Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, June 26, 2018 4:03 PM
The error I get looks like this:
VERBOSE: Connecting to foo.domain.local.
New-PSSession : [foo.domain.local] Connecting to remote server foo.domain.local failed with the following error
message : The WinRM client received an HTTP status code of 403 from the remote WS-Management service. For more
information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : -2144108273,PSSessionOpenFailed
I have already checked that powershell is set to not require SSL in IIS manager and to use anonymous authentication and that the proxy is direct access (no proxy server).
How do I fix this?? :)
I am also seeing similar errors on an Exchange 2013 server.
The only thing I can think of that has changed is both servers received MS updates this month.
Thank you, Tom
All replies (11)
Tuesday, June 26, 2018 4:15 PM
EMC works properly, it is only the management shell that fails.
Wednesday, June 27, 2018 8:48 AM
Hi,
How about disabling the anonymous authentication in IIS manager?
To be honest, generally, issue will get resolved by disabling the "Required SSL" option of the powershell VD in IIS manager. An old blog for Exchange 2010 explains the issue: Troubleshooting Exchange 2010 Management Tools startup issues.
However, since it won't work both in your Exchange 2013 and 2016 servers, we suggest you recycle the MSExchangePowerShellAppPool and MSExchangePowerShellFrontEndAppPool in IIS manager, then run IISRESET in Windows Powershell.
Hope it helps.
Regards,
Manu Meng
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Wednesday, June 27, 2018 1:18 PM
Ohhh...I misread something, I thought anon auth was supposed to be on.
I did everything on both servers, set both servers to reboot tonight, will check tomorrow.
Thank you, Tom
Thursday, June 28, 2018 1:58 AM
I did all of the SSL and anon auth configuration and installed CU 21 and rebooted on the Exchange 2013 server and now HTTP 400 errors issue forth. Rebooting should have recycled the pools.
Thank you, Tom
Friday, June 29, 2018 2:39 AM
Hi,
Happy to know issue got resolved.
If you don't mind, we'd suggest you mark the replies above as answers, so it will be easy for other community members to find the useful one/ones.
Thanks a lot for your understanding.
Regards,
Manu Meng
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Friday, June 29, 2018 12:59 PM
It is not fixed. Same errors despite multiple configuration reviews and reboots.
Nothing to date should be marked as an answer.
Thank you, Tom
Monday, July 2, 2018 2:49 AM
How about connecting to Exchange servers using remote PowerShell?
What MS update did you install? Could you share more details about this?
Regards,
Manu Meng
Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact [email protected].
Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.
Saturday, July 7, 2018 5:33 AM
Hi
Have you tried to run the following from a normal powershell window: WinRM Quickconfig
Do you have any Redirect set?
Do you have Dynamic IP Restrictions enabled at all?
Hope this helps. Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
Monday, July 9, 2018 2:50 PM
Hi
Have you tried to run the following from a normal powershell window: WinRM Quickconfig
Do you have any Redirect set?
Do you have Dynamic IP Restrictions enabled at all?
One server is Exchange 2016 on Windows Server 2016.
EMS *used* to work properly on this server.
The other server is Exchange 2013 on Windows Server 2012.
EMS *used* to work properly on this server.
My understanding is/was that WinRM is usually automatically 'on' within Win2k16 and Win2k12 servers.
WinRM quickconfig was done on both servers. It was and is already running on both servers.
Redirect: Only normal http > https redirect and redirect of everything except ecp to owa, according to MS and others' instructions found on the internets.
I don't know anything about dynamic IP restrictions, I have never configured any such item, and assume that the default is to not have any such items configured.
Each server has already had the most current cumulative update installed for their Exchange version.
EMS still does not work on either server.
Thank you, Tom
Monday, July 9, 2018 8:25 PM
I reviewed the EMS again on the Exchange 2016 server, it's now giving 'access denied' errors not 403 errors:
VERBOSE: Connecting to e16.domain.local.
New-PSSession : [e16.domain.local] Connecting to remote server e16.domain.local failed with the following error
message : [ClientAccessServer=E16,BackEndServer=e16.domain.local,RequestId=415423b5-51be-45df-b0f5-00c9e0ec7022,TimeS
tamp=7/9/2018 8:21:11 PM] Access Denied For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
VERBOSE: Connecting to e16.domain.local.
New-PSSession : [e16.domain.local] Connecting to remote server e16.domain.local failed with the following error
message : [ClientAccessServer=E16,BackEndServer=e16.domain.local,RequestId=163d9405-6e96-431d-b728-e6d992522f9f,TimeS
tamp=7/9/2018 8:21:12 PM] Access Denied For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
VERBOSE: Connecting to e16.domain.local.
New-PSSession : [e16.domain.local] Connecting to remote server e16.domain.local failed with the following error
message : [ClientAccessServer=E16,BackEndServer=e16.domain.local,RequestId=ee9a2218-0245-43a6-9f82-abde6f56e53c,TimeS
tamp=7/9/2018 8:21:12 PM] Access Denied For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
VERBOSE: Connecting to e16.domain.local.
New-PSSession : [e16.domain.local] Connecting to remote server e16.domain.local failed with the following error
message : [ClientAccessServer=E16,BackEndServer=e16.domain.local,RequestId=a9c7bc47-45b5-4c33-b4e0-c992fe00cf2b,TimeS
tamp=7/9/2018 8:21:12 PM] Access Denied For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
VERBOSE: Connecting to e16.domain.local.
New-PSSession : [e16.domain.local] Connecting to remote server e16.domain.local failed with the following error
message : [ClientAccessServer=E16,BackEndServer=e16.domain.local,RequestId=672f50db-1b9b-44b6-8a48-b5eb940a691e,TimeS
tamp=7/9/2018 8:21:12 PM] Access Denied For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
+ FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
Failed to connect to an Exchange server in the current site.
Enter the server FQDN where you want to connect.:
Could this be a PowerShell directory authentication issue?? What should be the correct authentication for the the PowerShell virtual directories in the Exchange server??
Thank you, Tom
Monday, July 9, 2018 9:21 PM
The Exchange 2013 server is now giving HTTP 400 errors.