Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.

Dismiss

RPC over HTTPS RpcBindingSetAuthInfoEx Problem

114 views

Skip to first unread message

Joe Doyle

unread,

Dec 23, 2009, 9:15:01 AM12/23/09

Hi,

I'm trying to connect to an Exchange 2003 server using RPC over HTTP with
SSL using ncacn_http but I can't seem to get the right parameters. I have
been able connect to the server locally using ncacn_ip_tcp just fine. I
currently have Outlook 2007 configured to connect to the server, so I know
it's not a server configuration issue.

I have read through the Exchange Open Protocols to get the correct settings.
I've read through the MSDN docs for how to pass in the authentication (NTLM)
and to force SSL. I'm getting an ERROR_INVALID_PARAMETER error when calling
RpcBindingSetAuthInfoEx.

Here is the code with error checking removed for simplicity:

RPC_STATUS status;
RPC_CSTR StringBinding;
RPC_BINDING_HANDLE BindingHandle;

status = RpcStringBindingCompose(reinterpret_cast<unsigned
char*>("A4F1DB00-CA47-1067-B31F-00DD010662DA"),
reinterpret_cast<unsigned char*>("ncacn_http"),
reinterpret_cast<unsigned char*>("exchangeserver"),
reinterpret_cast<unsigned char*>("6001"),
reinterpret_cast<unsigned char*>("RpcProxy=rpcproxy"),
&StringBinding);

status = RpcBindingFromStringBinding(StringBinding, &BindingHandle);
RpcStringFree(&StringBinding);

status = RpcEpResolveBinding(BindingHandle, emsmdb_v0_81_c_ifspec);

SEC_WINNT_AUTH_IDENTITY sec;
sec.User = reinterpret_cast<unsigned char*>("username");
sec.UserLength = 8;
sec.Password = reinterpret_cast<unsigned char*>("password");
sec.PasswordLength = 8;
sec.Domain = reinterpret_cast<unsigned char*>("domain");
sec.PasswordLength = 6;
sec.Flags = SEC_WINNT_AUTH_IDENTITY_ANSI;

unsigned long auth[1];
auth[0] = RPC_C_HTTP_AUTHN_SCHEME_NTLM;

RPC_HTTP_TRANSPORT_CREDENTIALS ssl;
ssl.TransportCredentials = &sec;
ssl.Flags = RPC_C_HTTP_FLAG_USE_SSL | RPC_C_HTTP_FLAG_USE_FIRST_AUTH_SCHEME;
ssl.AuthenticationTarget = RPC_C_HTTP_AUTHN_TARGET_SERVER |
RPC_C_HTTP_AUTHN_TARGET_PROXY;
ssl.NumberOfAuthnSchemes = 1;
ssl.AuthnSchemes = (unsigned long *)&auth;
ssl.ServerCertificateSubject = reinterpret_cast<unsigned
char*>("msstd:servercert");

RPC_SECURITY_QOS_V2 qos;
qos.Version = RPC_C_SECURITY_QOS_VERSION_2;
qos.Capabilities = RPC_C_QOS_CAPABILITIES_DEFAULT;
qos.IdentityTracking = RPC_C_QOS_IDENTITY_DYNAMIC;
qos.ImpersonationType = RPC_C_IMP_LEVEL_IDENTIFY;
qos.AdditionalSecurityInfoType = RPC_C_AUTHN_INFO_TYPE_HTTP;
qos.u.HttpCredentials = &ssl;

status=RpcBindingSetAuthInfoEx(BindingHandle, NULL,
RPC_C_AUTHN_LEVEL_PKT_PRIVACY, RPC_C_AUTHN_WINNT, (RPC_AUTH_IDENTITY_HANDLE
*)&sec, 0, (RPC_SECURITY_QOS *)&qos);

This is where I get stuck. RpcBindingSetAuthInfoEx always returns
0x00000057. Any help on what I'm missing or an example would be great.

Joe

0 new messages