Friday, January 29, 2016

Enable Remote PowerShell Connections via HTTPS

Hi folks,

I just wanted to share with you a quick script to enable PowerShell connectivity via HTTPS instead of the default HTTP. This may be especially useful when you are trying to manage your Exchange environment via Internet and publish it via proxy. You can read more details about configuration of HTTPS in this article.

Below is the code which you will need to run on your Exchange 2013/2016 box that will enable configuration of Basic authentication which needs to be used in conjunction with SSL:

$Server = $(Get-WmiObject Win32_Computersystem).name
Get-PowerShellVirtualDirectory -Server $Server |Set-PowerShellVirtualDirectory -BasicAuthentication:$true

After configuration I have executed the following code:

Get-PowerShellVirtualDirectory -Server $Server |select *auth*

It produced output as below:

Note that values next to InternalAuthenticationMethods and ExternalAuthenticationMethods should be set to Basic.

After this you can launch remote PowerShell session and have it connected to the HTTPS URL of your PowerShell virtual directory. Make sure that you specify Authentication parameter as Basic as well as you add AllowRedirection parameter as below (I also add the last line to ensure that I can see mailboxes within the whole AD forest if it's a multi-domain one):

$cred = Get-Credential

$session = New-PSSession -ConfigurationName Microsoft.Exchange -Authentication Basic -ConnectionUri -AllowRedirection -Credential $cred
Import-PSsession $session
Set-ADServerSettings -ViewEntireForest:$true