Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Outlook clients cannot logon to E2K after MS RPC Patch

Status
Not open for further replies.

mortenrasmussen

Technical User
Jul 11, 2002
34
DK
I've just applied an update from Microsoft to our E2K server. The update is to prevent hackers from exploiting a weekness in the RPC DCOM module in Windows.

I did that yesterday and rebooted the Exchange.

We have clients logging on with their Outlook from outside the Internet (Not OWA - but that we have setup too).
The users are prompted for username, passw. and domain. and then I get a information box that the information layer could not be opened.

I have the E2K set up as a Global Catalog Server - and has added a specific port mapping into regsrv32.exe. Port 5003.

It all worked very well since january and now I can't get it to work anymore.
Clients on my LAN works fine.
Outlook Web Access is also OK.

If anyone has tips or suggestions of what to do I would appreciate a tip. Thanks,

Morten Rasmussen
 
We have applied SP4 for Win2k and have the same problem. I think this may be related to yours. Did you have any solutions.

Chris

Chris Styles

NT4/2000 MCSE
 
I am having the very same issue. Kind of bumping this back to the top. I have tried all kinds of things at this point. But like above, web access and folks tied directly to the lan can gain access. But those that attach offsite through outlook, they get the login prompt, but then nothing and it takes a bit of time and then gives the error. I can ping the server and everything, but just not connect via Outlook.

Thanks for any help
 
Hi there,
seems it just gets weirder and weirder...

After altering the port mappings to other port addresses and implementing these into my SonicWALL Pro100 firewall it worked okay for a while (few days).

Then... this W32 Blaster worm happens and I had to patch up the server with a patch regarding the DCOM issue from MS.
Well.... after doing that and having restarted the server, some of my users seems to get in both with Outlook and OWA from the Internet.
Hmm... and the others, including myself at my workstation at home, can't even get prompted with a login box...

I will keep researching in this shitty situation and get back to you guys with the same problem. Please do so as well..

Regards,
Morten Rasmussen
Certifid SonicWALL Security Administrator.

 
Hi Guys,
I'm in the same boat! although it's been like this for over a week now. OWA is fine, lan is fine, but remote outlook using offline files just wont work properly. Lots of time outs and exchange server unavailible messages. I'll let you know if i crack it.

Paul
 
It must have something to do with the altering in DCOM module from MS.

Anyone know someone at Microsoft who might know the answer?

Lots of users world wide must have the same problem...

I can't reverse the situation - cannot uninstall the patch.
/morten
 
I just figured out what is going on with mine. Like stated before, OWA is fine, direct connect to the LAN is fine, but remote access isn't. I just talked to my ISP and they have shut down ports 135, 139 and 445 which would not allow remote synchronization of Outlook due to the MSBLAST\LOVESAN worm. They told me that they are going to be monitoring those ports of the next couple of weeks and if the traffic slows, then they will open them backup. So I am having to have my users use the OWA for now, and if they don't open those ports back up, then I will have to setup some sort of VPN.

Hope this helps, just might want to contact your ISP's is why I posted this follow up.

Thanks
 
Just spoke to my ISP tech support, they have blocked port 4444 to stop the spread of Blaster. Would this port stop outlook synchronisation?

Paul
 
Hi guys, I am having the same problem. I called my ISP (Covad) and they said they are not blocking any ports. I even go as far as disable the firewall for the E2K server and tried, still can't connect.

If you guys found out anything else please post it here.

 
Gentlemen,
Covad is not blocking port 135 but Level 3 their connection point provider in Dallas is!

The biggest problem is when is UUnet going to block these ports?

Dave
 
Found out our problem.

SP4 for Ex2K stops the use of named pipes for communication unless you are a member of domain admins.

Take out the np entery in the registry key hklm\software\microsoft\exchange\exchangeproviderorder

This forces the use of RPC for comms.

Windows 2k doesn't use Named pipes, but NT4 does.

Strange huh, that wasn't mentioned in the release notes!

Chris Styles

NT4/2000 MCSE
 
Hi Chris,
I'm running Windows 2000 for my E2K

I tried your tip about
key hklm\software\microsoft\exchange\exchangeproviderorder

it did not help me. Maybe if it had been NT4.

I will keep researching.

Regards,
Morten
 
Hi guys,

managed to get my problem fixed. Just to recap, my problem was:
Remote synchronization of outlook over a VPN would not work.
pop3 worked fine as did owa, LAN synchronization was also fine.

I fixed my problem by rolling back the last 10 hot fixes in the add remove programs. I dont know which one fixed it but it works for me.

Hope this helps

Paul
 
I am having the same problem. My e2k works great locally, but not from outside the office. OWA works fine.

Is there a way to change the ports to use different ones, I am only talking about 10 users, so it will be ok to implement.


Thanks

Paul A.
 
I've found that the problem is because Microsoft issued a patch with closed the BLASTER virus from exploiting the RPC port 135.

What I've done to correct the problem satisfactorily is to instruct my remote Outlook users to install their Internet mail account in Outlook but configuring for an IMAP Exchange server instead of a POP Exchange server. This allows the connection since Exchange 2000 is IMAP compliant.
 
This is a flaw in the way the patch edits registry keys. If you have just applied this patch in some cases you will find the following entries missing from the registry in:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Rpc\ClientProtocols
ncacn_http REG_SZ rpcft4.dll
ncacn_ip_tcp REG_SZ rpcft4.dll
ncadg_ip_udp REG_SZ rpcft4.dll
The only entry there is most likely:
ncacn_np REG_SZ rpcft4.dll

Adding the three missing entries into the registry in this folder and rebooting will allow you to log into the Exchange server with Outlook again.
Hope this helps!!
 
I have the same pronlem, i have checked and edited the registry keys. Still users cant log on using outlook 2k. Any more suggestions would be appreciated
 
I have checked my registry and have all the correct entries, any other suggestions?

Paul
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top