After having 3 other MVP’s help me, a former MVP who I know (he works on Exchange now) help me, I finally decided to just call. I was on hold for over an hour apparently, I didn’t notice or anything since I had the headset around my neck with the volume down. It was a bit odd since it was about 3AM. He was on EDT so obviously on the night shift. Anyway rather than get into details of the call I’ll just say it was great, the guy that helped me was great, deserves a 4.0 just for getting things working when no one else could.

This should be a lesson for anyone that has any sense or say on Exchange. Make the setup of OWA, FBA, RPC, etc all much easier. In terms of the things we did to make RPC work in the first place with FBA, we only checked the settings and modified one registry setting (we specified port 6001 and 6002 separately rather than doing what the KB suggests which is server:6001-6002;). Even then it didn’t work, we double checked everything again redid some settings that didn’t change (just for verification). Then magically everything worked. Except FBA.

To get that working he had to look through the KB and find some mysterious article that wasn’t even released to the public yet. Here’s a copy of the resolution for those that are curious. You’ll need MetaEdit 2.2 (ignore the IIS6 warning) / Metabase Explorer from the IIS6 Resource Kit. After you get MetaData Edit you browse to the virtual server that’s running OWA, go to the Rpc directory and in the right pane create a new DWORD with the value of 45054. Now just do an iisreset and things magically work. Oh and it should be noted that according to all the KB articles I found there was nothing wrong with my configuration and all the settings and such were correct to begin with. Here’s the full text and a few more links that will help one down the path of agony:

PROBLEM
========
Scenario:

1) Manually create a secondary HTTP VS in ESM (so we’re not using “Default Website”)
2) Install RPCproxy and manually create the /rpc directory in this secondary HTTP VS through IIS Admin
3) Install an SSL cert onto the secondary HTTP VS
4) Enable Forms Based Authentication (FBA).

After step 4, the RPC-over-HTTP functionality will be broken. Attempts to manually navigate to the https://server/rpc directory will bring up the FBA sign-in screen rather than a prompt for credentials and a permissions error as expected.

RESOLUTION
==============
This is because the OwaLogon ISAPI filter is installed to the entire secondary HTTP VS when FBA is enabled. This includes all of the subdirectories of this secondary HTTP VS on which it is not explicitly excluded. Since the /rpc directory was created within IIS Administrator (not ESM), it is not affected by DS2MB metabase replication and should not be overwritten. The filter setting can be bypassed for the /rpc directory by setting property 45054 to “0″ on this directory.

Steps:
1) Open up Metaedit.
2) Navigate to the LM\W3SVC and then navigate into the proper HTTP VS (in my case it was 100)
3) Click through “root” and onto “rpc”.
4) In the right pane, verify that 45054 is not listed. If it is, we will modify. If it is not, we will create.
5) Assuming it’s not listed, right click in the right-pane and select “New->Dword”.
6) If you get an error about “trying to get property names”, simply click OK. This can be ignored; not all properties are named.
7) Leave the ID drop-down as “(Other)”, but change the number from “0″ to “45054″.
Check the Inherit attribute.
9) Set the “Data” field to “0″ at the bottom and click OK.

With this change in place, both FBA and RPCHTTP should function on a secondary HTTP VS.

KB ARTICLE FOR RPC OVER HTTP:
==========================
http://support.microsoft.com/?id=833401

1. LINK – Exchange Server 2003 RPC over HTTP Deployment Scenarios
2. LINK – How to Deploy RPC over HTTP for the First Time on Exchange Server 2003 SP1, No Front-End Server
3. LINK – How to configure RPC over HTTP on a single server in Exchange Server 2003
4. LINK – How to use the RPC Ping utility to troubleshoot connectivity issues with the Exchange over the Internet feature in Outlook 2003
5. LINK – How to troubleshoot client RPC over HTTP connection issues in Office Outlook 2003
6. LINK – Exchange ActiveSync and Outlook Mobile Access errors occur when SSL or forms-based authentication is required for Exchange Server 2003

And finally the steps above for RPC over HTTP with OWA FBA is a yet to be released KB article so I can’t reference it, but maybe a search for 45054 might reveal something.

If you’re having trouble with OWA FBA or RPC over HTTP, post in the comments and we’ll see about triaging the issue and maybe get it working .

Tags: Microsoft, Solutions

• Digg
• Stumble it!
• Reddit

• no related posts