After installing Exchange 2013 with SP1 you might notice that when you open the Management Shell, you will get a bunch of errors with mainly the error 500: Internal Server Error. This can also be seen when you try to access the ECP or OWA on the server in question. This issue is only on Exchange 2013 with SP1 and with Client Access role installed.
The culprit can be the following three:
#1 Time synchronization
On the Primary Domain Controller (PDC) do the below
net stop w32time
w32tm /config /syncfromflags:manual /manualpeerlist:0.pool.ntp.org
w32tm /config /reliable:yes
net start w32time
On the other DCs and servers do the following
net stop w32time
w32tm /config /syncfromflags:domhier /reliable:no /update
net start w32time
#2 Kerberos issues
Do the following on the effected servers to re-create the Powershell virtual directory.
Get-PowerShellVirtualDirectory -Server | Remove-PowerShellVirtualDirectory
New-PowerShellVirtualDirectory -Server -Name PowerShell
Get-PowerShellVirtualDirectory -Server | Set-PowerShellVirtualDirectory -BasicAuthentication:$false
IISReset
After virtual directory re-creation I have checked its modules in IIS and made sure, that Kerberos module is native and the path to its DLL is correct.
#3 WinRM Extensions
The feature might be missing, do the below to add the feature
Get-WindowsFeature *IIS* #to check if it is installed
Add-WindowsFeature Winrm-IIS-Ext # to install
(17512)