Tags


Powershell

So you want to modify some attributes in the Exchange 2007 Send connector but you hate using ADSIEdit?

In all fairness, 90% of what we need to change is inside Powershell already for Exchange 2007.  But there are new Commandlets in Exchange 2010 that improve how you can limit to inbound / outbound mailflow.   

Many of those are a available in Exchange 2007 with Service Pack 2, but there is no Easy Safe way to change them.  One of these settings I blogged about last night which is “MaxMessagesPerConnection”.  Changing this normally involves using ADSIEdit, which is doable, but ADSIEdit is a VERY powerful tool and as such, a bit dangerous if you hit “Delete” in the wrong spot.

So I decided to port this to a Function, and make this easier to work with.

You can access ANYTHING in Active Directory so long as you know it’s “DistinguishedName”.  Every object in Active Directory has one, you’ll recognize it by the sequence.

CN=User,CN=Folder,OU=Users,DC=Domain,DC=local 

Remember that.  EVERY SINGLE OBJECT in Active Directory has it.  And knowing that makes all of this easier.  

So first off, this attributte is component of your SEND Connector in Exchange.  Using GET-SENDCONNECTOR you can pull up your list

If the SendConnector was named “Mail to Internet Relay” or “Windows SBS Outbound Mail” better yet you key in

GET-SENDCONNECTOR ‘Windows SBS Outbound Mail’

and that you give you your Send-Connector properties.  But all we want is the Distinguished Name.  We can get that using a SELECT-OBJECT and store the results away in a Variable.

$CONNECTOR=GET-SENDCONNECTOR ‘Windows SBS Outbound Mail’ | Select-OBJECT DistinguishedName

Now we have the “Distinguished Name” for your SMTP Send Connector (or the one name “Windows SBS Outbound Mail”)

So we now pull out the String part of that object called “DistinguishedName” and store it away for the LDAP query.

$Name=CONNECTOR.DistinguishedName

To Query and work with Anything in Active Directory that does not have a prebuilt Commandlet like Quest ActiveRoles or Active Directory Modules, we use the [ADSI] Accelerator.  All we do is Plug the Distinguished Name in to look at THAT object and work with it.

$SMTPCONNECTOR=[ADSI]”LDAP://$Name”

We can now open the hood and access ALL of the attributes of the SMTPConnector.  Just pipe the $SMTPCONNECTOR through GET-MEMBER like this

$SMTPCONNECTOR | Get-member

If you are running Exchange 2007 SP2, there is a new Attribute called “msExchSmtpMaxMessagesPerConnection”.  To access the value of that (or any other new attribute) but tack it onto the $SENDCONNECTOR variable to see it’s value

$SMTPCONNECTOR.msExchSmtpMaxMessagesPerConnection

Simply by assigning this with a value of say 1 or 2, (Adjust to suit your needs) will LIMIT outbound to one or two per SMTP session (unlike default which is send a lot and hope the SmartHost will accept it)

$SMTPCONNECTOR.msExchSmtpMaxMessagesPerConnection=1

Then once done, you update Active Directory with the new Connector settings.

$SMTPCONNECTOR.CommitChanges()

So what would all of that look like as a script?  Glad you asked, only about 3 lines really.  Take a look.

———- Set

GET-SENDCONNECTOR ‘Windows SBS Outbound Mail’
$Name=CONNECTOR.DistinguishedName
$SMTPCONNECTOR=[ADSI]”LDAP://$Name”
$SMTPCONNECTOR.msExchSmtpMaxMessagesPerConnection=1
$SMTPCONNECTOR.CommitChanges()

But even nicer?  I can make this whole thing a function and add it to my Powershell Profile for daily use as a new Commandlet!

function global:SET-SENDCONNECTORMAXMESSAGE ( $NameOfConnector ) {

# Limit is the number of outbound messages to allow PER connection to SMTP Smarthost.
# 1 is very controlled.  The higher the number, the more messages you are able to send
# in a single shot, the greater the likelyhood you are treated a spammer.
$limit=1

GET-SENDCONNECTOR $NameOfConnector
$Name=CONNECTOR.DistinguishedName
$SMTPCONNECTOR=[ADSI]”LDAP://$Name”
$SMTPCONNECTOR.msExchSmtpMaxMessagesPerConnection=$limit
$SMTPCONNECTOR.CommitChanges()
}

So if you are running SBS 2008 (Small Business Server 2008) and have to deal with a SmartHost and their mail restrictions, update to Service Pack 2 of Exchange 2007 and work with this attribute.  It is the Holy Grail that you seek.

And make sure you thank Rick Lund-Pedersen of Around the Clock I.T. Solutions for sending me down the path to write this script. 🙂

Sean
The Energized Tech

Advertisements