I am trying to test importing a .PST file directly from its original location on a remote machine with the New-MailboxImportRequest cmdlet in Exchange 2010 SP1. I have no trouble importing the file if it is located on a file share, but I don't understand why I can't import a file from other places on the remote hard drive if I am using DomainAdmin-level credentials.
Here is my powershell:
[PS] C:\Windows\system32>New-MailboxImportRequest -Mailbox Administrator@mydomain.com -FilePath '\Win7-Test-1\c$\pst_files\test1.pst'
Unable to open PST file '\Win7-Test-1\c$\pst_files\test1.pst'.
Error details: Access to the path '\Win7-Test-1\c$\pst_files\test1.pst' is denied.
+ CategoryInfo : NotSpecified: (0:Int32) [New-MailboxImportRequest], RemotePermanentException
+ FullyQualifiedErrorId : C1C65BA8,Microsoft.Exchange.Management.RecipientTasks.NewMailboxImportRequest[PS] C:\Windows\system32>
I have confirmed that I can do a simple dir of the remote directory using the same PowerShell prompt, so not sure what the problem is.
[PS] C:\Windows\system32>dir \Win7-Test-1\c$\pst_files\
Directory: \Win7-Test-1\c$\pst_files\
Mode LastWriteTime Length Name
—- ————- —— —-
-a— 9/21/2010 3:46 PM 271360 test1.pst
-a— 9/21/2010 3:46 PM 525312 test2.pst
-a— 9/21/2010 3:46 PM 271360 test3.pst
I read about enabling CredSSP for multi-hop over WinRM, so I thought maybe that would work but what I did to enabled it didn't work. I ran both of these commands on the Exchange Server to no avail. (Yes, I closed the PS window and opened a new one after running the cmdlets.)
Enable-WSManCredSSP -Role Server
Enable-WSManCredSSP -Role client -DelegateComputer *
What do I need to do for this to work?
Best Answer
Mailbox Import and Export process is handled by Exchange MRS component. If you check the Microsoft Exchange Mailbox Replication service properties, you will see the service is running under “Local System account”. That means the file share location you specified in the New-MailboxExportRequest or New-MailboxImportRequest doesn’t have permissions to Exchange Trusted Subsystem.
The solutions as you guessed enable Read/Write permissions to Exchange Trusted Subsystem for the network location (NTFS and Share permissions). Try again.