Ilse Van Criekinge's Weblog

Addicted to Microsoft Unified Communications

Using Remote PowerShell to connect to Lync

Using Remote PowerShell to connect to Lync

  • Comments 2
  • Likes

It is possible to manage Lync remotely using the wonderful world of Remote Powershell. Here’s a short overview of using Remote PowerShell to connect to Lync.

Prerequisites

Your client machine from where you want to connect to Lync, must have:

  • Windows PowerShell v2.0
  • NET Framework 2.0 Service Pack 1
  • Windows Remote Management (WinRM) 2.0

Connecting from a domain-joined machine

Once you have launched Windows PowerShell, create a new persistent connection to your Lync server by using the cmdlet New-PSSession. In the following example I have created a variable $a which will create the new persistent connection, and then I will import it to enable it. I’m using the credentials prompted for by creating a new variable $credential = Get-Credential.

IVC-0361

Connecting from a non-domain joined machine

Is perfectly possible :-) But when trying to do so, I always ended up with the following error message when creating my variable New-PSSession…

First setting the credentials…

IVC-0357

Then creating a new persistent connection…

IVC-0359

The error message indicates “Connecting to the remote server failed with the following error message : The server certificate on the destination computer has the following errors: The SSL certificate could not be checked for recovation. The server used to check for recovation might be unreachable.”

A quick search on the www, gave me an explanation from EdYoung, who states “Whenever you connect to an HTTPS URL, such as is used for remote PowerShell, the server needs to have a certificate 'proving' it matches the URL you entered, to prevent someone spoofing the website. To make sure the cert is valid, the client program needs to check with the certificate authority (CA) which issued the certificate to see if it's been revoked. This error indicates that it wasn't able to do so. This can happen if (for example) you used an internal CA within your company firewall to issue a cert, then try to connect from outside the firewall, though there are other posibilities

Using his workaround (which is obviously not recommended from a security point of view) I was able to connect…

   IVC-0360 

Ilse

Comments
  • Workaround doesn't work for me:

    [cas01.testk3.lab] Connecting to remote server failed with the following error message : The WinRM client cannot process the request. The authentication mechanism requested by the client is not supported by the server or unencrypted traffic is disabled in the service configuration. Verify the unencrypted traffic setting in the service configuration or specify one of the authentication mechanisms supported by the server.  To use Kerberos, specify the computer name as the remote destination. Also verify that the client computer and the destination computer are joined to a domain. To use Basic, specify the computer name as the remote destination, specify Basic authentication and provide user name and password. Possible authentication mechanisms reported by server: For more information, see the about_Remote_Troubleshooting Help topic.

       + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc   eption

       + FullyQualifiedErrorId : PSSessionOpenFailed

  • I get "login failed for the user", it's trying to use my machine credential instead of the session credential, any idea? Thanks, Vijay

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment