0 votes

I've now installed the new version of Adaxes. But when i try to see Exchange properties, i get this error:

No Exchange server is available for the remote PowerShell session. See Adaxes Event Log for details.

I've checked the log files:
Log Name: Adaxes
Source: Adaxes Service
Date: 30.04.2013 12:32:46
Event ID: 0
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: ADAXES01
Description:
Failed to create a remote PowerShell session on the following Exchange servers:
EXCH-HUB01: Connecting to remote server failed with the following error message : The WinRM client cannot process the request. The authentication mechanism requested by the client is not supported by the server or unencrypted traffic is disabled in the service configuration. Verify the unencrypted traffic setting in the service configuration or specify one of the authentication mechanisms supported by the server. To use Kerberos, specify the computer name as the remote destination. Also verify that the client computer and the destination computer are joined to a domain. To use Basic, specify the computer name as the remote destination, specify Basic authentication and provide user name and password. Possible authentication mechanisms reported by server: For more information, see the about\Remote\Troubleshooting Help topic.

I've enabled remote powershell and set the execution policy to bypass.

Any ideas?

by (960 points)
0

As far as i can see, this might be related to DNS.. It looks like Adaxes tries to contact EXCH-HUB01, not EXCH-HUB01.domain.local (which would be found in DNS).

1 Answer

0 votes
by (216k points)

Hello,

This happens because Windows Authentication is disabled for remote PowerShell sessions on your Exchange Server. To remedy this:

  1. On the computer where your Exchange Server is installed, open IIS Manager from Start \ Control Panel \ Administrative Tools \ Internet Information Services (IIS) Manager.
  2. Expand the server that host sites on your Exchange Server.
  3. Navigate to Sites \ Default Web Site and select PowerShell Web Application.
  4. Double-click Authentication.
  5. Right-click Windows Authentication and select Enable in the context menu.
  6. Restart IIS.
0

That seemed to do the trick, thanks!

But is there a way to decide which exchange server it connects to? Or do i have to enable remote ps and do this change on all exchange servers?

0

Also, usage info is not showing. Is this because i havent enabled remote ps to the mbx servers?

0

When searching for an Exchange server, Adaxes searches for available Exchange Servers within the site it is installed to, and connects to the first available server it finds. If Adaxes doesn't manage to find an available Exchange Server within its site, it starts searching in other available sites.

do i have to enable remote ps and do this change on all exchange servers?

You need to do this on all the Exchange servers you want Adaxes to connect to. If you enable Windows Authentication for PowerShell on one Exchange Server only, Adaxes will connect to that server until it goes down for some reason.

0

Also, usage info is not showing. Is this because i havent enabled remote ps to the mbx servers?

Can you post or send us the error message that is shown to you instead of usage info?

0

Ah! Thank you. I was in "Exchange Properties" edit mode, that's why i didnt see the Usage info, my bad :)

0

I have to bring this up again.. I have a new install of Adaxes, Exchange in a managed domain (not same as Adaxes it self).

Failed to connect to the following Exchange servers: EXCHSERVER: Connecting to remote server failed with the following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. For more information, see the about\Remote\Troubleshooting Help topic.

Eventlog:
Softerra.Adaxes.BackgroundThreadException: Exchange 2013 PowerShell API: Failed to execute the following operation: Get mailbox settings of 'Demo User (DOMAIN.LOCAL\Users)' ---> Softerra.Adaxes.Adsi.Exchange.PowerlessExchangeApiException (0x80072035): Failed to connect to the following Exchange servers:
EXCHSERVER: System.Management.Automation.Remoting.PSRemotingTransportException: Connecting to remote server failed with the following error message : WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access from this computer. By default, the WinRM firewall exception for public profiles limits access to remote computers within the same local subnet. For more information, see the about\Remote\Troubleshooting Help topic.
at System.Management.Automation.Runspaces.AsyncResult.EndInvoke()
at System.Management.Automation.Runspaces.Internal.RunspacePoolInternal.EndOpen(IAsyncResult asyncResult)
at System.Management.Automation.Runspaces.RunspacePool.Open()
at #Qe.#rh.#53(#9c exchangeServer)
at #Qe.#rh.#53()

I've enabled "Windows Authentication", remote powershell and set execution policy. I've also checked all the FW logs, no ports are being blocked.

new-pssession -connectionURI "http://$exchangeServer/powershell" -ConfigurationName Microsoft.Exchange -Credential $credential

From Powershell works.

Help?

0

Found that HTTPS also needed to be opened in the FW...

0

Hello,

Yes, if Adaxes and Exchange are installed in different forests, the HTTPS port is used to cobnnect to Exchange instead of HTTP. For more details, What ports does Adaxes use?.

Related questions

0 votes
1 answer

Our Adaxes server is currently used to manage only one hybrid domain. We're looking to add a second (AAD / cloud only) managed domain, but our existing Adaxes ... scenes" without that domain and its objects being visible to our users immediately? Thanks.

asked Sep 26 by ms1 (20 points)
0 votes
1 answer

hello, We are doing poc for Adaxes software. Our need: Adaxes as front end to manage multiple isolated domains with no trust e.g. Domain A, Domain B. We deployed ... domain B always gives error "User or password is not correct". Is this toplogy supported

asked Jul 11 by VBahubali (40 points)
0 votes
1 answer

We have two on-prem domains; Domain A and Domain B. Domain A is our primary domain and syncs with Azure AD. Domain B contains accounts created for external ... user attempts to authenticate, they are only authenticating against the Domain B on-prem domain?

asked Apr 10 by awooten (80 points)
0 votes
1 answer

Will it use 1 license for an Active Directory user and his azure account or 2 licenses?

asked Nov 7, 2023 by johanpr (120 points)
0 votes
1 answer

Hi, We would like to run an AD sync (Start-ADSyncSyncCycle -PolicyType Delta) after a new user is created. Unfortunately, it looks like this script only works for servers that ... in any of the domains. What is the recommended way to achieve this? Thanks, Max

asked Sep 7, 2023 by mcutlyp (40 points)
3,548 questions
3,239 answers
8,232 comments
547,814 users