About Me

My photo
TsooRad is a blog for John Weber. John is a Skype for Business MVP (2015-2018) - before that, a Lync Server MVP (2010-2014). My day job is titled "Technical Lead, MS UC" - I work with an awesome group of people at CDW, LLC. I’ve been at this gig in one fashion or another since 1988 - starting with desktops (remember Z-248’s?) and now I am in Portland, Oregon. I focus on collaboration and infrastructure. This means Exchange of all flavors, Skype, LCS/OCS/Lync, Windows, business process, and learning new stuff. I have a variety of interests - some of which may rear their ugly head in this forum. I have a variety of certifications dating back to Novell CNE and working up through the Microsoft MCP stack to MCITP multiple times. FWIW, I am on my third career - ex-USMC, retired US Army. I have a fancy MBA. One of these days, I intend to start teaching. The opinions expressed on this blog are mine and mine alone.

2012/02/22

Exchange 2010 WinRM and Powershell

Situation

Opening the Exchange Management Shell (EMS) on the server fails to connect to the local server with this error:

Connecting to remote server failed with the following error message : The WinRM client received an HTTP server error status (500), but the remote service did not include any other information about the cause of the failure. For more information, see the about_Remote_Troubleshooting Help topic.

Nice, huh?  Looking at the event log gave me an RBAC error and a a few others as shown…

(Process w3wp.exe, PID 3244) "RBAC authorization is unavailable due to the transient error: The Microsoft Exchange Active Directory Topology service on server localhost can't be contacted via RPC. Error 0x5."

Process w3wp.exe (PID=3244). An remote procedure call (RPC) request to the Microsoft Exchange Active Directory Topology service failed with error 5 (Error 0x5 (Access is denied) from HrGetServersForRole). Make sure that the Remote Procedure Call (RPC) service is running. In addition, make sure that the network ports that are used by RPC are not blocked by a firewall.

Process w3wp.exe (PID=3244). An remote procedure call (RPC) request to the Microsoft Exchange Active Directory Topology service failed with error 5 (Error 0x5 (Access is denied) from HrGetServersForRole). Make sure that the Remote Procedure Call (RPC) service is running. In addition, make sure that the network ports that are used by RPC are not blocked by a firewall.

What changed over the last week?  E2010 SP2 and RU1 had been run into the environment – but nothing else.

This was very frustrating because all the “normal” fixes to this did not work.  WinRM extensions, Kerberos auth on the powershell vdir, rebooting, you name it, I looked at it.  Nada.

The Fix

On a whim, while checking the PowerShell virtual directory path, and comparing a working server to this non-functioning server, I looked at the application pool…oh &%*!.  How did it get that way?  Four hours of chasing my tail.  Four hours of my life I cannot get back.

My only thought is that SP2 or SP2 RU1 borked that setting for some bizarre reason.  Here is a nice screen shot of what it was…

clip_image002[5]

…and what it should be:

clip_image002

YMMV

2 comments:

Daniel Mark Ogden said...

Amazing. I had the EXACT SAME PROBLEM and this fixed it by setting the AppPool soccertly as explained here! I was pulling my hair out as I tried all of the other "fixes" and non of them worked. This was an issue caused by SP2.

Daniel Mark Ogden said...

Amazing! This worked for me as well by setting the AppPool to powershell. I had tried all of the other fixes and nothing worked. This is an issue with SP2.

What Vacation Taught me

I took vacation this year; a formal thing with travel, schedule coordination, planned activities, and days full of interacting with others. ...