If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. |
|
|
Thread Tools | Display Modes |
#1
|
|||
|
|||
RPC over HTTP with Basic Authentication and no SSL
hey,
my corp server has http access with no certificate. my laptop is NOT part of the domain. trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i keep getting prompted for my password, no matter what i do. setting the security to Basic locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https. if i log on to the lan using the vpn, it works with NTLM. at least i am assuming its that since i checked both checkboxes saying on slow and fast networks use HTTP first... any ideas? the point is not to have to connect to the lan using the VPN, but still have outlook 2007 instead of OWA that i am forced to use.... thanks, erez |
#2
|
|||
|
|||
RPC over HTTP with Basic Authentication and no SSL
You will not be able to connect unless the folks that run Exchange downgrade
the security or get a SSL certificate installed on the website/server. Just so you know why I'm saying this is that Microsoft designed Outlook 2003/7 and Exchange 2003/7 to be more secure out of the box, and ensuring that traffic goes across via SSL falls under that default design when it comes to RPC over HTTPS. "erezy" wrote in message ... hey, my corp server has http access with no certificate. my laptop is NOT part of the domain. trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i keep getting prompted for my password, no matter what i do. setting the security to Basic locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https. if i log on to the lan using the vpn, it works with NTLM. at least i am assuming its that since i checked both checkboxes saying on slow and fast networks use HTTP first... any ideas? the point is not to have to connect to the lan using the VPN, but still have outlook 2007 instead of OWA that i am forced to use.... thanks, erez |
#3
|
|||
|
|||
RPC over HTTP with Basic Authentication and no SSL
"he folks that run Exchange downgrade the security" -
does this mean the ppl at my company? that would mean its possible, the question is how. my logic says that if our OWA is only available using http anyways, why wouldnt the RPC over HTTP accpet that? what is the difference? "neo [mvp outlook]" wrote: You will not be able to connect unless the folks that run Exchange downgrade the security or get a SSL certificate installed on the website/server. Just so you know why I'm saying this is that Microsoft designed Outlook 2003/7 and Exchange 2003/7 to be more secure out of the box, and ensuring that traffic goes across via SSL falls under that default design when it comes to RPC over HTTPS. "erezy" wrote in message ... hey, my corp server has http access with no certificate. my laptop is NOT part of the domain. trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i keep getting prompted for my password, no matter what i do. setting the security to Basic locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https. if i log on to the lan using the vpn, it works with NTLM. at least i am assuming its that since i checked both checkboxes saying on slow and fast networks use HTTP first... any ideas? the point is not to have to connect to the lan using the VPN, but still have outlook 2007 instead of OWA that i am forced to use.... thanks, erez |
#4
|
|||
|
|||
RPC over HTTP with Basic Authentication and no SSL
Yes, the folks at your company that run Exchange. I doubt they would do it
since Microsoft does not recommend this type of configuration for an internet facing system. Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to OWA to retrieve data, but it isn't. The two solutions are very different with different needs. "erezy" wrote in message ... "he folks that run Exchange downgrade the security" - does this mean the ppl at my company? that would mean its possible, the question is how. my logic says that if our OWA is only available using http anyways, why wouldnt the RPC over HTTP accpet that? what is the difference? "neo [mvp outlook]" wrote: You will not be able to connect unless the folks that run Exchange downgrade the security or get a SSL certificate installed on the website/server. Just so you know why I'm saying this is that Microsoft designed Outlook 2003/7 and Exchange 2003/7 to be more secure out of the box, and ensuring that traffic goes across via SSL falls under that default design when it comes to RPC over HTTPS. "erezy" wrote in message ... hey, my corp server has http access with no certificate. my laptop is NOT part of the domain. trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i keep getting prompted for my password, no matter what i do. setting the security to Basic locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https. if i log on to the lan using the vpn, it works with NTLM. at least i am assuming its that since i checked both checkboxes saying on slow and fast networks use HTTP first... any ideas? the point is not to have to connect to the lan using the VPN, but still have outlook 2007 instead of OWA that i am forced to use.... thanks, erez |
#5
|
|||
|
|||
RPC over HTTP with Basic Authentication and no SSL
I have the same problem and you are correct that the 'folks who run exchange back at my server' aren't enthusiastic about downgrading security. (By the way, I'm also the person who runs exchange on our server so it's myself I'm protesting to.) Getting a certificate seems an expensive business unless you know of someplace we could get one for a low cost. We use our server for a non profit foundation and budgets are very lean. Where do we even go to get a certificate? Thanks. Appreciate all the good advice that comes from both the person identifying an issue and the people answering in the Community. Just reading through the items looking for one that suits my problem is educational. "neo [mvp outlook]" wrote: Yes, the folks at your company that run Exchange. I doubt they would do it since Microsoft does not recommend this type of configuration for an internet facing system. Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to OWA to retrieve data, but it isn't. The two solutions are very different with different needs. "erezy" wrote in message ... "he folks that run Exchange downgrade the security" - does this mean the ppl at my company? that would mean its possible, the question is how. my logic says that if our OWA is only available using http anyways, why wouldnt the RPC over HTTP accpet that? what is the difference? "neo [mvp outlook]" wrote: You will not be able to connect unless the folks that run Exchange downgrade the security or get a SSL certificate installed on the website/server. Just so you know why I'm saying this is that Microsoft designed Outlook 2003/7 and Exchange 2003/7 to be more secure out of the box, and ensuring that traffic goes across via SSL falls under that default design when it comes to RPC over HTTPS. "erezy" wrote in message ... hey, my corp server has http access with no certificate. my laptop is NOT part of the domain. trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i keep getting prompted for my password, no matter what i do. setting the security to Basic locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https. if i log on to the lan using the vpn, it works with NTLM. at least i am assuming its that since i checked both checkboxes saying on slow and fast networks use HTTP first... any ideas? the point is not to have to connect to the lan using the VPN, but still have outlook 2007 instead of OWA that i am forced to use.... thanks, erez |
#6
|
|||
|
|||
RPC over HTTP with Basic Authentication and no SSL
Try XRamp
https://www.securetrust.com/sslcertificates/premium/ At the bottom a 3 year certificate is $225. "Tish" wrote in message ... I have the same problem and you are correct that the 'folks who run exchange back at my server' aren't enthusiastic about downgrading security. (By the way, I'm also the person who runs exchange on our server so it's myself I'm protesting to.) Getting a certificate seems an expensive business unless you know of someplace we could get one for a low cost. We use our server for a non profit foundation and budgets are very lean. Where do we even go to get a certificate? Thanks. Appreciate all the good advice that comes from both the person identifying an issue and the people answering in the Community. Just reading through the items looking for one that suits my problem is educational. "neo [mvp outlook]" wrote: Yes, the folks at your company that run Exchange. I doubt they would do it since Microsoft does not recommend this type of configuration for an internet facing system. Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to OWA to retrieve data, but it isn't. The two solutions are very different with different needs. "erezy" wrote in message ... "he folks that run Exchange downgrade the security" - does this mean the ppl at my company? that would mean its possible, the question is how. my logic says that if our OWA is only available using http anyways, why wouldnt the RPC over HTTP accpet that? what is the difference? "neo [mvp outlook]" wrote: You will not be able to connect unless the folks that run Exchange downgrade the security or get a SSL certificate installed on the website/server. Just so you know why I'm saying this is that Microsoft designed Outlook 2003/7 and Exchange 2003/7 to be more secure out of the box, and ensuring that traffic goes across via SSL falls under that default design when it comes to RPC over HTTPS. "erezy" wrote in message ... hey, my corp server has http access with no certificate. my laptop is NOT part of the domain. trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i keep getting prompted for my password, no matter what i do. setting the security to Basic locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https. if i log on to the lan using the vpn, it works with NTLM. at least i am assuming its that since i checked both checkboxes saying on slow and fast networks use HTTP first... any ideas? the point is not to have to connect to the lan using the VPN, but still have outlook 2007 instead of OWA that i am forced to use.... thanks, erez |
#7
|
|||
|
|||
RPC over HTTP with Basic Authentication and no SSL
My GoDaddy Turbo SSL certificate cost me $16.99 per year when I bought a
10-yr cert. Exchange 2003 will even work with a free self-signed cert for OMA, OWA, and RPC over HTTPS. A public cert is not required, but it sure is more convenient. The original post way back in 2006 (a good reason to start one's own post!) claimed that "...locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https." That server must not have been Exchange 2003, or it was set up wrong, as Exchange 2003 most certainly does support SSL for OMA, OWA, and RPC over HTTPS. If his OWA "is only available using http anyways..." then the server is set up wrong. The ONLY port that a properly-configured Exchange 2003 server needs for RPC over HTTPS is port 443. I **never** open port 80 to an Exchange server. Just my two cents! Gregg "neo [mvp outlook]" wrote in message ... Try XRamp https://www.securetrust.com/sslcertificates/premium/ At the bottom a 3 year certificate is $225. "Tish" wrote in message ... I have the same problem and you are correct that the 'folks who run exchange back at my server' aren't enthusiastic about downgrading security. (By the way, I'm also the person who runs exchange on our server so it's myself I'm protesting to.) Getting a certificate seems an expensive business unless you know of someplace we could get one for a low cost. We use our server for a non profit foundation and budgets are very lean. Where do we even go to get a certificate? Thanks. Appreciate all the good advice that comes from both the person identifying an issue and the people answering in the Community. Just reading through the items looking for one that suits my problem is educational. "neo [mvp outlook]" wrote: Yes, the folks at your company that run Exchange. I doubt they would do it since Microsoft does not recommend this type of configuration for an internet facing system. Most think RPC/HTTPS is nothing more than Outlook 2003/7 connecting to OWA to retrieve data, but it isn't. The two solutions are very different with different needs. "erezy" wrote in message ... "he folks that run Exchange downgrade the security" - does this mean the ppl at my company? that would mean its possible, the question is how. my logic says that if our OWA is only available using http anyways, why wouldnt the RPC over HTTP accpet that? what is the difference? "neo [mvp outlook]" wrote: You will not be able to connect unless the folks that run Exchange downgrade the security or get a SSL certificate installed on the website/server. Just so you know why I'm saying this is that Microsoft designed Outlook 2003/7 and Exchange 2003/7 to be more secure out of the box, and ensuring that traffic goes across via SSL falls under that default design when it comes to RPC over HTTPS. "erezy" wrote in message ... hey, my corp server has http access with no certificate. my laptop is NOT part of the domain. trying to set outlook 2007 to use RPC over HTTP i tried to use NTLM but i keep getting prompted for my password, no matter what i do. setting the security to Basic locks the checkbox for SSL as checked, which means it wont work, because the server doesnt support https. if i log on to the lan using the vpn, it works with NTLM. at least i am assuming its that since i checked both checkboxes saying on slow and fast networks use HTTP first... any ideas? the point is not to have to connect to the lan using the VPN, but still have outlook 2007 instead of OWA that i am forced to use.... thanks, erez |
Thread Tools | |
Display Modes | |
|
|