/pcq/media/agency_attachments/L8pkS8gpnodJThOdAfv1.jpg)
Follow UsTraditionally, the only way a person outside a corporate network could check his e-mail was by either using the Outlook Web Access through a browser or by VPNing into the network and then running Outlook to connect to the Exchange server. The new MS Exchange 2003 does away with this. Using a method of transmitting RPC over the HTTP protocol, an Exchange client can connect to it without having to VPN in.
We'll see how to configure the server and the clients. The first thing to do on the server running Exchange is to install the RPC over HTTP service. Go to Add/Remove Programs>Windows Components>Networking Services>RPC over HTTP Proxy.
Next, enable this proxy to work with Exchange. This is done by opening the Registry Editor (using regedit) and going to HKLM\Software\Microsoft\RPC\RPCProxy. Create or edit a key called ValidPorts in the following format:
Where
exchserver:593;mail.company.com:593;exchserver:6001-6002;mail.company.com:
6001-6002;exchserver:6004;mail.company.com:6004
Go to HKLM\ Services\CurrentControlSet\NTDS\Parameters. Create a new MULTI_STRING key called NSPI interface protocol sequences with a value of ncacn_http:6004. Open the IIS MMC and go to the properties of the virtual directory called RPC. Here, go the Directory Security tab and click the Edit button for the Authentication and Access control. Turn Anonymous Access off and Basic Authentication on. This completes the binding of RPC over HTTP to Exchange.
To secure the connection, turn off HTTP access and allow only HTTPS access. You must add an SSL certificate to your Default Web Site by going to its properties and installing a server certificate. You can create one or get one from a certifying authority such as Verisign. Note that the certificate must be issued in the name of the SFQDN as mentioned in the registry settings you made above.
|
Once these settings are made, it's time to configure the clients. The first thing to do is make sure you have Win XP with SP1. Install Outlook 2003 on the system. Next install the RPC patch for XP (Q313320) from http://microsoft. com/downloads/details.aspx? FamilyId=8670CFF6-3D95-496E-8DF4-13D8F38715FA&displaylang=en.
Install the server certificate on the system by browsing to the OWA of the Exchange server like https://
To configure Outlook, go to Control Panel>Mail and create a new profile. Select 'Add a new email account' and select 'Microsoft Exchange Server' as the type. In the next screen, enter the SFQDN as the name of the Exchange server and your username. Make sure the 'Use Cached Exchange' mode checkbox is on. Click More Settings to configure RPC over HTTP. In the Connections tab turn the 'Connect to my Exchange' mailbox over HTTP on and click the button below it to continue.
In this new box, enter the SFQDN in the URL settings. Turn the 'Mutually Authenticate' checkbox on and enter the value in the following format: msstd:
|
Now open Outlook 2003 and let it synchronize with the server. Now you can move out of office with the system and continue to connect to Exhange using Outlook without using the browser or a
VPN.
A few things to keep in mind. The names—NETBIOS or FQDN used must be consistent across. If you have a firewall you will need to enable inbound HTTP/HTTPS to the Exchange server. Ideally, you must synchronize your computer with the server at least once within
your corporate network as this will allow it do sync up much faster than doing it over the Internet.
Exchange 2003 with Outlook 2003 gives a very easy and comprehensive groupware solution. With RPC over HTTP, you even get the benefit of working out of office without resorting to slower Web based access or using a
VPN.
Vinod Unny
Enterprise InfoTech