a SSL certificate installed on the website/server. Just
so you know why I'm saying this is that Microsoft designed Outlook 2003/7
and Exchange 2003/7 to be more secure out of the box, and ensuring that
traffic goes across via SSL falls under that default design when it comes to
RPC over HTTPS.

"erezy" wrote in message
...
hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as checked, which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least i am
assuming its that since i checked both checkboxes saying on slow and fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the VPN,
but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez




  #4  
Old June 3rd, 2006, 08:02 PM posted to microsoft.public.outlook.installation
neo [mvp outlook]
external usenet poster
 
Posts: 352
Default RPC over HTTP with Basic Authentication and no SSL

Yes, the folks at your company that run Exchange. I doubt they would do it
since Microsoft does not recommend this type of configuration for an
internet facing system.

Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to OWA
to retrieve data, but it isn't. The two solutions are very different with
different needs.

"erezy" wrote in message
...
"he folks that run Exchange downgrade the security" -
does this mean the ppl at my company?
that would mean its possible, the question is how.

my logic says that if our OWA is only available using http anyways, why
wouldnt the RPC over HTTP accpet that?
what is the difference?

"neo [mvp outlook]" wrote:

You will not be able to connect unless the folks that run Exchange
downgrade
the security or get a SSL certificate installed on the website/server.
Just
so you know why I'm saying this is that Microsoft designed Outlook 2003/7
and Exchange 2003/7 to be more secure out of the box, and ensuring that
traffic goes across via SSL falls under that default design when it comes
to
RPC over HTTPS.

"erezy" wrote in message
...
hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but
i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as checked,
which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least i am
assuming its that since i checked both checkboxes saying on slow and
fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the
VPN,
but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez






  #5  
Old April 10th, 2009, 11:20 PM posted to microsoft.public.outlook.installation
Tish
external usenet poster
 
Posts: 81
Default RPC over HTTP with Basic Authentication and no SSL


I have the same problem and you are correct that the 'folks who run exchange
back at my server' aren't enthusiastic about downgrading security. (By the
way, I'm also the person who runs exchange on our server so it's myself I'm
protesting to.) Getting a certificate seems an expensive business unless you
know of someplace we could get one for a low cost. We use our server for a
non profit foundation and budgets are very lean. Where do we even go to get
a certificate? Thanks. Appreciate all the good advice that comes from both
the person identifying an issue and the people answering in the Community.
Just reading through the items looking for one that suits my problem is
educational.

"neo [mvp outlook]" wrote:

Yes, the folks at your company that run Exchange. I doubt they would do it
since Microsoft does not recommend this type of configuration for an
internet facing system.

Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to OWA
to retrieve data, but it isn't. The two solutions are very different with
different needs.

"erezy" wrote in message
...
"he folks that run Exchange downgrade the security" -
does this mean the ppl at my company?
that would mean its possible, the question is how.

my logic says that if our OWA is only available using http anyways, why
wouldnt the RPC over HTTP accpet that?
what is the difference?

"neo [mvp outlook]" wrote:

You will not be able to connect unless the folks that run Exchange
downgrade
the security or get a SSL certificate installed on the website/server.
Just
so you know why I'm saying this is that Microsoft designed Outlook 2003/7
and Exchange 2003/7 to be more secure out of the box, and ensuring that
traffic goes across via SSL falls under that default design when it comes
to
RPC over HTTPS.

"erezy" wrote in message
...
hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but
i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as checked,
which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least i am
assuming its that since i checked both checkboxes saying on slow and
fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the
VPN,
but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez






  #6  
Old April 11th, 2009, 02:16 PM posted to microsoft.public.outlook.installation
neo [mvp outlook]
external usenet poster
 
Posts: 1,551
Default RPC over HTTP with Basic Authentication and no SSL

Try XRamp
https://www.securetrust.com/sslcertificates/premium/

At the bottom a 3 year certificate is $225.

"Tish" wrote in message
...

I have the same problem and you are correct that the 'folks who run
exchange
back at my server' aren't enthusiastic about downgrading security. (By
the
way, I'm also the person who runs exchange on our server so it's myself
I'm
protesting to.) Getting a certificate seems an expensive business unless
you
know of someplace we could get one for a low cost. We use our server for
a
non profit foundation and budgets are very lean. Where do we even go to
get
a certificate? Thanks. Appreciate all the good advice that comes from
both
the person identifying an issue and the people answering in the Community.
Just reading through the items looking for one that suits my problem is
educational.

"neo [mvp outlook]" wrote:

Yes, the folks at your company that run Exchange. I doubt they would do
it
since Microsoft does not recommend this type of configuration for an
internet facing system.

Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to
OWA
to retrieve data, but it isn't. The two solutions are very different
with
different needs.

"erezy" wrote in message
...
"he folks that run Exchange downgrade the security" -
does this mean the ppl at my company?
that would mean its possible, the question is how.

my logic says that if our OWA is only available using http anyways, why
wouldnt the RPC over HTTP accpet that?
what is the difference?

"neo [mvp outlook]" wrote:

You will not be able to connect unless the folks that run Exchange
downgrade
the security or get a SSL certificate installed on the website/server.
Just
so you know why I'm saying this is that Microsoft designed Outlook
2003/7
and Exchange 2003/7 to be more secure out of the box, and ensuring
that
traffic goes across via SSL falls under that default design when it
comes
to
RPC over HTTPS.

"erezy" wrote in message
...
hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM
but
i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as checked,
which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least i
am
assuming its that since i checked both checkboxes saying on slow and
fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the
VPN,
but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez







  #7  
Old April 17th, 2009, 04:27 PM posted to microsoft.public.outlook.installation
Gregg Hill[_2_]
external usenet poster
 
Posts: 6
Default RPC over HTTP with Basic Authentication and no SSL

My GoDaddy Turbo SSL certificate cost me $16.99 per year when I bought a
10-yr cert. Exchange 2003 will even work with a free self-signed cert for
OMA, OWA, and RPC over HTTPS. A public cert is not required, but it sure is
more convenient.

The original post way back in 2006 (a good reason to start one's own post!)
claimed that "...locks the checkbox for SSL as checked, which
means it wont work, because the server doesnt support https." That server
must not have been Exchange 2003, or it was set up wrong, as Exchange 2003
most certainly does support SSL for OMA, OWA, and RPC over HTTPS. If his OWA
"is only available using http anyways..." then the server is set up wrong.
The ONLY port that a properly-configured Exchange 2003 server needs for RPC
over HTTPS is port 443. I **never** open port 80 to an Exchange server.

Just my two cents!

Gregg


"neo [mvp outlook]" wrote in message
...
Try XRamp
https://www.securetrust.com/sslcertificates/premium/

At the bottom a 3 year certificate is $225.

"Tish" wrote in message
...

I have the same problem and you are correct that the 'folks who run
exchange
back at my server' aren't enthusiastic about downgrading security. (By
the
way, I'm also the person who runs exchange on our server so it's myself
I'm
protesting to.) Getting a certificate seems an expensive business unless
you
know of someplace we could get one for a low cost. We use our server for
a
non profit foundation and budgets are very lean. Where do we even go to
get
a certificate? Thanks. Appreciate all the good advice that comes from
both
the person identifying an issue and the people answering in the
Community.
Just reading through the items looking for one that suits my problem is
educational.

"neo [mvp outlook]" wrote:

Yes, the folks at your company that run Exchange. I doubt they would do
it
since Microsoft does not recommend this type of configuration for an
internet facing system.

Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to
OWA
to retrieve data, but it isn't. The two solutions are very different
with
different needs.

"erezy" wrote in message
...
"he folks that run Exchange downgrade the security" -
does this mean the ppl at my company?
that would mean its possible, the question is how.

my logic says that if our OWA is only available using http anyways,
why
wouldnt the RPC over HTTP accpet that?
what is the difference?

"neo [mvp outlook]" wrote:

You will not be able to connect unless the folks that run Exchange
downgrade
the security or get a SSL certificate installed on the
website/server.
Just
so you know why I'm saying this is that Microsoft designed Outlook
2003/7
and Exchange 2003/7 to be more secure out of the box, and ensuring
that
traffic goes across via SSL falls under that default design when it
comes
to
RPC over HTTPS.

"erezy" wrote in message
...
hey,

my corp server has http access with no certificate.
my laptop is NOT part of the domain.
trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM
but
i
keep getting prompted for my password, no matter what i do.
setting the security to Basic locks the checkbox for SSL as
checked,
which
means it wont work, because the server doesnt support https.

if i log on to the lan using the vpn, it works with NTLM. at least
i am
assuming its that since i checked both checkboxes saying on slow
and
fast
networks use HTTP first...

any ideas? the point is not to have to connect to the lan using the
VPN,
but
still have outlook 2007 instead of OWA that i am forced to use....

thanks,
erez









 




Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Forum Jump


All times are GMT +1. The time now is 02:52 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 OfficeFrustration.
The comments are property of their posters.