Exchange 2013 Powershell Remoting Access Denied

Hello ,


I have an Exchange 2013 CU2 Installation in a multirole enviroment. I have a problem with the powershell remoting. When i try the test-powershellconnectivity and use the Domain admin account i take " Access Denied" .

Any ideas about this ?


Thanks a lot
Anestis PsomasSystem and Network AdministratorAsked:
Who is Participating?
 
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Problem Solved after upgrading to CU3 .
0
 
Patrick BogersDatacenter platform engineer LindowsCommented:
To open a Exchange PowerShell session with PowerShell:

Make sure the executionpolicy on the server/workstation is set as “RemoteSigned“. If it’s not, execute: “set-executionpolicy remotesigned” in an PowerShell session with elevated rights (Run As Administrator).
“$session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://%ExchangeServer%/PowerShell/ -Authentication Kerberos”. At %ExchangeServer% you have to fill in the name of the Exchange Server
If you need to connect with other credentials you can add “-Credential (Get-Credential)” at the end of the line. You will be asked to fill in you credentials.
Import-PSSession $session
0
 
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Thanks for your help but i want to use the test-powershellconnectivity because i want to test the Powershell Virtual Directory. It seems that its not working because of the access denied problem.
0
Simplify Active Directory Administration

Administration of Active Directory does not have to be hard.  Too often what should be a simple task is made more difficult than it needs to be.The solution?  Hyena from SystemTools Software.  With ease-of-use as well as powerful importing and bulk updating capabilities.

 
Patrick BogersDatacenter platform engineer LindowsCommented:
Hi, read to quickly,

What does c:\> winrm get winrm/config/client. output on TrustedHosts?

If the TrustedHosts is like "TrustedHosts = *", you need to change it to blank using the command

c:\> winrm set winrm/config/client @{TrustedHosts=""}
0
 
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Hello ,


Because i have 2 cas and 2 mbx servers , can you tell me please where i must run this ?

Thanks
0
 
QlemoBatchelor, Developer and EE Topic AdvisorCommented:
"client" always refers to the PC you are executing the cmdlet on. If you start in a remote session, it is that remote session, of course.
That change forces Kerberos authentication, which will only work in the same domain (forest / trust), so you are increasing (restoring) security, but might not be able to use remote sessions anymore from outside the domain.
0
 
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Here is the output i get ,

C:\Users\apsomas>winrm get winrm/config/client
Client
    NetworkDelayms = 5000
    URLPrefix = wsman
    AllowUnencrypted = false
    Auth
        Basic = true
        Digest = true
        Kerberos = true
        Negotiate = true
        Certificate = true
        CredSSP = false
    DefaultPorts
        HTTP = 5985
        HTTPS = 5986
    TrustedHosts
0
 
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Any ideas please?


Thanks
0
 
Patrick BogersDatacenter platform engineer LindowsCommented:
There is no output after trustedhosts?
0
 
Anestis PsomasSystem and Network AdministratorAuthor Commented:
No its empty.
0
 
Anestis PsomasSystem and Network AdministratorAuthor Commented:
Problem Solved after upgrading to CU3 . This is the solution because of a bug in powershell with multiple exchange servers.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.