Exchange - Net Admin - Outlook
Windows Mobile - Windows

Contact - Director's Blog

Exchange Server Home

Exchange Consultancy

Exchange Resources

Microsoft Exchange
Amazon Store

Basic Email Gateway Server

Company wide Contact List

Disabled User Account

Distribution Lists

DNS Configuration

Exchange and a
Dynamic IP Address

Event ID 1221

Filter Unknown Users

Global Mailbox Folder
Permissions from Server

Intelligent Message Filter

Internal Email Address
for External People

Mailbox and Management
Account

Message Tracking

Migrating to a new server

Multiple Domains

Offline Address Book Errors

Options when a Staff Member
Leaves

Outlook Web Access

PDAs, OMA and EAS

Permissions Best Practises

Post Install Configuration

Public Folders

Prerequisites for Exchange
System Tools

RPC over HTTPS

Secure your SMTP Relay

Shutdown Script

SMTP Services and Exchange

SMTP Diagnostics

Spam Cleanup

Switching From POP3
to SMTP Delivery

Telnet Test

Username Change

Exchange Server Compatibility Information Exchange Server Version Compatibility 5.5 No 2000 No 2003 Yes 2007 Yes

RPC over HTTPS: Common Problems
Author: Simon Butler, Exchange MVP, MCSE

RPC over HTTPS Section Home Page

RPC over HTTPS is one of those features that either works or not. There is no middle ground where part of the feature may work.

Many problems can be resolved by following the best practises that we have outlined here. These are based on our experience with deploying this feature.

Most Common Problems

There are two problems that occur most frequently.

1. Certificate errors.
   Either because the certificate has been home grown and isn't trusted, the name doesn't match or there is no certificate.
2. Registry Settings.
   It only takes a very small error in the registry settings for the feature to fail.

The other major problem is trying to deploy the feature when you haven't met the minimum requirements. You cannot use this feature on Windows 2000, either workstation or server and the domain must have at least one Windows 2003 GC/DC.

Server Issues

Virtual Directory Settings

Check the permissions on the RPC virtual directory. They should be Integrated and Basic only. Anonymous access should be disabled.

On the "Home Directory" tab, ensure that the directory is set to use the "DefaultAppPool" (which should be greyed out) and is also set to Scripts and Executables.

Clients

Questions

Q: Clients are being prompted for username/password even when they are on the network or using a machine that belongs to our domain. Can we stop that?
A: Yes. There are two causes for this happening.

1. Verify that the Authentication settings on the /rpc virtual directory in IIS Manager are correct. They should be Integrated and Basic Authentication only. Anonymous should not be enabled.
   Access these settings by expanding the directory structure in IIS Manager, right click on the RPC virtual directory and choose Properties. Click on the "Directory Security tab", then the first "Edit" button next to "Authentication and Access Control."
2. You may need to adjust the authentication level on the RPC host machine. Refer to MS KB ID 820281 for more information.

Q: Deleted Item Retention doesn't seem to be working.
A: This is by design. The feature is disabled on the client when you use RPC over HTTPS. You need to enable the feature before configuring Outlook to connect to Exchange. MS KB ID 886205 - enabling "Dumpster Always On"