Apart from obvious meaning (bad username/password) this could also mean that CredSSP Authentication (winrs -ad) is not used. If you are not sure whether this is the case, try running some simple command like "hostname" instead of Exchange command. If this is the case, check Prerequisites chapter on how to allow CredSSP on both client and server.
HTTP 500 from WinRM Service
If you are getting HTTP/500 error messages in CredSSP setup from your WinRM calls, it might be because WinRM proxy user that midPoint is using does not have enought privileges to read MachineKeys on Windows hosts. Details here.
Troubleshooting WinRM webservice calls
- Active Directory with LDAP connector
- Enabling LDAPS
- WS-Management service cannot find the certificate that was requested
- Manually Configuring Email Addresses (proxyAddresses) using PowerShell