We have installed EX13 CU5 in a EX07 SP3CU12 environment.
I changed OWA Virtual Directory on EX13 to FBA with UserName option and selected the domain "fat.local"

Now when i run get-owavirtualdirectory on the EX13 machine no errors are reported and LogonFormat shows userName and DefaultDomain shows fat.local

But when i run get-owavirtualdirectory on the EX07 machine i get error referring to the EX13 OWA default web site saying;

"WARNING: Object DC-PEXCVS1\Exadmin (Default Web Site) has been corrupted and it
 is in an inconsistent state. The following validation errors have occurred:
WARNING: You must set a DefaultDomain if LogonFormat is set to UserName.

Rather strange error cause it does not show this error when running on the 2013 machine.

Dear All,

Good Day,

We have two exchange member servers in our exchange environment. One is mailbox server and the other is HUB & CAS. Earlier we had two mailbox servers and two HUB & CAS. Our environment went into a disaster and we were able to recover only two. Now in our EMC the old crashed servers are showing and we need to remove them without impacting the current setup.

Please let me know how i can achieve this.

Thank You

Regards

Abdul Wajid

Hello,

When I am using the command  c:\Exchange2013\>Setup.exe /PrepareAD /IAcceptExchangeServerLicenseTerms on my domain controller I am receiving the error below:

Welcome to Microsoft Exchange Server 2013 Service Pack 1 Unattended Setup
Copying Files...
File copy complete. Setup will now collect additional information needed for
installation.

Performing Microsoft Exchange Server Prerequisite Check

    Prerequisite Analysis                                     COMPLETED
 Setup will prepare the organization for Exchange 2013 by using 'Setup /PrepareA
D'. No Exchange 2007 server roles have been detected in this topology. After thi
s operation, you will not be able to install any Exchange 2007 servers.
 For more information, visit: http://technet.microsoft.com/library(EXCHG.150)/ms
.exch.setupreadiness.NoE12ServerWarning.aspx


Configuring Microsoft Exchange Server

    Organization Preparation                                  FAILED
     The following error was generated when "$error.Clear();
        initialize-ExchangeConfigurationPermissions -DomainController $RoleDomai
nController

" was run: "Active Directory operation failed on domain.com
. This error is not retriable. Additional information: Access is denied.
Active directory response: 00000005: SecErr: DSID-031521D0, problem 4003 (INSUFF
_ACCESS_RIGHTS), data 0
".

I am using an admin account with full rights. Could you give me any advice what might that be? 

Thank you in advance

I am planning for the Exchange 2010-2013 migration, the migration is from one Geo-location to the other. In the current setup, I have 2 CAS and 2 MBX servers with one CAS pointing to the public IP mail.domain.com and autodiscover.domain.com for the external users' access.

I will have the same setup in the new site that I am building the Exchange 2013 servers. Moving the users' mailbox from 2010 to 2013 is not going to happen overnight, so I would like to seek some advise on how do I ensure coexistence for the users existing in both Exchange 2010 and 2013 environment during the migration process. When it comes to configuring the 2013 CAS, can I still have my external URLs same as the 2010 CAS?

Any suggestions and sharing the best practices are much appreciated, thanks!

Hey all,

So I'm in a bit of a pickle with my Exchange design and am trying to figure out if there's a way to migrate mailboxes across forests where Linked mailboxes are being used. I've done a bit of reading and have noted stuff like preparing the move request in AD, etc. But I'm wondering if someone can break it down for me.

http://1drv.ms/1lWjLqG

The above is a OneNote diagram of how we have moved over time. Please forgive my sloppy handwriting but I hope it gets the point across. I will text it out here as well:

Original Design

The original design of the domains when I joined the company were fabrikam and contoso. Contoso is a domain that sits entirely in the "DMZ". Fabrikam was the internal AD forest where most services and users authenticated to. In Contoso, there are 2 domain controllers, the "Front End" Exchange Server (Edge Transport), and the "Back End" server, which is CAS/Mailbox.

There is a forest trust between contoso and fabrikam where "Linked Mailboxes" are created in Contoso, and then the LinkedMasterAccount is set to Fabrikam.

Migration/Hybrid Design

Due to the fact that these two domains were configured massively inappropriately, riddled with security holes as well as strange permissions configurations, the decision was made to create a new internal AD domain. In my OneNote, I've labeled this 'specialbank.com'. A long while ago we migrated users from Fabrikam to SpecialBank via trusts. To facilitate access to Exchange, a new trust was created between Contoso and SpecialBank to allow us to update the LinkedMasterAccount parameter to the new Specialbank domain.

We have most of our users authenticating to their mailboxes via SpecialBank, while the mailboxes still reside in Contoso.

Migration from Exchange 2007 to Exchange 2013

I am attempting to now figure out the best way to migrate the mailboxes from Contoso to a new set of Mailbox servers in SpecialBank. This will also be an upgrade from Exchange 2007 (Current) to an Exchange 2013 installation. The latest Service Packs and CUs are installed in both.

What would be the best procedure to move these mailboxes? To my knowledge, the current best practice/recommended way is to perform a user/SID migration from Contoso to SpecialBank. But I already have accounts in SpecialBank that users are actively using.

I'm not opposed to doing a simple PST export from Contoso to SpecialBank, but we're looking at around 120 mailboxes. So I'm trying to make my life a little easier instead of spending a weekend here.

If I try to do it in batches, I need to figure out how to handle autodiscover and CAS. Since I'm creating an entirely new Exchange environment, I'm trying to limit what I place in the existing configuration. But I'm not opposed to setting up something temporarily if I need to in order to make the migration transparent to users.

Can anyone help?

So we're migrating from an Exchange 2010 environment to Exchange 2013. We use a single namespace ("exchange.contoso.com") for both internal and external clients.

In testing, we have taken a few machines running outlook 2013 and 2010, and edited their hosts file such that "exchange.contoso.com" points toward the new exchange 2013 environment, rather than the 2010 environment for our users. So far so good, they can connect, no issues.

However, when we move a mailbox to the 2013 environment, the outlook client comes back with "Your Exchange Administrator has made a change which requires you to restart outlook". This error affects both Outlook 2013 and 2010. We do have public folders in place in exchange 2010, but we have not yet migrated them to 2013 (because the user's still are on 2010).

Repairing the profile is no help, and recreating the profile does not work either. Any thoughts?

Microsoft Certified IT Professional Server Administrator

Hello All,

Recently we've upgrade our Exchange 2013 SP1 servers to CU5 but we are having very slow response while opening ECP & Powershell. MS support team says its known issue and only CU6 can support on this

Is there anyone here also facing the same issue post CU5 upgrade? If yes, is there any workaround or permanent solution available to overcome this situation

Vinoth Kumar. M

Good morning...

We have a multi-tenancy Exchange environment where we need to move one of the tenants onto their own dedicated server (AD and Exchange).

I've seen a good amount of documentation on migrating the entire setup to a new server, but not much on just doing it for one tenant in a multi-tenant environment.

Is there a way of doing this and minimizing downtime?  It seems like using the new server for a backup/secondary AD and Exchange and then promoting and forgetting the old would work for a live setting.  However not having done that before, nor am I seeing anything about doing it for one single tenant in a multi-tenant environment.  I'd like to know if I'm trying the impossible to start with.

Thank you for your time.

-Erick

Hi,

Trying to install Exchange 2013 Mailbox and Client Access roles but every time I do this I get the following error when it tries to install the mailbox role.  I'm using the domain administrator account to install.

Thanks

Hi, 

I am new to this forum, but thought to try it out. I have set up a lab environment with a 2012 dc in domain a together with a dag exchange system of 2 servers with all roles installed on each exchange server. The exchange servers are 2013. 

I have a domain b with a 2012 domain controller - and a 2008r2 server with 2007 exchange installed (sp3). 

I have trusts setup between the two, and I am trying to do a cross migration of some test accounts. I've successfully moved all items - however when I look at the output from the command.

get-moverequeststatistics -identity test1 | fl

it states : 

Message : Warning: The following failure occurred after the active directory modification completed: couldn't find database "LABEX07\First Storage Group\Mailbox Database". Make sure you have it typed correctly.

The database it says it can't find is from the source 2007 exchange server - and I know it exists. I can't see anything else wrong with the content of whats moved to the 2012 domain except for that message. Does anyone have an idea of what it means? My movement code was

.\prepare-moverequest.ps1 -identity test1@domainb.local -remoteforestdomaincontroller dc01.domainb.local -remoteforestcredential $remoteuser -localforestdomaincontroller dc01.domaina.local -localforestcredential $localuser

followed by the new-moverequest 

new-moverequest -identity test1 -remoteLegacy -remotecredential $remoteuser -remoteglobalcatalog dc.domainb.local -targetdatabase 'mailbox db 1' -targetdeliverydomain domaina.local

Hi,

May I have the syntax/process for creating Exchange Certificate requests with signature algorithm of SHA-2?

I need to generate certificate request for Exchange 2007, 2010, and 2013

Thanks!

Exchange 2013 CU6

When i first setup my 2013 servers, it looks like exchange went to my internal CA for each exchange server and got a cert for its self.

On the mailbox servers the cert has its self set for IMAP,POP,IIS,SMTP and it doesn't really appear to be editable.

On the cas servers this cert seems to have IMAP,POP,SMTP and it doesn't look like i can unselect those services.

These certs are going to expire soon and im not sure how to go about renewing/replacing them... since it looks a little different then doing the cert for OWA/ActiveSync.

Any help would be great.

Thanks

Systems Administrator

Hi,

I am working on our Exchange 2010-2013 migration and have come upon an issue after migrating test mailboxes. After migrating a mailbox to the 2013 database I am able to open it in OWA but when I try to open it via Outlook I get the error message "Cannot open your default e-mail folders. You must connect to Microsoft Exchange with the current profile before you can synchronize your folders with your Outlook data file (.ost)". I also get the same message when I create a new mailbox in the 2013 database and try to open it.

I have deleted and recreated the profile on the client. When I create the profile and let autodiscovery configure the information I get a message that the Ex2013 server is not available and the window comes up allowing me to enter the server and mailbox name. If I enter the Ex2013 server name I get the same error whether I enter the hostname of the server or the full DNS name. When I enter the Ex2010 server name it accepts it and converts it to the DNS name of the Ex2013 server but Outlook will still not open.

Both servers are single servers hosting all the roles. The Ex2010 server is using an internal certificate using the internal DNS. When I originally set up the Ex2013 server I did the same thing but have since purchased a SAN certificate based on our public DNS and installed that. The 2 names on the certificate are webmail.(xxxx).com and autodiscover.(xxxx).com. I was getting certificate errors on machines and now I have the SAN certificate that seems to have solved that problem.

I have a feeling I might have 2 problems, 1 with the autodiscover settings and another with the mailbox looking at the 2010 CAS rather than 2013. After doing some research I'm still a little lost in how I move forward on this one. Any help would be appreciated.

Peter Haase

Exchange 2013 on 2012 Server Cumulative Update 3 Install Error "No Suitable Directory Servers Found" Answered

Topology: 1 2k12 host and 12 2k12 virtual servers. 2 Active Directory Domain Controllers both GC. - DC1 and DC2 respectively.

While installing exchange 2013 cumulative update 3, I received an error indicating that the update was not able to contact an Active Directory Server.

I bought a golden ticket and the tech entered: C:\ExchUPDCumulative3>setup.exe /m:upgrade /IAcceptExchangeServerLicenseTerms /domaincontroller:DOMAIN.DC2 into the elevated command prompt.

This solved the problem...  Subsequently, I re-ran the update using /domaincontroller:DOMAIN.DC1 to see if the problem was with my DC1 but the update ran fine. So it doesn't seem to have ever had a problem with seeing the Domain Controllers but whatever the GUI is doing to detect the Domain Controller is not working. So if you run into this problem, the command line above is the answer. Below is the error text.

Error:

The following error was generated when "$error.Clear();

          $maxWait = New-TimeSpan -Minutes 8

          $timeout = Get-Date;

          $timeout = $timeout.Add($maxWait);

          $currTime = Get-Date;

          $successfullySetConfigDC = $false;

          while($currTime -le $timeout)

          {

            $setSharedCDCErrors = @();

            try

            {

              Set-SharedConfigDC -DomainController $RoleDomainController -ErrorVariable setSharedCDCErrors -ErrorAction SilentlyContinue;

             $successfullySetConfigDC = ($setSharedCDCErrors.Count -eq 0);

             if($successfullySetConfigDC)

              {

               break;

             }

             Write-ExchangeSetupLog -Info ("An error ocurred while setting shared config DC. Error: " + $setSharedCDCErrors[0]);

            }

            catch

            {

             Write-ExchangeSetupLog -Info ("An exception ocurred while setting shared config DC. Exception: " + $_.Exception.Message);

            }

            Write-ExchangeSetupLog -Info ("Waiting 30 seconds before attempting again.");

            Start-Sleep -Seconds 30;

            $currTime = Get-Date;

          }

          if( -not $successfullySetConfigDC)

          {

            Write-ExchangeSetupLog -Error "Unable to set shared config DC.";

          }

        " was run: "Unable to set shared config DC.".

Process Microsoft.Exchange.Directory.TopologyService.exe (PID=3132) Forest DOMAIN.LOCAL. Topology discovery failed, error details

No Suitable Directory Servers Found in Forest DOMAIN.LOCAL Site Default-First-Site-Name..

Process Microsoft.Exchange.Directory.TopologyService.exe (PID=3132). The Exchange computer DOMAINDC1.DOMAIN.LOCAL does not have Audit Security Privilege on the domain controller DOMAINDC1.DOMAIN.LOCAL. This domain controller will not be used by Exchange Active Directory Provider.

Process Microsoft.Exchange.Directory.TopologyService.exe (PID=3132). The Exchange computer DOMAIN.DC2.DOMAIN.LOCAL does not have Audit Security Privilege on the domain controller DOMAIN.DC2.DOMAIN.LOCAL. This domain controller will not be used by Exchange Active Directory Provider

Process MSExchangeFrontendTransport.exe (PID=5396). WCF request (Get Servers for DOMAIN.LOCAL) to the Microsoft Exchange Active Directory Topology service on server (TopologyClientTcpEndpoint (localhost)) failed. Make sure that the service is running. In addition, make sure that the network ports that are used by Microsoft Exchange Active Directory Topology service are not blocked by a firewall. The WCF call was retried 3 time(s). Error Details

 No Suitable Directory Servers Found in Forest DOMAIN.LOCAL Site Default-First-Site-Name.

   at Microsoft.Exchange.Directory.TopologyService.ADTopologyDiscovery.Discover()

   at Microsoft.Exchange.Directory.TopologyService.ADTopologyDiscovery.DoWork(CancellationToken cancellationToken)

   at Microsoft.Exchange.Directory.TopologyService.Common.WorkItem`1.Execute(CancellationToken joinedToken)

   at Microsoft.Exchange.Directory.TopologyService.Common.WorkItem`1.<>c__DisplayClass6.<StartExecuting>b__4()

   at System.Threading.Tasks.Task.Execute()

   at Microsoft.Exchange.Directory.TopologyService.TopologyDiscoveryManager.EndGetTopology(IAsyncResult ar)

   at Microsoft.Exchange.Directory.TopologyService.TopologyService.InternalEndGetServersForRole(IAsyncResult result)

   at Microsoft.Exchange.Directory.TopologyService.TopologyService.<>c__DisplayClassa.<EndGetServersForRole>b__9()

   at Microsoft.Exchange.Directory.TopologyService.TopologyService.ExecuteServiceCall(Action action

Dears

After testing Exchange 2013 for a couple of weeks with a limited amount of IT personnel, we have migrated the first batch of users from 2010 to 2013.

That was the biggest mistake we've done this.. week..

The error is identified as an autodiscover/ssl problem. No matter what I specify in CertPrincipalName on CAS, Outlook resets itself to msstd:server.domain.com

I have tried with "none" and "msstd:*.domain.com" but it always resets to msstd:server.domain.com

Outlook Autoconfigure test returns the correct value. Any ideas?

All our clients are not domain members, so setting this with GPO is not an option.

Hi,

We have one CAS/HUB server, two mailbox roll servers in a DAG. Both mailbox roll servers have public folder database and both are replicate each other. Now we are going to office365. Now we need to install client access roll on public folder database server(mailbox roll server) for office365 users to access the public folder from on premises according to

http://technet.microsoft.com/en-us/library/dn249373(v=exchg.150).aspx

We don't want get any problem after installing another CAS server roll. Our users' outlook should not interrupt with new installation. We are not setup client access array here. We are installing this for public folders access to office365 mailboxes. How to install and configure?

Please help us to achieve this.

Thanks & Regards.

Mike Garcia

When I open EMS I got this error:

VERBOSE: Connecting to SERVER01.Elfring.local.
New-PSSession : [server01.elfring.local] Connecting to remote server server01.elfring.local failed with the following e
rror message : De WinRM-client kan de aanvraag niet verwerken. Het authenticatiemechanisme Kerberos is gebruikt, maar d
e toegang tot de doelcomputer (SERVER01.Elfring.local:80) is geweigerd. Wijzig de configuratie zodat het authenticatiem
echanisme Kerberos is toegestaan of geef een van de authenticatiemechanismen op die door de server worden ondersteund.
 Als u Kerberos wilt gebruiken, geeft u de naam van de lokale computer op als externe bestemming. Controleer ook of de
clientcomputer en de doelcomputer lid zijn van een domein. Als u basisauthenticatie wilt gebruiken, geeft u de naam van
 de lokale computer op als externe bestemming, geeft u basisauthenticatie op en geeft u gebruikersnaam en wachtwoord op
. Door de server kunnen de volgende mogelijke authenticatiemechanismen worden gerapporteerd:   Digest Negotiate For mor
e information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
VERBOSE: Connecting to SERVER01.Elfring.local.
New-PSSession : [server01.elfring.local] Connecting to remote server server01.elfring.local failed with the following e
rror message : De WinRM-client kan de aanvraag niet verwerken. Het authenticatiemechanisme Kerberos is gebruikt, maar d
e toegang tot de doelcomputer (SERVER01.Elfring.local:80) is geweigerd. Wijzig de configuratie zodat het authenticatiem
echanisme Kerberos is toegestaan of geef een van de authenticatiemechanismen op die door de server worden ondersteund.
 Als u Kerberos wilt gebruiken, geeft u de naam van de lokale computer op als externe bestemming. Controleer ook of de
clientcomputer en de doelcomputer lid zijn van een domein. Als u basisauthenticatie wilt gebruiken, geeft u de naam van
 de lokale computer op als externe bestemming, geeft u basisauthenticatie op en geeft u gebruikersnaam en wachtwoord op
. Door de server kunnen de volgende mogelijke authenticatiemechanismen worden gerapporteerd:   Digest Negotiate For mor
e information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
VERBOSE: Connecting to SERVER01.Elfring.local.
New-PSSession : [server01.elfring.local] Connecting to remote server server01.elfring.local failed with the following e
rror message : De WinRM-client kan de aanvraag niet verwerken. Het authenticatiemechanisme Kerberos is gebruikt, maar d
e toegang tot de doelcomputer (SERVER01.Elfring.local:80) is geweigerd. Wijzig de configuratie zodat het authenticatiem
echanisme Kerberos is toegestaan of geef een van de authenticatiemechanismen op die door de server worden ondersteund.
 Als u Kerberos wilt gebruiken, geeft u de naam van de lokale computer op als externe bestemming. Controleer ook of de
clientcomputer en de doelcomputer lid zijn van een domein. Als u basisauthenticatie wilt gebruiken, geeft u de naam van
 de lokale computer op als externe bestemming, geeft u basisauthenticatie op en geeft u gebruikersnaam en wachtwoord op
. Door de server kunnen de volgende mogelijke authenticatiemechanismen worden gerapporteerd:   Digest Negotiate For mor
e information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
VERBOSE: Connecting to SERVER01.Elfring.local.
New-PSSession : [server01.elfring.local] Connecting to remote server server01.elfring.local failed with the following e
rror message : De WinRM-client kan de aanvraag niet verwerken. Het authenticatiemechanisme Kerberos is gebruikt, maar d
e toegang tot de doelcomputer (SERVER01.Elfring.local:80) is geweigerd. Wijzig de configuratie zodat het authenticatiem
echanisme Kerberos is toegestaan of geef een van de authenticatiemechanismen op die door de server worden ondersteund.
 Als u Kerberos wilt gebruiken, geeft u de naam van de lokale computer op als externe bestemming. Controleer ook of de
clientcomputer en de doelcomputer lid zijn van een domein. Als u basisauthenticatie wilt gebruiken, geeft u de naam van
 de lokale computer op als externe bestemming, geeft u basisauthenticatie op en geeft u gebruikersnaam en wachtwoord op
. Door de server kunnen de volgende mogelijke authenticatiemechanismen worden gerapporteerd:   Digest Negotiate For mor
e information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
VERBOSE: Connecting to SERVER01.Elfring.local.
New-PSSession : [server01.elfring.local] Connecting to remote server server01.elfring.local failed with the following e
rror message : De WinRM-client kan de aanvraag niet verwerken. Het authenticatiemechanisme Kerberos is gebruikt, maar d
e toegang tot de doelcomputer (SERVER01.Elfring.local:80) is geweigerd. Wijzig de configuratie zodat het authenticatiem
echanisme Kerberos is toegestaan of geef een van de authenticatiemechanismen op die door de server worden ondersteund.
 Als u Kerberos wilt gebruiken, geeft u de naam van de lokale computer op als externe bestemming. Controleer ook of de
clientcomputer en de doelcomputer lid zijn van een domein. Als u basisauthenticatie wilt gebruiken, geeft u de naam van
 de lokale computer op als externe bestemming, geeft u basisauthenticatie op en geeft u gebruikersnaam en wachtwoord op
. Door de server kunnen de volgende mogelijke authenticatiemechanismen worden gerapporteerd:   Digest Negotiate For mor
e information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
+ New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Microsoft.Excha ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
   gTransportException
    + FullyQualifiedErrorId : AccessDenied,PSSessionOpenFailed
Failed to connect to an Exchange server in the current site.
Enter the server FQDN where you want to connect.:

What is going wrong?