Applies to: Exchange Server 2007
Topic Last Modified: 2007-06-06

Use the Test-IPBlockListProvider cmdlet to test the configuration for a specific IP Block List provider configuration on a computer that has the Edge Transport server role or the Hub Transport server role installed. This configuration is used by the Connection Filter agent.

Syntax

Test-IPBlockListProvider -Identity <IPBlockListProviderIdParameter> -IPAddress <IPAddress> [-DomainController <Fqdn>] [-Server <ServerIdParameter>]

Parameters

Parameter Required Type Description

Identity

Required

Microsoft.Exchange.Configuration.Tasks.IPBlockListProviderIdParameter

Enter the IP Block List provider name in this parameter. The Identity parameter must match either the Name parameter or the Identity (GUID) parameter of the IP Block List provider that you want to test.

IPAddress

Required

System.Net.IPAddress

The IPAddress parameter is used to verify and test the IP Block List providers that you have configured.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

To specify the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory directory service, include the DomainController parameter on the command. The DomainController parameter is not supported on computers that have the Edge Transport server role installed. The Edge Transport server role writes only to the local ADAM instance.

Server

Optional

Microsoft.Exchange.Configuration.Tasks.ServerIdParameter

To specify the server on which you run the Test-IPBlockListProvider cmdlet, include the Server parameter on the command. If you do not use the Server parameter, the command is run on the local server where the task is executed.

Detailed Description

The Test-IPBlockListProvider cmdlet checks connectivity to the specified IP Block List provider and then issues a lookup request to the IP Allow List provider. When you test the connection and functionality of the IP Block List provider, you must enter a known blocked IP address in the IPAddress parameter.

To run the Test-IPBlockListProvider cmdlet, the account you use must be delegated the following:

  • Exchange Server Administrator role and local Administrators group for the target server

To run the Test-IPBlockListProvider cmdlet on a computer that has the Edge Transport server role installed, you must log on by using an account that is a member of the local Administrators group on that computer.

For more information about permissions, delegating roles, and the rights that are required to administer Microsoft Exchange Server 2007, see Permission Considerations.

Input Types

Return Types

Output Description

Block List Provider

Block List Provider returns the IP Block List provider object as stored in the local ADAM directory or in Active Directory.

Connected

Connected returns of the following values: True or False.

  • True   The connectivity test passes.

  • False   The connectivity test fails.

Matched

Matched returns of the following values: True or False.

  • True   The IPAddress parameter that is submitted with the Test-IPBlockListProvider command matches an IP address at the IP Block List provider.

  • False   The IPAddress parameter that is submitted with the Test-IPBlockListProvider command does not match an IP address at the IP Block List provider.

ProviderResult

ProviderResult returns an IP address, which represents the status, according to the IP Block List provider, of the IPAddress parameter that is submitted in the Test-IPBlockListProvider command. Contact your IP Block List provider to determine the meaning of the IP Address that is returned here.

Errors

Error Description

Insufficient permissions

You must be an Administrator on the local computer that has the Edge Transport server role installed to run this command.

Cannot connect to ADAM

If you are running this task from a computer that has the Edge Transport server role installed, verify that the ADAM service (MsExchangeAdam) is running on the local computer. If you are running this task from a computer that has the Hub Transport server role installed, verify that the computer can connect to Active Directory.

Cannot connect to IP Block List Provider

Contact your IP Block List provider.

Example

The following code example shows a Test-IPBlockListProvider command that has the required parameters. The command tests the connectivity to a fictitious IP Block List provider called ExampleProviderName, and then issues a lookup request to that provider.

Copy Code
Test-IPBlockListProvider -IPAddress 192.168.0.1 -Provider ExampleProviderName