Remoting and Invoke-command in Exchange Server


I have a DAG with 9 members, each with 10 active DBs (90 DBs total).

My problem is: Sometimes I need to search through all mailboxes for specific mails and delete it.

If i run: Get-mailbox | search-mailbox… Everything works fine. But takes very long time. (10.000+ MBXs)

Is there a way to tell each server to search its own active DBs for content?

I have tried with Invoke-command but getting auth errors, message is:

“Active Directory operation failed on . The supplied credential for '' is invalid.”

Do I have to use credssp or is there another way?


Well, without seeing the Invoke-Command you’re trying to use, it’s a little difficult to tell. That error message is telling you that the credential you supplied is not valid. Since I can’t tell what credential you provided… hard to say.

Assuming that you have an account in the same domain as the Exchange servers, and that the account has permission to use Remoting on the Exchange servers, and that you specify that account when running Invoke-Command, then it should run fine. But there are a zillion configuration things on the Exchange side that could restrict it from working, and without sitting in front of the computers, it’s a little tough to diagnose.

Ultimately, you probably do want to have the command running on each server, and run Get-Mailbox with its -Server parameter to restrict each server to only searching its own mailboxes.

But I’d maybe start with a simple Enter-PSSession command to one of the servers. Get that working first, and then move on to your actual command.

Thanks Don for your answer!

I will try with Enter-PSSession and work slowly forward. But here is my setup:

All workstation and servers are in same AD domain. I start ISE with admin cred and don’t supply them in PSSession command.

This runs in my profile scipt:
$ex=New-PSSession -ConfigurationName -ConnectionUri
import-pssession $ex

And with Exchangecmdlets via Implicit Remting i try to run:
$servers=Get-TransportService | select -ExpandProperty name
foreach ($server in $servers) { Invoke-Command -ComputerName $server -FilePath .\Remove-mail.ps1 }

Remove-mail.ps1 contains:
Add-PSSnapin Microsoft.Exchange.Management.Powershell.E2010
$dbs=Get-MailboxDatabaseCopyStatus -Active | select -ExpandProperty databasename
foreach ($db in $dbs) { Get-Mailbox -ResultSize unlimited -Database $db | Search-Mailbox -SearchQuery { from:postmaster -and received:today } -DeleteContent }

Error message says:
Active Directory operation failed on . The supplied credential for ‘domain\xxx-admin’ is invalid.
+ CategoryInfo : NotSpecified: (:slight_smile: , ADInvalidCredentialException
+ FullyQualifiedErrorId : [Server=EX11,RequestId=95301f73-3336-4d6a-9906-8903694cbf4d,TimeStamp=23.10.2015 14:10:54] [FailureCategory=Cmdlet-ADInvalidCredentialException] E4763103
+ PSComputerName : EX11

Hope you can see what’s wrong! And thank you again for getting me started with Powershell in you class in Oslo some years ago, but I’m still learning :slight_smile:

As I said:
I can run everything from workstation without errors (get-mailbox | search-mailbox), but with over 20.000 mbx it takes hours.

Add-PSSnapin Microsoft.Exchange.Management.Powershell.E2010
fails with same error!
Is CredSSP the only way to go?