Trouble with transport rule creation

We recently updated our environment to Exchange 2013 SP1.. So far so good, but we have come across a problem we can't seem to figure out.  In our 2010 enviornment, we were using an edge transport server to apply various legal disclaimers to our outbound email messages (based on recipient domain).  We have since deployed a 2013 edge transport server, but can't seem to get the command together that will allow us to create these rules again.  

This is the command I'm executing:

New-TransportRule -Name 'contoso.com TLS Footer' -Enabled $True -Mode Enforce -RecipientAddressMatchesPatterns '@contoso.com$' -SentToScope NotInOrganization -ApplyHtmlDisclaimerLocation Append -ApplyHtmlDisclaimerFallbackAction Reject -ApplyHtmlDisclaimerText 'The message was protected by the contoso.com TLS Connection.' 

This is the error:

New-TransportRule : A parameter was specified that isn't valid on an Edge Transport server.
At line:1 char:1
+ New-TransportRule -Name "contoso.com tls footer" -Enabled $true -Mode Enforce -Recipien ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidArgument: (SentToScope:String) [New-TransportRule], ArgumentException
    + FullyQualifiedErrorId : [Server=edge,RequestId=xxxxxxxx,TimeStamp=8/17/2015 7:29:31 PM] [FailureCategory=Cmdlet-ArgumentException] 7C733186,Microsoft.Exchange.MessagingPolicies.Rules.Tasks.NewTransportRule

Any thoughts here?  I've scoured the documentation for this command and can't seem to find what I'm missing.  Why is it considering the 'SentToScope' invalid?

Thanks in advance



  • Edited by steelie Monday, August 17, 2015 8:13 PM formatting
August 17th, 2015 8:12pm

Of course.. That was part of the initial deployment of the edge transport server.  Just for background, the edge server is outside the domain on the perimeter network, and only hosts the edge transport role.  The mailbox and client access roles are hosted inside on different mail servers.  Since I don't have a GUI for edge administration anymore, I can't create the rules without powershell (which in the long run will make this easier, but I can't even get the first one created.)
  • Edited by steelie Monday, August 17, 2015 8:46 PM
Free Windows Admin Tool Kit Click here and download it now
August 17th, 2015 8:46pm

Hi,

Please run the following command to list the conditions and actions available for use on Edge Transport servers.

Get-TransportRulePredicate

Get-TransportRuleAction

And take more test by removing some parameters. Let us know the results.

Best Regards.

August 18th, 2015 3:58am

[PS] C:\temp>Get-TransportRuleAction

Name                                                    Rank
----                                                    ----
LogEvent                                                0
PrependSubject                                          1
SetSCL                                                  2
SetHeader                                               3
RemoveHeader                                            4
AddToRecipient                                          5
CopyTo                                                  6
BlindCopyTo                                             7
Disconnect                                              8
RedirectMessage                                         9
Quarantine                                              10
SmtpRejectMessage                                       11
DeleteMessage                                           12
StopRuleProcessing                                      13

-------------------------------------------------------------------

[PS] C:\temp>Get-TransportRulePredicate

Name                                                    Rank
----                                                    ----
SCLOver                                                 0
AttachmentSizeOver                                      1
MessageSizeOver                                         2
FromScope                                               3
HeaderContains                                          4
SubjectContains                                         5
FromAddressContains                                     6
SubjectOrBodyContains                                   7
AnyOfRecipientAddressContains                           8
HeaderMatches                                           9
SubjectMatches                                          10
SubjectOrBodyMatches                                    11
FromAddressMatches                                      12
AnyOfRecipientAddressMatches                            13

------------------------------------------------------------------

What am I looking for?



  • Edited by steelie 20 hours 53 minutes ago
Free Windows Admin Tool Kit Click here and download it now
August 18th, 2015 6:38am

[PS] C:\temp>Get-TransportRuleAction

Name                                                    Rank
----                                                    ----
LogEvent                                                0
PrependSubject                                          1
SetSCL                                                  2
SetHeader                                               3
RemoveHeader                                            4
AddToRecipient                                          5
CopyTo                                                  6
BlindCopyTo                                             7
Disconnect                                              8
RedirectMessage                                         9
Quarantine                                              10
SmtpRejectMessage                                       11
DeleteMessage                                           12
StopRuleProcessing                                      13

-------------------------------------------------------------------

[PS] C:\temp>Get-TransportRulePredicate

Name                                                    Rank
----                                                    ----
SCLOver                                                 0
AttachmentSizeOver                                      1
MessageSizeOver                                         2
FromScope                                               3
HeaderContains                                          4
SubjectContains                                         5
FromAddressContains                                     6
SubjectOrBodyContains                                   7
AnyOfRecipientAddressContains                           8
HeaderMatches                                           9
SubjectMatches                                          10
SubjectOrBodyMatches                                    11
FromAddressMatches                                      12
AnyOfRecipientAddressMatches                            13

------------------------------------------------------------------

What am I looking for?



  • Edited by steelie Tuesday, August 18, 2015 10:37 AM
August 18th, 2015 10:36am

Bump
Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 7:36am

Hi Steelie,

I have tested your cmdlet on Mailbox Server and it works just fine. Have you tested it on MailboxServer?

The article is listing out all the parameters supported by Ex2013 (Mailbox + Edge) and your cmdlet doesn't seem to be having any unsupported parameter name.

Only parameter not supported by Edge is -DomainControllter

New-TransportRule

https://technet.microsoft.com/en-us/library/bb125138%28v=exchg.150%29.aspx?f=255&MSPPError=-2147217396

Run this cmdlet on your Edge server to confirm the parameter list.

Get-Help New-TransportRule -full

How about you look for the same in EAC.

Missing options sometimes, indicate issue with RBAC permissi

August 21st, 2015 8:25am

The cmdlet does list all of the options available to the new-edgetransportrule function (including the ones that are failing for us), however, our edge server does NOT have the mailbox role installed, only the edge transport role.  This functionality existed in Exchange 2010's edge transport role (we were using it without the mbx or CAS role), so if I need to add the other roles to my 2013 edge server I will be very disappointed.  This makes no sense to me that the full functionality of the 2013 transport rules doesn't exist on a server with only the 2013 edge transport role installed...
Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 8:33am

Hi Steelie,

I might be wrong, looking at this shows there is some limitation.

https://technet.microsoft.com/en-us/library/dd638183(v=exchg.150).aspx#EdgePropertyValues

You might want to add a disclaimer at mailbox level itself as a work around.

(NOTE:- I was refering to a separate mailbox server box, edge can't co-locate ma

August 21st, 2015 8:39am

Right.. that was the article we found and hence the reason I opened this thread.  What's strange is that I am able to build the command, but the error is an "invalid parameter..."  I mean, I just can't believe the full capabilities of the rule don't exist anymore for the edge role.  

The whole reason we preferred not to use this on the mailbox server is because of the performance hit during mail processing.  We have 60+ rules, and when all messages need to be processed through every rule, it greatly increases delivery time.  Breaking out the role to an edge server was a simple but effective solution for this, since only outbound email was processed through the rules.  

I guess I need to submit this to Microsoft somehow to see if they wouldn't mind adding this back to the role.  

Thanks all for your help.


Free Windows Admin Tool Kit Click here and download it now
August 21st, 2015 8:47am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics