Discussion about article on publishing OWA and RPC/HTTP

Discussion about article on publishing OWA and RPC/HTTP (Full Version)

All Forums >> [ISA 2006 Publishing] >> Exchange Publishing

Message

tshinder -> Discussion about article on publishing OWA and RPC/HTTP (16.Nov.2006 9:17:34 PM)
Thanks! Tom

Linke Loe -> RE: Discussion about article on publishing OWA and RPC/HTTP (17.Nov.2006 5:04:13 PM)
Hi Tom, I read your article about RPC/HTTP publishing, but I still have one issue. Outlook Web Access is working fine, but in Outlook I keep getting the error message that my Exchange server isn't available. Meanwhile, I can see in my ISA log a HTTP status code 64. What does this mean?

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (19.Nov.2006 11:44:00 AM)
Hi Linke, How does your configuration deviate from the recommendations in the article? Thanks! Tom

Linke Loe -> RE: Discussion about article on publishing OWA and RPC/HTTP (19.Nov.2006 1:51:44 PM)
I followed the steps in your article exactly, so there's no relevant difference with the recommandations except for the hostname and my domainname. It could also be an issue with testing the configuration. I've been testing on a Windows server 2003 terminal server with Citrix and Outlook 2003. Tomorrow I will be testing on my own computer. I'll let you know...

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (19.Nov.2006 2:41:58 PM)
Hi Linke, OK, maybe that's it. Let us know what happens when you try from a dedicated external host. Thanks! Tom

Linke Loe -> RE: Discussion about article on publishing OWA and RPC/HTTP (20.Nov.2006 3:48:07 AM)
Unfortunately, on a dedicated external host (Windows XP SP2, Office 2007) I get the same error, indicating that my Exchange server may not be online. In my ISA server logs, I can see the same HTTP status code 64.

Linke Loe -> RE: Discussion about article on publishing OWA and RPC/HTTP (22.Nov.2006 6:29:41 AM)
I've done some more testing and found out that when I open https://owa.mydomainname.com/rpc I get redirected to the login form of Outlook Web Access. Is this normal behaviour?

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (22.Nov.2006 11:41:22 AM)
Hi Linke, Check out the article series that completed yesterday, the last article in the series is on the top of the front page. Make sure that you have the rule configured as described in the series, and that all the certificates are named correctly and that the client is configured correctly. HTH, Tom

Linke Loe -> RE: Discussion about article on publishing OWA and RPC/HTTP (26.Nov.2006 11:15:44 AM)
As I wrote above, I followed all the steps in the articles exactly. My OWA is working fine, even with the new ISA 2006 login form and the possibility to change passwords. The problem is with Outlook. When I try to connect, I get a login box. I type my username and password, but I don't get connected. In my ISA log, I can see HTTP status code 64. I found another posting in this forum about this, but there's no adequate solution for it...

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (4.Dec.2006 11:01:37 AM)
Hi Linke, The logging information in the ISA Firewall console is of no value in troubleshooting RPC/HTTP connections. Are you using one or two Web Publishing Rules? Tom

wingchan12 -> RE: Discussion about article on publishing OWA and RPC/HTTP (5.Dec.2006 12:35:27 AM)
Hi, I have been following your article on publishing OWA and RPC/HTTP. There is no mention on /Exchange and /RPC virtual directory on Exchange server. Is it still relevant to set Require secure channel (SSL) on /Exchange and /RPC virtual directory under Secure communications inside Directory Security tab on Exchange IIS.

sallbritton -> RE: Discussion about article on publishing OWA and RPC/HTTP (5.Dec.2006 10:51:27 AM)
I am working on publishing OWA and RPC/HTTP with ISA 06 and Exchange 03. I followed the great tutorial, but I seem to be stuck. In my scenario, the ISA is a member of the domain. I get the form for the login to OWA, but it seems as if it cannot authenticate me. I run monitoring with the filter to watch that specific rule. When I copy it and paste it to notepad, the following shows up 12239 The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator. Any clues? Thanks in advance.

docxp -> RE: Discussion about article on publishing OWA and RPC/HTTP (5.Dec.2006 11:04:57 AM)
Hi, I think that i have the same problem. The RPCoverHTTPS is working from internal network, but i get the "Error Code 64: Host not available " from external network (after i provide the username and password). This drives me crazy, I've read all the forums, and searched everything with google. I made a split DNS, the same address from Inside and Outside, listener only for HTTPS, forward basic authentication. In the logging I see the "Failed Connection Atempt - anonymous" - isn't that strange as i provided the username & password? All help will be greatelly apreciated!

strongbad -> RE: Discussion about article on publishing OWA and RPC/HTTP (6.Dec.2006 6:21:40 PM)
Doctor: Thanks for the book and articles. I have read the 5 part series and before I go about attempting to implement this, I have a few questions: 1) Is ISA setup to perform FBA by the selection of "HTML Form Authentication" in the Web Listener Definiation Wizard? In this case will ISA will authenticate the user prior to passing any traffic to Exchange? 2) As a result of your numerous articles, postings, and book, I do not have any hangups that would prevent me from making ISA a domain member. Therefore, should I elect to use Windows Authentication in the web listener rather than LDAP? 3) I do not plan on publishing RPC over HTTP, but rather OWA and Activesync Direct Push. Is it true that ISA 2006 no longer has any issues with publishing both of these while using FBA and a single IP address? And if so, do I still need to use Basic Authentication on the web listener? (I'm guessing so!) 4) For the ActiveSync Direct Push on my mobile clients, I would have to somehow import the Web Site certifiacte into these mobile phones, right? Thanks for any input!

sallbritton -> RE: Discussion about article on publishing OWA and RPC/HTTP (7.Dec.2006 12:10:34 PM)
Since the ISA Server is a member of the domain, I changed the SSL Listener to authenticate via AD and now it seems to work. Now to test the RPC/HTTP.

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (7.Dec.2006 1:24:07 PM)
quote: ORIGINAL: wingchan12 Hi, I have been following your article on publishing OWA and RPC/HTTP. There is no mention on /Exchange and /RPC virtual directory on Exchange server. Is it still relevant to set Require secure channel (SSL) on /Exchange and /RPC virtual directory under Secure communications inside Directory Security tab on Exchange IIS. 1. I'm assuming that the Exchange Server has been setup correctly 2. The Wizard will create the proper paths in the Web Publishing Rule HTH, Tom

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (7.Dec.2006 1:25:24 PM)
quote: ORIGINAL: sallbritton I am working on publishing OWA and RPC/HTTP with ISA 06 and Exchange 03. I followed the great tutorial, but I seem to be stuck. In my scenario, the ISA is a member of the domain. I get the form for the login to OWA, but it seems as if it cannot authenticate me. I run monitoring with the filter to watch that specific rule. When I copy it and paste it to notepad, the following shows up 12239 The server requires authorization to fulfill the request. Access to the Web server is denied. Contact the server administrator. Any clues? Thanks in advance. Check the Event Viewer and the ISA Firewall's Alerts viewer to see if there are problems with the ISA Firewall contacting the AD. HTH, Tom

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (7.Dec.2006 1:26:37 PM)
quote: ORIGINAL: docxp Hi, I think that i have the same problem. The RPCoverHTTPS is working from internal network, but i get the "Error Code 64: Host not available " from external network (after i provide the username and password). This drives me crazy, I've read all the forums, and searched everything with google. I made a split DNS, the same address from Inside and Outside, listener only for HTTPS, forward basic authentication. In the logging I see the "Failed Connection Atempt - anonymous" - isn't that strange as i provided the username & password? All help will be greatelly apreciated! Hi Marius, Make sure the client is seutp correctly too. The CA certificate on the client is often forgotten. HTH, Tom

tshinder -> RE: Discussion about article on publishing OWA and RPC/HTTP (7.Dec.2006 1:32:40 PM)
1) Is ISA setup to perform FBA by the selection of "HTML Form Authentication" in the Web Listener Definiation Wizard? In this case will ISA will authenticate the user prior to passing any traffic to Exchange? TOM: Yes, HTML form auth will give you FBA. If you require users to authenticate in the Web Publishing Rule, then the ISA Firewall performs pre-authentication. 2) As a result of your numerous articles, postings, and book, I do not have any hangups that would prevent me from making ISA a domain member. Therefore, should I elect to use Windows Authentication in the web listener rather than LDAP? TOM: Very good! In this case, you don't need to use LDAP authentication and you can use Windows integrated authentication. 3) I do not plan on publishing RPC over HTTP, but rather OWA and Activesync Direct Push. Is it true that ISA 2006 no longer has any issues with publishing both of these while using FBA and a single IP address? And if so, do I still need to use Basic Authentication on the web listener? (I'm guessing so!) TOM: That is true. ISA 2006 Firewalls will fall back to back auth for non-Web browser clients, so ActiveSync will work on the listener that has FBA enabled. 4) For the ActiveSync Direct Push on my mobile clients, I would have to somehow import the Web Site certifiacte into these mobile phones, right? TOM: You will need to import the CA certificate that issued the Web site certificate used on the Web listener into the mobile client's machine certificate store. HTH, Tom

wingchan12 -> RE: Discussion about article on publishing OWA and RPC/HTTP (8.Dec.2006 1:15:34 AM)
Do we require to enable "Require secure channel (SSL)", under Directory Security on the virtual directory /Exchange and /RPC in IIS.

Page: [1] 2 3 4 next > >>