So I've been setting up more and more Exchange 2013 Servers lately. Managing the Servers via the ECP website in 2013 is cool; however, having the Shell available while remote...that's REALLY cool. I knew this was possible with Office 365, but I have never tried it myself. (Something about needing the Shell to disable password expirations in Office 365. anyway...)
A quick search on TechNet revealed the commands used to work the magic. Further searching recommended to create a script to simplify the process. Provide your username and site FQDN where indicated.
#Functions
Function Query-Credentials
{
$Global:Cred = Get-Credential -Credential DOMAIN\Username
}
Function Connect-Exchange
{
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri https://site.domain.com/powershell/ -Credential $Cred -Authentication Basic -AllowRedirection
Import-PSSession $Session
}
#Establish connection
Query-Credentials
Connect-Exchange
Copy the commands above into Notepad and save the file as filename.PS1. For now, set aside the file. Before we can connect, we need to enable Basic Authentication on the PowerShell Virtual Directory. (Since the computer I am connecting from is NOT on the same Domain as the Exchange Server, I cannot use Integrated Authentication. My Server is secured with a SSL Certificate, so Basic is fine.)
- Log into the Exchange Control Panel.
- Select "servers" then "virtual directories".
- Edit the PowerShell (Default Web Site).
- Enable Basic Authentication.
- Verify the URLs for the PowerShell. (Both URLs can point to the internal site. Remotely connecting does not require the external URL field resolving to the external URL. They should both point to the Server internal URL by default.)
We are now ready to test our PowerShell connection remotely.
Open up PowerShell (or PowerShell ISE) and run the PS1 script you created earlier. You should receive the password prompt. Enter the username and password of a domain account with permissions to connect to Exchange. May have to format the username as DOMAIN\Username.
After a moment, you should see a screen similar to this one. If any errors are encountered, simply read the error. If it doesn't make sense, double-check your SSL certificate is configured, authentication, typos in the script, and permissions on the account.
Try to query Exchange by running a command against that Server. Here I simply verified the Send Connector.
When you are finished working in Exchange, it is recommended that you end or remove the session. The command on the TechNet article we mentioned earlier didn't work for me. In the screenshot, you can see I tried three different commands. The last one worked...not sure why the others didn't.
- Remove-PSSession $Session
- Remove-PSSession -Session $Session
- Get-PSSession | Remove-PSSession
If you don't remove the session, the session will timeout after 15 minutes.
Using the shell remotely is a nice time saver. I have now created session scripts for all of my Exchange 2013 Servers. Bonus...using the PowerShell ISE tool, you can easily modify the scripts on the fly.
