I have installed Exchange Server 2013 on a Windows Server 2012 machine.
When I try to establish a remote PowerShell connection, using this command with Kerberos authentication:
$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://servername/powershell" -Credential $credential -Authentication "Kerberos"
I get the following error:
New-PSSession : [servername] Connecting to remote server servername failed with the following error message : Logon failure: unknown user name or bad password. For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:20
+ $exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -Connecti ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotingTransportException
+ FullyQualifiedErrorId : LogonFailure,PSSessionOpenFailed
However, if I try it with basic authentication, a connection is established successfully.
$exchangeSession = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri "https://servername/powershell" -Credential $credential -Authentication "Basic"
Can somebody please tell me why this error is happening, and also a remedy to this.
In my case, it turns out, the system from which I was trying to initiate remote Powershell session was in a different workgroup (windows domain) than the workgroup in which my exchange server was installed.
In Kerberos, we cannot establish such connections over cross-domain.
Kerberos in general is little painful although more secure, with its multiple points of checks, which can actually also turn out to be multiple points of failure, unless of course configured properly. Time sync, domain, spn etc.
This websites might be of interest/help to someone who faces similar issues in the future: http://anexinetisg.blogspot.in/2013/07/kerberosslaying-dragon-in-exchange.html