如果我使用本地管理员帐户登录 Exchange 服务器并打开 EMS,则会导致此错误:
[server.domain.local] Connecting to remote server failed with the following error message : WinRM cannot process the r
equest. The following error occured while using Kerberos authentication: A specified logon session does not exist. It m
ay already have been terminated.
Possible causes are:
-The user name or password specified are invalid.
-Kerberos is used when no authentication method and no user name are specified.
-Kerberos accepts domain user names, but not local user names.
-The Service Principal Name (SPN) for the remote computer name and port does not exist.
-The client and remote computers are in different domains and there is no trust between the two domains.
After checking for the above issues, try the following:
-Check the Event Viewer for events related to authentication.
-Change the authentication method; add the destination computer to the WinRM TrustedHosts configuration setting or us
e HTTPS transport.
Note that computers in the TrustedHosts list might not be authenticated.
-For more information about WinRM configuration, run the following command: winrm help config. For more information,
see the about_Remote_Troubleshooting Help topic.
+ CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [], PSRemotingTransportExc
eption
+ FullyQualifiedErrorId : PSSessionOpenFailed
Exception calling "GetComputerDomain" with "0" argument(s): "Logon failure: unknown user name or bad password.
"
At P:\Program Files\Microsoft\Exchange Server\V14\bin\ConnectFunctions.ps1:204 char:70
+ [System.DirectoryServices.ActiveDirectory.Domain]::GetComputerDomain <<<< ().Forest.Name
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
Exception calling "GetComputerSite" with "0" argument(s): "Logon failure: unknown user name or bad password.
"
At P:\Program Files\Microsoft\Exchange Server\V14\bin\ConnectFunctions.ps1:164 char:92
+ $localSite=[System.DirectoryServices.ActiveDirectory.ActiveDirectorySite]::GetComputerSite <<<< ()
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
Exception calling "FindAll" with "0" argument(s): "Unknown error (0x80005000)"
At P:\Program Files\Microsoft\Exchange Server\V14\bin\ConnectFunctions.ps1:253 char:17
+ $search.FindAll <<<< ()
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : DotNetMethodException
You cannot call a method on a null-valued expression.
At P:\Program Files\Microsoft\Exchange Server\V14\bin\ConnectFunctions.ps1:146 char:33
+ $siteName = $siteDN.ToString <<<< ().SubString(3).Split(",")[0]
+ CategoryInfo : InvalidOperation: (ToString:String) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
WARNING: No Exchange servers are available in the Active Directory site . Connecting to an Exchange server in another
Active Directory site.
Failed to connect to an Exchange server in the current site.
Enter the server FQDN where you want to connect.:
如果我使用域管理员帐户登录 Exchange 服务器并打开 EMS,它可以正常工作。
另外,从本地管理员打开 EMC 会失败,但如果我从域管理员用户帐户打开它,它就可以正常工作。
环境:Exchange 2010 SP1 CU4 单站点双服务器配置,两台服务器都运行 CAS/HUB 和 MAILBOX 角色。我使用 DAG 实现 HA,并使用硬件平衡器平衡 CAS 角色。不存在 Edge 角色或统一消息角色。
那么,当 Exchange 场由多台服务器组成时,是否可以使用本地管理员帐户打开 Exchange 2010 EMC 和 EMS?
答案1
如果您知道它可以与域管理员帐户配合使用,我认为尝试使用本地管理员没有任何意义。如果您有未告诉我们的特定需求,请更新您的问题。
也就是说,您可以在以本地管理员身份登录时使用 Run As 技巧,并以域管理员帐户身份运行 EMC 或 EMS。不过,这似乎毫无意义。
更新以回应评论:
您的本地管理员就是这样的 -当地的管理员。Exchange 是域资源,权限由域帐户控制。由于 Exchange需要Active Directory 正常运行,如果没有域连接,您将无法很好地进行故障排除,因为到处都会出现故障。