Powershell commands and service accounts

Hi Everyone,

I'm currently attempting to provision mailbox accounts with the use of a powershell command that is running under a windows service with a specific account set to the run the command.  When this command executes from the windows service I recieve the following error:

An Active Directory error 0x80070035 occurred while searching for domain controllers in domain xxx.xxx.xxx: The network path was not found.

The command I'm executing is as follows:

C:\WINDOWS\system32\windowspowershell\v1.0\powershell.exe -PSConsoleFile "C:\Program Files\Microsoft\Exchange Server\bin\exshell.psc1" -NoLogo -NonInteractive -Command "Enable-Mailbox -Identity 'cn=test user,ou=testou,dc=xxx,dc=xxx,dc=xxx' -Database exchserver1\sg1\db01 -domaincontroller DC1.xxx.xxx ;";

When I log in to this server and execute the same command from the Exchange Management Shell the script runs fine and creates the mailbox.  Unfortunately when it runs from my Windows Service I get the error denoted above.  Does anyone have any insight into what might be going on?  My suspicion is that this is a required permision for the service account that is not set and causing the issue or the invocation of powershell through the command line can't search Active Directory.  

Environment Details
Exchange Server Version: Exchange Server 2007
Operating System: Windows 2003 SP 2
LVL 1
zozigAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ragu RamachandranCommented:
Can you try testing the same command with ip address instead of the DC name?
zozigAuthor Commented:
I tried it by IP and get the same issue
JuusoConnectaCommented:
zozig,

If you run the command from EMS manually then it runs smoothly, in other words the command itself works.

Remember that when u run EMS its basically powershell that imports the exchange modules every time you start it.

you said: "Unfortunately when it runs from my Windows Service..", that means your trying to run this remotely ? Are you planning on running this script on your local computers powershell and importing the exchange modules to your computer or are you planning on remote calling the script on the exchange server ?

For example, If I were to run a script on my computer I would need to improt the exchange modules first:
$s = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http:/InternalFQDNOfExchangeServer/PowerShell/ -Authentication Kerberos

Import-PSSession $s

And if you want to supply credentials you can add: -Credential (Get-Credential) (after -Authentication Kerberos )


What I have done in the past (though this was for exchange 2010), was creating batch files (.bat) and called the exchange server to and imported the exchange modules.

Like the below:
PowerShell.exe -command ". 'C:\Program Files\Microsoft\Exchange Server\V14\bin\RemoteExchange.ps1'; Connect-ExchangeServer -auto; C:\Support\Scripts\MyPowerShellScript.ps1"

This batch file is located on the exchange server and once this is triggered by an event it will open powershell import the exchange modules and execute my powershell script: trigger -> batch file -> powershell script

If you would like to run this from your local computer you could do this, by editing the above to remote call the powershell script (which will be on your exchange server), or have another batch file to remote call the batch file on the exchange server
zozigAuthor Commented:
Hi JuusoConnecta,

Thanks for your comments, very insightful to what I am experiencing.  I actually did find the reason for the service not being able to search Active Directory, basically I needed to provide the service with environment variables for the following:

USERDNSDOMAIN
USERDOMAIN
USERNAME
even though the service was running as a specific user it still requires the USERNAME environment variable to be set, not sure if this get utilized in Kerberos or something but those 3 environment variables must be set for the doman and username.  Thanks for your input I'll award you the points.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
JuusoConnectaCommented:
Glad you got it resolved =], thanks for sharing the solution!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.