Vista - Exchange Powershell chrashes the IIS from an aspx page???

I’m trying to run a powershell script from an aspx page on a X64 windows 2003
R2 server. The script is running and returning values, but the powershell is
running under “NT AUTHORITY\NETWORK SERVICE� and I was unable to run scripts
on an exchange server I need permissions for.

I changed the aspnet.config file to:
<legacyImpersonationPolicy enabled="false"/>
<alwaysFlowImpersonationPolicy enabled="true"/>

So the powershell is invoked as my administrator and the script
pipeLine =
myRunSpace.CreatePipeline("[System.Security.Principal.WindowsIdentity]::GetCurrent().Name") returns now the administrator.
The problem is now: When I try to run other scripts like
myRunSpace.CreatePipeline("Get-MailboxServer -Identity tstsv006") then the
IIS crashes with the following errors in the eventlog:

Process w3wp.exe (PID=4704). An remote procedure call (RPC) request to the
Microsoft Exchange Active Directory Topology service failed with error 1753
(Error 6d9 from HrGetServersForRole). Make sure that the Remote Procedure
Call (RPC) service is running. In addition, make sure that the network ports
that are used by RPC are not blocked by a firewall.

Watson report about to be sent to dw20.exe for process id: 3740, with
parameters: E12, c-RTL-AMD64, 08.00.0733.000, w3wp, M.E.D.Directory,
M.E.D.D.ConnectionPoolManager.BlockImpersonatedCallers,
M.E.Common.FailFastException, cd86, 08.00.0744.000

Any suggestions?

Here is my script:

<%@ Page Language="vb" trace="false" debug="true" %>

<%@ Import Namespace="System.Management.Automation" %>
<%@ Import Namespace="System.Management.Automation.Runspaces" %>
<%@ Import Namespace="System.Collections.ObjectModel" %>

<script language="vb" runat="server">
Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
System.EventArgs)
Response.write(System.Security.Principal.WindowsIdentity.GetCurrent().Name
& "<br/>")

System.Threading.ExecutionContext.SuppressFlow()

Dim rsConfig as RunspaceConfiguration
rsConfig = RunspaceConfiguration.Create()
Dim snapInException as PSSnapInException

rsConfig.AddPSSnapIn("Microsoft.Exchange.Management.PowerShell.Admin",
snapInException)


Dim myRunSpace as Runspace
myRunSpace = RunspaceFactory.CreateRunspace(rsConfig)
myRunSpace.Open()

Dim pipeLine as Pipeline
'pipeLine =
myRunSpace.CreatePipeline("[System.Security.Principal.WindowsIdentity]::GetCurrent().Name")
pipeLine = myRunSpace.CreatePipeline("Get-MailboxServer -Identity tstsv006")

Dim commandResults As Collection(Of PSObject)
commandResults = pipeLine.Invoke()

response.write("Errors: " & pipeLine.Error.Count & "<br/>")
response.write("Results: " & commandResults.count & "<br/>")
response.write(commandResults.item(0).BaseObject.ToString & "<br/>")

myRunspace.Close()
End sub
</script>

Hello GvO,

I was attempting to use impersonation too, and realized that a beter way
to do this in my situation was this:

1) Using NTFS permissions, grant only Exchange Admins access to the directorys
containing my ASPX pages.
2) In web.config, use <authentication mode="Windows"/>
3) Create a generic Exchange Administrator with the permissions you need
for the tasks you will run via the web page.
4) in IIS, in the application pool that my web runs under, use that exchange
admininstrator account for the security account.

(right click the application pool(DefaultAppPool by default, but I would
create a new pool), Select properties, and Identity.

Then, your users get prompted to login when they access the web page, and
from that point on, the process runs as your generic exchange administrator.

You can recover the name of the actual person making changes via Request.ServerVariables["LOGON_USER"]

Karl