How to configure Exchange 2000 behind Proxy Server 2.0

This article describes how to configure Microsoft Exchange 2000 Server behind Proxy Server 2.0. The information in this article does not apply if Exchange 2000 is running on the same server as Proxy Server. The information in this article also does not apply to Microsoft Internet Security and Acceleration (ISA) Server.

NOTE: Perform steps eight through ten on the Exchange 2000 Server.

Microsoft Exchange Server 4.0, 5.0, and 5.5 run the Exchange Server-related services under a domain service account. In Exchange 2000, the Exchange services run under local system accounts (LocalSystem), which are unable to authenticate with the Proxy Server to bind to the Proxy Server. Use the Credtool.exe utility to configure these local system accounts to authenticate with and bind to the Proxy Server. The Credtool utility is installed with the Proxy Client, and is located in the Mspclnt folder.

To bind the necessary ports and services to the Proxy Server:

1. Open the Mspclnt.ini file in the Mspclnt share on the Proxy server. Under the [common] section, add a line with this text:
   LocalDomains=namespace
   
   Example:
   
   [common]
   LocalDomains=.yourdomainname.com
   
   NOTE: Separate multiple namespaces with a comma (,) for more than one domain.
   
   Example:
   
   [common]
   LocalDomains=.yourdomainname.com,.yourotherdomain.com
2. Restart the Winsock Proxy service on the Proxy server.4. Restart the client computer that is running the Proxy client. NOTE: If your Winsock Proxy Client software is already installed, update the proxy client settings in Control Panel by clicking Update in the WSP tool. 5. Ensure that you have a virtual server for each protocol that you want to bind to the Proxy Server. (and renumber the rest).
3. On the client computer, install the Winsock Proxy Client from the Proxy Server Mspclnt shared folder.
4. Restart the client computer that is running the Proxy client.
   
   Note If your Winsock Proxy Client software is already installed, update the proxy client settings in Control Panel by clicking Update in the WSP tool.
5. Ensure that you have a virtual server for each protocol that you want to bind to the Proxy Server.
6. Start Exchange System Manager, and navigate to the virtual server under Servers, and under Protocols. Ensure that the protocols are set to all unassigned on the General tab of the properties for that virtual server.
7. Ensure there are no conflicts on the Proxy Server. You can use the netstat command to verify that the following ports do not have any services (for example, you may need to set the Proxy Server computer's SMTP service to manual):
   • 25
   • 110
   • 143
   • 993
   • 995
8. Create a file called Wspcfg.ini in your Winnt\System32\Inetsrv folder that contains the following information:

   [inetinfo]
   ServerBindTcpPorts=25,110,143,993,995
   Persistent=1
   KillOldSession=1
   ForceCredentials=1 
   						

   If you are publishing the Exchange Server to an external IP address that is different than the first-bound IP address on the external interface of the Proxy Server, it is also necessary to add the following:
   ProxyBindIp=25:external_addr,110:external_addr,143:external_addr,993:external_addr,995:external_addr
   Where external_addr is the IP address that you wish to publish to.
9. At a command prompt, change to the Proxy Client folder (usually C:\Mspclnt), and then run the following command
   credtool -w -n inetinfo -c user domain password
   where user is the user name of a user who has permissions to bind to the Proxy Server, domain is the network basic input/output system (NetBIOS) domain name of that user, and password is the password of that user.
10. In Administrative Tools, double-click Services, and then restart the IIS Admin Service on the Exchange 2000 computer.

For additional information about configuring Microsoft Outlook Web Access (OWA) behind Proxy Server, click the following article number to view the article in the Microsoft Knowledge Base: