Problem with Remote PowerShell connections to Exchange server to run cmdlets

Peter Hutchison 0 Reputation points
2024-11-22T15:24:30.47+00:00

I recently have a custom user account provisioning program for active Directory and Exchange 2016 which has been running successfully for years but recently after a password change, it no longer works. I have made loads of checks, re-changed password, updated scheduled tasks, checked permissions, checked winrm, firewall settings, tried different credentials etc to no avail.

The code is as follows:
' Connect to Exchange 2016

PSCred = GetCredentials()

'If IsNothing(PSCred) Then Debug.Print("Credentials not set")

connInfo = New WSManConnectionInfo(New Uri(EXCHURI),

"http://schemas.microsoft.com/powershell/Microsoft.Exchange", PSCred)

connInfo.AuthenticationMechanism = AuthenticationMechanism.Kerberos

'If IsNothing(connInfo) Then Debug.Print("Error: Connection info not set.")

myRunSpace = RunspaceFactory.CreateRunspace(connInfo)

'If myRunSpace.Equals(Nothing) Then Debug.Print("Error: RunSpace not created.")

' Wait until run space is available

While myRunSpace.RunspaceAvailability = RunspaceAvailability.Busy

'Console.WriteLine("Runspace is busy.")

System.Windows.Forms.Application.DoEvents()

End While

myRunSpace.Open() - fails here

And I get this message in debugging mode:

Exception thrown: 'System.Management.Automation.Remoting.PSRemotingTransportException' in System.Management.Automation.dll

Connecting to remote server name failed with the following error message : An unknown security error occurred.

Error code: -2144108387

Any ideas on how to resolve this problem?

Exchange Server
Exchange Server
A family of Microsoft client/server messaging and collaboration software.
1,368 questions
Visual Studio
Visual Studio
A family of Microsoft suites of integrated development tools for building applications for Windows, the web and mobile devices.
5,251 questions
PowerShell
PowerShell
A family of Microsoft task automation and configuration management frameworks consisting of a command-line shell and associated scripting language.
2,668 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Jake Zhang-MSFT 7,315 Reputation points Microsoft Vendor
    2024-11-25T05:53:41.6833333+00:00

    Hi @Peter Hutchison ,

    Welcome to the Microsoft Q&A platform!

    Based on your description, the error message you see, PSRemotingTransportException, usually indicates a problem with the connection to the remote server. Here are a few additional steps you can try:

    1. Make sure WinRM is configured correctly on both the client and the server. You can run winrm quickconfig on both machines to set the necessary settings.
    2. Since you are using Kerberos, make sure the time on both the client and the server is synchronized. Kerberos is very sensitive to time differences.
    3. Verify that the SPN for the Exchange server is set correctly. You can use the setspn command to check and set the SPN.
    4. Double-check that the firewall rules allow traffic on the ports required by WinRM (the default is 5985 for HTTP and 5986 for HTTPS).
    5. Make sure the credentials you are using have the necessary permissions to access the Exchange server. Sometimes, re-entering the credentials can help.
    6. If you are using HTTPS, make sure the SSL/TLS settings are configured correctly and there are no issues with the certificate.
    7. Make sure you have the latest version of PowerShell installed, as updates can sometimes resolve connection issues.

    Here is a short snippet of code to check the WinRM configuration:

    winrm get winrm/config
    

    If these steps do not resolve the issue, you may need to enable more detailed logging for WinRM and PowerShell to get more insight into the issue. You can enable logging using the following command:

    Enable-WSManTrace
    Enable-PSRemoting -Force
    

    Please feel free to contact me for any updates. And if this helps, don't forget to mark it as an answer.

    Best,

    Jake Zhang


  2. Rich Matheisen 47,386 Reputation points
    2024-11-29T16:42:22.1633333+00:00

    Check the system event log. It may be a problem with the SPN. While not occuring under the same circumstances as your problem, this link gives a more complete description of the error code:

    https://learn.microsoft.com/en-us/troubleshoot/system-center/vmm/add-managed-host-error-2927

    It may also be that someone/something has changed the trustedhosts value in the WinRm settings. But if all your machines are in the same AD domain you shouldn't have to use that.

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.