Remoting and Invoke-command in Exchange Server

This topic contains 2 replies, has 2 voices, and was last updated by Profile photo of Trond Jenssen Trond Jenssen 1 year ago.

  • Author
  • #31227
    Profile photo of Trond Jenssen
    Trond Jenssen


    I have a DAG with 9 members, each with 10 active DBs (90 DBs total).

    My problem is: Sometimes I need to search through all mailboxes for specific mails and delete it.

    If i run: Get-mailbox | search-mailbox..... Everything works fine. But takes very long time. (10.000+ MBXs)

    Is there a way to tell each server to search its own active DBs for content?

    I have tried with Invoke-command but getting auth errors, message is:

    "Active Directory operation failed on . The supplied credential for '\' is invalid."

    Do I have to use credssp or is there another way?


  • #31228
    Profile photo of Don Jones
    Don Jones

    Well, without seeing the Invoke-Command you're trying to use, it's a little difficult to tell. That error message is telling you that the credential you supplied is not valid. Since I can't tell what credential you provided... hard to say.

    Assuming that you have an account in the same domain as the Exchange servers, and that the account has permission to use Remoting on the Exchange servers, and that you specify that account when running Invoke-Command, then it should run fine. But there are a zillion configuration things on the Exchange side that could restrict it from working, and without sitting in front of the computers, it's a little tough to diagnose.

    Ultimately, you probably do want to have the command running on each server, and run Get-Mailbox with its -Server parameter to restrict each server to only searching its own mailboxes.

    But I'd maybe start with a simple Enter-PSSession command to one of the servers. Get that working first, and then move on to your actual command.

  • #31230
    Profile photo of Trond Jenssen
    Trond Jenssen

    Thanks Don for your answer!

    I will try with Enter-PSSession and work slowly forward. But here is my setup:

    All workstation and servers are in same AD domain. I start ISE with admin cred and don't supply them in PSSession command.

    This runs in my profile scipt:
    $ex=New-PSSession -ConfigurationName -ConnectionUri
    import-pssession $ex

    And with Exchangecmdlets via Implicit Remting i try to run:
    $servers=Get-TransportService | select -ExpandProperty name
    foreach ($server in $servers) { Invoke-Command -ComputerName $server -FilePath .\Remove-mail.ps1 }

    Remove-mail.ps1 contains:
    Add-PSSnapin Microsoft.Exchange.Management.Powershell.E2010
    $dbs=Get-MailboxDatabaseCopyStatus -Active | select -ExpandProperty databasename
    foreach ($db in $dbs) { Get-Mailbox -ResultSize unlimited -Database $db | Search-Mailbox -SearchQuery { from:postmaster -and received:today } -DeleteContent }

    Error message says:
    Active Directory operation failed on . The supplied credential for 'domain\xxx-admin' is invalid.
    + CategoryInfo : NotSpecified: (:) [], ADInvalidCredentialException
    + FullyQualifiedErrorId : [Server=EX11,RequestId=95301f73-3336-4d6a-9906-8903694cbf4d,TimeStamp=23.10.2015 14:10:54] [FailureCategory=Cmdlet-ADInvalidCredentialException] E4763103
    + PSComputerName : EX11

    Hope you can see what's wrong! And thank you again for getting me started with Powershell in you class in Oslo some years ago, but I'm still learning 🙂

    As I said:
    I can run everything from workstation without errors (get-mailbox | search-mailbox), but with over 20.000 mbx it takes hours.

    Add-PSSnapin Microsoft.Exchange.Management.Powershell.E2010
    fails with same error!
    Is CredSSP the only way to go?

You must be logged in to reply to this topic.