ISA Server & Powershell

I’ve recently been trying to find a way to work with ISA 2006 using powershell; it’s not as straightforward as I would have hoped as all the docs are for C and Vbscript and they’re not exactly full of information anyway. That said, a few people seem to have been managing so I dived in and came up with this; it’s a Powershell script to add IP address ranges (In my case, just single addresses) from a text file to an ISA Network object (for the purposes of blacklisting). Requires Powershell v2 and needs to be run on an ISA server. For the record, the ISA API is horrible.

<#
.SYNOPSIS
Adds specified IP address ranges to a given Network in ISA
.PARAMETER network
Network Name to edit
.PARAMETER path
Path to file containing list of IPs to add
#>
 
param
(
	[Parameter(Mandatory=$true,ParameterSetName="path",ValueFromPipelineByPropertyName=$true,Position=1,Helpmessage="Path to file containing list of IPs to add")]$path
	[Parameter(Mandatory=$true,ParameterSetName="network",ValueFromPipelineByPropertyName=$true,Position=0,Helpmessage="Network Name to edit")]$network
)
 
#Create ISA COM Objects
$root = new-object -comObject "FPC.Root" -strict
#Get our array (well, there is only one in this case)
$server = $root.Arrays | Select-Object -first 1
#Get IPRangeSet for the required network
$ipranges = $server.NetworkConfiguration.Networks.item($network).IpRangeSet
 
$file = gc $path
 
foreach($ip in $file){
 
	$flag = 0
 
	foreach($iprange in $ipranges){
		if($iprange.ip_from -match $ip){$flag = 1}
	}
 
	if($flag -ne 1){$ipranges.add($ip,$ip)}
}
 
$ipranges.save()