Hello! I have an environment with three separate forests. One has Exchange 2010, the second has Exchange 2013 and the third has Exchange 2016. These environments don't have a trust relationship with each other, but they do all have a trust relationship with a fourth domain. The fourth domain is where the Adaxes server resides and that is also where the service account was created. The service account was added to the built-in Administrators group for each forest. I also have an account in each forest that I used to bind the domains, that account is a domain admin and an organization admin.
The forest with Exchange 2010 works fine, I can see all the Exchange properties. However, I get WinRM errors with the Exchange 2013 and 2016 servers in the other two forests.
My understanding is that Adaxes uses the account that the domain is bound with to access the Exchange properties. If that is the case, then why isn't it working? The account that those domains are bound with definitely has permissions. I thought perhaps that it was trying to use the service account instead so I created a linked Exchange group so I could grant a foreign account permissions but that still didn't work.
I can confirm that I can remote powershell to the Exchange servers if I use explicit credentials.
If I put the Adaxes server in the same forest as the 2013 or 2016 Exchange environments, then it works fine for the forest that it's in.
We don't have an internal CA.
Somebody please help me because I feel like I"m going crazy.