Unable to Open Exchange 2010 Management Console on Small Business Server 2011


When we try to open the Exchange Management Console we get the following Error.

Error while launching Exchange Management Console on SBS 2011

In IIS Logs we get the following errors:

2011-07-26 14:55:34 fe80::d461:fc68:dc34:f6a3%11 POST /PowerShell PSVersion=2.0 80 CPANDL\SBSAdmin fe80::d461:fc68:dc34:f6a3%11 Microsoft+WinRM+Client 500 0 0 1409

Event Viewer:

Log Name: Application
Source: MSExchange RBAC
Date: 7/26/2011 8:25:34 PM
Event ID: 22
Task Category: RBAC
Level: Error
Keywords: Classic
User: N/A
Computer: SBS2011.cpandl.local
(Process w3wp.exe, PID 7476) "RBAC authorization is unavailable due to the transient error: The Microsoft Exchange Active Directory Topology service on server localhost can't be contacted via RPC. Error 0x5."

Log Name: Application
Source: MSExchange ADAccess
Date: 7/26/2011 8:25:34 PM
Event ID: 2152
Task Category: General
Level: Error
Keywords: Classic
User: N/A
Computer: SBS2011.cpandl.local

Process w3wp.exe (PID=7476). An remote procedure call (RPC) request to the Microsoft Exchange Active Directory Topology service failed with error 5 (Error 0x5 (Access is denied) from HrGetServersForRole). Make sure that the Remote Procedure Call (RPC) service is running. In addition, make sure that the network ports that are used by RPC are not blocked by a firewall.



The identity settings for PowerShellAppPool in IIS is set to "ApplicationPoolIdentity"


Advanced settings for PowerShellAppPool

Apart from this reason there can be more possible causes for similar issue as desribed in theExhange Team Blog for Troubleshooting Exchange 2010 Management Tools startup issues.





Before following the steps mentioned below make sure we have checked the resolution for issues relating to WinRM as described in the articlehttp://blogs.technet.com/b/exchange/archive/2010/02/04/3409289.aspx


To resolve the issue we need to change the Identity Type for PowerShell Application Pool.


This change can be made from either of the two places.


  1. From IIS Console (recommended)


  1. Open IIS Console
  2. Select the <Server Name >
  3. Expand Application Pools
  4. On the Right Hand Side highlight
    Right click PowerShell Application Pool, selectAdvanceSettings
  5. Change the Identity fromApplicatioPoolIdentity toLocalSystem
  6. Restart IIS


  1. Changes can also be done by modifying ApplicationHost.Config file.


  1. Open ApplicationHost.configfile in notepad
  1. Search for PoweShell
  1. We will see entries similar to the one shown below.

ApplicationHost.Config File


  1. Change the value for IdentityTypefrom "ApplicationPoolIdentity"to "LocalSystem"
  2. Save the file, restart IIS


After making these changes we should be able to launch the Exchange 2010 Management Console.

Note This is a "FAST PUBLISH" article created directly from within the Microsoft support organization. The information contained herein is provided as-is in response to emerging issues. As a result of the speed in making it available, the materials may include typographical errors and may be revised at any time without notice. See Terms of Use for other considerations.

Article ID: 2587513 - Last Review: 01/04/2012 12:38:00 - Revision: 3.0

  • KB2587513