Applies to: Exchange Server 2007
Topic Last Modified: 2007-06-06

Use the Test-IPAllowListProvider cmdlet to test the configuration for a specific IP Allow List provider configuration on a computer that has the Hub Transport server role or Edge Transport server role installed. This configuration is used by the Connection Filter agent.

Syntax

Test-IPAllowListProvider -Identity <IPAllowListProviderIdParameter> -IPAddress <IPAddress> [-DomainController <Fqdn>] [-Server <ServerIdParameter>]

Parameters

Parameter Required Type Description

Identity

Required

Microsoft.Exchange.Configuration.Tasks.IPAllowListProviderIdParameter

Enter the IP Allow List provider name in this parameter. The Identity parameter must match either the Name parameter or the Identity (GUID) parameter of the IP Allow List provider that you want to test.

IPAddress

Required

System.Net.IPAddress

The IPAddress parameter is used to verify and test the IP Allow List providers that you have configured.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

To specify the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory directory service, include the DomainController parameter on the command. The DomainController parameter is not supported on computers that have the Edge Transport server role installed. The Edge Transport server role writes only to the local ADAM instance.

Server

Optional

Microsoft.Exchange.Configuration.Tasks.ServerIdParameter

To specify the server on which you run the Test-IPAllowListProvider cmdlet, include the Server parameter on the command. If you do not use the Server parameter, the command is run on the local server where the task is executed.

Detailed Description

This command checks connectivity to the specified IP Allow List provider and then issues a lookup request to the IP Allow List provider. When you test the connection and functionality of the IP Allow List provider, you must enter a known allowed IP address in the IPAddress parameter.

To run the Test-IPAllowListProvider cmdlet, the account you use must be delegated the following:

  • Exchange Server Administrator role and local Administrators group for the target server

To run the Test-IPAllowListProvider cmdlet on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Input Types

Return Types

Output Description

Allow List Provider

Allow List Provider returns the IP Allow List provider object as stored in the local ADAM directory or in the Active Directory directory service.

Connected

Connected returns of the following values: True or False.

  • True   The connectivity test passes.

  • False   The connectivity test fails.

Matched

Matched returns of the following values: True or False.

  • True   The IPAddress parameter that is submitted with the Test-IPAllowListProvider command matches an IP address at the IP Allow List provider.

  • False   The IPAddress parameter that is submitted with the Test-IPAllowListProvider command does not match an IP address at the IP Allow List provider.

ProviderResult

ProviderResult returns an IP address, which represents the status, according to the IP Allow List provider, of the IPAddress parameter that is submitted in the Test-IPAllowListProvider command. Contact your IP Allow List provider to determine the meaning of the IP address that is returned here.

Errors

Error Description

Insufficient permissions

You must log on by using an account that is a member of the local Administrators group on the local computer that has the Edge Transport server role installed to run this command.

Cannot connect to ADAM

If you are running this task from a computer that has the Edge Transport server role installed, verify that the ADAM service (MsExchangeAdam) is running on the local computer. If you are running this task from a computer that has the Hub Transport server role installed, verify that the computer can connect to Active Directory.

Cannot connect to IP Allow List provider

Contact your IP Allow List provider.

Example

The following code example shows a Test-IPAllowListProvider command that has the required parameters. The command tests the connectivity to a fictitious IP Allow List provider called ExampleProviderName, and then issues a lookup request to that provider.

Copy Code
Test-IPAllowListProvider -IPAddress 192.168.0.1 -Provider ExampleProviderName