PowerShell to remotely invoke Exchange with other credentials


I've been tasked with creating a script that is going to be run on multiple user machines throughout the network. The commands that we're ultimately going to have run will change the user's email alias to something based on a choice. That, I don't have a problem with. My problem is the fact that the user needs access to Exchange commands and an account with the rights to use it.

I secured a service account password in an XML with the following command on the server where I wanted the credentials to reside:

$MyCredentials=Get-Credentials -Credential "domain\username" | Export-CliXml C:\Scripts\SecureCredentials.xml

Then in the script, I imported that information with the following:

$cred=Import-CLIXML \\server\Scripts\SecureCredentials.xml

That part is working fine as far as I can tell.

I then am trying to import the Microsoft Exchange 2010 module to then run the commands I mentioned earlier. I've written this little portion and am getting weird errors. Here's what I have coded:

$Session = New-PSsession -ComputerName exchangeserver
  Invoke-Command -Command {Import-Module Microsoft.Exchange.Management.PowerShell.2010} -Session $Session 
  Import-PSSession -Session $Session -Module Microsoft.Exchange.Management.Powershell.2010 -Prefix RM

I try to test that part and I get a WinRM error message, but as far as I can tell, WinRM is working fine on my Exchange server. Here is the error:

New-PSsession : [exchangeserver] Connecting to remote server exchangeserver failed with the following error message : The client
cannot connect to the destination specified in the request. Verify that the service on the destination is running and
is accepting requests. Consult the logs and documentation for the WS-Management service running on the destination,
most commonly IIS or WinRM. If the destination is the WinRM service, run the following command on the destination to
analyze and configure the WinRM service: "winrm quickconfig". For more information, see the
about_Remote_Troubleshooting Help topic.
At C:\users\me\documents\Powershell Scripts\ExchangeBranding.ps1:17 char:14
+   $Session = New-PSsession -ComputerName exchangeserver
+              ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : OpenError:         (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
+ FullyQualifiedErrorId : CannotConnect,PSSessionOpenFailed
Invoke-Command : Cannot validate argument on parameter 'Session'. The argument is null or empty. Provide an argument
that is not null or empty, and then try the command again.
At C:\users\me\documents\Powershell Scripts\ExchangeBranding.ps1:18 char:98
+ ... 2010} -Session $Session
+                    ~~~~~~~~
+ CategoryInfo          : InvalidData: (:) [Invoke-Command], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.InvokeCommandCommand

Import-PSSession : Cannot validate argument on parameter 'Session'. The      argument is null. Provide a valid value for
the argument, and then try running the command again.
At C:\users\me\documents\Powershell Scripts\ExchangeBranding.ps1:19 char:29
+   Import-PSSession -Session $Session -Module Microsoft.Exchange.Management.Power ...
+                             ~~~~~~~~
+ CategoryInfo          : InvalidData: (:) [Import-PSSession], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.PowerShell.Commands.ImportPSSessionCommand

Do I need the fully qualified name of the server when I call it out to import it? I was trying to follow along on a TechNet article and it got me this far, but I can't import the module.

EDIT: I can now import the module, but I'm having problems attaching the credentials. If I do it without embedding the credentials and just import them manually, I can get the module to import with the following:

$session=New-PSSession -ConfigurationName Microsoft.Exchange.Management.Powershell.2010 -ConnectionUri http://exchangeserver.domain.com/powershell 

Best Answer

Had a similar problem a while ago - it was a simple permission problem on the remote host. I'm not sure anymore, but I think I used this small guide: http://blogs.msdn.com/b/powershell/archive/2009/11/23/you-don-t-have-to-be-an-administrator-to-run-remote-powershell-commands.aspx

And I would also suggest to pack everything in an executable file (with PS2EXE - https://gallery.technet.microsoft.com/PS2EXE-Convert-PowerShell-9e4e07f1). By that you can hack in the credentials hardcoded in your script and avoid a missing xml-file and give it to your users without having to worry about it anymore.