Powershell 更新Exchange接收连接器白名单

Powershell 更新Exchange接收连接器白名单

Exchange 2013及以后的版本推崇Powershell Command 来管理Exchange, 这样一来算是提高了一点运维人员的入门难度吧, 但是ECP 仍然可以完成大部分的日常工作, 一些批量化, 定制化的操作则鸡肋了很多

在此分享一下日常维护Exchange 接收连接器白名单的一个脚本, 提高工作效率

注: 核心代码需要根据企业场景适当调整

​$receives = $smtplist | ?{ $_.Identity -like "$Server\$AuthType" -or $_.Identity -like "$Server\$AuthType TLS" }

#region Update SMTP whitelistfunction New-IPRange ($Start, $End){ $ip1 = ([System.Net.IPAddress]$start).GetAddressBytes() [Array]::Reverse($ip1) $ip1 = ([System.Net.IPAddress]($ip1 -join '.')).Address $ip2 = ([System.Net.IPAddress]$end).GetAddressBytes() [Array]::Reverse($ip2) $ip2 = ([System.Net.IPAddress]($ip2 -join '.')).Address for ($x = $ip1; $x -le $ip2; $x++) { $ip = ([System.Net.IPAddress]$x).GetAddressBytes() [Array]::Reverse($ip) $ip -join '.' }}Function Update-SMTPWhiteList{ [CmdletBinding()] param ( [parameter (Mandatory = $true)] [ValidateSet ("Authtication", "Anonymous")] $AuthType, [parameter (Mandatory = $true)] [ValidateSet (25, 587)] $Port, [parameter (Mandatory = $true)] [String[]]$IPAddress, [parameter (Mandatory = $true)] [ValidateSet ("Add", "Remove")] $Action, [parameter (Mandatory = $true)] $Server ) $applyipaddress = $IPAddress $smtplist = Get-TransportService -Identity $Server | Get-ReceiveConnector | ?{ $_.Bindings.Port -eq $Port } $receives = $smtplist | ?{ $_.Identity -like "$Server\$AuthType" -or $_.Identity -like "$Server\$AuthType TLS" } $IPRanges = $receives[0].RemoteIPRanges $IPList = @() foreach ($range in $IPRanges) { if ($range.RangeFormat -ne 'SingleAddress') { $GetIPRange = New-IPRange -Start $range.LowerBound.ToString() -End $range.UpperBound.ToString() $IPList += $GetIPRange } else { $IPList += $range.LowerBound.ToString() } } foreach ($ip in $applyipaddress) { if ($ip -in $IPList) { Write-Host "The IPAddress already in the target receive connector list or In the IP ranges" -ForegroundColor Red } else { foreach ($receive in $receives) { if ($Action -eq 'Add') { foreach ($ip in $applyipaddress) { $receive.RemoteIPRanges += $ip } } else { foreach ($ip in $applyipaddress) { $receive.RemoteIPRanges -= $ip } } try { Set-ReceiveConnector $receive.Identity.ToString() -RemoteIPRanges $receive.RemoteIPRanges -ErrorAction Stop if ($Action -eq 'Add') { Write-Host "Add $ip into $Port with $AuthType Success" -ForegroundColor Green } else { Write-Host "Remove $ip from $Port with $AuthType Success" -ForegroundColor Green } } catch { $errormsg = $_.exception.message $error01 = 'is already present in the collection' $error02 = 'conflict with the settings on Receive connector' switch ($errormsg) { { $_ -match $error01 }{ Write-Host "This IP address has already exist $AuthType $Port connector" -ForegroundColor Red } { $_ -match $error02 }{ Write-Host "This IP address conflict on $Port port connector" -ForegroundColor Red } Default { Write-Host "Unknown Error !" } } break } } } }}#endregion

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。