Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
rpc over https front end back end
- Thread starter johncan20
- Start date
Try following the normal RPC documentation to get the right services and bits. Then follow this:
this is the MS RPC over Http deployment guide
This covers all supported scenrios. You can have your OWA server in your DMZ but with 2003 its recommended that it be installed in the LAN install a SSL and then only have port 443 open to the from the dmz. When your OWA is in your DMZ there is as you know a load of ports that end to be only. Anyway back to you RPC Q.. download this guide and run the exe. this will extract the documentation on RPC and includes all of the setting to the ISA, Exchange and DC servers that you need to make.
good luck
This covers all supported scenrios. You can have your OWA server in your DMZ but with 2003 its recommended that it be installed in the LAN install a SSL and then only have port 443 open to the from the dmz. When your OWA is in your DMZ there is as you know a load of ports that end to be only. Anyway back to you RPC Q.. download this guide and run the exe. this will extract the documentation on RPC and includes all of the setting to the ISA, Exchange and DC servers that you need to make.
good luck
- Thread starter
- #4
Also, one thing that seems to elude most people is that all of your Global catalog servers need to be Windows 2003.
Each GC needs to have RPC over http installed. And you need to make a registry change on each GC. Have you done that?
I hope you find this post helpful.
Regards,
Mark
Each GC needs to have RPC over http installed. And you need to make a registry change on each GC. Have you done that?
I hope you find this post helpful.
Regards,
Mark
jamescoyle
MIS
All of the settings for RPC which includes the GC RPC/http settings are in the doc that asktheman gave the link for. Make sure that you ISA is configured correctly, depending on your scenrio
- Thread starter
- #9
thanksi have it working now - needed top open the ports in from the RPC proxy to exchange across the DMZ - 6001 to 6004.
can anyone tell me why it is recomended to use it over ISA rather than my set up in a DMZ? what role would ISA play? does it work as a DMZ? i have ISA 2000 installed but only use it for outbound traffic - just proxy really - and keeping the real firewall stuff for a hardware firewall - stonegate.
thanks
John
can anyone tell me why it is recomended to use it over ISA rather than my set up in a DMZ? what role would ISA play? does it work as a DMZ? i have ISA 2000 installed but only use it for outbound traffic - just proxy really - and keeping the real firewall stuff for a hardware firewall - stonegate.
thanks
John
Mark,
Exchange 2003 SP1 gives some additional radio buttons for RPC as specified in the link I posted above.
There is another document that does some preliminaries before that link though - check out written my an Exchange Server MS-MVP.
Exchange 2003 SP1 gives some additional radio buttons for RPC as specified in the link I posted above.
There is another document that does some preliminaries before that link though - check out written my an Exchange Server MS-MVP.
Zelandakh,
Looking at the doc you linked to I see nothing contrary to what I posted. In fact it specifically says:
Am I missing something here? You still need to modify the registry of the GCs like I posted above.
I hope you find this post helpful.
Regards,
Mark
Looking at the doc you linked to I see nothing contrary to what I posted. In fact it specifically says:
Am I missing something here? You still need to modify the registry of the GCs like I posted above.
I hope you find this post helpful.
Regards,
Mark
Yeah I know - the thing is that I wrote it prior to SP1 and then only partially updated it 
So whilst it shows vaguely how to do it, it is half SP0 and half SP1!
I really must get around to rewriting it fully. Sorry if it has confused you, but I'm sure that SP1 adds in the extra options for you and that you don't need to edit the reg any more, but I left it in the notes as I have not tested a standard SP1 box for a while.
So whilst it shows vaguely how to do it, it is half SP0 and half SP1!
I really must get around to rewriting it fully. Sorry if it has confused you, but I'm sure that SP1 adds in the extra options for you and that you don't need to edit the reg any more, but I left it in the notes as I have not tested a standard SP1 box for a while.
The thing is that you are talking about Exchange SP1 which would not touch the Global Catalogs unless of course you have loaded the Exchange Tools on there in which case you would then also load the service pack on the GC. Otherwise the registry settings would still need to be made manually.
So, by your comments above are you saying that you are the author of this document? Do you work for MS or are you a contractor? I'm currently working on the Medium IT Solution for MS, I authored the Deployment Document and set up the original Group Policies for the solution. Wondering if we have crossed paths before.
Regards.
I hope you find this post helpful.
Regards,
Mark
So, by your comments above are you saying that you are the author of this document? Do you work for MS or are you a contractor? I'm currently working on the Medium IT Solution for MS, I authored the Deployment Document and set up the original Group Policies for the solution. Wondering if we have crossed paths before.
Regards.
I hope you find this post helpful.
Regards,
Mark
Not at all. If zelandakh is the author of the document then that is a great thing to know. I've been on a few MS support calls that have had to reference this document. If my guess is correct zelendakh is either an MS employee or contractor and we might be working similar projects for Microsoft. This subject has a direct correlation to the project I am working on for Microsoft and we want to make sure that all docs are both consistent and accurate. Ego is not a part of this, if I ma wrong I need to know it so I can help my customers better and the users in these forums.
I hope you find this post helpful.
Regards,
Mark
I hope you find this post helpful.
Regards,
Mark
Erm, quite embarrassed now...
I am not an employee of MS nor am I a contractor. I am an Exchange MVP who sits on Tek Tips, sees what gets asked a lot and writes documents to solve your problems.
With service packs changing the way things work this means I have a lot of work to do to keep everything up to date so not all of my docs are perfect for current thinking but I give out the URLs where it may help.
Still don't understand that asktheman meant despite reading it about 10 times.
I am not an employee of MS nor am I a contractor. I am an Exchange MVP who sits on Tek Tips, sees what gets asked a lot and writes documents to solve your problems.
With service packs changing the way things work this means I have a lot of work to do to keep everything up to date so not all of my docs are perfect for current thinking but I give out the URLs where it may help.
Still don't understand that asktheman meant despite reading it about 10 times.
I think what asktheman was saying was that we were getting in a one upmanship contest, but I don't think either of us feels that way.
Very cool that you are an Exchange MVP. Congratulations on that.
Back on topic, regarding the registry changes for the Global Catalogs, do you agree that those changes will not take place unless you do them manually OR if you were to install Exchange SP1 on the box? Or did MS perhaps move this into Windows 2003 SP1 as well?
We do a lot of Exchange installs and giving access via Outlook over HTTP is a big part of what our customers want so it is imortant to me to know the facts. Thanks.
I hope you find this post helpful.
Regards,
Mark
Very cool that you are an Exchange MVP. Congratulations on that.
Back on topic, regarding the registry changes for the Global Catalogs, do you agree that those changes will not take place unless you do them manually OR if you were to install Exchange SP1 on the box? Or did MS perhaps move this into Windows 2003 SP1 as well?
We do a lot of Exchange installs and giving access via Outlook over HTTP is a big part of what our customers want so it is imortant to me to know the facts. Thanks.
I hope you find this post helpful.
Regards,
Mark
No, last seen it was only Exchange SP1 that adds the RPC over HTTP functionality. I wonder if it will be in Windows 2003 SP2? Might create as many probs as it cures.
I find ISA2004 makes things a lot better, but a lot of places are still using Cisco Pix firewalls (I used to until last month) so you have to do it this way.
I find ISA2004 makes things a lot better, but a lot of places are still using Cisco Pix firewalls (I used to until last month) so you have to do it this way.
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question