Troubleshooting Connections to Exchange Server using HTTP

A major factor in moving from Outlook 2000 to Outlook 2003 was the advantage of utilizing RPC calls to make connections from Outlook clients to an Exchange server. The specific technology for making these internet connections was RPC over HTTP.  RPC means remote procedure calls and allow your Outlook MAPI clients to connect to Exchange servers using HTTP or the secure HTTPS protocol.

Remote Procedure Call (RPC) is a protocol that one application can use to request a service from another application running in another system in a network without having to understand network details. Remote Procedure Calls uses the client/server model. The requesting application is a client and the application which supplies the service is the server component. Remote Procedure Calls are synchronous operations that require the requesting application to wait until the results of the remote procedure are returned from the server. The uses of lightweight processes or threads that share the same address space allow multiple Remote Procedure Calls to be performed concurrently.

One of the advantages of using RPC over HTTP is that this methodology can support secure connections to the Exchange server and thus add an additional layer of security between the client and the server.

The other benefit is that these RPC commands could be encapsulated in HTTP. What this means from an administrator perspective is that only one of two ports would need to be opened at the firewall – port 443 or port 80 – as opposed to earlier versions which would have required two additional ports: port 135 and port 53. These ports were well known to hackers and used by them to create havoc within many organizations on a routine basis.

But in order to get the most out of RPC over HTTP it requires proper configuration by the system and email administrators. And without the correct settings there will of course be problems for both the end users and the administrators.

Some of the errors that can occur include:

  1. Users cannot select the “Connect to my Exchange mailbox using HTTP” check box.
  2. Users are unable to connect to Exchange Server after having selected the “Connect to my Exchange mailbox using HTTP” check box.

When users cannot select the “Connect to my Exchange mailbox using HTTP” check box then this can mean that the email administrator may not have configured Exchange server to support this functionality. In this situation, an administrator should consult the Microsoft Office Resource Kit for more information.

The other possibility is that your organization may need to patch the Windows XP operating system software. When users are unable to select the “Connect to my Exchange mailbox using HTTP” check box it might be because the updates supporting RPC have not been installed yet.

This patch includes the Remote Procedure Call (RPC) Updates Needed for Exchange Server 2003.

In the second case when users are unable to connect to Exchange Server after having selected the “Connect to my Exchange mailbox using HTTP” check box it is possible that their problem is one of either an incorrect web address, certificate principal name or authentication type for the Exchange proxy server. In this case the following steps should be performed:

  1. From the Tools menu, click email accounts and then select View or change existing email accounts. Then click on Next and select the Exchange email account for the user in question.
  2. Click Change.
  3. Click More Settings and then click the Connection tab.
  4. From “Exchange over the Internet” select “Connect to my Exchange mailbox using HTTP”.
  5. Click on “Exchange proxy settings.”
  6. From Connection settings, in the “Use this URL to connect to my proxy server for Exchange” box, type the URL for your organization’s proxy server.
  7. From Connection settings, in the Principal name for proxy server box, type the principal name for the fully qualified domain name of your Exchange front-end server.
  8. From Proxy authentication settings, in the “Use this authentication when connecting to my proxy server for Exchange” list, select the authentication method as appropriate. Depending on your environment this may be one of “basic authentication” or “NTLM authentication”.

After completing the steps above your Outlook client should now be ready to communicate with Exchange using RPC over HTTP.

Additional troubleshooting steps may include:

  1. Confirm installation of the RPC over HTTP network service on the Exchange 2003 server.
  2. Ensure that a Server certificate exists on the Exchange 2003 machine as well as on the domain controller.

Lastly, if an administrator has confirmed that all the steps above have been completed then they can perform further diagnostics by running the “rpcdiag” command from the Outlook 2003 client.

Written by Mike Rede

Leave A Reply