I'm getting a 'PSSessionOpenFailed' error when trying to connect to the Exchange server using New-PSSession — any idea what might be causing this?

The PSSessionOpenFailed error when trying to connect to the Exchange server can occur due to several reasons. Here are some potential causes and their resolutions:

1. Firewall Issues: Ensure that the firewall is not blocking the necessary traffic required for the connection.
2. Windows Remote Management Service: Check if the Windows Remote Management service is installed and running. You can do this by:
   • Typing services.msc in the Run dialog box and pressing Enter.
   • Finding Windows Remote Management in the Services MMC.
   • Ensuring that the service is set to Manual startup type and is started.
3. Proxy Server Configuration: If you are using a proxy server, verify that it is configured correctly. You can check the current proxy settings by running the command netsh winhttp show proxy in an elevated Command Prompt. If necessary, reset the proxy settings using netsh winhttp reset proxy or configure a new proxy with netsh winhttp set proxy <proxy>:<port>.
4. SSL Settings in IIS: If you are connecting to an Exchange Server, ensure that the SSL settings in IIS for the PowerShell virtual directory do not have the Require SSL option enabled, as this can cause connection issues.
5. Remote PowerShell Enabled: For Exchange Online, ensure that your account has the RemotePowerShellEnabled parameter set to True. If it is set to False, another administrator will need to change it using the command:

      Set-User -identity ******@contoso.com -RemotePowerShellEnabled $True
   

   Allow some time for the setting to take effect before trying again.

By checking and resolving these issues, you should be able to connect to the Exchange server successfully.

Hi @Mishael John Calaunan

Thank you for posting your question in Microsoft Q&A. 

Please note that our forum is a public platform, and we will modify your question to hide your personal information in the description. Kindly ensure that you hide any personal or organizational information the next time you post an error or other details to protect personal data. 

Based on my research, this issue may be related to incorrect or missing ExternalUrl/InternalUrl settings, or an SSL certificate that does not match the server name specified in the ConnectionURI. 

You could try to follow these steps to troubleshoot it: 

SSL Certificate Mismatch or Invalid 

Ensure the certificate bound to IIS matches the Exchange server’s FQDN and is considered valid. SSL mismatches or expired certs can block remote PowerShell connections. 

Re-configure Virtual Directory settings  

Run this on the Exchange server itself (EMS): 

Get-PowerShellVirtualDirectory | Select-Object Server,InternalUrl,ExternalUrl,*AuthenticationMethods 

It should display: 

InternalAuthenticationMethods : Basic, Negotiate, NTLM   
ExternalAuthenticationMethods : Basic, Negotiate, NTLM 

If InternalUrl or ExternalUrl is blank or wrong, you could fix it via: 

Set-PowerShellVirtualDirectory -Identity "YOURSERVERNAME\PowerShell (Default Web Site)" ` -InternalUrl https://mail.domain.com/powershell/ ` -ExternalUrl https://mail.domain.com/powershell/ ` -BasicAuthentication $true -WindowsAuthentication $true 

Using the Internal FQDN from Outside the Domain (or Vice Versa) 

If you’re connecting from a machine that is not domain-joined or from outside the corporate network, you cannot use the internal Active Directory domain name ( yourserver.localdomain.com).  Instead, use the externally published name that has a valid SSL certificate bound to it. For example: 

$connectionUri = "https://mail.domain.com/powershell/" 

Please understand that our initial reply may not always immediately resolve the issue. However, with your help and more detailed information, we can work together to find a solution. 

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".      

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.