Getting Access is denied error when creating mail user using Exchange Management Shell
-
Thursday, January 20, 2011 6:34 PM
Hi,
I'm able to successfully run and create mail contacts and mail users using the Exchange Management Shell SDK from my local machine - Windows 7 & Visual Studio 2010, but I get the following error from my test and production servers - Windows 2008 R2. All servers are in the same domain.
System.Management.Automation.Remoting.PSRemotingTransportException: Processing data from remote server failed with the following error message: Access is denied. For more information, see the about_Remote_Troubleshooting Help topic.
Any help is greatly appreciated.
Thank you.
ml99
ml99
All Replies
-
Friday, January 21, 2011 6:45 AM
Whats the security context your trying to run this in ? eg are you trying to create an ASP.NET application ? have you specified the credentials to use in the code or are you trying to impersonate a user. What version of Exchange are you trying to do this on is it 2007 or 2010 ? what does the code your trying to use look like ? I'd suggest having a read of http://blogs.msdn.com/b/webdav_101/archive/2008/09/25/howto-calling-exchange-powershell-from-an-impersonated-thead.aspx
Cheers
Glen -
Monday, January 24, 2011 2:47 PM
Hi Glen,
Yes, I'm creating the mail contact from an ASP.NET application (using Windows Authentication). My code below: I replaced the password and credentials with dummy values. It works from my pc where I am logged in under my Windows account, however from the test and live server it does not work and gives me Access denied error I listed previously. My ASP.NET application runs under another account. We are using Exchange 2010.
Dim newPaswordSecureString As System.Security.SecureString = New System.Security.SecureString()
Dim newPassword As String = "password"For Each c As Char In newPassword
newPaswordSecureString.AppendChar(c)
NextDim credential As PSCredential
credential = New PSCredential("myuseracct", newPaswordSecureString)'Set the connection Info
Dim connectionInfo As WSManConnectionInfo = New WSManConnectionInfo(New Uri("http://torvsrvexch.ad.smithandandersen.com/powershell"), "http://schemas.microsoft.com/powershell/Microsoft.Exchange", credential)Dim runspace As Runspace = System.Management.Automation.Runspaces.RunspaceFactory.CreateRunspace(connectionInfo)runspace.Open()
Dim newMbx As Command
newMbx = New Command("New-MailContact")
newMbx.Parameters.Add("Name", "Mickey Mouse")
newMbx.Parameters.Add("OrganizationalUnit", "External")
newMbx.Parameters.Add("ExternalEmailAddress", "mmouse@disneyland.com")Dim cmd As Pipeline = runspace.CreatePipeline()
cmd.Commands.Add(newMbx)Dim commandResults As Collection(Of PSObject)
commandResults = cmd.Invoke()Thank you for your help.
ml99
ml99 -
Tuesday, January 25, 2011 2:59 AM
If your getting Access denied then somewhere along the way the credentials you using are failing or your code is trying to access a local resource that it doesn't have access to due to the Applicaiton pool the userid its running under etc. The first thing i do is log on to the server where your trying to run the code start powershell and see if you can create a remote connection to the Exchange Server in question and also execute the cmdlet using the credentials you trying in your code manually. It could be a local issue with a firewall or could be to do with the format of the user name your using eg prefix the username with the domain name or try using the UPN instead.
If you want to see if its a local issue on the server your running the code from something like processmointer http://technet.microsoft.com/en-us/sysinternals/bb896645 can tell you if its a local file access issue.
Cheers
Glen -
Wednesday, January 26, 2011 12:34 AM
Thanks for your reply Glen.
I'm able to create contacts when I log into the servers (test & production) and run powershell and execute the cmdlet. I'm also able to create them using the credentials I specified in my code. So, I've tried both the account being used by the Application pool and the credentials I'm using in my code and both work fine. I'm totally baffled.
Any other ideas?
Thank you.
ml99
ml99 -
Thursday, January 27, 2011 2:32 AM
I would use process monitor in this instance have a look if you get any access denied from this tool when you run the code you may find it one particular file or library that is trying to be loaded during this process.
cheers
Glen -
Tuesday, February 01, 2011 10:05 PM
Hi,
Tried to install the Process Monitor on the web server Windows 2008 R2 and I get a blank error dialog box. Is it supposed to work on Windows 2008 R2 server?
Please help.
Thank you.
ml99
ml99 -
Wednesday, February 02, 2011 2:20 PM
Hi,
I'm getting a blank error dialog box when I try to install the Process Monitor on Windows 2008 R2 server. Is it not used for this version of the server?
Thank you.
ml99
ml99 -
Thursday, March 08, 2012 10:18 PM
Hi
Did you ever found a solution for this? I might have been faced with the similar issue :-(
Petri
-
Tuesday, July 17, 2012 7:58 PM
Hi Petri,
I think I modified the account running for DefaultAppPool to the same credentials as my website "Connect as" account. As Glen pointed out, its was permission issue of the account that the Application pool is running under.
Hope this helps.
Cheers
ml99
- Marked As Answer by ml99 Thursday, November 15, 2012 9:04 PM
.png)
