We are working to get official public documentation on this subject, I will update this post once we get a KB published... Symptoms When you try to execute Exchange Powershell cmdlets from an application which is impersonating a user. You get the following error: "Access to the address list service on all Exchange 2007 servers has been denied" Cause Exchange Management Shell currently (Exchagen 2007 RTM) actively blocks calls made with impersonated credentails. This is typically seen in an ASP.NET application which impersonates the client's user credentials and attempts call an Exchange Powershell cmdlet such as New-Mailbox. Resolution You will need to execute Exchange cmdlets inside another process running with evelated permissions. You can use COM+ or .NET Remoting to accomplish this. Understanding Enterprise Services (COM+) in .NET http://msdn2.microsoft.com/en-us/library/ms973847.aspx .NET Framework Remoting Overview http://msdn2.microsoft.com/en-us/library/kwdt6w2k.aspx More Information This is very similar to limitations with CDOEXM and impersonation in Exchange 2000 and 2003. As seen in the following KB article: Recommendations for using Exchange system management features through a Web interface that uses CDO for Exchange Management http://support.microsoft.com/kb/900230
This works now, Dan has the update…
Naturally the first case I had was how to create a mailbox using Powershell cmdlets from ASP.NET given
Trying to call Powershell from .net ? Following are few good articles to read, from my colleague Matt