From 417bf7bf3907e41838b5116f12eac05fb231b9ea Mon Sep 17 00:00:00 2001 From: Lukas Sassl Date: Wed, 5 Jul 2023 18:16:18 +0200 Subject: [PATCH] Validate proxy set via Set-ExchangeServer --- .../Invoke-AnalyzerExchangeInformation.ps1 | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/Diagnostics/HealthChecker/Analyzer/Invoke-AnalyzerExchangeInformation.ps1 b/Diagnostics/HealthChecker/Analyzer/Invoke-AnalyzerExchangeInformation.ps1 index cc8478ba87..fa5b90762a 100644 --- a/Diagnostics/HealthChecker/Analyzer/Invoke-AnalyzerExchangeInformation.ps1 +++ b/Diagnostics/HealthChecker/Analyzer/Invoke-AnalyzerExchangeInformation.ps1 @@ -248,7 +248,21 @@ function Invoke-AnalyzerExchangeInformation { $params = $baseParams + @{ Name = "Internet Web Proxy" - Details = $( if ([string]::IsNullOrEmpty($internetProxy)) { "Not Set" } else { $internetProxy } ) + Details = $internetProxy + } + + if ([string]::IsNullOrEmpty($internetProxy)) { + $params.Details = "Not Set" + } elseif ($internetProxy -notmatch "(http:\/\/)(?:[a-z0-9](?:[a-z0-9-]{0,61}[a-z0-9])?\.)+[a-z0-9][a-z0-9-]{0,61}[a-z0-9]") { + <# + We use the WebProxy class WebProxy(Uri, Boolean, String[]) constructor when running Set-ExchangeServer -InternetWebProxy, + which throws an UriFormatException if the URI provided cannot be parsed. + This is the case if it doesn't follow the scheme as per RFC 2396 (https://datatracker.ietf.org/doc/html/rfc2396#section-3.1). + However, we sometimes see cases where customers have set an invalid proxy url that cannot be used by Exchange Server + (e.g., https://proxy.contoso.local, ftp://proxy.contoso.local or even proxy.contoso.local). + #> + $params.Details = "$internetProxy is invalid as it must start with http://" + $params.Add("DisplayWriteType", "Red") } Add-AnalyzedResultInformation @params