“Cloning” Exchange 2013\2016 Receive Connectors

I’ve recently come across a need to copy over a large set of rules from one Edge server to another Edge server. Since these servers are in the DMZ and are not “officially” part of the Exchange organization without an Edge subscription, you can’t use clever scripts like this one to get the job done. Now, based on what has to get done here, your mileage may vary, but you can use this bit of advice as a starting point.

The first thing you’ll want to do is export all of the connectors (minus the Default connector created when you install the Edge role). You’ll run this on the “source” server:

Then you’ll want to make sure you grab all of the non-default permissions (such as those you add when you need to enable a relay to the internet). You’ll run this on the “source” server:

Then you’ll need to copy those XML files to the machines you wish to be the destination. Once you do that, you’ll want to import those files into two variables – one for the connectors and one for the permissions. You’ll run this on the “destination” server:

You can double-check the entries by just typing the variable names and hitting Enter. You should see all of your connectors (don’t worry about the server name; that’s not coming over). Next, you’ll want to do a “-WhatIf” to see what happens when you run the following command. Again, you’ll absolutely need to tweak this for your purposes, but, as-is, this should get you through th hardest part. You’ll run this on the “destination” server from an Exchange Management Shell prompt (I recommend you copy and paste the below code into Notepad and tweak it as you need to – again – “-WhatIf” is your friend!):

If all looks well and you get no errors, run the same command again, but remove the “-WhatIf” from the end. Now that you’ve got your connectors created\configured, you’ll want to fix up the permissions. Just like above, you’ll want to make sure this works for you and your environment, but like before, this should at least get you going:

The main issues I was having with getting some the advice I found online was mainly with how PowerShell was passing along the -RemoteIPRanges parameter. The actual entry is under the sub-parameter “Expression”. So, let’s say you’ve got a variable by the name of $connector with the metadata of your connector in, including RemoteIPRanges. You can run $connector.RemoteIpRanges and you’ll see a few things there like UpperBound, LowerBound, etc… However, none of this is useful when passing it to a “Set-” or a “New-“. In this case, the “Expression” field in the RemoteIPRanges parameter is what was needed.

In conclusion, this article is absolutely not meant to be an end-all, be-all. You absolutely must test all of this. I had some success with it in my lab and I wanted to share it with you! Happy cloning!

 

 

 

Advertisements

Leave a Reply

Your email address will not be published. Required fields are marked *