Editing Multivalued Property with PowerShell

You have a Receive Connector with allowed IP addresses that need to be changed from time to time? Editing the connector with Exchange GUI is one of the options you could use, but there is a much better, faster and more convinced method to do that.
Let say we have a receive connector on server “HUB1” which is called “Inbound SMTP Relay” and we accept only some IP addresses, that can connect to the connector and send E-mails through it, unfortunately we are not able to use any authentication on the hosts so we indeed are forced to use “Remote IP Ranges” feature to do at least basic restriction on who can use our receive connector.

Let see some details from the output of the command:

Get-ReceiveConnector "hub1\*relay*" | fl
RemoteIPRanges            : {,,,}
RequireEHLODomain         : False
RequireTLS                : False
EnableAuthGSSAPI          : False
ExtendedProtectionPolicy  : None
LiveCredentialEnabled     : False
TlsDomainCapabilities     : {}
Server                    : HUB1
SizeEnabled               : Enabled
TarpitInterval            : 00:00:05
MaxAcknowledgementDelay   : 00:00:30
AdminDisplayName          :
ExchangeVersion           : 0.1 (8.0.535.0)

As we can see, there are 4 IP addresses allowed to use the connector, so how can we add additional IPs to the list. Unfortunately the RemoteIPRanges  is a multivalued Property so you will not be able to easy edit it, but with PowerShell scripting using variables you can achieve your goal pretty easy.

Below you’ll find an example how I dealt with that.

$newIP= Read-Host "Add New IP Address"
$a=Get-ReceiveConnector hub1\*relay*
$a.RemoteIPRanges += "$newIP"
$a | Set-ReceiveConnector -RemoteIPRanges $a.RemoteIPRanges

1. Line asking for the IP that should be added to the Receive Connector
2. creating a variable with details of the current receive connector configuration

3. Variable $a.RemoteIPRanges includes all current set IP addresses for the connector, with setting the variable “+=” we’re adding the new IP address to it
4. the last line is again getting the properties of the receive connector and pipes that to a new command setting a connector with new -RemoteIPRanges parameter which this time includes the updated list of IP addresses.

You can of course multiply the statements for another connector or even for next server and with one run you can update all your connectors at once.

This post is also available in: German, Polish

Comments are closed.