Manage Learn to apply best practices and optimize your operations.

Setting up RPC over HTTP for Microsoft Outlook

In this tip from "8 tips in 8 minutes: A Microsoft Outlook email security tutorial," you'll discover easy-to-follow instructions and quick tricks to help you set up RPC over HTTP for Microsoft Outlook.

As you found in Chapter 11, most of the work for setting up RPC over HTTP actually has to be done on the server side. On the client side, you'll need to ensure that your servers have Microsoft Windows XP. If you're using Service Pack 1, you'll need the Q331320 hotfix, which is included with Service Pack 2 and later. You'll also need to have Exchange Server 2003 running on Windows Server 2003 for the front-end and back-end servers your users communicate with, and all global catalogs and domain controllers that your servers and clients talk to must also be running Windows Server 2003.

You are reading tip #4 from "8 tips in 8 minutes: A Microsoft Outlook email security tutorial," excerpted from Chapter 13 of Secure Messaging with Microsoft Exchange 2003 by Paul Robichaux, copyright 2004, published by Microsoft Press.
Note: The Office Resource Kit contains a wealth of material on deploying RPC over HTTP using the Custom Installation Wizard, which makes it possible to seamlessly enable it for some or all of your users at the time you deploy it.

The settings for RPC over HTTP are associated with individual profiles and can only be applied to a single Exchange server account in each profile. You modify these settings using the same interface you're probably familiar with, but the settings themselves are different. (Remember, you must already have set up your Exchange servers and global catalogs as described in Chapter 11.)

The key to getting RPC over HTTP set up for Outlook is found in a single simple check box, Connect To My Exchange Mailbox Using HTTP, shown in Figure 13-4. (You get to this check box by editing an account with the Tools | Email Accounts command, clicking Change, clicking More Settings, and clicking the Connection tab.) This check box is visible when you're running Outlook 2003 on a system that meets the prerequisites and talking to an Exchange server that meets its prerequisite requirements. If any component is missing or misconfigured, the check box won't appear.

Figure 13-4 The Connection tab has the key check box for enabling RPC over HTTP

After you select the check box, of course, the real fun begins. The Exchange Proxy Settings button controls the appearance of the Exchange Proxy Settings dialog box (see Figure 13-5). You can specify the URL for your Exchange server (which, for a standard Exchange Server 2003 installation, will be the same as the name of the front-end server) and whether you want to require the use of SSL. For maximum security, you should ensure that the Connect Using SSL Only and Mutually Authenticate The Session When Connecting With SSL check boxes are both selected; this combination provides the best protection against spoofing and eavesdropping. The other settings are pretty much irrelevant from a security standpoint, with the exception of the Use This Authentication When Connecting To My Proxy Server For Exchange control.

Figure 13-5 The Exchange Proxy Settings dialog box.

Other tricks using Outlook 2003 RPC over HTTPS support

There are two other useful things to know about Outlook 2003 RPC over HTTPS support. The first is that you can disable the user interface controls that let users change RPC over HTTPS behavior. This is useful if you want to ensure that your users don't set it up on their own, or if you want to prevent them from changing settings once you've deployed them. To do this, add the EnableRPCTunnelingUI value (a REG_DWORD) to HKEY_CURRENT_USER\Software\Policies\Microsoft\Office\11.0\Outlook\RPC. When this value is set to 0, the user interface (UI) controls are hidden; when it's set to 1, or not present, the UI controls are visible as long as Outlook is running on a machine that meets the operating system requirements.

The other useful thing to know is that you can turn on RPC over HTTPS at a later date, after your initial Outlook 2003 deployment. To do this, you should use the Office Resource Kit's Custom Maintenance Wizard, which lets you make some types of configuration changes and deploy them as files that can automatically update installed Office configurations. To learn more about the Custom Maintenance Wizard, see Microsoft's site: Updating Outlook 2003 by using the Custom Maintenance.

8 tips in 8 minutes: A Microsoft Outlook email security tutorial

 Home: Introduction
 Tip 1: An overview of Microsoft Outlook email security features
 Tip 2: Customizing the Microsoft Outlook Security Update
 Tip 3: Customizing Outlook email security settings for end users
 Tip 4: Setting up RPC over HTTP for Microsoft Outlook
 Tip 5: Using S/MIME in Microsoft Outlook
 Tip 6: Using Information Rights Management in Microsoft Outlook
 Tip 7: Reaching into Microsoft Outlook's email security toolbox
 Tip 8: Related resources on Microsoft Outlook email security

Microsoft Exchange Server 2003 Delta Guide This chapter is an excerpt from Secure Messaging with Microsoft Exchange 2003 by Paul Robichaux, copyright 2004, published by Microsoft Press.

Click here for the chapter download or purchase the book here.

Dig Deeper on Exchange Server setup and troubleshooting

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.