mellimik Posted March 28, 2008 Share Posted March 28, 2008 (edited) ----- Post Nº 1 -----Has anyone been able to setup Outlook to use RPC over HTTP in non-domain (workgroup) machine?I'm rolling Outlook Anywhere with Exchange 2007 to our remote offices and some of those employees are using a machine that has not been joined into our domain. My own tests implicate that it is not possible for some reason.----- Post Nº 2 -----I actually got an Outlook client using Workgroup networking to work with RPC over HTTPS, but the Outlook client refuses to authenticate before the user has logged in at least once using Outlook Web Access.. It's weird and sounds stupid, but it's the truth. Outlook is able to connect using HTTPS as soon as the user opens OWA at least once.I cannot explain that nor does it make any sense to me, but I have to include that in the documentation Edited March 30, 2008 by Yzöwl Posts merged, no need to reply to yourself Link to comment Share on other sites More sharing options...
cluberti Posted March 30, 2008 Share Posted March 30, 2008 Are you using the same certificate for OWA that you use for RPC over HTTPS? Link to comment Share on other sites More sharing options...
mellimik Posted March 31, 2008 Author Share Posted March 31, 2008 Are you using the same certificate for OWA that you use for RPC over HTTPS?Hey, thanks for reply! Uum, no. I have different web listener for OWA and RPC over HTTP, so they have their own certificate as well. The certificate has been granted with the FQDN of the web listener, so the local host name is not mentioned in it.Why do you ask, should they use the same certificate? Link to comment Share on other sites More sharing options...
cluberti Posted March 31, 2008 Share Posted March 31, 2008 Why do you ask, should they use the same certificate?Actually, they shouldn't . I'm not sure about the OWA logon before RPC over HTTPS, but it could have something to do with creating the kerb token in the AD for the user before they can use the RPC proxy to use the mailbox. I'm not sure on it, but I think it's a valid educated guess. Link to comment Share on other sites More sharing options...
mellimik Posted April 1, 2008 Author Share Posted April 1, 2008 (edited) Actually, they shouldn't . I'm not sure about the OWA logon before RPC over HTTPS, but it could have something to do with creating the kerb token in the AD for the user before they can use the RPC proxy to use the mailbox. I'm not sure on it, but I think it's a valid educated guess.Actually, you make a whole lot of sense when I think about it. I was reading this yesterday:http://www.msexchange.org/tutorials/outlookrpchttp.htmlt is important to note that you must create the Outlook 2003 profile while the Outlook 2003 computer is on the internal network, or while the Outlook 2003 computer is on the Internet and can access the Exchange Server using RPC (TCP 135 – typically through an ISA Server 2000 secure Exchange RPC Publishing rule). You will not be able to create a new profile or change an existing profile to use RPC over HTTP if is does not have access to the Exchange Server via RPC (TCP 135).This bears repeating: you will not be able to create a new Outlook profile when the Outlook client is not on the internal network and can access the Exchange Server using RPC via TCP 135. In addition, a user with an existing profile will not be able to alter the existing profile so that it can use RPC over HTTP if that client is not located on the internal network and can access the Exchange Server using TCP 135. The Outlook 2003 profile must be configured to use RPC over HTTP while that machine is connected to the internal network and can access the Exchange Server via TCP port 135.I think you can go around that by using that OWA login "trick". Edited April 1, 2008 by mellimik Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now