Geeks With Blogs

Lance's TextBox

Recently I saw a question come to my friend Spencer here at /n software about whether or not it was possible to use the Microsoft Exchange 2007 SP1 PowerShell cmdlets through the /n software PowerShell Server.

The person wanted to be able to manage Exchange from a remote Unix machine.  Of course, as I’ve mentioned before, it could be done from anywhere that supports SSH – like an Apple iPhone or a Blackberry.

The PowerShell server uses impersonation - it impersonates the user that the SSH client authenticated with, so you would connect to the PowerShell Server and login using some account, and any commands you then executed would be run as that user. 

Exchange 2007's Management Shell won't let threads that are impersonating a user access it's functionality UNLESS a specific DC is given to the cmdlet.  For example, instead of calling "Get-Mailbox", you'll need to call "Get-Mailbox -DomainController <yourdomaincontroller>".

Optionally, you can run PowerShell Server without impersonation through a new (undocumented for now) configuration setting for PowerShell Server. If you open the registry editor and go to HKEY_LOCAL_MACHINE/SOFTWARE/nsoftware/PowerShellServer you can add a new DWORD value called "NoImpersonation" with a value of 0x01. When this is set, the PowerShellServer will not impersonate the user that was used to authenticate and instead all commands will be run under the account that started the PowerShellServer process itself.

So, just to re-cap, here’s how you can leverage the /n software PowerShell Server to use the MS Exchange Management Shell from *nix, cell phones, Windows machines without WinRM installed, etc:

  1. Get the latest build of Powershell Server from the /n software website and install it on your Exchange machine, along with PowerShell itself.
  2. Optionally add a new DWORD value called "NoImpersonation" to the registry at HKLM\SOFTWARE\nsoftware\PowerShellServer, set it to 1.
  3. Start the PowerShell Server, and connect to it from your remote device/machine with the SSH client of your choice.
  4. Send the command to add the Exchange Management Shell cmdlets (ie, Add-PSSnapin Microsoft.Exchange.Management.PowerShell.Admin).
  5. Use the Exchange Management Shell cmdlets (ie, Get-Mailbox -DomainController <somedc>)

Have a good time managing your Exchange servers via your cell phone while sitting on the beach!

Posted on Wednesday, May 6, 2009 12:55 PM PowerShell | Back to top

Comments on this post: Managing MS Exchange Remotely From Unix, Phone, Windows, etc.

No comments posted yet.
Your comment:
 (will show your gravatar)

Copyright © Lance Robinson | Powered by: