Cannot Open Exchange Management Shell

KB ID 0001707

Problem

When attempting to open the Exchange Management shell you see the following;

[box]

         Welcome to the Exchange Management Shell!

Full list of cmdlets: Get-Command
Only Exchange cmdlets: Get-ExCommand
Cmdlets that match a specific string: Help **
Get general help: Help
Get help for a cmdlet: Help  or  -?
Exchange team blog: Get-ExBlog
Show full output for a command:  | Format-List

Show quick reference guide: QuickRef
VERBOSE: Connecting to {mail server}
New-PSSession : [{mail server}] Processing data from remote server {mail server} failed with the
following error message: [ClientAccessServer={mail server}BackEndServer={mail server},RequestId=f092f550-6451-
4dea-820d-20322101874a,TimeStamp=08/10/2020 09:24:58]
[AuthZRequestId=eb185d5f-6a49-471f-9267-ad0ce9231d0f][FailureCategory=AuthZ-CmdletAccessDeniedException] The user
"DOMAIN/{User-Name}" isn't assigned to any management roles. For more information, see the
about_Remote_Troubleshooting Help topic.

[/box]

When this happens you may also see Event ID 258 get logged;

[box]

Log Name:      Application
Source:        MSExchange RBAC
Date:          {date} {time}
Event ID:      258
Task Category: RBAC
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      {Mail Server}
Description:
(Process 9680, PID w3wp.exe)"RemotePS Public API Func GetApplicationPrivateData throws Exception Microsoft.Exchange.Configuration.Authorization.CmdletAccessDeniedException: The user "{Domain/user-name}" isn't assigned to any management roles.

[/box]

Solution

I’ve highlighted the most pertinent text in the error messages (above), that being;

The user “{Domain/User-Name}” isn’t assigned to any management roles.

For once Microsoft error messages are actually quite descriptive and helpful! The user that you are attempting to open the Exchange Management Shell with does not have the Exchanger administrative rights to do so! Typically to manage Exchange you need to be a member of the ‘Organization Management’ group, (my Englishness OCD hates that spelling!) 

So, (obviously using your administrative account NOT you normal user account ;P ) Add yourself to that group.

Remember, granting rights via a ‘group‘ means you will have to log off, and then back on again, before you actually get those rights.

Related Articles, References, Credits, or External Links

NA

Exchange 2010 – No Exchange servers are available in any Active Directory sites

KB ID 0000658 

Problem

Seen when trying to connect to the Exchange 2010 Management Console.

Initialization failed.
The following error occurred while searching for the on-premises Exchange server: No Exchange servers are available in any Active Directory sites. You can’t connect to remote Powershell on a computer that only has the Management Tools role installed. It was running the command ‘Discover-ExchangeServer -UseWIA $true -SuppressError $true -CurrentVersion ‘Version 14.1 (Build 218.15)”.

Solution

Even though it looks like it’s something pretty serious, it isn’t. You are simply logged on as a user that does not have the rights to run the management console.

This commonly happens when you logon to the Exchange server as the servers local administrator. You need to be logged on the the Exchange server as a user that is a member of the ‘Organization Management’ group.

Related Articles, References, Credits, or External Links

Cannot Access Exchange 2010 Management Console