Enable Remote Exchange Powershell

We can run Exchange Management Powershell cmdlets in Exchange server to get mailbox related details. However, if you want to read mailbox related details from remote computer, you need to setup some configuration to connect Exchange Management Powershell.

Follow the below steps to enable Remote Exchange Management Shell

In your local machine, Windows PowerShell needs to be configured to run scripts. To enable Windows PowerShell to run signed scripts, run the following command in an elevated Windows PowerShell window (Run as administrator).

Set-ExecutionPolicy RemoteSigned

2. The account you use to connect to the Exchange server must be enabled for Remote Shell. Run the following command in your Exchange server to enable Remote Shell.

Set-User –Identity username -RemotePowerShellEnabled $True

3. TCP port 80 traffic needs to be open between your local computer and the Exchange server. It’s probably open, but it’s something to consider if your organization has a restrictive Internet access policy.

Connect Remote Exchange PowerShell using Kerberos Authentication

– Copy the below powershell script and paste in Notepad file.
– Replace the parameter <FQDN of Exchange Server> with your own Exchange server name.
– Run the script in powershell to get mailbox features from remote Exchange server using Kerberos Authentication.

$cred = Get-Credential
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<FQDN of Exchange Server>/PowerShell/ -Credential $cred -Authentication Kerberos
Import-PSSession $Session 
Get-CASMailBox

Connect Remote Exchange PowerShell using Basic Authentication

You can use Kerberos Authentication to connect Exchange 2010/2013 Management Shell if both the computers (local computer and exchange server) are on a same domain or in trusted domain network, but you need to use Basic Authentication if both the computers are not in the same domain or not a trusted domain network.

Run the following command with Exchange Management Shell window in Exchange server to enable Basic Authentication.

Get-PowershellVirtualdirectory | Set-PowerShellVirtualDirectory -BasicAuthentication $true

TCP port 443 traffic needs to be open between your local computer and the Exchange server to use Basic Authentication.

– Copy the below powershell script and paste in Notepad file.
– Replace the parameter <FQDN of Exchange Server> with your own Exchange server name.
– Run the script in powershell to get mailbox features from remote Exchange server using Basic Authentication.

$cred = Get-Credential
$pso = new-pssessionoption -skipcacheck -SkipCNCheck -SkipRevocationCheck
$Session= New-PSSession -Configuration Microsoft.Exchange -ConnectionUri https://<FQDN of Exchange Server>/PowerShell/ -Credential $cred -Authentication Basic -Sessionoption $pso
Import-PSSession $Session 
Get-CASMailBox

Advertisement

Leave a Comment