Saturday, June 1, 2019

Repair connection (WinRM not available using kerberos authentication into the /Powershell SCP

The problem

"The following error occured while attempting to connect to the specific exchange server . The attempt to connect to http /powershell using kerberos authentication failed: connecting to remote server failed with the following message: The WInRM client sent a request to an http server and got a response saying the requested http url was not availabe. This is usually returned by the http server that does not support the WS-Management protocol."

 

 

The Solution

1. Run a PowerShell script to check All Service Connection Point (SCP) entries

a. Open a Powershell for exchange or simple powershell with administrative privilegies (using Run as Administrator):

 

b. Check that all the URLs are fine withmy script on technet with the option: "-Get"

The correct way to run the script will be as follows
#Change Executionpolicy (just in case you haven't done this already),
Set-ExecutionPolicy unrestricted
#Accept the warning (by pressing Y or A then press enter)

#Run the script (move to the folder where the script is downloaded) 
cd "C:\Users\joseo\Downloads"
.\setAllv2.ps1 -Get
You will get something like this:

Optional (for setting up internal and externals URL, all at once on a single server): In case you want to set all the internals and externals URL with my script you can do so by running it with the option -Set -urlpath "https://mail.yourdomain.com"

You would get something similar to this pic:

if this doesn't fix the issue go to step 2 (don't close your powershell console we will still need it).

 

2. Remove and Enable the HTTP on the winRM

Just run:
$IPAddress= (Get-NetIPAddress | ?{ $_.AddressFamily -eq "IPv4"  -and !($_.IPAddress -match "169") -and !($_.IPaddress -match "127") }).IPAddress
winrm delete winrm/config/Listener?Address=*+Transport=HTTP
winrm create winrm/config/Listener?Address="IP:$IPAddress+Transport=HTTP"
Check if it's working.

3. Follow the instructions:

  1. Open IIS Manager, and then navigate to Default Web Site.
  2. Right-click Default Web Site, and then click Edit Bindings. If a binding exists for HTTP, clear the hostname value. If no binding exists for HTTP, create a new binding that has no host name and a value of All Unassigned for the IP address.
  3. Restart IIS.
#when you got the results just return the executionpolicy 
#(when you finished working with powershell scripts, as a good practice )
Set-ExecutionPolicy remotesigned
Answer's Source: TechNet And that's it! thank you for reading

Please consider to donate and thank you very much for reading this.

No comments:

Post a Comment