Performance considerations when you configure Exchange Server 2003 for RPC over HTTP connections on low-bandwidth networks

When you configure Exchange Server 2003 to permit remote procedure call (RPC) over HTTP connections, and when Microsoft Windows Integrated authentication (formerly named NTLM or Windows NT Challenge/Response authentication) is used to authenticate users to the RPC proxy server, in certain environments such as some low-bandwidth networks, you may find that the authentication sequence takes a longer time than the time it takes by using RPC.

This behavior occurs because of the size of the HTTP error messages that are generated by the server and sent to the client during the authentication process. When a user uses RPC over HTTP to connect to an Exchange Server 2003 computer over the Internet, and the user credentials are not yet authenticated, the server returns a Web page that contains an HTTP error message similar to the following: Note that this HTTP error message is not visible to the user.

The server returns two error pages for each logon request. The size of each page is approximately 2.5 kilobytes (KB). The additional processing that is required for the data that is generated for each user authentication may affect performance on some low-bandwidth networks.

To work around this behavior, modify the HTTP Error 401;1 error message and the HTTP Error 401;2 error message that are configured on the /Rpc virtual directory to use a smaller .htm response. This workaround reduces the size of the responses that that are sent by the server. To modify the HTTP Error 401;1 error message and the HTTP Error 401;2 error message on the /Rpc virtual directory in Microsoft Internet Information Services (IIS) 6.0:

1. Click Start, point to All Programs, point to Administrative Tools, and then click Internet Information Services (IIS) Manager.
2. In the console tree, expand ServerName, expand Web Sites, and then expand Default Web Site.
3. Right-click the Rpc virtual directory, and then click Properties.
4. Click the Custom Errors tab.
5. Under HTTP Error, click 401;1, and then click Set to Default.
   
   Note that Type is changed to Default and that Contents is displayed as "Unauthorized - Logon failed".
6. Under HTTP Error, click 401;2, and then click Set to Default.
   
   Note that Type is changed to Default and that Contents is displayed as "Unauthorized - Logon failed due to server configuration".
7. Click OK, and then click OK.

The HTTP 401.2 response is returned when a user initially logs on.

The HTTP 402.3 response is the most common HTTP error message that is returned by the server, and it occurs as part of the standard Integrated Windows authentication challenge. When you modify the HTTP error from the standard .htm response to a simple "Unauthorized - Logon failed" response, approximately 1300 bytes (B) are saved for each RPC session to the RPC proxy server.

Outlook uses RPC sessions when it performs many different tasks, including short-lived tasks such as a poll for new messages on the server. The reduction in size of the HTTP error messages that are returned may result in significant savings for clients who are on low-bandwidth networks.