Remote Shell Connection in Exchange 2010

Remote Shell connection is a new feature which enables the administrator to connect to the exchange server remotely over the network which can be Lan\Wan. By the name itself you can understand that remote shell is the part of PowerShell command.
Now before I show you how to manually connect to Exchange Server 2010, let’s recall certain PowerShell basics and also let’s understand what will be the key advantage of this remote shell connection.

After the release of Exchange 2007, we got two modes to access the exchange database one is Exchange Management Console and another one is Exchange Management Shell. Exchange Management Console is nothing but GUI interfaces as like we had Exchange System Manager in Exchange Server 2003. Exchange Management Shell is powered on Windows PowerShell Technology which contains Exchange cmdlets and custom scripts. But if you see the Management Console it is nothing but it is driving out the output or input through PowerShell only. So what does it mean, Exchange Management console is relying on the PowerShell command only.

Why we required Windows PowerShell?
Think about this I need some customized script which will fulfill my organization requirement something like which can’t be possible from GUI what we had in Exchange 2003. Finally what we need to do, getting some paid third party software or require vbscript which was a challenging for us. Now with the release of PowerShell we can do the automation of administrative task. We can perform our daily task which can be performed by EMC and also those tasks which can’t be performed from EMC because it has robust and flexible scripting platform which reduce the complexity of VBScripts by using one line of code in the shell using an object model based on the Microsoft .Net platform.

Now lets come to our topic – Assume if you want to connect the Exchange Server remotely on Exchange 2003 & Exchange 2007 what will be the steps...

Exchange 2003 – Install the Exchange System Management Tool on your workstations and carry out the task.
Exchange 2007 – Install the EMC and carry out the task.

What will be the advantage of the Remote Shell?
1) Not required to install EMC tool or Exchange Binaries
2) This remote shell will be accessed only by the authenticated users who are allowed to access it.
3) The exchange remote access will open till the session is open on the client computer, once you close the session it will disconnect the connection.
Note : All the configuration need to be done by PowerShell command only
So inanother word – Not time consuming installation and also more secured access as compare to previous version.

Supported Operating System:
1) Windows Server 2003 (Sp2)
2) Windows Server 2008 (SP1, SP2 & R2)
3) Windows 7 Client
4) Windows Vista (SP1 & SP2)
5) Windows XP (SP3)

Prerequisites:

1) Windows Management Framework installed
2) Enable Permission for that users
3) Uninstall previous version of Windows PowerShell (v2) and Windows Remote Management

How to enable the remote shell:

1) Enable the user for accessing the remote shell
2) Uninstall the previous Powershell and WinRM (Optional)
3) Install the Windows Management Framework Core
4) Set the execution policy to allow the script to be downloaded via browser by trusted publisher
5) Connect the Exchanage remotely via remote shell command.

1) Enable the user for accessing the remote shell
 Login to Exchange Server 2010
 Open the Powershell Command and type the following
Set-User UserName -RemotePowerShellEnabled $True

Example : Set-User remuse -RemotePowerShellEnabled $True
Figure1:

 

2) Uninstall the previous Powershell and WinRM (Optional)

How to Remove Windows PowerShell & WinRM on Windows Vista Windows Server 2008Windows Server 2003 and Windows XP

3) Installation of Windows Management Framework

a. Download the Windows Management Framework Core
b. Install the WMF Core and restart the computer.

4) Execution Policy Set needs to be Allowed as Remote Signed:

Before you excute the remote shell command from the powershell it is very important to set the execution policy allowed as remote signed – i.e  All scripts as well as configuration files should be downloaded via the Internet must be signed by a trusted publisher,by default it will be restricted, due to which you will get the following error message when you run Import-PSSession $Session

Import-Module : There were errors in loading the format data file:
Microsoft.PowerShell, , C:\Users\Administrator\AppData\Local\Temp\tmp_bd7275e3-fb76-4325-b4eb-f6e9b1c88b5c_20eckqql.gms
\tmp_bd7275e3-fb76-4325-b4eb-f6e9b1c88b5c_20eckqql.gms.format.ps1xml : File skipped because of the following validation
 exception: File C:\Users\Administrator\AppData\Local\Temp\tmp_bd7275e3-fb76-4325-b4eb-f6e9b1c88b5c_20eckqql.gms\tmp_bd
7275e3-fb76-4325-b4eb-f6e9b1c88b5c_20eckqql.gms.format.ps1xml cannot be loaded because the execution of scripts is disa
bled on this system. Please see "get-help about_signing" for more details..
At line:3 char:30
+                 Import-Module <<<<  -Name $name -Alias * -Function * -Prefix $prefix -DisableNameChecking:$disableNam
eChecking -PassThru -ArgumentList @($session)
    + CategoryInfo          : InvalidOperation: ( [Import-Module], RuntimeException
    + FullyQualifiedErrorId : FormatXmlUpateException,Microsoft.PowerShell.Commands.ImportModuleCommand

Figure 2:




Follow the below steps inorder to allow the scripts to be downloaded:
1) Open the powershell command (ensure you have selected RunAs Administrator) and type the following :
2) Set-ExecutionPolicy RemoteSigned  and press enter
Figure 3:

 
Sometime you might fail to set the above command and will see Access denied error in that situation follow the below workaround
HKLM\Software\Microsoft\PowerShell\1\ShellIds\Microsoft.PowerShell\ExecutionPolicy"="RemoteSigned"
Note : If “ExecutionPolicy” does not exist, create it as REG_SZ with value “RemoteSigned”

5) Connect remotely via Remote Exchange Managment Shell:

a) Login to the local computer where you have installed the WMF
b) Open the Powershell and type the following command
     $UserCredential = Get-Credential

Note : It will ask for user credential as per the below screen
Figure 4:

 
d) then type the following command :
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<FQDN of Exchange 2010 server>/PowerShell/ -Authentication Kerberos

In my case
$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://e2k10.happy.com/PowerShell/ -Authentication Kerberos
Figure 5:

 

e) Then type : Import-PSSession $Session
 Figure 6:

 

If you want to disconnect the session then just type : Remove-PSSession $Session

Once you import the session - you are on to execute the Exchange commands remotely

Figure 7:

Reference Article:
Exchange Management Shell