Below is a repro of a customer situation where the Exchange Healthcheck script was unable to connect to a remote Exchange server. The Healthcheck script would run locally with no issues, and reported a clean bill of health.
Note that the expected output log was not present after running the script.
In the command below, we are trying to remotely assess sever Exch-2019-1
.\HealthChecker.ps1 – Server Exch-2019-1
It was already known that the Healthcheck script was running locally on server Exch-2019-1. It also did not report issues.
You could try Wireshark and review the traffic, but that gets messy quickly even in a small environment as Exchange is very chatty. What we can easily do is to add the –SaveDebugLog parameter. As the name implies this will save the debug log to the same location as the script file.
The updated command used:
.\HealthChecker.ps1 – Server Exch-2019-1 –SaveDebugLog
Note that a log file was saved. If we scroll down there are some interesting entries. Note that some exceptions are expected in the log file. For example there are no public folders so that lookup errors out.
The below log entry provides an insight:
Exception calling "OpenRemoteBaseKey" with "2" argument(s): "The network path was not found.
For the benefit of search engines, the relevant section is below:
Position Message: At C:\Scripts\Healthcheck\HealthChecker.ps1:15297 char:13
+ $reg = [Microsoft.Win32.RegistryKey]::OpenRemoteBaseKey(" ...
Script Stack: at TestComputerName, C:\Scripts\Healthcheck\HealthChecker.ps1: line 15297
From reading the above it indicates an issue access the remote server’s registry. Let’s look at the Healtchecker.ps1 script file line 15297 and see what it does.
Open the debug file in Notepad, and then GoTo line 15297. You can use the menu or Ctrl +G as a keyboard shortcut. This is indicated with the red arrow to show that we are on line 15297.
The line is highlighted. As suspected, the line is trying to access the registry.
Why are we not able to get to that server’s registry remotely? Anything wrong with the Remote Registry service on that machine?
If we look at the remote registry service on that server, it is disabled. That was probably due to an Exchange update failing to install properly and the service was not reverted
After we set the start-up type to automatic and start the service, we are back in business.