When I open the Microsoft Exchange EMC on a server, the following error message displayed.
The following error occurred when getting management role assignment for ‘domainname.local/MyBusiness/Users/SBSusers/Administrator’:
Processing data for a remote command failed with the following error message: The WinRM client cannot complete the operation within the time specified. Check if the machine name is valid and is reachable over the network and firewall exception for Windows Remote Management service is enabled. For more information, see the about_Remote_Troubleshooting Help topic.
Click here to retry
There are no additional errors in the Eventlogs. The server is running Exchange 2010 SP2. No proxy configured. Windows update is up-to-date. Windows firewall is off.
Exchange is still functioning but there is no management of the service.
The first lead I found here, suggested antivirus.
As the site is using Trend Micro Worry Free Advanced, I opened the TMWF console, created a new Server container, dragged the server into it from the old container, refreshed the client on the server and can now access the EMC.
Now that I know what caused it, looking over the Trend Knowledge base reveals http://esupport.trendmicro.com/Pages/Unable-to-access-Exchange-2010-Management-Console-.aspx
The issue of not being able to open the Exchange Management console can occur when there is no Internet Connection after a server restart.
This can affect any server coming up without an internet connection as the default configuration of the virus software on the server is configured to look at the internet before allowing connection to the EMC
You can change this behaviour by following the steps in the Trend KB article.
The issue occurs because the Proxy hooks the Exchange 2010 management console query URL and it fails to get score from the Internet because there is no connection.
To resolve the issue:
- Ensure that the Exchange Server has Internet connection.
- Log on to Worry-Free Business Security (WFBS) web console.
- Go to Security Settings > Add group.
- Under Group type, select Servers.
- Specify a name for the group.
- Click Save.
Note: The created group will have the default settings if the Import settings from group check box is unticked.
- Disable the Web Reputation and URL Filtering feature for the newly created group.
- Go to Security Settings, then select the new group.
- Click Configure.
- Select the Web Reputation tab and unmark Enable Web Reputation for In-Office and Out-of-Office.
- Click Save.
- Select URL Filtering and unmark Enable URL Filtering.
- Click Save.
- Move the Security Agent of the Exchange 2010 Server in the previously edited group.
- Go to Security Settings and select the server group where Exchange Server 2010 is listed.
Note: This step refers to the Exchange Server Client/Server Security Agent and not the Messaging Security Agent.
Drag and drop the selected Exchange Server to the group you created.