Hy!
Yesterday I installed the CU14 and applying the latest SU and Hotfix Update. Today I cannot login to my mailbox, the password asks repeatedly. What was the wrong? How can I repair it?
And also, when I open the Exchange Management Shell, I got the following error:
New-PSSession : [servername] Connecting to remote server servername failed with the following err
or message : For more information, see the about_Remote_Troubleshooting Help topic.
At line:1 char:1
New-PSSession -ConnectionURI "$connectionUri" -ConfigurationName Micr ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CategoryInfo : OpenError: (System.Manageme....RemoteRunspace:RemoteRunspace) [New-PSSession], PSRemotin
gTransportException
FullyQualifiedErrorId : -2144108477,PSSessionOpenFailed
Please help me!
For now, I disabled the Extended Protection, I use this MS script for it:
https://microsoft.github.io/CSS-Exchange/Security/ExchangeExtendedProtectionManagement/
The solution is the Exchange Management Shell error, what I wrote in the topic:
https://techcommunity.microsoft.com/t5/exchange/eac-issue-after-exchange-2019-cu14-install/m-p/4061435
After I talked Microsoft support, I found the port 443/SSL certificate binding on Default Website and Exchange Backend sites in IIS manager changed somehow on Exchange servers after CU14 (Or the binding used to work before CU14).
Default Website 443 binding should be set to public certificate and IP address set to "All Unassigned".
Exchange Backed site binding should be set with self-signed Exchange certificate and also set to "All unassigned".
After I made changes, I have refreshed the Application pools (or do a IISReset). It worked for me.
In IIS --> Sites --> Exchange Back End --> ECP --> Authentication --> Windows Authentication --> Advanced Settings --> Set Extended Protection to "Off"
Do the same for Powershell under Exchange Back End.
Do an IISReset to restart IIS.
After it, I can use the Exchange Management Shell and can run this command to disable the Extended Protection with script:
.\ExchangeExtendedProtectionManagement.ps1 -ShowExtendedProtection
After it, the users can login to their mailbox and the Outlook don't ask their password repeatedly.