locked
connecting exchange server EMS from powershell remoting via HTTPS RRS feed

  • Question

  • Hi,

    I'm trying to resolve an issue we are facing.

    we are able to communicate to Exchange Server EMS Script from remote machine through winRM HTTP authentication.

    $newSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://test.domain.com/PowerShell/ -Authentication Kerberos -Credential $Credentials
    Import-PSSession $newSession

    But we have to impose WinRM HTTPS, so I have set everything required for that including certificate creation , winRM settings etc.

    And we are able to connect to remote machine where exchange server is available:

    Enter-PSSession -ComputerName test.domain.com -Credential $credentials -UseSSL 

    and this works.

    Now when I'm using -UseSSL in New-PSSession/Enter-PSSession for EMS, its not working:

    $newSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://test.domain.com/PowerShell/ -Credential $Credentials -UseSSL

    Error: New-PSSession : Parameter set cannot be resolved using the specified named parameters.

    Monday, September 26, 2016 9:25 AM

Answers

  • -UseSSL tells the command to use the HTTPS port.

    SSL is not an authentication it is a protocol.  Kerberos/CredSSP/basic are all authentication protocols.  SSL is the transport protocol. Authentication is separate from transport.

    Note again that all PowerShell remoting via WSMan is always encrypted even if it is HTTP.  Kerberos is always encrypted.


    \_(ツ)_/

    Monday, September 26, 2016 5:05 PM
  • Adding another point for conclusion:

    What I should do is, specify the https prefix instead of using the -useSSL switch which will ensure that connection is over https ("https://test.domain.com/PowerShell/);. The -useSSL is meant to be used when you using the -ComputerName parameter.

    Tuesday, September 27, 2016 5:03 AM

All replies

  • All PowerShell remote connections are always encrypted.

    \_(ツ)_/

    Monday, September 26, 2016 9:43 AM
  • my doubt is, how to set -UseSSL while connecting to Exchange Server.

    Please note: I need WinRM (powershell) Connectivity through HTTPS: -UseSSL Authentication. Not with Kerberos/Defaut/CredSSP

    Monday, September 26, 2016 9:50 AM
  • Exchange uses HTTP and not HTTPS.

     -ConnectionUri http://test.domain.com/PowerShell/

    This URL uses HTTP.  To use HTTPS it would use the https moniker.

    This may get you closer to what you are seeking: http://exchangeserverpro.com/powershell-script-configure-exchange-urls/


    \_(ツ)_/

    Monday, September 26, 2016 9:56 AM
  • Monday, September 26, 2016 9:59 AM
  • Understood. But in connection Uri, when I'm using Uri as https:// it will search for 443 certificate available in store. And WinRM uses 5986 port. If I hardcode -ConnectionUri https://test.domain.com:5986/PowerShell/ then it will give error, as remoting is through WinRM HTTP. not HTTPS.

    I have already gone through these example. But if you can see the authentication: they are using either Basic/CredSSP or Kerberos. But we are permit to use only SSL (-UseSSL)

    Monday, September 26, 2016 10:57 AM
  • -UseSSL tells the command to use the HTTPS port.

    SSL is not an authentication it is a protocol.  Kerberos/CredSSP/basic are all authentication protocols.  SSL is the transport protocol. Authentication is separate from transport.

    Note again that all PowerShell remoting via WSMan is always encrypted even if it is HTTP.  Kerberos is always encrypted.


    \_(ツ)_/

    Monday, September 26, 2016 5:05 PM
  • Adding another point for conclusion:

    What I should do is, specify the https prefix instead of using the -useSSL switch which will ensure that connection is over https ("https://test.domain.com/PowerShell/);. The -useSSL is meant to be used when you using the -ComputerName parameter.

    Tuesday, September 27, 2016 5:03 AM