How to Add Remote IP Addresses to Existing Receive ConnectorsThe Exchange Management Shell provides the Set-ReceiveConnector cmdlet for modifying settings on Hub Transport server Receive Connectors. This can include the RemoteIPRanges setting, which is the multivalued list of IP addresses on the network that are allowed to use that Receive Connector to send mail.

Most Exchange environments will include at least one Receive Connector that is configured to allow certain hosts and applications to relay email. Over time this may build up a lengthy RemoteIPRanges IP address list. When it comes time to add additional IP addresses to the list it seems logical to use Set-ReceiveConnector, however this cmdlet will overwrite the existing setting with the new IP address specified.

For example, look at the current IP addresses:

[PS] C:\>Get-ReceiveConnector "Relay Connector" | fl remoteipranges

RemoteIPRanges : {10.0.0.21, 10.0.0.23, 10.0.0.22, 10.0.0.14, 10.0.0.20, 10.0.0.19, 10.0.0.18, 10.0.0.17, 10.0.0.16, 10
                 .0.0.15, 10.0.0.10, 10.0.0.9, 10.0.0.8, 10.0.0.7, 10.0.0.6, 10.0.0.5, 10.0.0.4, 10.0.0.13, 10.0.0.12,
                 10.0.0.11, 10.0.0.3, 10.0.0.2, 10.0.0.1}

Note: if the list of IP addresses is too long and is being truncated in the shell output see this tip for extending the enumeration limit.

Now use Set-ReceiveConnector with a new IP of 10.0.0.99:

[PS] C:\>Set-ReceiveConnector "Relay Connector" -RemoteIPRanges 10.0.0.99

And whoops, we’ve overwritten all of the previous IP addresses!

[PS] C:\>Get-ReceiveConnector "Relay Connector" | fl remoteipranges

RemoteIPRanges : {10.0.0.99}

If you were just adding one new IP address the Management Console would do the job, but that can be slow for remote servers and is not as efficient if the change is being applied to multiple servers or involves adding multiple IP addresses.

Fortunately with the Exchange Management Shell we can easily add IP addresses to existing Receive Connectors.

To add a single IP address to an existing Receive Connector:

[PS] C:\>$RecvConn = Get-ReceiveConnector "Relay Connector"
[PS] C:\>$RecvConn.RemoteIPRanges += "10.0.0.99"
[PS] C:\>Set-ReceiveConnector "Relay Connector" -RemoteIPRanges $RecvConn.RemoteIPRanges

Now we can see that 10.0.0.99 has been added to the Receive Connector.

[PS] C:\>Get-ReceiveConnector "Relay Connector" | fl remoteipranges

RemoteIPRanges : {10.0.0.99, 10.0.0.23, 10.0.0.22, 10.0.0.21, 10.0.0.1, 10.0.0.2, 10.0.0.3, 10.0.0.11, 10.0.0.12, 10.0.
                 0.13, 10.0.0.4, 10.0.0.5, 10.0.0.6, 10.0.0.7, 10.0.0.8, 10.0.0.9, 10.0.0.10, 10.0.0.15, 10.0.0.16, 10.
                 0.0.17, 10.0.0.18, 10.0.0.19, 10.0.0.20, 10.0.0.14}

To add multiple IP addresses at once use this command sequence:

[PS] C:\>$RecvConn = Get-ReceiveConnector "Relay Connector"
[PS] C:\>$RecvConn.RemoteIPRanges += "10.0.0.99", "10.0.0.100", "10.0.0.101"
[PS] C:\>Set-ReceiveConnector "Relay Connector" -RemoteIPRanges $RecvConn.RemoteIPRanges

Sometimes the list of IPs being added is too long to type out. To add multiple IP addresses from a text file called newips.txt use this command sequence instead:

[PS] C:\>$RecvConn = Get-ReceiveConnector "Relay Connector"
[PS] C:\>Get-Content .\newips.txt | foreach {$RecvConn.RemoteIPRanges += "$_"}
[PS] C:\>Set-ReceiveConnector "Relay Connector" -RemoteIPRanges $RecvConn.RemoteIPRanges

About the Author

Paul Cunningham

Paul is a former Microsoft MVP for Office Apps and Services. He works as a consultant, writer, and trainer specializing in Office 365 and Exchange Server. Paul no longer writes for Practical365.com.

Comments

  1. Stefano

    Hello
    I’m trying to copy receive connectors from ex2010 to ex2016 but I get the following error

    Cannot process argument transformation on parameter ‘RemoteIPRanges’. Cannot convert value “172.22.0.0/16
    172.21.0.0/16” to type “Microsoft.Exchange.Data.MultiValuedProperty`1[Microsoft.Exchange.Data.IPRange]”. Error:
    “Cannot convert value “172.22.0.0/16” to type “Microsoft.Exchange.Data.IPRange”. Error:
    “SerializationTypeConverter.DeserializeObject(Microsoft.Exchange.Data.IPRange). Type is not allowed for custom
    construction. Deserialization Failed Error: System.Exception: SerializationData is not signed.
    at Microsoft.Exchange.Data.SerializationTypeConverter.VerifySerializationDataAndGetOriginalSerializationData(Byte[]
    serializationData, Boolean mustVerify)
    at Microsoft.Exchange.Data.SerializationTypeConverter.DeserializeObject(Object sourceValue, Type destinationType)””
    + CategoryInfo : InvalidData: (:) [New-ReceiveConnector], ParameterBindin…mationException
    + FullyQualifiedErrorId : ParameterArgumentTransformationError,New-ReceiveConnector

    1. Simao

      I have same problem, same script worked wile ago and now I get same error. Maybe it is related to exchange update.

    2. Oleg Krylov

      It’s related to EMS remote connection serialization. Even if you run EMS on the Exchange Server it uses remote connection even to local server. Two workarounds here:
      1. Run Windows PowerShell on the Exchange Server and import Exchange Management snap-in
      Add-PSSnapin -Name “Microsoft.Exchange.Management.PowerShell.SnapIn”
      2. Connect to Exchange remotely using web powershell and Exchange JEA configuration:
      $ConnectionURL = “http:///PowerShell”
      $PSSession = New-PSSession -ConfigurationName “Microsoft.Exchange” -ConnectionUri $ConnectionURL -Authentication “Kerberos”
      Import-PSSession -Session $PSSession

      1. Oleg Krylov

        CSS stripped ServerFQDN in angle brackets from $ConnectionURL

      2. Tamás

        The Real Person!

        Author Tamás acts as a real person and passed all tests against spambots. Anti-Spam by CleanTalk.

        I tried method 1 and it works fine, thanks!

    3. Kristian

      The above script was not working for me. I kept getting the same error as others. The error was not very descriptive, until I changed to this script I wrote below. Then the very bottom of the error clearly told me I had multiples of the same IP in my list. This script I wrote worked best for me… after I got rid of all duplicate entries in the list.

      # Connect to On-Prem Exchange
      $Cred = Get-Credential
      $Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri http://server.domain/PowerShell/ -Authentication Kerberos -Credential $Cred
      Import-PSSession $Session -DisableNameChecking -AllowClobber
      ## Specify Receive Connector
      $RecvConn = Get-ReceiveConnector “Relay to EXO”
      ##Append to Receive Connector Variable

      $IPs = Import-CSV -Path ‘C:\Fileops\Import\CSV\RelayIPList_TEST.csv’
      ForEach ($IP in $IPs) {
      $RecvConn.RemoteIPRanges += $IP.IP}
      ## Add Remote IP Ranges
      Set-ReceiveConnector “Relay to EXO” -RemoteIPRanges $RecvConn.RemoteIPRanges

      #Remove-PSSession -Session $Session

  2. Question

    in your get- commands, you preceed the command with “>” What is that for? Looks like &gt is “greater than”. But that isn’t needed to run the command and when I use that in my lab, I get errors.

  3. Raul

    Getting below error while running set-recieveconnector:

    Set-ReceiveConnector : Active Directory operation failed on localhost. This error is not retriable. Additional
    information: While accessing the hard disk, a disk operation failed even after retries.
    Active directory response: 00000467: SysErr: DSID-0203065E, problem 14 (Bad address), data -510

    Anyone has any clue?

  4. PG

    What is the syntax C:\> for

  5. Ian Hazlewood

    Great article. Is it possible to specifically exclude IP addresses?

  6. Chuck Williams

    This is awesome. We are moving IPs from some legacy 2010 servers to 2013 servers. The script works, but we have quite of few IPs that are already on the 2013 server.
    How to run the script and keep it running so it bypasses any IPs in the text file that are already on the 2013 server?

    I am running this:

    $ReceiveConnector = Get-ReceiveConnector “Name Of Relay”
    Get-Content C:list.txt | foreach {$ReceiveConnector.RemoteIPRanges += “$_”}
    Set-ReceiveConnector $ReceiveConnector -RemoteIPRanges $ReceiveConnector.RemoteIPRanges

    ..it stops when it finds an IP that already exist on the targeted 2013 server…any ideas?

    Thanks a ton.

      1. Chuck Williams

        Any sample code you can share?

        On the 2013 server, we have about 6 RCs and the new RC is #6. So once I export all the IPs from the 5RCs..how to put them in separate text file and do the comparison with the existing text file of IPs I am trying to import into the new RC#6.

        I am not a scripting expert…thus was looking for some assistance…thanks a ton.

          1. Chuck Williams

            Thanks Paul,

            I’ll continue researching…thanks a ton.

            Regards

        1. Hugo Cardoso

          Hi dude,
          Just came across this post, and I had more or less the same need. I know its been a long time, bull ill leave this here anyway.

          I had a list of ips that may or may not be already added to the connector. So I built this code that only adds the IP if it is not present:

          #CSV has header “ips”
          $IPListcheck=Import-csv c:\list.txt
          #The existing receive connector
          $RecvConn = Get-ReceiveConnector “Transport_Server\AnonymousRelay”
          $ranges=$RecvConn.RemoteIPRanges
          #$ranges.count
          $IPListcheck|%{
          $exists=$false
          $currentip=$_.ips
          foreach($iprange in $ranges){
          $ipExistente= ($iprange | Select LowerBound).LowerBound
          #write-host “comparing “$currentip” with “$ipExistente
          if($currentip -eq $ipExistente){
          $exists=$true
          break
          }
          }
          #write-host “debug if next”
          if($exists -eq $false){
          $RecvConn.RemoteIPRanges += $currentip
          write-host “added ” $currentip
          }
          }
          Set-ReceiveConnector “Transport_Server\AnonymousRelay” -RemoteIPRanges $RecvConn.RemoteIPRanges

  7. Mahendra

    getting error below when i try to add multiple ip from txt file

    [PS] C:\Windows\system32>$RecvConn = Get-ReceiveConnector “crm”
    [PS] C:\Windows\system32>C:\>Get-Content .iplist.txt | foreach {$RecvConn.RemoteIPRanges += “$_”}
    The term ‘C:\>Get-Content’ is not recognized as the name of a cmdlet, function, script file, or operable program. Check
    the spelling of the name, or if a path was included, verify that the path is correct and try again.
    At line:1 char:16
    + C:\>Get-Content <<<Get-Content:String) [], CommandNotFoundException

    can someone help me…

  8. Brindha

    Hi

    My question: I want to compare the remote IP’s of the receive connectors on two different servers (one old and one new) and add the ones missing to the new server. Is there any command for that ? I have been exporting the remote IP’s and comparing them one by one one each.

    Thanks
    Brindha

    1. Mahendra

      use vlookup in excel

  9. Stewart Petersen

    Would something like this work for removing an IP from the remote IP range.
    —-
    $rc = Get-ReceiveConnector “Relay Connector”
    $relay = “IP to be removed”
    $Array = @()
    $ips = $rc.RemoteIPRanges
    foreach($ip in $ips){
    if ($ip -eq $relay){Write-Host Cleared}
    else {$Array += $ip}
    }
    Set-ReceiveConnector “Relay Connector” -RemoteIPRanges $Array

      1. Stewart Petersen

        I tested it today.
        A simple version would look like this.
        ——-
        $ip = “IP”
        $rc = Get-ReceiveConnector “Relay Connector”
        $NewRange = @()
        $OldRange = $rc.RemoteIPRanges
        foreach ($rip in $OldRange){
        if ($rip -eq $ip) {Write-Host “$ip Cleared”}
        else {$NewRange += $rip}
        }
        Set-ReceiveConnector “Relay Connector” -RemoteIPRanges $NewRange
        ——-

        What I am actually using is a bit different. I added few prompts, and entry checks. I am also using mine to add to 4 servers at once. So it looks closer to this:
        ————–
        #Prompt for IP
        $run = {
        $ip = Read-Host -Prompt “Enter Server IP”
        #Confrim IP entery is a Valid IP
        $test = ($ip -as [ipaddress]) -as [bool]
        #get RC
        $rc = Get-ReceiveConnector “Relay Connector”
        If ($test -eq $false){
        Write-Host “$ip is not a valid IP Address” -ForegroundColor Red
        &$run
        }
        Else {
        #check if IP exsist
        $check = “”
        $check = $rc | fl | where {$rc.RemoteIPRanges -Contains “$ip”}
        if ($check.Length -eq 0) {Write-Host “$ip Does Not Exist on this Server” -ForegroundColor red}
        else {
        $ip = Read-Host -Prompt “Enter Server IP”
        $rc = Get-ReceiveConnector “Relay Connector”
        $NewRange = @()
        $OldRange = $rc.RemoteIPRanges
        foreach ($rip in $OldRange){
        if ($rip -eq $ip) {Write-Host “$ip Cleared”}
        else {$NewRange += $rip}
        }
        Set-ReceiveConnector “Relay Connector” -RemoteIPRanges $NewRange
        }
        $andanotherone = Read-Host “Would You Like to Add Another Relay?”
        if ($andanotherone -eq “y”) {&$Run}
        Else {Exit}
        }
        &$run
        ————–

        1. Waleed

          can u make it clear please with samples

    1. gpburth

      There’s an easier way: just replace the += with -=:
      $RecvConn.RemoteIPRanges -= “10.0.0.99”

      works at least in Exchange2013

  10. rino19ny

    hi, i got mine like this:

    $ReceiveConnector = Get-ReceiveConnector “cas2Allow Relay External Emails”
    Get-Content d:list.txt | foreach {$ReceiveConnector.RemoteIPRanges += “$_”}
    Set-ReceiveConnector $ReceiveConnector.Identity -RemoteIPRanges $ReceiveConnector.RemoteIPRanges

    and got error message:

    Cannot process argument transformation on parameter ‘RemoteIPRanges’. Cannot convert value “192.168.1.10 198.168.1.11 192.168.1.12…”

  11. Koen

    Hi Paul… I know it’s not the correct collum too ask.
    But we have reach the maximum of the RemoteIPRanges of our RecieveConnector.
    Is there a parameter to extend above the 1250 items?
    Koen

  12. Sven Minor

    In Exchange Server 2016. I go into EAC –> MailFlow –>Receive Connectors –> Relay –>Scoping –>*Remote network settings: Receive mail from servers that have these remote IP addresses. Do you know of any way to bulk add specific IP addresses into the remote Network Settings?

      1. zeeshan

        adding a single ip address from remote ip from EAC –> MailFlow –>Receive Connectors –> Relay –>Scoping –>*Remote network settings should not remove old ip addresses from the existing receive connector is it Paul ? also, how to get the type of connector (example internal external or custom)

  13. Gary Jackson

    I’m trying to reduce my exposure of my internal relay connector. My issue is though I have ranges included throughout in addition to IPs. How can I gather logs and determine which actual IPs are hitting my connector so I can remove these ranges after adding the IPs? I had feeling like I’m over exposed. Thanks!
    Gary

    1. Avatar photo

      Turn on protocol logging for the connector, and use Log Parser to analyze the logs.

      Here’s an example:
      https://www.practical365.com/exchange-2010-report-top-sender-ips-log-parser/

      Keep in mind that the protocol log will contain entries for every receive connector that has protocol logging enabled, so you might want to modify that Log Parser query to only show hits on one specific connector.

  14. TED

    Thanks for the info… but I need remove multiples IP from the connector and I’m not sure how is the command for remove a multiple IP.

  15. Greg Powlin

    What is the default setting when Exchange s first installed?

  16. CMRamos

    Great post with clear and concise instructions for importing, BUT what about exporting the “RemoteIPRanges” to a single column LIST IP’s, Ranges and Subnets already in the relay? Something that we can more easily read, imported into a spreadsheet, and reconciled to update the permitted hosts as you outlined above?

    i.e. We want the TXT output to list

    192.168.1.1-192.168.1.125
    192.168.1.200
    192.168.1.220
    10.10.1.0/25

    And NOT…
    192.168.1.1-192.168.1.125,192.168.1.200,192.168.1.220,10.10.1.0/25

    1. Michael H.

      $RemoteIPs=@()
      $IPs=(Get-ReceiveConnector “ExchangeServerDefault ExchangeServer”).RemoteIPRanges
      foreach($IP in $IPs) {
      Switch ($IP.RangeFormat) {
      “SingleAddress” {$RemoteIPs += $IP.LowerBound.ToString()}
      “LoHi” {$RemoteIPs += ($IP.LowerBound.ToString() + “-” + $IP.UpperBound.ToString())}
      “CIDR” {$RemoteIPs += ($IP.LowerBound.ToString() + “/” + $IP.CIDRLength.ToString())}
      }
      }
      $RemoteIPs | Out-File RemoteIPRanges.txt

  17. Eddie

    When adding or removing an ip address to our smtp relay connector we receive this error:
    “Starting acommand on remote server failed with the following error message: The WinRM client sent a request to the remote WS-Management service and was notified that the request size exceeded the configured MaxEnvelopeSize Quota. For more information, see the about_Remote_Troubleshooting Help topic.”

    The MaxEnvelopeSizekb settings is default at “500”, and increasing it to 700 doesn’t solve this problem. Does someone have an idea how to and where to look for, its not the MaxEnvelopeSize in my opion.

    1. Greg Powlin

      Eddie,

      Did you get an answer on this? I have a similar issue and increasing to 700 did help, but didn’t resolve issue for larger queries.

      Thanks,

  18. Tim Kuhnell

    Hi,

    Can I add subnets like

    10.1.16.0/20
    10.2.16.0/20
    10.3.16.0/20

    To an existing receive connector?

    Thanks in advance.

    Tim

    1. Liran Zamir

      Hi Tim

      The answer is yes.
      In the text file you can add subnets and ranges like this:
      10.10.139.0/24
      10.2.193.1-10.2.193.102

      Liran

  19. Rob

    Fantastic! Saved hours of manual entry. Thanks again Paul.

  20. Rossell

    Excellent post! Thanks

  21. David Lockridge

    I figured out a loop for multiple Rec Connectors. It throws and error, but still adds the new IPs and keeps the old ones. In my environment, I have “Internal Only” and “External Allowed” connectors on multiple servers.

    $INTRecConns = Get-ReceiveConnector |Where {$_.Name -like “*Internal*”}
    $File = “C:TempNewINTIps.txt”

    Foreach ($Conn in $INTRecConns) {
    $i = Get-ReceiveConnector $Conn
    Get-Content $File |foreach {$i.RemoteIPRanges += “$_”}
    Set-ReceiveConnector $i -RemoteIPRanges $i.RemoteIPRanges
    }
    }

  22. Dave

    I have a question on doing the converse – removing one or more IP’s from a Receive connector for a situation when a relay server is decommissioned. Would that simply involve changing the += below to a -= ?

    Get-Content .newips.txt | foreach {$RecvConn.RemoteIPRanges += “$_”}

      1. Ranga

        Hi Paul , We have relay enabled in Exchange 2013 EDGE server. Hence we can’t manually remove single ip from console .
        So to remove the single ip . -= correct ?

  23. vadim

    Ok, thanks. Will try. In the past I had some troubles of getting the properly formatted text file to be used with Win PowerShell for input. Maybe thats how I made it work – putting records in line by line.

  24. vadim

    Helpful article (and following comments). One question – talking about text file used for importing IPs, what exactly is the format of records in the file? Just type in all IPs row by row, comma delimited, one IP per line? Or else?

  25. Joakim

    Thanks for replying, Yes it can ping the server normally (with hostname and ip address). For the antivirus, I’m not really sure it block the outbound SMTP because it can telnet the old exchange 2003 server as well.
    I’ll enable the Protocol Logging on the RC to see if it works.

    Thanks again

  26. Joakim

    Hi,

    We migrated from exchange 2003 to 2010. We have many servers and application using the old server, so I had to put one by one the ip address of these application server to the new Relay connector on the new exchange 2010 so they can send email. Every thing is working fine, but only one server could not telnet this relay server. I’ve already add the IP on the list. It can telnet the exchange 2003 not the 2010.
    I got the error below
    Connecting To mgprelay01…Could not open connection to the host, on port 25: Connect failed

    Could you help please?
    Thanks

    1. Avatar photo

      Can you ping the server? Not a simple routing issue?

      I’ve seen firewalls (both network and client firewalls) as well as some antivirus products cause problems like that (eg preventing outbound SMTP from the server because it looks like a worm/trojan). So check for those.

      What you can also do is enable Protocol Logging on the Receive Connector on the server you’re trying to telnet to, then inspect the protocol logs after trying to make the connection to see whether the traffic is hitting it or not.

  27. Josh

    Excellent Post. Very helpful.
    Thank you.

  28. Holt Satterfield

    Hey, Paul —

    We just built an Exchange 2010 and migrated all the mailboxes from the old 2003 Exchange box. My integrator says he usually adds ALL the IP addresses (and in our case, all the subnet ranges) into the Relay Connector. This is opposed to just devices that usually send mail — scanners, copiers, accounting/equitrac servers.

    What say you about adding all my IP ranges into the Exchange 2010 Relay Connector?
    Thanks.

    1. Avatar photo

      It is a “low effort” approach. I’ve permitted entire IP ranges in some cases before, usually for things like desktop apps that need direct SMTP relay but the pc’s are on a DHCP range without reservations (reservations might sound like a logical solution to that, but they add “yet another thing” to manage and will of course break if the user gets a new pc or logs on to a different one).

      I wouldn’t do it on insecure networks, eg wireless where a guy in his car outside the building uses your server to relay spam.

      And as long as they aren’t creating an open relay that can be exploited from the internet then it’s probably fine.

  29. aaron

    Hey Paul,

    My list of receive connectors is truncated … Even when results outputted to .txt file. Is there a way to have it show the entire list

    [PS] C:\>Get-ReceiveConnector “internal relay” |fl remoteipranges >C:UsersuwhadminDocumentsoutputremoteip.txt

    RemoteIPRanges : {10.150.12.21, 10.150.31.63, 10.150.21.35, 10.0.10.13, 10.30.15.27, 10.0.1.7, 10.150.11.14, 10.150.50.191, 10.150.53.196, 10.150.53.197, 10.150.50.195, 10.150.52.197, 10.150.50.192, 10.150.50.193, 10.150.11.62, 10.0.1.24…}

  30. Liran Zamir

    Strangest thing
    Exchange 2010 SP1+Rollup 4. When running the import with a text file containing a list of IP addresses
    the following error occurs for each IP address:

    [PS] C:Windowssystem32>Get-Content .iplist.txt | foreach {$RecvConn.RemoteIPRanges += “$_”}
    Exception setting “RemoteIPRanges”: “Cannot convert value “System.Object[]” to type “Microsoft.Exchange.Data.MultiValue
    dProperty`1[Microsoft.Exchange.Data.IPRange]”. Error: “The value ‘1.1.1.1’ is already present in the collection.””
    At line:1 char:47
    + Get-Content .iplist.txt | foreach {$RecvConn. <<<< RemoteIPRanges += "$_"}
    + CategoryInfo : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : PropertyAssignmentException

    Exception setting "RemoteIPRanges": "Cannot convert value "System.Object[]" to type "Microsoft.Exchange.Data.MultiValue
    dProperty`1[Microsoft.Exchange.Data.IPRange]". Error: "The value '10.4.10.210' is already present in the collection.""
    At line:1 char:47
    + Get-Content .iplist.txt | foreach {$RecvConn. <<<< RemoteIPRanges += "$_"}
    + CategoryInfo : InvalidOperation: (:) [], RuntimeException
    + FullyQualifiedErrorId : PropertyAssignmentException

    Can someone assist ???

      1. Liran Zamir

        Thanks, I managed.
        None of the IP addresses were already present. The trick for me to get it to work was to specify
        In the first line the full connector name (including the server name) instead of only the connector name.

        Thanks!

      2. Rodney Ferretti

        I notice that if you have an error like “The value ‘xx.xx.xx.xxx’ is already present in the collection.””, the script stops.
        Anyone knows how can I make the script still running and putting the rest of the IPs to the receive connector even with some errors ?
        Tks in advance.

  31. Jim M

    It looks like it’s an Active Directory thing. AD2000 has ~800 limit, and AD2003 has ~1300. I think we’re on a functional 2000 domain.

    http://social.technet.microsoft.com/Forums/en/exchangesvrmigration/thread/538f9e35-9901-40cf-b9fa-1e4895c13a68

    All of these entries are for printers that scan and email. Maybe an easier way would be to make an authenticated receive connector and just change the printer settings to authenticate with a generic account. Sounds a little easier huh….

  32. Jim M

    Hello,
    I liked the script above but when I hit exactly 863 ip’s in a receive connector I can no longer add any more IPs. I receive the error below. Has anyone ran into this error? I get the same thing when adding an additional entry in the GUI as well. I’ve read it is a limitation of Active Directory.

    Set-ReceiveConnector : Active Directory operation failed on c15088dc3001.mydomain.
    com. This error is not retriable. Additional information: The administrative li
    mit for this request was exceeded.
    Active directory response: 00002024: SvcErr: DSID-02080490, problem 5008 (ADMIN
    _LIMIT_EXCEEDED), data -1112
    At line:1 char:32

    Is the only workaround adding another receive-connector? I am not in the position of adding a range, because it’s an anonymous POP3 Connector.

    1. Avatar photo

      Well having never added 863 IP’s to a Receive Connector I can’t say I’ve ever hit that limit 🙂

      I guess either add another connector so you can add more IP’s. Or try to make some or all of them authenticated connections instead so you don’t have to limit by IP address.

      One other (maybe not so good) idea would be to restrict the IP’s using a firewall rule instead, and just leave the Receive Connector open, but that would not be my ideal choice.

    1. Erwin

      get-receiveconnector | where {$_.Name -like “*Default*”} | Set-ReceiveConnector -RemoteIPRanges (Get-Content .iplist.txt)

  33. Yee

    how do you add multiple IP addresses from a text file to multiple Hub Transport connectors?

Leave a Reply