First i run a Multi tenant enviroment were BigFix hits about 100 different domain each with its own exchange server. I am try to check the status of the OAUTH cretificate for exchange accross all the different exchange server. So i was working on a fixlet to export the certificate information to a text file that i can have an analysis read. I can get this to work when i run it in QNA but when i push it from the bigfix console it doesn’t seem to work. I was wondering if any one has any thoughts
Are you trying to execute this directly on the Exchange server? Because it looks like it’s going through Connect-ExchangeServer, like a remote connection would.
It’s worth noting that when you run this with BESClient, it’s running in the ‘LocalSystem’ account, which almost certainly won’t be able to authenticate to Exchange remotely, and might not even work locally. Whereas the Fixlet Debugger is running under your own account, and would be able to use your own session to connect to Exchange.
One way to test the PowerShell script in the same environment as BESClient, is to use psexec (www.microsoft.com/sysinternals) to open a new command shell in SYSTEM context, via psexec -i -s cmd.exe
then use that shell to execute your script. Once that’s working (running as LocalSystem), we can help you package it to work with the BES Client.
It may be that there are easier paths than using PowerShell. Do you know where the certificate is stored on the machine? Does it show up in the Certificates MMC console?
Its running on the exchange server through the BesClient. I was thinking that it probablly is an issue of the Service account might not have the right permissions to launch the Shell.
The certificate does show up in the certificate mmc console.