We help IT Professionals succeed at work.

SBS2011 Can't connect to EMC/EMS

browningit
browningit asked
on
591 Views
Last Modified: 2014-11-21
Hi all,

I've been arguing with a server that I am assisting someone in fixing for a few hours now - and am nearly done fixing most of the issues - but the primary root of the problems still remains.  I can't launch the EMC or EMS, and EMShooter tells me the same thing over and over, with no recourse to resolve.  I've been over all the threads for SBS 2011 and Exchange 2010 on the topic, reviewed it all, and it just doesn't go anywhere.  There is one thing about the solution steps that is bothering me, and I am not sure it is relevant:

"The Exchange Management Troubleshooter indentified a problem that can be caused by several issues:

1. If the WSMan module entry is missing from the global modules section of the
C:\Windows\System32\Inetsrv\config\ApplicationHost.config file, as follows:

<globalModules>
           <add name="WSMan" image="C:\Windows\system32\wsmsvc.dll" />

This will result in the WSMan module displaying as a Managed module on the PowerShell virtual directory.

To correct this, make sure that the WSMan module has been registered (but not enabled) at the Server level, and has been enabled on the PowerShell virtual directory.  Confirm that the WSMan entry exists in the Global Section of the ApplicationHost.config file as shown above.

2. Remote PowerShell uses Kerberos to authenticate the user connecting.  IIS implements this Kerberos authentication method via a native module. In IIS Manager, if you go to the PowerShell Virtual Directory and then look at the Modules, you should see Kerbauth listed as a Native Module, with the dll location pointing to \Program Files\Microsoft\Exchange Server\v14\Bin\kerbauth.dll. If the Kerbauth module shows up as a Managed module instead of Native, or if the Kerbauth module has been loaded on the Default Web Site level (instead of, or in addition to, the PowerShell virtual directory), you can experience this issue. To correct this, make sure that the Kerbauth module is not enabled on the Default Web Site, but is only enabled on the PowerShell virtual directory.  The entry type of "Local" indicates that the Kerbauth module was enabled directly on this level, and not inherited from a parent.

3. The Path of the Powershell virtual directory has been modified.  The PowerShell virtual directory must point to the

"\Exchange Server\v14\ClientAccess\PowerShell"
"
The bold I have outlined above doesn't make sense.  I've reviewed everything else here and verified that all is fine, but still I can't get into EMS EMC.

Let me know if you have some clarification, or other ideas.  Thanks!
Comment
Watch Question

browningitSysadmin

Author

Commented:
I realized I should tell some of the story - I walked into this situation to resolve issues with OWA, ActiveSync not working.  The other party was trying to resolve those issues on the SBS 2011 server, and removed IIS completely and re-installed it.  That caused a large amount of issues for him - and he got in touch with me.  I have restored all the missing pieces for IIS, resolved all error messages in applications logs, and upgrade from SP1 on Exchange to SP3 successfully.  I'm at the point now where I need EMS/EMC to continue moving forward.  If you need any other relevant, please just ask!
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
So all the errors above still exist correct?

With regard to PowerShell have you tried recreating the PowerShell Virtual Directory?

Check out this thread on how to do that.
https://social.technet.microsoft.com/Forums/exchange/en-US/361e66a4-8de3-4143-acb5-7702ce813eee/how-to-reinstall-powershell-virtual-directory-in-iis-75-exchange-2010-sp1?forum=exchange2010
browningitSysadmin

Author

Commented:
I ran this through awhile ago, to no avail.  I would be happy to try it again now, since a lot has changed since the time I ran it.  However, this particular article doesn't have the remove command that I did run last time.  Do you have that handy?
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
You can just go into IIS and right-click delete the PowerShell Virtual Directory. Then use that command to recreate it.
browningitSysadmin

Author

Commented:
I get an error running that this time:

"New-PowerShellVirtualDirectory : An error occurred while creating the IIS virtual directory 'IIS://name here
/W3SVC/1/ROOT/PowerShell' on 'name here'.
At line:1 char:31
+ New-PowerShellVirtualDirectory <<<<  -Name "PowerShell" -InternalURL "http://name here/powershell"
    + CategoryInfo          : InvalidOperation: (name here\PowerShell (Default Web Site):ADObjectId) [New-PowerShellVir
   tualDirectory], InvalidOperationException
    + FullyQualifiedErrorId : 699FE3C6,Microsoft.Exchange.Management.SystemConfigurationTasks.NewPowerShellVirtualDire
   ctory"
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
Did you change the URL from "name here"?

Did you add the snapins before running? To quote that article.
"Add-pssnapin Microsoft.Exchange.Management.PowerShell.E2010"
browningitSysadmin

Author

Commented:
Haha, yea, and I am trying it with the 'import modules' run this time.  I edited the error for privacy.
browningitSysadmin

Author

Commented:
Same error when I run it this time.

New-PowerShellVirtualDirectory : An error occurred while creating the IIS virtual directory 'IIS://.local
/W3SVC/1/ROOT/PowerShell' on ''.
At line:1 char:31
+ New-PowerShellVirtualDirectory <<<<  -Name "PowerShell" -InternalURL "http://.local/powershell"
    + CategoryInfo          : InvalidOperation: (\PowerShell (Default Web Site):ADObjectId) [New-PowerShellVir
   tualDirectory], InvalidOperationException
    + FullyQualifiedErrorId : 699FE3C6,Microsoft.Exchange.Management.SystemConfigurationTasks.NewPowerShellVirtualDire
   ctory
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
Hmm... let's try this article.
http://www.petenetlive.com/KB/Article/0000700.htm
browningitSysadmin

Author

Commented:
That's the commands I used last time!  Thanks for finding it again. Processing.
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
Looks like Pete Long mentions using a specific PowerShell as well from the Admin menu.
browningitSysadmin

Author

Commented:
No, I can't run the command for remove - since I already removed it in IIS and it provides and error stating it can't find it.  THen when I try to run Pete's command there for adding it, I get the same error listed above, line 1 Char 31 etc.

Last time I ran these commands, they worked fine.  At this moment I am now another step backward :)
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
You may need to remove it from ADSI Edit.

Check this article. Specifically the section titled "Virtual Directory ‘PowerShell’ Already Exists" for instructions on how to remove with ADSI Edit. Then try the PowerShell to add it back.
http://supertekboy.com/2014/05/06/5-errors-upgrading-to-exchange-2010-sp3-and-how-to-fix-them/
browningitSysadmin

Author

Commented:
Followed the ADSIEdit path - there was nothing to remove.  I decided to remove the -Proxy from IIS and ADSIEdit - rebooted server, hopped back into PowerShell - same error trying to run those commands now.  This is now 3 steps back.
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
The weird part is that it is failing on the "-Name" switch. That is character position 31. So it recognizes the Cmdlet.

Sometimes I have seen problems with cut and pasting from the web. Characters look correct but get hosed up. Try typing out the entire command. No double space between the cmdlet and the hyphen right? Maybe drop the quotes from around PowerShell name. Doesn't need it because your name contains no spaces.
browningitSysadmin

Author

Commented:
I never paste commands in, I always type them.  No double spaces here.
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
Just ran into this article.

https://social.msdn.microsoft.com/Forums/exchange/en-US/a5ba42b7-c89f-480b-b7ae-39da1d8004cf/error-with-ecp-and-newpowershellvirtualdirectory

They ran New-PowerShellVirtualDirectory -Name "PowerShell (Default Web Site)"
browningitSysadmin

Author

Commented:
That worked, now I have to worry about the Proxy one.
browningitSysadmin

Author

Commented:
I also opened up EMS to get a new error:


         Welcome to the Exchange Management Shell!


[.local] Connecting to remote server failed with the following error message : The WinRM client received
an HTTP status code of 403 from the remote WS-Management service. For more information, see the about_Remote_Troublesho
oting Help topic.
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
   eption
    + FullyQualifiedErrorId : PSSessionOpenFailed
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
Check this article. Looks like you need to disable SSL.
https://support.microsoft.com/kb/2276957?wa=wsignin1.0
browningitSysadmin

Author

Commented:
Disabled SSL, then tried to set the authentication to anonymous, and removed the basic option resetting IIS each time I changed something.  Still not able to connect to EMS/EMC.

I'm working on reviewing this part of one of the links posted:

"Okay, had to use IIS6 metabase explorer and renamed "powershell (default web site)" to powershell and now EMC + EMS seem to work.

I really hope this helps someone. "

Thing is, I don't have the metabase explorer installed (at least I don't think) let alone know how to use it.  Copying it to the server now.
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014

Commented:
Hmm. Would have thought disabling SSL and doing an IISRESET would have done it.

I saw that comment as well. Don't think I have ever had to do that before.
browningitSysadmin

Author

Commented:
For any poor soul who went this far down the rabbit hole - if you get to the point where you are renaming the Virtual directory with IIS Metabase Explorer, you'll end up back where you started (see:  "The WinRM client cannot process the request.  It cannot determine the content type of the HTTP response from the destination computer."), but this is where you find it:

Connect to your local server
Expand LM
Expand W3SVC
Expand 1
Expand ROOT
Find appropriate entries, rename them and the keys within to relevant folder name (my situation: remove "default web site" content.

So - now I am back to where I started.  I can't connect to EMS/EMC, after doing all of the above and dozens of other fixes, with no new leads to go on.  Current error:   "The WinRM client cannot process the request.  It cannot determine the content type of the HTTP response from the destination computer."
browningitSysadmin

Author

Commented:
I just found this article:

https://www.experts-exchange.com/Software/Server_Software/Email_Servers/Exchange/A_12169-Exchange-2010-EMC-error-The-WinRM-client-cannot-process-the-request-It-cannot-determine-the-content-type-of-the-HTTP-response-from-the-destination-computer.html

I read it, and found this information relevant:

" Browsed https://localhost/PowerShell using IE and got error "  After that - the article doesn't show the same error I do.  I instead have:

"HTTP Error 500.0 - Internal Server Error
Module "kerbauth" could not be found"

Interesting, no idea how to proceed on that, and continuing to research.
Sysadmin
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
Gareth GudgerSolution Architect
CERTIFIED EXPERT
Most Valuable Expert 2014
Top Expert 2014
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION
browningitSysadmin

Author

Commented:
Relevant chain of events to proceed with based on errors discovered during
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.