Hello,
I am attempting to provision a mail enabled contact on Exchange 2010 using FIM 2010. FIM silently fails but I get an error in the Application log:
Message: Connecting to remote server {cas array uri} failed with the following error message : The WinRM client received an HTTP status code of 403 from the remote WS-Management service. For more information, see the about_Remote_Troubleshooting Help topic.
This is actually an improvement as it was failing with a Kerberos error previously until I setup an Alternate Service Account for my CAS Array. I can connect with Outlook via Kerberos so I know Kerberos is working. Also, since the error changed to a HTTP 403 it seems I am at least getting my credentials through but there is now a permission problem.
The account that FIM is running under has AD permissions to create the object in the OU specified. I have also temporarily made it an Exchange Admin but I still get the error. I have not been able to find any info on permissions to grant or what else I might be doing wrong in this instance.
I am using code provisioning: ExchangeUtils.CreateMailEnabledContact
UPDATE:
I can reproduce the error trying to manually establish a PSSession:
$Ex2010Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUrihttps://{cas-array-uri}/powershell/ -Authentication Kerberos -Credential (Get-Credential)
This genetates the same error as above (HTTP 403)
Any hints?
Thank you!
Karl