Thursday, July 7, 2011

Exchange 2010 Remote Management Shell

Remote Shell in Microsoft Exchange Server 2010 enables you to manage your server running Exchange 2010 from a remote computer, either on your network or from the Internet. A User must be enabled for remote shell before the user can user it.

Prerequisites
Install Windows Management Framework: Windows Management Framework contains Windows PowerShell and WinRM.

Join your computer to a Windows domain: If you want to user your current network credentials, the domain you're joined to must be trusted by the domain where the Exchange server resides. Your domain doesn't need to be trusted if you manually specify credentials that are valid in the remote domain.

Open TCP port 80: TCP port 80 must be open between your computer and the remote Exchange 2010 server, and the port must be allowed through Windows Firewall on the Exchange 2010 server.

Use the Shell to enable remote shell for a user
To enable remote shell for a user, you need to enable the feature by Exchange PowerShell.

1. At Exchange Server, log in as Domain Administrator.
2. Launch "Exchange Management Shell".
3. Enter the following cmdlet to enable remote shell for a user:

Set-User <User Name> -RemotePowerShellEnabled $True


Remark: By default, all users are enabled remote shell.

Modify the Execution Policy
1. At a domain workstation, log in as Domain Administrator.
2. Launch "Windows PowerShell".
3. Enter the following cmdlet to check the Execution Policy of Windows PowerShell:

Get-ExecutionPolicy


By default, the Execution Policy of Windows PowerShell is "Restricted".

4. Enter the following cmdlet to modify Execution Policy to "RemoteSigned".

Set-ExecutionPolicy RemoteSigned


Using current credential connents to a remote Exchange 2010 server
1. At PowerShell, enter the following cmdlet to open the connection:

$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<fqdn of Exchange 2010 server>/PowerShell. -Authentication Kerberos


Remark: The "ConnectionUri" also supports https address, but the server must be installed the certificate which is assigned by trusted certification authority.

2. Enter the following cmdlet to import the server-side PowerShell session:

Import-PSSession $Session


Now, you can perform Exchange cmdlets in this PowerShell session.


Remark: If the Execution Policy doesn't change to "RemoteSigned", when you perform "Import-PSSession $Session", you will get the following error.


3. To disconnect the remote session, enter the following cmdlet:

Remove-PSSession $Session



Using the other user credential connents to a remote Exchange 2010 server
1. At PowerShell, enter the following cmdlet to insert user credential:

$UserCredential = Get-Credential


2. Enter the domain user name and password.


3. Click "OK".
4. Enter the following cmdlet to open the connection:
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<fqdn of Exchange 2010 server>/PowerShell. -Authentication Kerberos -Credential $UserCredential


5. Enter the following cmdlet to import the server-side PowerShell session:

Import-PSSession $Session

References
Connect Remote Exchange Management Shell to an Exchange Server

Troubleshooting the Exchange Management Shell

Enable Remote Exchange Management Shell for a User

Disconnect Remote Exchange Management Shell from an Exchange Server
http://technet.microsoft.com/en-us/library/dd335206.aspx

This posting is provided “AS IS” with no warranties, and confers no rights!

No comments:

Post a Comment