Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

Topic Last Modified: 2012-07-23

Using the remote Shell, you can connect to a remote server running Microsoft Exchange Server 2010 to perform administration without the need to have any Exchange administration tools installed on your local computer. The remote Shell uses Windows PowerShell 2.0 and Windows Remote Management (WinRM) 2.0 to enable you to connect to remote Exchange 2010 servers.

After you connect the remote Shell to an Exchange server, the Exchange 2010 cmdlets that you have access to are made available to you in your local PowerShell session. When you run a cmdlet on your computer, the requests are sent to the remote Exchange 2010 server. The remote Exchange 2010 server then returns the results, if any, to your computer. Use the Get-Help cmdlet to access Help for individual cmdlets.

For more information about the remote Shell, see Create a Manual Remote Shell Connection.

Looking for other management tasks related to the remote Shell? Check out Managing Exchange Management Shell Connections.

Note:
If you want to use the Shell on an Exchange server or on a computer that has Exchange management tools installed, see Open the Shell. Use the procedure in this topic only on computers that don't have the Exchange management tools installed.

Prerequisites

  • Install Windows Management Framework   Windows Management Framework contains Windows PowerShell and WinRM. For more information, see Install Windows Management Framework.

  • Join your computer to a Windows domain   If you want to use your current network credentials, the domain you're joined to must be trusted by the domain where the Exchange server resides. Your domain doesn't need to be trusted if you manually specify credentials that are valid in the remote domain.

  • Open TCP port 80   TCP port 80 must be open between your computer and the remote Exchange 2010 server, and the port must be allowed through Windows Firewall on the Exchange 2010 server.

Use your network logon account to connect to a remote Exchange 2010 server

To connect to a remote Exchange 2010 server using the remote Shell, the user you connect as must be enabled for the remote Shell. This is enabled by default for the account used to install the first Exchange 2010 server in your organization. For more information about how to enable the remote Shell for other users, see Enable Remote Exchange Management Shell for a User.

To perform administrative tasks on a remote Exchange 2010 server, the account you use must be assigned the management roles that allow that feature to be managed. To determine the required management roles, see the Help topic for each feature. For more information about permissions, assigning management roles and management role scopes, and the rights required to administer Exchange 2010, see Understanding Permissions.

If you want to connect to a remote Exchange server using your current network logon account, use the following procedure. You don't need to specify your user name or password. This procedure can be used even if there are no Exchange 2010 management tools installed.

  1. Click Start, point to All Programs, point to Windows PowerShell, and then click Windows PowerShell or Windows PowerShell ISE.

    Note:
    Windows PowerShell Integrated Scripting Environment (ISE) is the new Windows PowerShell graphical console and can be used instead of the traditional text-based PowerShell console.
  2. Open the connection to Exchange 2010 by running the following command.

    Copy Code
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<FQDN of Exchange 2010 server>/PowerShell/ -Authentication Kerberos
    
  3. Import the server-side PowerShell session into your client-side session by running the following command.

    Copy Code
    Import-PSSession $Session
    

After you perform this procedure, you can run Exchange cmdlets in the remote Shell.

Use a user account that you specify to connect to a remote Exchange 2010 server

To connect to a remote Exchange 2010 server using the remote Shell, the user you connect as must be enabled for the remote Shell. This is enabled by default for the account used to install the first Exchange 2010 server in your organization. For more information about how to enable the remote Shell for other users, see Enable Remote Exchange Management Shell for a User.

To perform administrative tasks on a remote Exchange 2010 server, the account you use must be assigned the management roles that allow that feature to be managed. To determine the required management roles, see the Help topic for each feature. For more information about permissions, assigning management roles and management role scopes, and the rights required to administer Exchange 2010, see Understanding Permissions.

When you connect to a remote Exchange 2010 server using a user name and password you specify, you direct the remote Shell to connect to the remote server using those credentials when it authenticates the session. The credentials can be different from your current user name and password. This is called explicit authentication. This procedure can be used even if there are no Exchange 2010 management tools installed.

  1. Click Start, point to All Programs, point to Windows PowerShell, and then click Windows PowerShell or Windows PowerShell ISE.

    Note:
    Windows PowerShell Integrated Scripting Environment (ISE) is the new Windows PowerShell graphical console and can be used instead of the traditional text-based PowerShell console.
  2. Enter your network credentials and store them in a variable by running the following command.

    Copy Code
    $UserCredential = Get-Credential
    
  3. In the dialog box that opens, type the user name and password of the administrator account that has access to administer the Exchange 2010 server you want to connect to, and then click OK.

  4. Open the connection to Exchange 2010 by running the following command.

    Copy Code
    $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://<FQDN of Exchange 2010 server>/PowerShell/ -Authentication Kerberos -Credential $UserCredential
    
  5. Import the server-side PowerShell session into your client-side session by running the following command.

    Copy Code
    Import-PSSession $Session
    

After you perform this procedure, you can run Exchange cmdlets in the remote Shell.

Other Tasks

After you connect to a remove Exchange 2010 server, you may also want to:

Disconnect Remote Exchange Management Shell from an Exchange Server

Troubleshooting the Exchange Management Shell