diff --git a/AADApplication.md b/AADApplication.md index 4762772..4c1ee13 100644 --- a/AADApplication.md +++ b/AADApplication.md @@ -17,15 +17,13 @@ | **IdentifierUris** | Write | StringArray[] | User-defined URI(s) that uniquely identify a Web application within its Azure AD tenant, or within a verified custom domain. || | **KnownClientApplications** | Write | StringArray[] | Client applications that are tied to this resource application. || | **LogoutURL** | Write | String | The logout url for this application. || -| **Oauth2AllowImplicitFlow** | Write | Boolean | Specifies whether this web application can request OAuth2.0 implicit flow tokens. The default is false. || -| **Oauth2AllowUrlPathMatching** | Write | Boolean | Specifies whether, as part of OAuth 2.0 token requests, Azure AD will allow path matching of the redirect URI against the application's replyUrls. The default is false. || | **Oauth2RequirePostResponse** | Write | Boolean | Set this to true if an Oauth2 psot response is required. || | **PublicClient** | Write | Boolean | Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false. || | **ReplyURLs** | Write | StringArray[] | Specifies the URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to. || -| **SamlMetadataUrl** | Write | String | The URL to the SAML metadata for the application. || | **Ensure** | Write | String | Specify if the Azure AD App should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure AD Admin || +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **Permissions** | Write | InstanceArray[] | API permissions for the Azure Active Directory Application. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -75,12 +73,9 @@ Configuration Example IdentifierUris = "https://app.contoso.com" KnownClientApplications = "" LogoutURL = "https://app.contoso.com/logout" - Oauth2AllowImplicitFlow = $false - Oauth2AllowUrlPathMatching = $false Oauth2RequirePostResponse = $false PublicClient = $false ReplyURLs = "https://app.contoso.com" - SamlMetadataUrl = "" Permissions = @( MSFT_AADApplicationPermission { @@ -105,7 +100,7 @@ Configuration Example } ) Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/AADConditionalAccessPolicy.md b/AADConditionalAccessPolicy.md index e0067c2..0995ddd 100644 --- a/AADConditionalAccessPolicy.md +++ b/AADConditionalAccessPolicy.md @@ -36,9 +36,10 @@ | **PersistentBrowserIsEnabled** | Write | Boolean | Specifies, whether Browser Persistence is controlled by the Policy. || | **PersistentBrowserMode** | Write | String | Specifies, what Browser Persistence control is enforced by the Policy. |Always, Never, | | **Ensure** | Write | String | Specify if the Azure AD CA Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure Active Directory Admin || +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # AADConditionalAccessPolicy @@ -97,7 +98,7 @@ Configuration Example { AADConditionalAccessPolicy Allin-example { - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; BuiltInControls = @("Mfa", "CompliantDevice", "DomainJoinedDevice", "ApprovedApplication", "CompliantApplication"); ClientAppTypes = @("ExchangeActiveSync", "Browser", "MobileAppsAndDesktopClients", "Other"); CloudAppSecurityIsEnabled = $True; diff --git a/AADGroup.md b/AADGroup.md new file mode 100644 index 0000000..b3113c6 --- /dev/null +++ b/AADGroup.md @@ -0,0 +1,76 @@ +# AADGroup + +## Parameters + +| Parameter | Attribute | DataType | Description | Allowed Values | +| --- | --- | --- | --- | --- | +| **DisplayName** | Key | String | DisplayName of the Azure Active Directory Group || +| **MailNickname** | Key | String | Specifies a mail nickname for the group. || +| **Description** | Write | String | Specifies a description for the group. || +| **Id** | Write | String | Specifies an ID for the group. || +| **GroupTypes** | Write | StringArray[] | Specifies that the group is a dynamic group. To create a dynamic group, specify a value of DynamicMembership. || +| **MembershipRule** | Write | String | Specifies the membership rule for a dynamic group. || +| **MembershipRuleProcessingState** | Write | String | Specifies the rule processing state. The acceptable values for this parameter are: On. Process the group rule or Paused. Stop processing the group rule. |On, Paused| +| **SecurityEnabled** | Write | Boolean | Specifies whether the group is security enabled. For security groups, this value must be $True. || +| **MailEnabled** | Write | Boolean | Specifies whether this group is mail enabled. Currently, you cannot create mail enabled groups in Azure AD. || +| **IsAssignableToRole** | Write | Boolean | Specifies whether this group can be assigned a role. Only available when creating a group and can't be modified after group is created. || +| **Visibility** | Write | String | This parameter determines the visibility of the group's content and members list. |Public, Private, HiddenMembership| +| **Ensure** | Write | String | Specify if the Azure AD Group should exist or not. |Present, Absent| +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || +| **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || +| **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || + +# AADGroup + +### Description + +This resource configures an Azure Active Directory group. + +## Azure AD Permissions + +To authenticate via Azure Active Directory, this resource required the following Application permissions: + +* **Automate** + * None +* **Export** + * None + +NOTE: All permisions listed above require admin consent. + +## Examples + +### Example 1 + +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. + +```powershell +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $credsGlobalAdmin + ) + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + AADGroup MyGroups + { + DisplayName = "DSCGroup" + Description = "Microsoft DSC Group" + SecurityEnabled = $True + MailEnabled = $True + GroupTypes = @("Unified") + MailNickname = "M365DSC" + Visibility = "Private" + Credential = $credsGlobalAdmin + Ensure = "Present" + } + } +} +``` + diff --git a/AADGroupLifecyclePolicy.md b/AADGroupLifecyclePolicy.md new file mode 100644 index 0000000..f1754a4 --- /dev/null +++ b/AADGroupLifecyclePolicy.md @@ -0,0 +1,66 @@ +# AADGroupLifecyclePolicy + +## Parameters + +| Parameter | Attribute | DataType | Description | Allowed Values | +| --- | --- | --- | --- | --- | +| **IsSingleInstance** | Key | String | Only valid value is 'Yes'. |Yes| +| **GroupLifetimeInDays** | Required | UInt32 | The number of days a group can exist before it needs to be renewed. || +| **ManagedGroupTypes** | Required | String | This parameter allows the admin to select which office 365 groups the policy will apply to. 'None' will create the policy in a disabled state. 'All' will apply the policy to every Office 365 group in the tenant. 'Selected' will allow the admin to choose specific Office 365 groups that the policy will apply to. |All, None, Selected| +| **AlternateNotificationEmails** | Required | StringArray[] | Notification emails for groups that have no owners will be sent to these email addresses. || +| **Ensure** | Write | String | Specify if the Azure AD Groups Lifecycle Policy should exist or not. |Present, Absent| +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || +| **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || +| **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || + +# AADGroupLifecyclePolicy + +### Description + +This resource configures an Azure Active Directory Group Lifecycle Policy (e.g. Expiration). + +## Azure AD Permissions + +To authenticate via Azure Active Directory, this resource required the following Application permissions: + +* **Automate** + * None +* **Export** + * None + +NOTE: All permisions listed above require admin consent. + +## Examples + +### Example 1 + +This example is used to test new resources and showcase the usage of new resources being worked on. +It is not meant to use as a production baseline. + +```powershell +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $credsGlobalAdmin + ) + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + AADGroupLifecyclePolicy GroupLifecyclePolicy + { + AlternateNotificationEmails = @("john.smith@contoso.com"); + Ensure = "Present"; + Credential = $credsGlobalAdmin; + GroupLifetimeInDays = 99; + IsSingleInstance = "Yes"; + ManagedGroupTypes = "Selected"; + } + } +} +``` + diff --git a/AADGroupsNamingPolicy.md b/AADGroupsNamingPolicy.md index a4ad5c2..0b3e33c 100644 --- a/AADGroupsNamingPolicy.md +++ b/AADGroupsNamingPolicy.md @@ -8,9 +8,10 @@ | **PrefixSuffixNamingRequirement** | Write | String | Prefixes and suffixes to add to the group name. || | **CustomBlockedWordsList** | Write | StringArray[] | Comma delimited list of words that should be blocked from being included in groups' names. || | **Ensure** | Write | String | Specify if the Azure AD Groups Naming Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure Active Directory Admin || +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # AADGroupsNamingPolicy @@ -52,7 +53,7 @@ Configuration Example AADGroupsNamingPolicy GroupsNamingPolicy { CustomBlockedWordsList = @("CEO", "President"); - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; IsSingleInstance = "Yes"; PrefixSuffixNamingRequirement = "[Title]Test[Company][GroupName][Office]Redmond"; Ensure = "Present"; diff --git a/AADGroupsSettings.md b/AADGroupsSettings.md index 7442418..f87a109 100644 --- a/AADGroupsSettings.md +++ b/AADGroupsSettings.md @@ -13,9 +13,10 @@ | **AllowToAddGuests** | Write | Boolean | A boolean indicating whether or not is allowed to add guests to this directory. || | **UsageGuidelinesUrl** | Write | String | A link to the Group Usage Guidelines. || | **Ensure** | Write | String | Specify if the Azure AD Groups Naming Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure Active Directory Admin || +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # AADGroupsNamingPolicy @@ -61,7 +62,7 @@ Configuration Example AllowToAddGuests = $True; EnableGroupCreation = $True; Ensure = "Present"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; GroupCreationAllowedGroupName = "All Company"; GuestUsageGuidelinesUrl = "https://contoso.com/guestusage"; IsSingleInstance = "Yes"; diff --git a/AADNamedLocationPolicy.md b/AADNamedLocationPolicy.md index 5b18330..d32087f 100644 --- a/AADNamedLocationPolicy.md +++ b/AADNamedLocationPolicy.md @@ -4,17 +4,18 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **OdataType** | Write | String | Specifies the Odata Type of a Named Location policy object in Azure Active Directory |#microsoft.graph.countryNamedLocation, #microsoft.graph.ipNamedLocation| -| **Id** | Write | String | Specifies the ID of a Named Location policy in Azure Active Directory. || -| **DisplayName** | Key | String | Specifies the Display Name of a Named Location policy in Azure Active Directory || -| **IpRanges** | Write | StringArray[] | Specifies the IP ranges of the Named Location policy in Azure Active Directory || -| **IsTrusted** | Write | Boolean | Specifies the isTrusted value for the Named Location policy in Azure Active Directory || -| **CountriesAndRegions** | Write | StringArray[] | Specifies the countries and regions for the Named Location policy in Azure Active Directory || -| **IncludeUnknownCountriesAndRegions** | Write | Boolean | Specifies the includeUnknownCountriesAndRegions value for the Named Location policy in Azure Active Directory || +| **OdataType** | Write | String | Specifies the Odata Type of a Named Location object in Azure Active Directory |#microsoft.graph.countryNamedLocation, #microsoft.graph.ipNamedLocation| +| **Id** | Write | String | Specifies the ID of a Named Location in Azure Active Directory. || +| **DisplayName** | Key | String | Specifies the Display Name of a Named Location in Azure Active Directory || +| **IpRanges** | Write | StringArray[] | Specifies the IP ranges of the Named Location in Azure Active Directory || +| **IsTrusted** | Write | Boolean | Specifies the isTrusted value for the Named Location in Azure Active Directory || +| **CountriesAndRegions** | Write | StringArray[] | Specifies the countries and regions for the Named Location in Azure Active Directory || +| **IncludeUnknownCountriesAndRegions** | Write | Boolean | Specifies the includeUnknownCountriesAndRegions value for the Named Location in Azure Active Directory || | **Ensure** | Write | String | Specify if the Azure AD Named Location should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure AD Admin || +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # AADNamedLocationPolicy @@ -61,7 +62,7 @@ Configuration Example IsTrusted = $True; OdataType = "#microsoft.graph.ipNamedLocation"; TenantId = $ConfigurationData.NonNodeData.TenantId; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } AADNamedLocationPolicy AllowedCountries { @@ -71,7 +72,7 @@ Configuration Example IncludeUnknownCountriesAndRegions = $False; OdataType = "#microsoft.graph.countryNamedLocation"; TenantId = $ConfigurationData.NonNodeData.TenantId; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/AADRoleDefinition.md b/AADRoleDefinition.md index da2b00c..b3a149a 100644 --- a/AADRoleDefinition.md +++ b/AADRoleDefinition.md @@ -13,9 +13,10 @@ | **TemplateId** | Write | String | Specifies template id for the role definition. || | **Version** | Write | String | Specifies version for the role definition. || | **Ensure** | Write | String | Specify if the Azure AD Role definition should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure AD Admin || +| **Credential** | Write | PSCredential | Credentials of the Azure AD Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # AADRoleDefintiion @@ -68,7 +69,7 @@ Configuration Example RolePermissions = "microsoft.directory/applicationPolicies/allProperties/read","microsoft.directory/applicationPolicies/allProperties/update","microsoft.directory/applicationPolicies/basic/update" Version = "1.0" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/AADServicePrincipal.md b/AADServicePrincipal.md index 8ab2b53..0b73783 100644 --- a/AADServicePrincipal.md +++ b/AADServicePrincipal.md @@ -7,7 +7,7 @@ | **AppId** | Key | String | The unique identifier for the associated application. || | **ObjectID** | Write | String | The ObjectID of the ServicePrincipal || | **DisplayName** | Write | String | Displayname of the ServicePrincipal. || -| **AlternativeNames** | Write | StringArray[] | The atlernative names for this service principal || +| **AlternativeNames** | Write | StringArray[] | The alternative names for this service principal || | **AccountEnabled** | Write | Boolean | True if the service principal account is enabled; otherwise, false. || | **AppRoleAssignmentRequired** | Write | Boolean | Indicates whether an application role assignment is required. || | **ErrorUrl** | Write | String | Specifies the error URL of the ServicePrincipal. || @@ -23,7 +23,8 @@ | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure AD Admin || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || +| **Credential** | Write | PSCredential | Credentials of the Azure AD Admin || # AADServicePrincipal @@ -98,7 +99,7 @@ Configuration Example ServicePrincipalType = "Application" Tags = "{WindowsAzureActiveDirectoryIntegratedApp}" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/AADTenantDetails.md b/AADTenantDetails.md index e9d34da..1bd8d1f 100644 --- a/AADTenantDetails.md +++ b/AADTenantDetails.md @@ -9,9 +9,10 @@ | **SecurityComplianceNotificationMails** | Write | StringArray[] | Email-addresses from the people who should receive Security Compliance Notifications || | **SecurityComplianceNotificationPhones** | Write | StringArray[] | Phone Numbers from the people who should receive Security Notifications || | **TechnicalNotificationMails** | Write | StringArray[] | Email-addresses from the people who should receive Technical Notifications || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure Active Directory Admin || +| **Credential** | Write | PSCredential | Credentials of the Azure Active Directory Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # AAD Tenant Details @@ -55,7 +56,7 @@ Configuration Example { SecurityComplianceNotificationPhones = "+1123456789" SecurityComplianceNotificationMails = "exapmle@contoso.com" MarketingNotificationEmails = "exapmle@contoso.com" - GlobalAdminAccount = $GlobalAdmin + Credential = $GlobalAdmin IsSingleInstance = 'Yes' } } diff --git a/AADTokenLifetimePolicy.md b/AADTokenLifetimePolicy.md new file mode 100644 index 0000000..272af23 --- /dev/null +++ b/AADTokenLifetimePolicy.md @@ -0,0 +1,36 @@ +# AADTokenLifetimePolicy + +## Parameters + +| Parameter | Attribute | DataType | Description | Allowed Values | +| --- | --- | --- | --- | --- | +| **DisplayName** | Key | String | DisplayName of the Policy || +| **Id** | Write | String | ObjectID of the Policy. || +| **Description** | Write | String | Description of the Policy. || +| **Definition** | Write | StringArray[] | Definition of the Policy. || +| **IsOrganizationDefault** | Write | Boolean | IsOrganizationDefault of the Policy. || +| **Ensure** | Write | String | Specify if the Azure AD Policy should exist or not. |Present, Absent| +| **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. || +| **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || +| **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || + +# AADTokenLifetimePolicy + +### Description + +This resource configures the Azure AD Token Lifetime Policies + +## Azure AD Permissions + +To authenticate via Azure Active Directory, this resource required the following Application permissions: + +* **Automate** + * Policy.Read.All,Policy.ReadWrite.ApplicationConfiguration +* **Export** + * None + +NOTE: All permisions listed above require admin consent. + + diff --git a/EXOAcceptedDomain.md b/EXOAcceptedDomain.md index 0306b96..b2c37e0 100644 --- a/EXOAcceptedDomain.md +++ b/EXOAcceptedDomain.md @@ -9,7 +9,7 @@ | **DomainType** | Write | String | The type of AcceptedDomain. Currently the EXOAcceptedDomain DSC Resource accepts a value of 'Authoritative' and 'InternalRelay'. |Authoritative, InternalRelay| | **MatchSubDomains** | Write | Boolean | The MatchSubDomains parameter must be false on Authoritative domains. The default value is false. || | **OutboundOnly** | Write | Boolean | The OutboundOnly must be false on Authoritative domains. The default value is false. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -35,10 +35,10 @@ DomainType - Required: No (Defaults to 'Authoritative') - Description: The DomainType parameter specifies the accepted domain type. -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of a Microsoft 365 Admin Identity @@ -70,7 +70,7 @@ OutboundOnly EXOAcceptedDomain ExampleEmailDomain { Ensure = 'Present' Identity = 'example.contoso.com' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential } ``` diff --git a/EXOActiveSyncDeviceAccessRule.md b/EXOActiveSyncDeviceAccessRule.md index 77c9d3f..6155373 100644 --- a/EXOActiveSyncDeviceAccessRule.md +++ b/EXOActiveSyncDeviceAccessRule.md @@ -9,7 +9,7 @@ | **Characteristic** | Write | String | The Characteristic parameter specifies the device characteristic or category that's used by the rule. |DeviceModel, DeviceType, DeviceOS, UserAgent, XMSWLHeader| | **QueryString** | Write | String | The QueryString parameter specifies the device identifier that's used by the rule. This parameter uses a text value that's used with Characteristic parameter value to define the device. || | **Ensure** | Write | String | Specify if the Active Sync Device Access Rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOAddressBookPolicy.md b/EXOAddressBookPolicy.md index ba0adea..b44772b 100644 --- a/EXOAddressBookPolicy.md +++ b/EXOAddressBookPolicy.md @@ -10,7 +10,7 @@ | **OfflineAddressBook** | Write | String | The OfflineAddressBook parameter specifies the identity of the offline address book (OAB) that will be used by mailbox users who are assigned this address book policy. You can specify only one OAB for each address book policy. || | **RoomList** | Write | String | The RoomList parameter specifies the name of the room address list. || | **Ensure** | Write | String | Specify if the Address Book Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOAddressList.md b/EXOAddressList.md index 1f481a0..d58bcdc 100644 --- a/EXOAddressList.md +++ b/EXOAddressList.md @@ -27,7 +27,7 @@ | **IncludedRecipients** | Write | StringArray[] | The IncludedRecipients parameter specifies a precanned filter that's based on the recipient type. |AllRecipients, MailboxUsers, MailContacts, MailGroups, MailUsers, Resources| | **RecipientFilter** | Write | String | The RecipientFilter parameter specifies a custom OPath filter that's based on the value of any available recipient property. || | **Ensure** | Write | String | Specifies if this AddressList should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -67,7 +67,7 @@ Configuration Example ConditionalStateOrProvince = "US" IncludedRecipients = "AllRecipients" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/EXOAntiPhishPolicy.md b/EXOAntiPhishPolicy.md index 5ef8d92..3553e0d 100644 --- a/EXOAntiPhishPolicy.md +++ b/EXOAntiPhishPolicy.md @@ -12,6 +12,7 @@ | **TargetedDomainProtectionAction** | Write | String | The TargetedDomainProtectionAction parameter specifies the action to take on detected domain impersonation messages for the domains specified by the TargetedDomainsToProtect parameter. |BccMessage, Delete, MoveToJmf, NoAction, Quarantine, Redirect| | **TargetedUserProtectionAction** | Write | String | The TargetedUserProtectionAction parameter specifies the action to take on detected user impersonation messages for the users specified by the TargetedUsersToProtect parameter. |BccMessage, Delete, MoveToJmf, NoAction, Quarantine, Redirect| | **Enabled** | Write | Boolean | Specify if this policy should be enabled. Default is $true. || +| **EnableFirstContactSafetyTips** | Write | Boolean | The EnableFirstContactSafetyTips parameter specifies whether to enable or disable the safety tip that's shown when recipients first receive an email from a sender or do not often receive email from a sender. || | **EnableAntispoofEnforcement** | Write | Boolean | The EnableAntispoofEnforcement parameter specifies whether to enable or disable antispoofing protection for the policy. || | **EnableMailboxIntelligence** | Write | Boolean | The EnableMailboxIntelligence parameter specifies whether to enable or disable mailbox intelligence (the first contact graph) in domain and user impersonation protection. || | **EnableMailboxIntelligenceProtection** | Write | Boolean | The EnableMailboxIntelligenceProtection specifies whether to enable or disable enhanced impersonation results based on each user's individual sender map. This intelligence allows Microsoft 365 to customize user impersonation detection and better handle false positives. || @@ -23,6 +24,7 @@ | **EnableTargetedUserProtection** | Write | Boolean | The EnableTargetedUserProtection parameter specifies whether to enable user impersonation protection for the users specified by the TargetedUsersToProtect parameter || | **EnableUnauthenticatedSender** | Write | Boolean | The EnableUnauthenticatedSender parameter enables or disables unauthenticated sender identification in Outlook. || | **EnableUnusualCharactersSafetyTips** | Write | Boolean | The EnableUnusualCharactersSafetyTips parameter specifies whether to enable safety tips that are shown to recipients in messages for unusual characters in domain and user impersonation detections. || +| **EnableViaTag** | Write | Boolean | This setting is part of spoof protection. The EnableViaTag parameter enables or disables adding the via tag to the From address in Outlook. || | **MakeDefault** | Write | Boolean | Make this the default antiphishing policy || | **ExcludedDomains** | Write | StringArray[] | The ExcludedDomains parameter specifies trusted domains that are excluded from scanning by antiphishing protection. You can specify multiple domains separated by commas. || | **ExcludedSenders** | Write | StringArray[] | The ExcludedSenders parameter specifies a list of trusted sender email addresses that are excluded from scanning by antiphishing protection. You can specify multiple email addresses separated by commas. || @@ -33,7 +35,7 @@ | **TargetedDomainsToProtect** | Write | StringArray[] | The TargetedDomainsToProtect parameter specifies the domains that are included in domain impersonation protection when the EnableTargetedDomainsProtection parameter is set to $true. || | **TargetedUserActionRecipients** | Write | StringArray[] | The TargetedUserActionRecipients parameter specifies the replacement or additional recipients for detected user impersonation messages when the TargetedUserProtectionAction parameter is set to the value Redirect or BccMessage. A valid value for this parameter is an email address. You can specify multiple email addresses separated by commas. || | **TargetedUsersToProtect** | Write | StringArray[] | The TargetedUsersToProtect parameter specifies the users that are included in user impersonation protection when the EnableTargetedUserProtection parameter is set to $true. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -54,10 +56,10 @@ Ensure - Required: No (Defaults to 'Present') - Description: Specifies if the configuration should be `Present` or `Absent` -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -70,7 +72,7 @@ Identity EXOAntiPhishPolicy TestPhishPolicy { Ensure = 'Present' Identity = 'TestPolicy' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential } ``` diff --git a/EXOAntiPhishRule.md b/EXOAntiPhishRule.md index 5ee19b9..5f63862 100644 --- a/EXOAntiPhishRule.md +++ b/EXOAntiPhishRule.md @@ -16,7 +16,7 @@ | **RecipientDomainIs** | Write | StringArray[] | The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas. || | **SentTo** | Write | StringArray[] | The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient. || | **SentToMemberOf** | Write | StringArray[] | The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -43,10 +43,10 @@ Ensure - Required: No (Defaults to 'Present') - Description: Specifies if the configuration should be `Present` or `Absent` -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -59,7 +59,7 @@ Identity EXOAntiPhishRule TestPhishRule { Ensure = 'Present' Identity = 'TestRule' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AntiPhishPolicy = 'TestPolicy' Enabled = $true Priority = 0 diff --git a/EXOApplicationAccessPolicy.md b/EXOApplicationAccessPolicy.md index e617bd9..3c1736a 100644 --- a/EXOApplicationAccessPolicy.md +++ b/EXOApplicationAccessPolicy.md @@ -10,7 +10,7 @@ | **PolicyScopeGroupId** | Write | String | The PolicyScopeGroupID parameter specifies the recipient to define in the policy. You can use any value that uniquely identifies the recipient. || | **Description** | Write | String | The Description parameter specifies a description for the policy. || | **Ensure** | Write | String | Specify if the Application Access Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOAtpPolicyForO365.md b/EXOAtpPolicyForO365.md index b2fef23..0167411 100644 --- a/EXOAtpPolicyForO365.md +++ b/EXOAtpPolicyForO365.md @@ -8,12 +8,13 @@ | **Identity** | Write | String | The Identity parameter specifies the ATP policy that you want to modify. There's only one policy named Default. || | **Ensure** | Write | String | Since there is only one policy, the default policy, this must be set to 'Present' |Present| | **AllowClickThrough** | Write | Boolean | The AllowClickThrough parameter specifies whether to allow users to click through to the original blocked URL in Office 365 ProPlus. Default is $true. || +| **AllowSafeDocsOpen** | Write | Boolean | The AllowSafeDocsOpen parameter specifies whether users can click through and bypass the Protected View container even when Safe Documents identifies a file as malicious. || | **BlockUrls** | Write | StringArray[] | The BlockUrls parameter specifies the URLs that are always blocked by Safe Links scanning. You can specify multiple values separated by commas. || | **EnableATPForSPOTeamsODB** | Write | Boolean | The EnableATPForSPOTeamsODB parameter specifies whether ATP is enabled for SharePoint Online, OneDrive for Business and Microsoft Teams. Default is $false. || | **EnableSafeDocs** | Write | Boolean | The EnableSafeDocs parameter specifies whether to enable the Safe Documents feature in the organization. Default is $false. || | **EnableSafeLinksForO365Clients** | Write | Boolean | The EnableSafeLinksForO365Clients parameter specifies whether Safe Links scanning is enabled for supported Office 365 desktop, mobile, and web apps. Default is $true. || | **TrackClicks** | Write | Boolean | The TrackClicks parameter specifies whether to track user clicks related to blocked URLs. Default is $true. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -40,7 +41,7 @@ IsSingleInstance - Required: Yes - Description: Single instance resource, the value must be 'Yes' -GlobalAdminAccount +Credential - Required: Yes - Description: Credentials of the Office 365 Global Admin @@ -58,6 +59,13 @@ AllowClickThrough users to click through to the original blocked URL in Office 365 ProPlus. The default value is $true +AllowSafeDocsOpen + +- Required: No +- Description: The AllowSafeDocsOpen parameter specifies whether users can + click through and bypass the Protected View container even when Safe Documents + identifies a file as malicious. + BlockUrls - Required: No @@ -99,8 +107,9 @@ TrackClicks IsSingleInstance = 'Yes' Ensure = 'Present' Identity = 'Default' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AllowClickThrough = $true + AllowSafeDocsOpen = $true BlockUrls = @('test1.badurl.com','test2.badurl.com') EnableATPForSPOTeamsODB = $true EnableSafeDocs = $false diff --git a/EXOAvailabilityAddressSpace.md b/EXOAvailabilityAddressSpace.md index fb4f6b3..6b577b5 100644 --- a/EXOAvailabilityAddressSpace.md +++ b/EXOAvailabilityAddressSpace.md @@ -10,7 +10,7 @@ | **ForestName** | Write | String | The ForestName parameter specifies the SMTP domain name of the target forest for users whose free/busy data must be retrieved. If your users are distributed among multiple SMTP domains in the target forest, run the Add-AvailabilityAddressSpace command once for each SMTP domain. || | **TargetAutodiscoverEpr** | Write | String | The TargetAutodiscoverEpr parameter specifies the Autodiscover URL of Exchange Web Services for the external organization. Exchange uses Autodiscover to automatically detect the correct server endpoint for external requests. || | **Ensure** | Write | String | Specifies if this AvailabilityAddressSpace should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOAvailabilityConfig.md b/EXOAvailabilityConfig.md index a8c5e4e..288dd3f 100644 --- a/EXOAvailabilityConfig.md +++ b/EXOAvailabilityConfig.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **OrgWideAccount** | Key | String | Specify the OrgWideAccount for the AvailabilityConfig. || | **Ensure** | Write | String | Specify if the AvailabilityConfig should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -27,10 +27,10 @@ Ensure - Description: Specifies whether the configured AvailabilityConfig should be Present or Absent. -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with OrgWideAccount @@ -43,7 +43,7 @@ OrgWideAccount EXOAvailabilityConfig ExampleAvailabilityConfig { Ensure = 'Present' OrgWideAccount = 'johndoe' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential } ``` diff --git a/EXOCASMailboxPlan.md b/EXOCASMailboxPlan.md index 0170cb0..acfd0c4 100644 --- a/EXOCASMailboxPlan.md +++ b/EXOCASMailboxPlan.md @@ -10,7 +10,7 @@ | **ImapEnabled** | Write | Boolean | The ImapEnabled parameter enables or disables access to the mailbox by using IMAP4 clients. The default value is $true for all CAS mailbox plans except ExchangeOnlineDeskless which is $false by default. || | **OwaMailboxPolicy** | Write | String | The OwaMailboxPolicy parameter specifies the Outlook on the web (formerly known as Outlook Web App) mailbox policy for the mailbox plan. The default value is OwaMailboxPolicy-Default. You can use the Get-OwaMailboxPolicy cmdlet to view the available Outlook on the web mailbox policies. || | **PopEnabled** | Write | Boolean | The PopEnabled parameter enables or disables access to the mailbox by using POP3 clients. Default is $true. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -32,7 +32,7 @@ Ensure - Description: `Present` is the only value accepted. Configurations using `Ensure = 'Absent'` will throw an Error! -GlobalAdminAccount +Credential - Required: Yes - Description: Credentials of the Office 365 Global Admin @@ -77,7 +77,7 @@ PopEnabled EXOCASMailboxPlan CASMBPExampleConfig { Ensure = 'Present' Identity = 'ExchangeOnlineEnterprise-6f6c267b-f8db-4020-b441-f7bd966a0ca0' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential ActiveSyncEnabled = $true ImapEnabled = $true OwaMailboxPolicy = 'OwaMailboxPolicy-Default' diff --git a/EXOClientAccessRule.md b/EXOClientAccessRule.md index c88650e..4495324 100644 --- a/EXOClientAccessRule.md +++ b/EXOClientAccessRule.md @@ -19,7 +19,7 @@ | **UserRecipientFilter** | Write | String | The UserRecipientFilter parameter specifies a condition for the client access rule that uses OPath filter syntax to identify the user. || | **UsernameMatchesAnyOfPatterns** | Write | StringArray[] | The UsernameMatchesAnyOfPatterns parameter specifies a condition for the client access rule that is based on the user's account name. || | **Ensure** | Write | String | Specifies if this Client Access Rule should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -47,7 +47,7 @@ Ensure - Description: Specifies whether the configured Client Access Rule should be Present or Absent. -GlobalAdminAccount +Credential - Required: Yes - Description: Credentials of the Office 365 Global Admin @@ -210,7 +210,7 @@ UserRecipientFilter EXOClientAccessRule CliendAccessRuleExampleConfig { Ensure = 'Present' Identity = 'ExampleCASRule' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential Action = 'AllowAccess' AnyOfAuthenticationTypes = @('AdfsAuthentication', 'BasicAuthentication') AnyOfClientIPAddressesOrRanges = @('192.168.1.100', '10.1.1.0/24', '172.16.5.1-172.16.5.150') diff --git a/EXODkimSigningConfig.md b/EXODkimSigningConfig.md index 95f27cc..c257859 100644 --- a/EXODkimSigningConfig.md +++ b/EXODkimSigningConfig.md @@ -11,7 +11,7 @@ | **KeySize** | Write | UInt16 | The KeySize parameter specifies the size in bits of the public key that's used in the DKIM signing policy. The only available value is 1024. |1024| | **Enabled** | Write | Boolean | The Enabled parameter specifies whether the DKIM Signing Configuration is enabled or disabled. Default is $true. || | **Ensure** | Write | String | Specifies if this Client Access Rule should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -33,7 +33,7 @@ Ensure - Description: Specifies whether the configured Dkim Signing Config should be Present or Absent. -GlobalAdminAccount +Credential - Required: Yes - Description: Credentials of the Office 365 Global Admin @@ -94,7 +94,7 @@ KeySize EXODkimSigningConfig DkimSigningConfigExample { Ensure = 'Present' Identity = 'contoso.com' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AdminDisplayName = 'contoso.com DKIM Config' BodyCanonicalization = 'Relaxed' Enabled = $false diff --git a/EXOEmailAddressPolicy.md b/EXOEmailAddressPolicy.md index edc7314..71bb1d6 100644 --- a/EXOEmailAddressPolicy.md +++ b/EXOEmailAddressPolicy.md @@ -10,7 +10,7 @@ | **EnabledPrimarySMTPAddressTemplate** | Write | StringArray[] | The EnabledPrimarySMTPAddressTemplate parameter specifies the specifies the rule in the email address policy that's used to generate the primary SMTP email addresses for recipients. You can use this parameter instead of the EnabledEmailAddressTemplates if the policy only applies the primary email address and no additional proxy addresses. || | **ManagedByFilter** | Write | String | The ManagedByFilter parameter specifies the email address policies to apply to Office 365 groups based on the properties of the users who create the Office 365 groups. || | **Ensure** | Write | String | Specify if the Email Address Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOGlobalAddressList.md b/EXOGlobalAddressList.md index 75f756e..5805707 100644 --- a/EXOGlobalAddressList.md +++ b/EXOGlobalAddressList.md @@ -26,7 +26,7 @@ | **IncludedRecipients** | Write | StringArray[] | The IncludedRecipients parameter specifies a precanned filter that's based on the recipient type. |, AllRecipients, MailboxUsers, MailContacts, MailGroups, MailUsers, Resources| | **RecipientFilter** | Write | String | The RecipientFilter parameter specifies an OPath filter that's based on the value of any available recipient property. || | **Ensure** | Write | String | Specify if the Global Address List should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOHostedConnectionFilterPolicy.md b/EXOHostedConnectionFilterPolicy.md index b8955dc..ddbe1e8 100644 --- a/EXOHostedConnectionFilterPolicy.md +++ b/EXOHostedConnectionFilterPolicy.md @@ -11,7 +11,7 @@ | **IPBlockList** | Write | StringArray[] | The IPBlockList parameter specifies IP addresses from which messages are never allowed. Messages from the IP addresses you specify are blocked without any further spam scanning. Valid values for this parameter are: A single IP address, an IP address range, a CIDR IP. || | **MakeDefault** | Write | Boolean | The MakeDefault parameter makes the specified policy the default connection filter policy. Default is $false. || | **Ensure** | Write | String | Specifies if this Hosted Connection Filter Policy should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -33,10 +33,10 @@ Ensure - Description: `Present` is the only value accepted. Configurations using `Ensure = 'Absent'` will throw an Error! -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -87,7 +87,7 @@ IPBlockList EXOHostedConnectionFilterPolicy TestHostedConnectionFilterPolicy { Ensure = 'Present' Identity = 'TestPolicy' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AdminDisplayName = 'This policiy is a test' EnableSafeList = $true IPAllowList = @('192.168.1.100', '10.1.1.0/24', '172.16.5.1-172.16.5.150') diff --git a/EXOHostedContentFilterPolicy.md b/EXOHostedContentFilterPolicy.md index 2aaa40e..ef3501a 100644 --- a/EXOHostedContentFilterPolicy.md +++ b/EXOHostedContentFilterPolicy.md @@ -22,6 +22,7 @@ | **EndUserSpamNotificationCustomSubject** | Write | String | The EndUserSpamNotificationCustomSubject parameter specifies a custom subject for end-user spam notification messages. || | **EndUserSpamNotificationFrequency** | Write | UInt32 | The EndUserSpamNotificationFrequency parameter specifies the repeat interval in days that end-user spam notification messages are sent. Valid input for this parameter is an integer between 1 and 15. The default value is 3. || | **EndUserSpamNotificationLanguage** | Write | String | The EndUserSpamNotificationLanguage parameter specifies the language of end-user spam notification messages. The default value is Default. This means the default language of end-user spam notification messages is the default language of the cloud-based organization. |Default, English, French, German, Italian, Japanese, Spanish, Korean, Portuguese, Russian, ChineseSimplified, ChineseTraditional, Amharic, Arabic, Bulgarian, BengaliIndia, Catalan, Czech, Cyrillic, Danish, Greek, Estonian, Basque, Farsi, Finnish, Filipino, Galician, Gujarati, Hebrew, Hindi, Croatian, Hungarian, Indonesian, Icelandic, Kazakh, Kannada, Lithuanian, Latvian, Malayalam, Marathi, Malay, Dutch, NorwegianNynorsk, Norwegian, Oriya, Polish, PortuguesePortugal, Romanian, Slovak, Slovenian, SerbianCyrillic, Serbian, Swedish, Swahili, Tamil, Telugu, Thai, Turkish, Ukrainian, Urdu, Vietnamese| +| **HighConfidencePhishAction** | Write | String | The HighConfidencePhishAction parameter specifies the action to take on messages that are marked as high confidence phishing |MoveToJmf, Redirect, Quarantine| | **HighConfidenceSpamAction** | Write | String | The HighConfidenceSpamAction parameter specifies the action to take on messages that are classified as high confidence spam. |MoveToJmf, AddXHeader, ModifySubject, Redirect, Delete, Quarantine, NoAction| | **IncreaseScoreWithBizOrInfoUrls** | Write | String | The IncreaseScoreWithBizOrInfoUrls parameter increases the spam score of messages that contain links to .biz or .info domains. Valid values for this parameter are Off, On or Test. The default value is Off. |Off, On, Test| | **IncreaseScoreWithImageLinks** | Write | String | The IncreaseScoreWithImageLinks parameter increases the spam score of messages that contain image links to remote websites. Valid values for this parameter are Off, On or Test. The default value is Off. |Off, On, Test| @@ -45,7 +46,7 @@ | **ModifySubjectValue** | Write | String | The ModifySubjectValue parameter specifies the text to prepend to the existing subject of spam messages when an action parameter is set to the value ModifySubject. || | **PhishSpamAction** | Write | String | The PhishSpamAction parameter specifies the action to take on messages that are classified as phishing |MoveToJmf, AddXHeader, ModifySubject, Redirect, Delete, Quarantine, NoAction| | **QuarantineRetentionPeriod** | Write | UInt32 | The QuarantineRetentionPeriod parameter specifies the length of time in days that spam messages remain in the quarantine. Valid input for this parameter is an integer between 1 and 30. The default value is 15. || -| **RedirectToRecipients** | Write | StringArray[] | The RedirectToRecipients parameter specifies the replacement recipients in spam messages when an action parameter is set to the value Redirect. The action parameters that use the value of RedirectToRecipients are HighConfidenceSpamAction and SpamAction. || +| **RedirectToRecipients** | Write | StringArray[] | The RedirectToRecipients parameter specifies the replacement recipients in spam messages when an action parameter is set to the value Redirect. The action parameters that use the value of RedirectToRecipients are BulkSpamAction, HighConfidencePhishAction, HighConfidenceSpamAction, PhishSpamAction and SpamAction. || | **RegionBlockList** | Write | StringArray[] | The RegionBlockList parameter specifies the region to block when messages are blocked based on their source region. Valid input for this parameter is a supported ISO 3166-1 uppercase two-letter country code. You can specify multiple values separated by commas. This parameter is only used when the EnableRegionBlockList parameter is set to $true. || | **SpamAction** | Write | String | The SpamAction parameter specifies the action to take on messages that are classified as spam (not high confidence spam, bulk email, or phishing). |MoveToJmf, AddXHeader, ModifySubject, Redirect, Delete, Quarantine, NoAction| | **TestModeAction** | Write | String | The TestModeAction parameter specifies the additional action to take on messages that match any of the IncreaseScoreWith or MarkAsSpam parameters that are set to the value Test. |None, AddXHeader, BccMessage| @@ -53,7 +54,7 @@ | **PhishZapEnabled** | Write | Boolean | The PhishZapEnabled parameter enables or disables zero-hour auto purge (ZAP) to detect phishing messages in delivered messages in Exchange Online mailboxes. || | **SpamZapEnabled** | Write | Boolean | The SpamZapEnabled parameter enables or disables zero-hour auto purge (ZAP) to detect spam in delivered messages in Exchange Online mailboxes. || | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -75,10 +76,10 @@ Ensure - Description: `Present` is the only value accepted. Configurations using `Ensure = 'Absent'` will throw an Error! -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -97,7 +98,7 @@ AdminDisplayName EXOHostedContentFilterPolicy TestHostedContentFilterPolicy { Ensure = 'Present' Identity = 'TestPolicy' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AdminDisplayName = 'This policiy is a test' AddXHeaderValue = 'MyCustomSpamHeader' ModifySubjectValue = 'SPAM!' @@ -125,6 +126,7 @@ EXOHostedContentFilterPolicy TestHostedContentFilterPolicy { LanguageBlockList = @('AF', 'SQ', 'AR', 'CY', 'YI') RegionBlockList = @('AF', 'AX', 'AL', 'DZ', 'ZW') HighConfidenceSpamAction = 'Quarantine' + HighConfidencePhishAction = 'Quarantine' SpamAction = 'MoveToJmf' EnableEndUserSpamNotifications = $true DownloadLink = $false diff --git a/EXOHostedContentFilterRule.md b/EXOHostedContentFilterRule.md index b270d45..9eab7ff 100644 --- a/EXOHostedContentFilterRule.md +++ b/EXOHostedContentFilterRule.md @@ -16,7 +16,7 @@ | **SentTo** | Write | StringArray[] | The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient. || | **SentToMemberOf** | Write | StringArray[] | The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group. || | **Ensure** | Write | String | Specify if this rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -44,10 +44,10 @@ Ensure - Description: `Present` is the only value accepted. Configurations using `Ensure = 'Absent'` will throw an Error! -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -60,7 +60,7 @@ Identity EXOHostedContentFilterRule TestHostedContentFilterRule { Ensure = 'Present' Identity = 'TestRule' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential HostedContentFilterPolicy = 'TestPolicy' Enabled = $true Priority = 0 diff --git a/EXOHostedOutboundSpamFilterPolicy.md b/EXOHostedOutboundSpamFilterPolicy.md index 653e90e..87b0fb3 100644 --- a/EXOHostedOutboundSpamFilterPolicy.md +++ b/EXOHostedOutboundSpamFilterPolicy.md @@ -16,7 +16,7 @@ | **ActionWhenThresholdReached** | Write | String | The ActionWhenThresholdReached parameter specifies the action to take when any of the limits specified in the policy are reached. Valid values are: Alert, BlockUser, BlockUserForToday. BlockUserForToday is the default value. || | **AutoForwardingMode** | Write | String | The AutoForwardingMode specifies how the policy controls automatic email forwarding to outbound recipients. Valid values are: Automatic, On, Off. || | **Ensure** | Write | String | Specify if this rule should exist or not. This value must be 'Present' as the Default policy cannot be deleted. |Present| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -43,7 +43,7 @@ IsSingleInstance - Required: Yes - Description: Single instance resource, the value must be 'Yes' -GlobalAdminAccount +Credential - Required: Yes - Description: Credentials of the Office 365 Global Admin @@ -142,7 +142,7 @@ EXOHostedOutboundSpamFilterPolicy HostedOutboundSpamFilterPolicyExample { IsSingleInstance = 'Yes' Ensure = 'Present' Identity = 'Default' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AdminDisplayName = 'Default Outbound Spam Filter Policy' BccSuspiciousOutboundMail = $true BccSuspiciousOutboundAdditionalRecipients = @('admin@contoso.com') diff --git a/EXOHostedOutboundSpamFilterRule.md b/EXOHostedOutboundSpamFilterRule.md index d9a0798..59431d2 100644 --- a/EXOHostedOutboundSpamFilterRule.md +++ b/EXOHostedOutboundSpamFilterRule.md @@ -16,7 +16,7 @@ | **From** | Write | StringArray[] | The From parameter specifies a condition that looks for messages from specific senders. You can use any value that uniquely identifies the sender. || | **FromMemberOf** | Write | StringArray[] | The FromMemberOf parameter specifies a condition that looks for messages sent by group members. You can use any value that uniquely identifies the group. || | **Ensure** | Write | String | Specify if this rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -44,10 +44,10 @@ Ensure - Description: `Present` is the only value accepted. Configurations using `Ensure = 'Absent'` will throw an Error! -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -60,7 +60,7 @@ Identity EXOHostedOutboundSpamFilterRule TestHostedOutboundSpamFilterRule { Ensure = 'Present' Identity = 'TestRule' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential HostedOutboundSpamFilterPolicy = 'TestPolicy' Enabled = $true Priority = 0 diff --git a/EXOInboundConnector.md b/EXOInboundConnector.md index 0493bc7..8b31619 100644 --- a/EXOInboundConnector.md +++ b/EXOInboundConnector.md @@ -19,7 +19,7 @@ | **TlsSenderCertificateName** | Write | String | The TlsSenderCertificateName parameter specifies the certificate used by the sender's domain when the RequireTls parameter is set to $true. Valid input for the TlsSenderCertificateName parameter is an SMTP domain. || | **TreatMessagesAsInternal** | Write | Boolean | The TreatMessagesAsInternal parameter specifies an alternative method to identify messages sent from an on-premises organization as internal messages. You should only consider using this parameter when your on-premises organization doesn't use Exchange. || | **Ensure** | Write | String | Specifies if this Outbound connector should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOIntraOrganizationConnector.md b/EXOIntraOrganizationConnector.md index 7bb6fff..316983e 100644 --- a/EXOIntraOrganizationConnector.md +++ b/EXOIntraOrganizationConnector.md @@ -9,7 +9,7 @@ | **Enabled** | Write | Boolean | Specifies whether connector is enabled. || | **TargetAddressDomains** | Write | StringArray[] | The TargetAddressDomains parameter specifies the domain namespaces that will be used in the Intra-organization connector. These domains must have valid Autodiscover endpoints defined in their organizations. The domains and their associated Autodiscover endpoints are used by the Intra-Organization connector for feature and service connectivity. You can specify multiple domains separated by commas. || | **Ensure** | Write | String | Specifies if this Intra-Organization connector should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOJournalRule.md b/EXOJournalRule.md index 3107a30..3c3ee64 100644 --- a/EXOJournalRule.md +++ b/EXOJournalRule.md @@ -10,7 +10,7 @@ | **Enabled** | Write | Boolean | Specifies whether the Journal Rule is enabled or not. || | **RuleScope** | Write | String | The Scope parameter specifies the scope of email messages to which the journal rule is applied |Global, Internal, External| | **Ensure** | Write | String | Present ensures the rule exists, Absent that it does not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -44,7 +44,7 @@ Configuration Example { Enabled = $True; Ensure = "Present"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; JournalEmailAddress = "John.Smith@contoso.com"; Name = "Send to John" RuleScope = "Global"; diff --git a/EXOMailTips.md b/EXOMailTips.md index 88fb09c..3b7c162 100644 --- a/EXOMailTips.md +++ b/EXOMailTips.md @@ -11,7 +11,7 @@ | **MailTipsMailboxSourcedTipsEnabled** | Write | Boolean | Specifies whether MailTips that rely on mailbox data (out-of-office or full mailbox) are enabled. || | **MailTipsExternalRecipientsTipsEnabled** | Write | Boolean | Specifies whether MailTips for external recipients are enabled. || | **Ensure** | Write | String | |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -50,7 +50,7 @@ Configuration Example MailTipsMailboxSourcedTipsEnabled = $True MailTipsExternalRecipientsTipsEnabled = $True Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/EXOMailboxSettings.md b/EXOMailboxSettings.md index 8e8bfc0..ba8cf8a 100644 --- a/EXOMailboxSettings.md +++ b/EXOMailboxSettings.md @@ -8,7 +8,7 @@ | **TimeZone** | Write | String | The name of the Time Zone to assign to the mailbox || | **Locale** | Write | String | The code of the Locale to assign to the mailbox || | **Ensure** | Write | String | Present ensures the Mailbox Settings are applied |Present| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -52,7 +52,7 @@ Configuration Example TimeZone = "Eastern Standard Time" Locale = "fr-CA" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/EXOMalwareFilterPolicy.md b/EXOMalwareFilterPolicy.md index ba739f5..d24fa67 100644 --- a/EXOMalwareFilterPolicy.md +++ b/EXOMalwareFilterPolicy.md @@ -26,7 +26,7 @@ | **MakeDefault** | Write | Boolean | MakeDefault makes this malware filter policy the default policy. Valid values are: $true|$false. || | **ZapEnabled** | Write | Boolean | The ZapEnabled parameter enables or disables zero-hour auto purge (ZAP) for malware. ZAP detects malware in unread messages that have already been delivered to the user's Inbox. Valid values are: $true|$false. || | **Ensure** | Write | String | Specifies if this MalwareFilterPolicy should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOMalwareFilterRule.md b/EXOMalwareFilterRule.md index f1ef5af..a81d196 100644 --- a/EXOMalwareFilterRule.md +++ b/EXOMalwareFilterRule.md @@ -16,7 +16,7 @@ | **SentTo** | Write | StringArray[] | The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient. || | **SentToMemberOf** | Write | StringArray[] | The SentToMemberOf parameter specifies a condition that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You can use any value that uniquely identifies the group. || | **Ensure** | Write | String | Specifies if the Malware Filter Rule should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOManagementRole.md b/EXOManagementRole.md index e334bae..866f78b 100644 --- a/EXOManagementRole.md +++ b/EXOManagementRole.md @@ -8,7 +8,7 @@ | **Parent** | Key | String | The Parent parameter specifies the identity of the role to copy. Mandatory for management role creation/update or when Ensure=Present. Non-mandatory for Ensure=Absent || | **Description** | Write | String | The Description parameter specifies the description that's displayed when the management role is viewed using the Get-ManagementRole cmdlet. || | **Ensure** | Write | String | Specify if the Management Role should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOMobileDeviceMailboxPolicy.md b/EXOMobileDeviceMailboxPolicy.md index 090a03e..6747dfb 100644 --- a/EXOMobileDeviceMailboxPolicy.md +++ b/EXOMobileDeviceMailboxPolicy.md @@ -60,7 +60,7 @@ | **UNCAccessEnabled** | Write | Boolean | The UNCAccessEnabled parameter specifies whether access to Microsoft Windows file shares is enabled from the mobile device. || | **WSSAccessEnabled** | Write | Boolean | The WSSAccessEnabled parameter specifies whether access to Microsoft Windows SharePoint Services is enabled from the mobile device. || | **Ensure** | Write | String | Specify if the Mobile Device Mailbox Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOOfflineAddressBook.md b/EXOOfflineAddressBook.md index 1bf2402..1898282 100644 --- a/EXOOfflineAddressBook.md +++ b/EXOOfflineAddressBook.md @@ -10,7 +10,7 @@ | **DiffRetentionPeriod** | Write | String | The DiffRetentionPeriod parameter specifies the number of days that the OAB difference files are stored on the server. || | **IsDefault** | Write | Boolean | The IsDefault parameter specifies whether the OAB is used by all mailboxes and mailbox databases that don't have an OAB specified. || | **Ensure** | Write | String | Specify if the Offline Address Book should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOOnPremisesOrganization.md b/EXOOnPremisesOrganization.md index 945cce0..104c416 100644 --- a/EXOOnPremisesOrganization.md +++ b/EXOOnPremisesOrganization.md @@ -13,7 +13,7 @@ | **OrganizationRelationship** | Write | String | The OrganizationRelationship parameter specifies the organization relationship configured by the Hybrid Configuration wizard on the Office 365 tenant as part of a hybrid deployment with an on-premises Exchange organization. This organization relationship defines the federated sharing features enabled on the Office 365 tenant. || | **Comment** | Write | String | The Comment parameter specifies an optional comment. || | **Ensure** | Write | String | Specify if the On-Premises Organization should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOOrganizationConfig.md b/EXOOrganizationConfig.md index 6ecc7c9..17c1052 100644 --- a/EXOOrganizationConfig.md +++ b/EXOOrganizationConfig.md @@ -68,7 +68,7 @@ | **VisibleMeetingUpdateProperties** | Write | String | The VisibleMeetingUpdateProperties parameter specifies whether meeting message updates will be auto-processed on behalf of attendees. Auto-processed updates are applied to the attendee's calendar item, and then the meeting message is moved to the deleted items. The attendee never sees the update in their inbox, but their calendar is updated. || | **WebPushNotificationsDisabled** | Write | Boolean | The WebPushNotificationsDisabled parameter specifies whether to enable or disable Web Push Notifications in Outlook on the Web. This feature provides web push notifications which appear on a user's desktop while the user is not using Outlook on the Web. This brings awareness of incoming messages while they are working elsewhere on their computer. || | **WebSuggestedRepliesDisabled** | Write | Boolean | The WebSuggestedRepliesDisabled parameter specifies whether to enable or disable Suggested Replies in Outlook on the web. This feature provides suggested replies to emails so users can easily and quickly respond to messages. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -130,7 +130,7 @@ Configuration Example DefaultPublicFolderAgeLimit = $null; OutlookMobileGCCRestrictionsEnabled = $False; ActivityBasedAuthenticationTimeoutEnabled = $True; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; ConnectorsEnabledForYammer = $True; HierarchicalAddressBookRoot = $null; DefaultPublicFolderMaxItemSize = "13 KB (13,312 bytes)"; diff --git a/EXOOrganizationRelationship.md b/EXOOrganizationRelationship.md index cfd8852..854cd8b 100644 --- a/EXOOrganizationRelationship.md +++ b/EXOOrganizationRelationship.md @@ -23,7 +23,7 @@ | **TargetOwaURL** | Write | String | The TargetOwaURL parameter specifies the Outlook on the web (formerly Outlook Web App) URL of the external organization that's defined in the organization relationship. It is used for Outlook on the web redirection in a cross-premise Exchange scenario. Configuring this attribute enables users in the organization to use their current Outlook on the web URL to access Outlook on the web in the external organization. || | **TargetSharingEpr** | Write | String | The TargetSharingEpr parameter specifies the URL of the target Exchange Web Services for the external organization. || | **Ensure** | Write | String | Specify if the OrganizationRelationship should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOOutboundConnector.md b/EXOOutboundConnector.md index 73f8f4a..409e110 100644 --- a/EXOOutboundConnector.md +++ b/EXOOutboundConnector.md @@ -21,7 +21,7 @@ | **TestMode** | Write | Boolean | The TestMode parameter specifies whether you want to enabled or disable test mode for the Outbound connector. Valid values are: $true | $false (default) || | **ValidationRecipients** | Write | StringArray[] | The ValidationRecipients parameter specifies the email addresses of the validation recipients for the Outbound connector. You can specify multiple email addresses separated by commas. || | **Ensure** | Write | String | Specifies if this Outbound connector should exist. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOOwaMailboxPolicy.md b/EXOOwaMailboxPolicy.md index eef9d77..b6a7340 100644 --- a/EXOOwaMailboxPolicy.md +++ b/EXOOwaMailboxPolicy.md @@ -81,7 +81,7 @@ | **WeatherEnabled** | Write | Boolean | The WeatherEnabled parameter specifies whether to enable or disable weather information in the calendar in Outlook on the web. || | **WebPartsFrameOptionsType** | Write | String | The WebPartsFrameOptionsType parameter specifies what sources can access web parts in IFRAME or FRAME elements in Outlook on the web. |None, SameOrigin, Deny| | **Ensure** | Write | String | Specify if the OWA Mailbox Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOPartnerApplication.md b/EXOPartnerApplication.md index 4bed510..c9ad4db 100644 --- a/EXOPartnerApplication.md +++ b/EXOPartnerApplication.md @@ -11,7 +11,7 @@ | **Enabled** | Write | Boolean | The Enabled parameter specifies whether the partner application is enabled. || | **LinkedAccount** | Write | String | The LinkedAccount parameter specifies a linked Active Directory user account for the application. || | **Ensure** | Write | String | Specify if the Partner Application should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOPolicyTipConfig.md b/EXOPolicyTipConfig.md index 7f8c608..dd183da 100644 --- a/EXOPolicyTipConfig.md +++ b/EXOPolicyTipConfig.md @@ -7,7 +7,7 @@ | **Name** | Key | String | The Name parameter specifies the custom Policy Tip you want to modify. || | **Value** | Write | String | The Value parameter specifies the text that's displayed by the Policy Tip. || | **Ensure** | Write | String | Specify if the Policy Tip Config should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXORemoteDomain.md b/EXORemoteDomain.md index db943d2..9bae8f5 100644 --- a/EXORemoteDomain.md +++ b/EXORemoteDomain.md @@ -27,7 +27,7 @@ | **TrustedMailInboundEnabled** | Write | Boolean | The TrustedMailInboundEnabled parameter specifies whether messages from senders in the remote domain are treated as trusted messages. || | **TrustedMailOutboundEnabled** | Write | Boolean | The TrustedMailOutboundEnabled parameter specifies whether messages sent to recipients in the remote domain are treated as trusted messages. || | **UseSimpleDisplayName** | Write | Boolean | The UseSimpleDisplayName parameter specifies whether the sender's simple display name is used for the From email address in messages sent to recipients in the remote domain. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXORoleAssignmentPolicy.md b/EXORoleAssignmentPolicy.md index 72d2275..2ef98db 100644 --- a/EXORoleAssignmentPolicy.md +++ b/EXORoleAssignmentPolicy.md @@ -9,7 +9,7 @@ | **IsDefault** | Write | Boolean | The IsDefault switch makes the assignment policy the default assignment policy. || | **Roles** | Write | StringArray[] | The Roles parameter specifies the management roles to assign to the role assignment policy when it's created. || | **Ensure** | Write | String | Specify if the Role Assignment Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOSafeAttachmentPolicy.md b/EXOSafeAttachmentPolicy.md index c6fa1ac..703e4fc 100644 --- a/EXOSafeAttachmentPolicy.md +++ b/EXOSafeAttachmentPolicy.md @@ -12,7 +12,7 @@ | **Redirect** | Write | Boolean | The Redirect parameter specifies whether to send detected malware attachments to another email address. Valid values are: $true: Malware attachments are sent to the email address specified by the RedirectAddress parameter. $false: Malware attachments aren't sent to another email address. This is the default value. || | **RedirectAddress** | Write | String | The RedirectAddress parameter specifies the email address where detected malware attachments are sent when the Redirect parameter is set to the value $true. || | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -33,7 +33,7 @@ Ensure - Required: No (Defaults to 'Present') - Description: Specifies if the configuration should exist or not -GlobalAdminAccount +Credential - Required: Yes - Description: Credentials of the Office 365 Global Admin @@ -105,7 +105,7 @@ RedirectAddress EXOSafeAttachmentPolicy SafeAttachmentPolicyExample { Ensure = 'Present' Identity = 'TestSafeAttachmentPolicy' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AdminDisplayName = 'Test Safe Attachment Policy' Action = 'Block' Enable = $true diff --git a/EXOSafeAttachmentRule.md b/EXOSafeAttachmentRule.md index 18e5b55..c19d86d 100644 --- a/EXOSafeAttachmentRule.md +++ b/EXOSafeAttachmentRule.md @@ -16,7 +16,7 @@ | **SentTo** | Write | StringArray[] | The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient. || | **SentToMemberOf** | Write | StringArray[] | The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group. || | **Ensure** | Write | String | Specify if this rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -43,10 +43,10 @@ Ensure - Description: Specifies if the configuration should be `Present` or `Absent` -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -59,7 +59,7 @@ Identity EXOSafeAttachmentRule TestSafeAttachmentRule { Ensure = 'Present' Identity = 'TestRule' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential SafeAttachmentPolicy = 'TestPolicy' Enabled = $true Priority = 0 diff --git a/EXOSafeLinksPolicy.md b/EXOSafeLinksPolicy.md index e79b198..112a873 100644 --- a/EXOSafeLinksPolicy.md +++ b/EXOSafeLinksPolicy.md @@ -6,16 +6,19 @@ | --- | --- | --- | --- | --- | | **Identity** | Key | String | The Identity parameter specifies the SafeLinks policy that you want to modify. || | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| -| **AdminDisplayName** | Write | String | The AdminDisplayName parameter specifies a description for the policy. || +| **AdminDisplayName** | Write | String | The AdminDisplayName parameter specifies a description for the policy. || +| **CustomNotificationText** | Write | String | The custom notification text specifies the customized notification text to show to users. || | **DeliverMessageAfterScan** | Write | Boolean | The DeliverMessageAfterScan parameter specifies whether to deliver email messages only after Safe Links scanning is complete. Valid values are: $true: Wait until Safe Links scanning is complete before delivering the message. $false: If Safe Links scanning can't complete, deliver the message anyway. This is the default value. || | **DoNotAllowClickThrough** | Write | Boolean | The DoNotAllowClickThrough parameter specifies whether to allow users to click through to the original URL. Valid values are: $true: The user isn't allowed to click through to the original URL. This is the default value. $false: The user is allowed to click through to the original URL. || | **DoNotRewriteUrls** | Write | StringArray[] | The DoNotRewriteUrls parameter specifies a URL that's skipped by Safe Links scanning. You can specify multiple values separated by commas. || | **DoNotTrackUserClicks** | Write | Boolean | The DoNotTrackUserClicks parameter specifies whether to track user clicks related to links in email messages. Valid values are: $true: User clicks aren't tracked. This is the default value. $false: User clicks are tracked. || -| **EnableForInternalSenders** | Write | Boolean | EnableForInternalSenders $true or $false || +| **EnableForInternalSenders** | Write | Boolean | The EnableForInternalSenders parameter specifies whether the Safe Links policy is applied to messages sent between internal senders and internal recipients within the same Exchange Online organization. || +| **EnableOrganizationBranding** | Write | Boolean | The EnableOrganizationBranding parameter specifies whether your organization's logo is displayed on Safe Links warning and notification pages. || | **EnableSafeLinksForTeams** | Write | Boolean | The EnableSafeLinksForTeams parameter specifies whether Safe Links is enabled for Microsoft Teams. Valid values are: $true: Safe Links is enabled for Teams. If a protected user clicks a malicious link in a Teams conversation, group chat, or from channels, a warning page will appear in the default web browser. $false: Safe Links isn't enabled for Teams. This is the default value. || | **IsEnabled** | Write | Boolean | This parameter specifies whether the rule or policy is enabled. || | **ScanUrls** | Write | Boolean | The ScanUrls parameter specifies whether to enable or disable the scanning of links in email messages. Valid values are: $true: Scanning links in email messages is enabled. $false: Scanning links in email messages is disabled. This is the default value. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **UseTranslatedNotificationText** | Write | Boolean | The UseTranslatedNotificationText specifies whether to use Microsoft Translator to automatically localize the custom notification text that you specified with the CustomNotificationText parameter. || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -36,7 +39,7 @@ Ensure - Required: No (Defaults to 'Present') - Description: Specifies if the configuration should exist or not -GlobalAdminAccount +Credential - Required: Yes - Description: Credentials of the Office 365 Global Admin @@ -53,6 +56,12 @@ AdminDisplayName - Description: The AdminDisplayName parameter specifies a description for the policy. +CustomNotificationText + +- Required: No +- Description: The custom notification text specifies the customized + notification text to show to users + DeliverMessageAfterScan - Required: No @@ -93,6 +102,13 @@ EnableForInternalSenders - Description: This parameter specifies whether the policy is enabled for internal senders. $true or $false +EnableOrganizationBranding + +- Required: No +- Description: The EnableOrganizationBranding parameter specifies whether + your organization's logo is displayed on Safe Links warning and + notification pages. + EnableSafeLinksForTeams - Required: No @@ -118,13 +134,20 @@ ScanUrls $false: Scanning links in email messages is disabled. This is the default value. +UseTranslatedNotificationText + +- Required: No +- Description: The UseTranslatedNotificationText specifies whether to use + Microsoft Translator to automatically localize the custom notification text + that you specified with the CustomNotificationText parameter. + ## Example ```PowerShell EXOSafeLinksPolicy SafeLinksPolicyExample { Ensure = 'Present' Identity = 'TestSafeLinksPolicy' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential AdminDisplayName = 'Test SafeLinks Policy' DoNotAllowClickThrough = $true DoNotRewriteUrls = @('test.contoso.com', 'test.fabrikam.com') diff --git a/EXOSafeLinksRule.md b/EXOSafeLinksRule.md index 4e8da2e..5e7f8b1 100644 --- a/EXOSafeLinksRule.md +++ b/EXOSafeLinksRule.md @@ -16,7 +16,7 @@ | **RecipientDomainIs** | Write | StringArray[] | The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas. || | **SentTo** | Write | StringArray[] | The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient. || | **SentToMemberOf** | Write | StringArray[] | The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -42,10 +42,10 @@ Ensure - Required: No (Defaults to 'Present') - Description: Specifies if the configuration should be `Present` or `Absent` -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of an Office365 Global Admin +- Description: Credentials of the account to authenticate with Identity @@ -58,7 +58,7 @@ Identity EXOSafeLinksRule TestSafeLinksRule { Ensure = 'Present' Identity = 'TestRule' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential SafeLinksPolicy = 'TestSafeLinksPolicy' Enabled = $true Priority = 0 diff --git a/EXOSharedMailbox.md b/EXOSharedMailbox.md index 892b096..e365c19 100644 --- a/EXOSharedMailbox.md +++ b/EXOSharedMailbox.md @@ -8,7 +8,7 @@ | **PrimarySMTPAddress** | Write | String | The primary email address of the Shared Mailbox || | **Aliases** | Write | StringArray[] | Aliases for the Shared Mailbox || | **Ensure** | Write | String | Present ensures the group exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -44,7 +44,7 @@ Configuration Example PrimarySMTPAddress = "Test@O365DSC1.onmicrosoft.com" Aliases = @("Joufflu@o365dsc1.onmicrosoft.com", "Gilles@O365dsc1.onmicrosoft.com") Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/EXOSharingPolicy.md b/EXOSharingPolicy.md index bf694c8..1e50cc7 100644 --- a/EXOSharingPolicy.md +++ b/EXOSharingPolicy.md @@ -9,7 +9,7 @@ | **Enabled** | Write | Boolean | The Enabled parameter specifies whether to enable the sharing policy. Valid values for this parameter are $true or $false. || | **Domains** | Write | StringArray[] | The Domains parameter specifies domains to which this policy applies and the sharing policy action. || | **Ensure** | Write | String | Specify if the Sharing Policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/EXOTransportRule.md b/EXOTransportRule.md index c82386b..c8ebb9c 100644 --- a/EXOTransportRule.md +++ b/EXOTransportRule.md @@ -171,7 +171,7 @@ | **SubjectOrBodyMatchesPatterns** | Write | StringArray[] | The SubjectOrBodyMatchesPatterns parameter specifies a condition that looks for text patterns in the Subject field or body of messages. || | **WithImportance** | Write | String | The WithImportance parameter specifies a condition that looks for messages with the specified importance level. |Low, Normal, High| | **Ensure** | Write | String | Specify if the Transport Rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || diff --git a/IntuneAppConfigurationPolicy.md b/IntuneAppConfigurationPolicy.md index 5ee8ebe..f473e6e 100644 --- a/IntuneAppConfigurationPolicy.md +++ b/IntuneAppConfigurationPolicy.md @@ -4,13 +4,17 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | +| **name** | Write | String | Name of the custom setting. || +| **value** | Write | String | Value of the custom setting. || | **DisplayName** | Key | String | Display name of the app configuration policy. || | **Description** | Write | String | Description of the app configuration policy. || +| **CustomSettings** | Write | InstanceArray[] | Custom settings for the app cnfiguration policy. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneAppConfigurationPolicy @@ -40,7 +44,7 @@ Configuration Example DisplayName = 'Contoso' Description = 'Contoso Policy' Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } @@ -67,7 +71,7 @@ Configuration Example DisplayName = 'Contoso' Description = 'Contoso Policy' Ensure = 'Absent' - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneAppProtectionPolicyiOS.md b/IntuneAppProtectionPolicyiOS.md index e9e2deb..d47467d 100644 --- a/IntuneAppProtectionPolicyiOS.md +++ b/IntuneAppProtectionPolicyiOS.md @@ -31,10 +31,11 @@ | **Assignments** | Write | StringArray[] | List of IDs of the groups assigned to this iOS Protection Policy. || | **ExcludedGroups** | Write | StringArray[] | List of IDs of the groups that are excluded from this iOS Protection Policy. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceConfigurationPolicyiOS @@ -88,7 +89,7 @@ Configuration Example SaveAsBlocked = $True; SimplePinBlocked = $False; Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceCategory.md b/IntuneDeviceCategory.md index 7e94db8..e91c105 100644 --- a/IntuneDeviceCategory.md +++ b/IntuneDeviceCategory.md @@ -7,10 +7,11 @@ | **DisplayName** | Key | String | Display name of the device category. || | **Description** | Write | String | Description of the device category. || | **Ensure** | Write | String | Present ensures the category exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceCategory @@ -40,7 +41,7 @@ Configuration Example DisplayName = "Contoso" Description = "Contoso Category" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceCompliancePolicyAndroid.md b/IntuneDeviceCompliancePolicyAndroid.md index f59cb03..916f9fc 100644 --- a/IntuneDeviceCompliancePolicyAndroid.md +++ b/IntuneDeviceCompliancePolicyAndroid.md @@ -35,10 +35,11 @@ | **RestrictedApps** | Write | String | RestrictedApps of the Android device compliance policy. || | **RoleScopeTagIds** | Write | String | RoleScopeTagIds of the Android device compliance policy. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneAndroidDeviceCompliancePolicy ### Description @@ -229,7 +230,7 @@ IntuneDeviceCompliancePolicyAndroid a58cdba9-c410-4ba4-b7d2-3a09593b5d84 DeviceThreatProtectionRequiredSecurityLevel = "unavailable"; DisplayName = "Compliance Android"; Ensure = "Present"; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; osMinimumVersion = "7"; PasswordExpirationDays = 90; PasswordMinimumLength = 6; @@ -275,7 +276,7 @@ Configuration Example DeviceThreatProtectionRequiredSecurityLevel = "unavailable"; DisplayName = "Test Policy"; Ensure = "Present"; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; osMinimumVersion = "7"; PasswordExpirationDays = 90; PasswordMinimumLength = 6; @@ -318,7 +319,7 @@ Configuration Example { DisplayName = "Test Android Device Compliance Policy" Ensure = "Absent" - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceCompliancePolicyAndroidWorkProfile.md b/IntuneDeviceCompliancePolicyAndroidWorkProfile.md index ee99c01..65f9181 100644 --- a/IntuneDeviceCompliancePolicyAndroidWorkProfile.md +++ b/IntuneDeviceCompliancePolicyAndroidWorkProfile.md @@ -31,10 +31,11 @@ | **SecurityRequireCompanyPortalAppIntegrity** | Write | Boolean | SecurityRequireCompanyPortalAppIntegrity of the AndroidWorkProfile device compliance policy. || | **RoleScopeTagIds** | Write | String | RoleScopeTagIds of the AndroidWorkProfile device compliance policy. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceCompliancePolicyAndroidWorkProfile @@ -183,7 +184,7 @@ IntuneDeviceCompliancePolicyAndroidDeviceOwner f7d82525-b7c0-475c-9d5e-16fafdfa4 DeviceThreatProtectionRequiredSecurityLevel = "unavailable"; DisplayName = "DeviceOwner"; Ensure = "Present"; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; PasswordExpirationDays = 90; PasswordMinimumLength = 6; PasswordMinutesOfInactivityBeforeLock = 5; @@ -227,7 +228,7 @@ Configuration Example DeviceThreatProtectionRequiredSecurityLevel = "unavailable"; DisplayName = "Test Policy"; Ensure = "Present"; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; PasswordExpirationDays = 90; PasswordMinimumLength = 6; PasswordMinutesOfInactivityBeforeLock = 5; @@ -268,7 +269,7 @@ Configuration Example { DisplayName = "Test Android Work Profile Device Compliance Policy" Ensure = "Absent" - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceCompliancePolicyMacOS.md b/IntuneDeviceCompliancePolicyMacOS.md index 2761a6e..4fd33d4 100644 --- a/IntuneDeviceCompliancePolicyMacOS.md +++ b/IntuneDeviceCompliancePolicyMacOS.md @@ -24,10 +24,11 @@ | **FirewallBlockAllIncoming** | Write | Boolean | FirewallBlockAllIncoming of the MacOS device compliance policy. || | **FirewallEnableStealthMode** | Write | Boolean | FirewallEnableStealthMode of the MacOS device compliance policy. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceCompliancePolicyMacOS @@ -153,7 +154,7 @@ For more information, see Gatekeeper on macOS. FirewallBlockAllIncoming = $False; FirewallEnableStealthMode = $False; Ensure = 'Present'; - GlobalAdminAccount = $GlobalAdminAccount; + Credential = $Credential; } ``` @@ -198,7 +199,7 @@ Configuration Example FirewallBlockAllIncoming = $False; FirewallEnableStealthMode = $False; Ensure = 'Present'; - GlobalAdminAccount = $GlobalAdminAccount; + Credential = $Credential; } } } @@ -224,7 +225,7 @@ Configuration Example { DisplayName = 'Demo MacOS Device Compliance Policy'; Ensure = 'Absent'; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceCompliancePolicyWindows10.md b/IntuneDeviceCompliancePolicyWindows10.md index c5ea2bb..daca4cb 100644 --- a/IntuneDeviceCompliancePolicyWindows10.md +++ b/IntuneDeviceCompliancePolicyWindows10.md @@ -39,10 +39,11 @@ | **DeviceCompliancePolicyScript** | Write | String | DeviceCompliancePolicyScript of the Windows 10 device compliance policy. || | **ValidOperatingSystemBuildRanges** | Write | StringArray[] | ValidOperatingSystemBuildRanges of the Windows 10 device compliance policy. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceCompliancePolicyWindows10 @@ -289,7 +290,7 @@ Surface Hubs that run Windows 10 Team OS do not support the Microsoft Defender f deviceCompliancePolicyScript = $null; ValidOperatingSystemBuildRanges = []; Ensure = 'Present'; - GlobalAdminAccount = $GlobalAdminAccount; + Credential = $Credential; } ``` @@ -348,9 +349,9 @@ Configuration Example ConfigurationManagerComplianceRequired = $False; TPMRequired = $False; deviceCompliancePolicyScript = $null; - ValidOperatingSystemBuildRanges = []; + ValidOperatingSystemBuildRanges = @(); Ensure = 'Present'; - GlobalAdminAccount = $GlobalAdminAccount; + Credential = $Credential; } } } @@ -376,7 +377,7 @@ Configuration Example { DisplayName = 'Demo Windows 10 Device Compliance Policy'; Ensure = 'Absent'; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceCompliancePolicyiOs.md b/IntuneDeviceCompliancePolicyiOs.md index 9f27826..b0630f2 100644 --- a/IntuneDeviceCompliancePolicyiOs.md +++ b/IntuneDeviceCompliancePolicyiOs.md @@ -21,10 +21,11 @@ | **DeviceThreatProtectionRequiredSecurityLevel** | Write | String | DeviceThreatProtectionRequiredSecurityLevel of the iOS device compliance policy. || | **ManagedEmailProfileRequired** | Write | Boolean | ManagedEmailProfileRequired of the iOS device compliance policy. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceCompliancePolicyiOs @@ -68,7 +69,7 @@ Configuration Example DeviceThreatProtectionRequiredSecurityLevel = 'medium' ManagedEmailProfileRequired = $True Ensure = 'Present' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential } } @@ -95,7 +96,7 @@ Configuration Example { DisplayName = 'Demo iOS Device Compliance Policy' Ensure = 'Absent' - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceConfigurationPolicyWindows10.md b/IntuneDeviceConfigurationPolicyWindows10.md new file mode 100644 index 0000000..08d666e --- /dev/null +++ b/IntuneDeviceConfigurationPolicyWindows10.md @@ -0,0 +1,419 @@ +# IntuneDeviceConfigurationPolicyWindows10 + +## Parameters + +| Parameter | Attribute | DataType | Description | Allowed Values | +| --- | --- | --- | --- | --- | +| **DisplayName** | Key | String | Description of the device configuration policy for Windows 10. || +| **Description** | Write | String | Display name of the device configuration policy for Windows 10. || +| **EnterpriseCloudPrintDiscoveryEndPoint** | Write | String | Endpoint for discovering cloud printers. || +| **EnterpriseCloudPrintOAuthAuthority** | Write | String | Authentication endpoint for acquiring OAuth tokens. || +| **EnterpriseCloudPrintOAuthClientIdentifier** | Write | String | GUID of a client application authorized to retrieve OAuth tokens from the OAuth Authority. || +| **EnterpriseCloudPrintResourceIdentifier** | Write | String | OAuth resource URI for print service as configured in the Azure portal. || +| **EnterpriseCloudPrintDiscoveryMaxLimit** | Write | UInt64 | Maximum number of printers that should be queried from a discovery endpoint. This is a mobile only setting. Valid values 1 to 65535 || +| **EnterpriseCloudPrintMopriaDiscoveryResourceIdentifier** | Write | String | OAuth resource URI for printer discovery service as configured in Azure portal. || +| **SearchBlockDiacritics** | Write | Boolean | Specifies if search can use diacritics. || +| **SearchDisableAutoLanguageDetection** | Write | Boolean | Specifies whether to use automatic language detection when indexing content and properties. || +| **SearchDisableIndexingEncryptedItems** | Write | Boolean | Indicates whether or not to block indexing of WIP-protected items to prevent them from appearing in search results for Cortana or Explorer. || +| **SearchEnableRemoteQueries** | Write | Boolean | Indicates whether or not to block remote queries of this computer's index. || +| **SearchDisableIndexerBackoff** | Write | Boolean | Indicates whether or not to disable the search indexer backoff feature. || +| **SearchDisableIndexingRemovableDrive** | Write | Boolean | Indicates whether or not to allow users to add locations on removable drives to libraries and to be indexed. || +| **SearchEnableAutomaticIndexSizeManangement** | Write | Boolean | Specifies minimum amount of hard drive space on the same drive as the index location before indexing stops. || +| **DiagnosticsDataSubmissionMode** | Write | String | Gets or sets a value allowing the device to send diagnostic and usage telemetry data, such as Watson. Possible values are: userDefined, none, basic, enhanced, full. || +| **OneDriveDisableFileSync** | Write | Boolean | Gets or sets a value allowing IT admins to prevent apps and features from working with files on OneDrive. || +| **SmartScreenEnableAppInstallControl** | Write | Boolean | This property will be deprecated in July 2019 and will be replaced by property SmartScreenAppInstallControl. Allows IT Admins to control whether users are allowed to install apps from places other than the Store. || +| **PersonalizationDesktopImageUrl** | Write | String | A http or https Url to a jpg, jpeg or png image that needs to be downloaded and used as the Desktop Image or a file Url to a local image on the file system that needs to used as the Desktop Image. || +| **PersonalizationLockScreenImageUrl** | Write | String | A http or https Url to a jpg, jpeg or png image that neeeds to be downloaded and used as the Lock Screen Image or a file Url to a local image on the file system that needs to be used as the Lock Screen Image. || +| **BluetoothAllowedServices** | Write | StringArray[] | Specify a list of allowed Bluetooth services and profiles in hex formatted strings. || +| **BluetoothBlockAdvertising** | Write | Boolean | Whether or not to Block the user from using bluetooth advertising. || +| **BluetoothBlockDiscoverableMode** | Write | Boolean | Whether or not to Block the user from using bluetooth discoverable mode. || +| **BluetoothBlockPrePairing** | Write | Boolean | Whether or not to block specific bundled Bluetooth peripherals to automatically pair with the host device. || +| **EdgeBlockAutofill** | Write | Boolean | Indicates whether or not to block auto fill. || +| **EdgeBlocked** | Write | Boolean | Indicates whether or not to Block the user from using the Edge browser. || +| **EdgeCookiePolicy** | Write | String | Indicates which cookies to block in the Edge browser. Possible values are: userDefined, allow, blockThirdParty, blockAll. || +| **EdgeBlockDeveloperTools** | Write | Boolean | Indicates whether or not to block developer tools in the Edge browser. || +| **EdgeBlockSendingDoNotTrackHeader** | Write | Boolean | Indicates whether or not to Block the user from sending the do not track header. || +| **EdgeBlockExtensions** | Write | Boolean | Indicates whether or not to block extensions in the Edge browser. || +| **EdgeBlockInPrivateBrowsing** | Write | Boolean | Indicates whether or not to block InPrivate browsing on corporate networks, in the Edge browser. || +| **EdgeBlockJavaScript** | Write | Boolean | Indicates whether or not to Block the user from using JavaScript. || +| **EdgeBlockPasswordManager** | Write | Boolean | Indicates whether or not to Block password manager. || +| **EdgeBlockAddressBarDropdown** | Write | Boolean | Block the address bar dropdown functionality in Microsoft Edge. Disable this settings to minimize network connections from Microsoft Edge to Microsoft services. || +| **EdgeBlockCompatibilityList** | Write | Boolean | Block Microsoft compatibility list in Microsoft Edge. This list from Microsoft helps Edge properly display sites with known compatibility issues. || +| **EdgeClearBrowsingDataOnExit** | Write | Boolean | Clear browsing data on exiting Microsoft Edge. || +| **EdgeAllowStartPagesModification** | Write | Boolean | Allow users to change Start pages on Edge. Use the EdgeHomepageUrls to specify the Start pages that the user would see by default when they open Edge. || +| **EdgeDisableFirstRunPage** | Write | Boolean | Block the Microsoft web page that opens on the first use of Microsoft Edge. This policy allows enterprises, like those enrolled in zero emissions configurations, to block this page. || +| **EdgeBlockLiveTileDataCollection** | Write | Boolean | Block the collection of information by Microsoft for live tile creation when users pin a site to Start from Microsoft Edge. || +| **EdgeSyncFavoritesWithInternetExplorer** | Write | Boolean | Enable favorites sync between Internet Explorer and Microsoft Edge. Additions, deletions, modifications and order changes to favorites are shared between browsers. || +| **CellularBlockDataWhenRoaming** | Write | Boolean | Whether or not to Block the user from using data over cellular while roaming. || +| **CellularBlockVpn** | Write | Boolean | Whether or not to Block the user from using VPN over cellular. || +| **CellularBlockVpnWhenRoaming** | Write | Boolean | Whether or not to Block the user from using VPN when roaming over cellular. || +| **DefenderRequireRealTimeMonitoring** | Write | Boolean | Indicates whether or not to require real time monitoring. || +| **DefenderRequireBehaviorMonitoring** | Write | Boolean | Indicates whether or not to require behavior monitoring. || +| **DefenderRequireNetworkInspectionSystem** | Write | Boolean | Indicates whether or not to require network inspection system. || +| **DefenderScanDownloads** | Write | Boolean | Indicates whether or not to scan downloads. || +| **DefenderScanScriptsLoadedInInternetExplorer** | Write | Boolean | Indicates whether or not to scan scripts loaded in Internet Explorer browser. || +| **DefenderBlockEndUserAccess** | Write | Boolean | Whether or not to block end user access to Defender. || +| **DefenderSignatureUpdateIntervalInHours** | Write | UInt64 | The signature update interval in hours. Specify 0 not to check. Valid values 0 to 24 || +| **DefenderMonitorFileActivity** | Write | String | Value for monitoring file activity. Possible values are: userDefined, disable, monitorAllFiles, monitorIncomingFilesOnly, monitorOutgoingFilesOnly. || +| **DefenderDaysBeforeDeletingQuarantinedMalware** | Write | UInt64 | Number of days before deleting quarantined malware. Valid values 0 to 90 || +| **DefenderScanMaxCpu** | Write | UInt64 | Max CPU usage percentage during scan. Valid values 0 to 100 || +| **DefenderScanArchiveFiles** | Write | Boolean | Indicates whether or not to scan archive files. || +| **DefenderScanIncomingMail** | Write | Boolean | Indicates whether or not to scan incoming mail messages. || +| **DefenderScanRemovableDrivesDuringFullScan** | Write | Boolean | Indicates whether or not to scan removable drives during full scan. || +| **DefenderScanMappedNetworkDrivesDuringFullScan** | Write | Boolean | Indicates whether or not to scan mapped network drives during full scan. || +| **DefenderScanNetworkFiles** | Write | Boolean | Indicates whether or not to scan files opened from a network folder. || +| **DefenderRequireCloudProtection** | Write | Boolean | Indicates whether or not to require cloud protection. || +| **DefenderCloudBlockLevel** | Write | String | Specifies the level of cloud-delivered protection. Possible values are: notConfigured, high, highPlus, zeroTolerance. || +| **DefenderPromptForSampleSubmission** | Write | String | The configuration for how to prompt user for sample submission. Possible values are: userDefined, alwaysPrompt, promptBeforeSendingPersonalData, neverSendData, sendAllDataWithoutPrompting. || +| **DefenderScheduledQuickScanTime** | Write | String | The time to perform a daily quick scan. || +| **DefenderScanType** | Write | String | The defender system scan type. Possible values are: userDefined, disabled, quick, full. || +| **DefenderSystemScanSchedule** | Write | String | Defender day of the week for the system scan. Possible values are: userDefined, everyday, sunday, monday, tuesday, wednesday, thursday, friday, saturday. || +| **DefenderScheduledScanTime** | Write | String | The defender time for the system scan. || +| **DefenderDetectedMalwareActions** | Write | StringArray[] | Gets or sets Defender’s actions to take on detected Malware per threat level. || +| **DefenderFileExtensionsToExclude** | Write | StringArray[] | File extensions to exclude from scans and real time protection. || +| **DefenderFilesAndFoldersToExclude** | Write | StringArray[] | Files and folder to exclude from scans and real time protection. || +| **DefenderProcessesToExclude** | Write | StringArray[] | Processes to exclude from scans and real time protection. || +| **LockScreenAllowTimeoutConfiguration** | Write | Boolean | Specify whether to show a user-configurable setting to control the screen timeout while on the lock screen of Windows 10 Mobile devices. If this policy is set to Allow, the value set by lockScreenTimeoutInSeconds is ignored. || +| **LockScreenBlockActionCenterNotifications** | Write | Boolean | Indicates whether or not to block action center notifications over lock screen. || +| **LockScreenBlockCortana** | Write | Boolean | Indicates whether or not the user can interact with Cortana using speech while the system is locked. || +| **LockScreenBlockToastNotifications** | Write | Boolean | Indicates whether to allow toast notifications above the device lock screen. || +| **LockScreenTimeoutInSeconds** | Write | UInt64 | Set the duration (in seconds) from the screen locking to the screen turning off for Windows 10 Mobile devices. Supported values are 11-1800. Valid values 11 to 1800 || +| **PasswordBlockSimple** | Write | UInt64 | Specify whether PINs or passwords such as '1111' or '1234' are allowed. For Windows 10 desktops, it also controls the use of picture passwords. || +| **PasswordExpirationDays** | Write | UInt64 | The password expiration in days. Valid values 0 to 730 || +| **PasswordMinimumLength** | Write | UInt64 | The minimum password length. Valid values 4 to 16 || +| **PasswordMinutesOfInactivityBeforeScreenTimeout** | Write | UInt64 | The minutes of inactivity before the screen times out. || +| **PasswordMinimumCharacterSetCount** | Write | UInt64 | The number of character sets required in the password. || +| **PasswordPreviousPasswordBlockCount** | Write | UInt64 | The number of previous passwords to prevent reuse of. Valid values 0 to 50 || +| **PasswordRequired** | Write | Boolean | Indicates whether or not to require the user to have a password. || +| **PasswordRequireWhenResumeFromIdleState** | Write | Boolean | Indicates whether or not to require a password upon resuming from an idle state. || +| **PasswordRequiredType** | Write | String | The required password type. Possible values are: deviceDefault, alphanumeric, numeric. || +| **PasswordSignInFailureCountBeforeFactoryReset** | Write | Boolean | The number of sign in failures before factory reset. Valid values 0 to 999 || +| **PrivacyAdvertisingId** | Write | String | Enables or disables the use of advertising ID. Added in Windows 10, version 1607. Possible values are: notConfigured, blocked, allowed. || +| **PrivacyAutoAcceptPairingAndConsentPrompts** | Write | Boolean | Indicates whether or not to allow the automatic acceptance of the pairing and privacy user consent dialog when launching apps. || +| **PrivacyBlockInputPersonalization** | Write | Boolean | Indicates whether or not to block the usage of cloud based speech services for Cortana, Dictation, or Store applications. || +| **StartBlockUnpinningAppsFromTaskbar** | Write | Boolean | Indicates whether or not to block the user from unpinning apps from taskbar. || +| **StartMenuAppListVisibility** | Write | String | Setting the value of this collapses the app list, removes the app list entirely, or disables the corresponding toggle in the Settings app. Possible values are: userDefined, collapse, remove, disableSettingsApp. || +| **StartMenuHideChangeAccountSettings** | Write | Boolean | Enabling this policy hides the change account setting from appearing in the user tile in the start menu. || +| **StartMenuHideFrequentlyUsedApps** | Write | Boolean | Enabling this policy hides the most used apps from appearing on the start menu and disables the corresponding toggle in the Settings app. || +| **StartMenuHideHibernate** | Write | Boolean | Enabling this policy hides hibernate from appearing in the power button in the start menu. || +| **StartMenuHideLock** | Write | Boolean | Enabling this policy hides lock from appearing in the user tile in the start menu. || +| **StartMenuHidePowerButton** | Write | Boolean | Enabling this policy hides the power button from appearing in the start menu. || +| **StartMenuHideRecentJumpLists** | Write | Boolean | Enabling this policy hides recent jump lists from appearing on the start menu/taskbar and disables the corresponding toggle in the Settings app. || +| **StartMenuHideRecentlyAddedApps** | Write | Boolean | Enabling this policy hides recently added apps from appearing on the start menu and disables the corresponding toggle in the Settings app. || +| **StartMenuHideRestartOptions** | Write | Boolean | Enabling this policy hides 'Restart/Update and Restart' from appearing in the power button in the start menu. || +| **StartMenuHideShutDown** | Write | Boolean | Enabling this policy hides shut down/update and shut down from appearing in the power button in the start menu. || +| **StartMenuHideSignOut** | Write | Boolean | Enabling this policy hides sign out from appearing in the user tile in the start menu. || +| **StartMenuHideSleep** | Write | Boolean | Enabling this policy hides sleep from appearing in the power button in the start menu. || +| **StartMenuHideSwitchAccount** | Write | Boolean | Enabling this policy hides switch account from appearing in the user tile in the start menu. || +| **StartMenuHideUserTile** | Write | Boolean | Enabling this policy hides the user tile from appearing in the start menu. || +| **StartMenuLayoutEdgeAssetsXml** | Write | String | This policy setting allows you to import Edge assets to be used with startMenuLayoutXml policy. Start layout can contain secondary tile from Edge app which looks for Edge local asset file. Edge local asset would not exist and cause Edge secondary tile to appear empty in this case. This policy only gets applied when startMenuLayoutXml policy is modified. The value should be a UTF-8 Base64 encoded byte array. || +| **StartMenuLayoutXml** | Write | String | Allows admins to override the default Start menu layout and prevents the user from changing it. The layout is modified by specifying an XML file based on a layout modification schema. XML needs to be in a UTF8 encoded byte array format. || +| **StartMenuMode** | Write | String | Allows admins to decide how the Start menu is displayed. Possible values are: userDefined, fullScreen, nonFullScreen. || +| **StartMenuPinnedFolderDocuments** | Write | String | Enforces the visibility (Show/Hide) of the Documents folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderDownloads** | Write | String | Enforces the visibility (Show/Hide) of the Downloads folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderFileExplorer** | Write | String | Enforces the visibility (Show/Hide) of the FileExplorer shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderHomeGroup** | Write | String | Enforces the visibility (Show/Hide) of the HomeGroup folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderMusic** | Write | String | Enforces the visibility (Show/Hide) of the Music folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderNetwork** | Write | String | Enforces the visibility (Show/Hide) of the Network folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderPersonalFolder** | Write | String | Enforces the visibility (Show/Hide) of the PersonalFolder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderPictures** | Write | String | Enforces the visibility (Show/Hide) of the Pictures folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderSettings** | Write | String | Enforces the visibility (Show/Hide) of the Settings folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **StartMenuPinnedFolderVideos** | Write | String | Enforces the visibility (Show/Hide) of the Videos folder shortcut on the Start menu. Possible values are: notConfigured, hide, show. || +| **SettingsBlockSettingsApp** | Write | Boolean | Indicates whether or not to block access to Settings app. || +| **SettingsBlockSystemPage** | Write | Boolean | Indicates whether or not to block access to System in Settings app. || +| **SettingsBlockDevicesPage** | Write | Boolean | Indicates whether or not to block access to Devices in Settings app. || +| **SettingsBlockNetworkInternetPage** | Write | Boolean | Indicates whether or not to block access to Network & Internet in Settings app. || +| **SettingsBlockPersonalizationPage** | Write | Boolean | Indicates whether or not to block access to Personalization in Settings app. || +| **SettingsBlockAccountsPage** | Write | Boolean | Indicates whether or not to block access to Accounts in Settings app. || +| **SettingsBlockTimeLanguagePage** | Write | Boolean | Indicates whether or not to block access to Time & Language in Settings app. || +| **SettingsBlockEaseOfAccessPage** | Write | Boolean | Indicates whether or not to block access to Ease of Access in Settings app. || +| **SettingsBlockPrivacyPage** | Write | Boolean | Indicates whether or not to block access to Privacy in Settings app. || +| **SettingsBlockUpdateSecurityPage** | Write | Boolean | Indicates whether or not to block access to Update & Security in Settings app. || +| **SettingsBlockAppsPage** | Write | Boolean | Indicates whether or not to block access to Apps in Settings app. || +| **SettingsBlockGamingPage** | Write | Boolean | Indicates whether or not to block access to Gaming in Settings app. || +| **WindowsSpotlightBlockConsumerSpecificFeatures** | Write | Boolean | Allows IT admins to block experiences that are typically for consumers only, such as Start suggestions, Membership notifications, Post-OOBE app install and redirect tiles. || +| **WindowsSpotlightBlocked** | Write | Boolean | Allows IT admins to turn off all Windows Spotlight features || +| **WindowsSpotlightBlockOnActionCenter** | Write | Boolean | Block suggestions from Microsoft that show after each OS clean install, upgrade or in an on-going basis to introduce users to what is new or changed || +| **WindowsSpotlightBlockTailoredExperiences** | Write | Boolean | Block personalized content in Windows spotlight based on user’s device usage. || +| **WindowsSpotlightBlockThirdPartyNotifications** | Write | Boolean | Block third party content delivered via Windows Spotlight || +| **WindowsSpotlightBlockWelcomeExperience** | Write | Boolean | Block Windows Spotlight Windows welcome experience || +| **WindowsSpotlightBlockWindowsTips** | Write | Boolean | Allows IT admins to turn off the popup of Windows Tips. || +| **WindowsSpotlightConfigureOnLockScreen** | Write | String | Specifies the type of Spotlight. Possible values are: notConfigured, disabled, enabled. || +| **NetworkProxyApplySettingsDeviceWide** | Write | Boolean | If set, proxy settings will be applied to all processes and accounts in the device. Otherwise, it will be applied to the user account that’s enrolled into MDM. || +| **NetworkProxyDisableAutoDetect** | Write | Boolean | Disable automatic detection of settings. If enabled, the system will try to find the path to a proxy auto-config (PAC) script. || +| **NetworkProxyAutomaticConfigurationUrl** | Write | String | Address to the proxy auto-config (PAC) script you want to use. || +| **NetworkProxyServer** | Write | StringArray[] | Specifies manual proxy server settings. || +| **AccountsBlockAddingNonMicrosoftAccountEmail** | Write | Boolean | Indicates whether or not to Block the user from adding email accounts to the device that are not associated with a Microsoft account. || +| **AntiTheftModeBlocked** | Write | Boolean | Indicates whether or not to block the user from selecting an AntiTheft mode preference (Windows 10 Mobile only). || +| **BluetoothBlocked** | Write | Boolean | Whether or not to Block the user from using bluetooth. || +| **CameraBlocked** | Write | Boolean | Whether or not to Block the user from accessing the camera of the device. || +| **ConnectedDevicesServiceBlocked** | Write | Boolean | Whether or not to block Connected Devices Service which enables discovery and connection to other devices, remote messaging, remote app sessions and other cross-device experiences. || +| **CertificatesBlockManualRootCertificateInstallation** | Write | Boolean | Whether or not to Block the user from doing manual root certificate installation. || +| **CopyPasteBlocked** | Write | Boolean | Whether or not to Block the user from using copy paste. || +| **CortanaBlocked** | Write | Boolean | Whether or not to Block the user from using Cortana. || +| **DeviceManagementBlockFactoryResetOnMobile** | Write | Boolean | Indicates whether or not to Block the user from resetting their phone. || +| **DeviceManagementBlockManualUnenroll** | Write | Boolean | Indicates whether or not to Block the user from doing manual un-enrollment from device management. || +| **SafeSearchFilter** | Write | String | Specifies what filter level of safe search is required. Possible values are: userDefined, strict, moderate. || +| **EdgeBlockPopups** | Write | Boolean | Indicates whether or not to block popups. || +| **EdgeBlockSearchSuggestions** | Write | Boolean | Indicates whether or not to block the user from using the search suggestions in the address bar. || +| **EdgeBlockSendingIntranetTrafficToInternetExplorer** | Write | Boolean | Indicates whether or not to switch the intranet traffic from Edge to Internet Explorer. Note: the name of this property is misleading; the property is obsolete, use EdgeSendIntranetTrafficToInternetExplorer instead. || +| **EdgeSendIntranetTrafficToInternetExplorer** | Write | Boolean | Indicates whether or not to switch the intranet traffic from Edge to Internet Explorer. || +| **EdgeRequireSmartScreen** | Write | Boolean | Indicates whether or not to Require the user to use the smart screen filter. || +| **EdgeEnterpriseModeSiteListLocation** | Write | Boolean | Indicates the enterprise mode site list location. Could be a local file, local network or http location. || +| **EdgeFirstRunUrl** | Write | String | The first run URL for when Edge browser is opened for the first time. || +| **EdgeSearchEngine** | Write | String | Allows IT admins to set a default search engine for MDM-Controlled devices. Users can override this and change their default search engine provided the AllowSearchEngineCustomization policy is not set. || +| **EdgeHomepageUrls** | Write | StringArray[] | The list of URLs for homepages shodwn on MDM-enrolled devices on Edge browser. || +| **EdgeBlockAccessToAboutFlags** | Write | Boolean | Indicates whether or not to prevent access to about flags on Edge browser. || +| **SmartScreenBlockPromptOverride** | Write | Boolean | Indicates whether or not users can override SmartScreen Filter warnings about potentially malicious websites. || +| **SmartScreenBlockPromptOverrideForFiles** | Write | Boolean | Indicates whether or not users can override the SmartScreen Filter warnings about downloading unverified files || +| **WebRtcBlockLocalhostIpAddress** | Write | Boolean | Indicates whether or not user's localhost IP address is displayed while making phone calls using the WebRTC || +| **InternetSharingBlocked** | Write | Boolean | Indicates whether or not to Block the user from using internet sharing. || +| **SettingsBlockAddProvisioningPackage** | Write | Boolean | Indicates whether or not to block the user from installing provisioning packages. || +| **SettingsBlockRemoveProvisioningPackage** | Write | Boolean | Indicates whether or not to block the runtime configuration agent from removing provisioning packages. || +| **SettingsBlockChangeSystemTime** | Write | Boolean | Indicates whether or not to block the user from changing date and time settings. || +| **SettingsBlockEditDeviceName** | Write | Boolean | Indicates whether or not to block the user from editing the device name. || +| **SettingsBlockChangeRegion** | Write | Boolean | Indicates whether or not to block the user from changing the region settings. || +| **SettingsBlockChangeLanguage** | Write | Boolean | Indicates whether or not to block the user from changing the language settings. || +| **SettingsBlockChangePowerSleep** | Write | Boolean | Indicates whether or not to block the user from changing power and sleep settings. || +| **LocationServicesBlocked** | Write | Boolean | Indicates whether or not to Block the user from location services. || +| **MicrosoftAccountBlocked** | Write | Boolean | Indicates whether or not to Block a Microsoft account. || +| **MicrosoftAccountBlockSettingsSync** | Write | Boolean | Indicates whether or not to Block Microsoft account settings sync. || +| **NfcBlocked** | Write | Boolean | Indicates whether or not to Block the user from using near field communication. || +| **ResetProtectionModeBlocked** | Write | Boolean | Indicates whether or not to Block the user from reset protection mode. || +| **ScreenCaptureBlocked** | Write | Boolean | Indicates whether or not to Block the user from taking Screenshots. || +| **StorageBlockRemovableStorage** | Write | Boolean | Indicates whether or not to Block the user from using removable storage. || +| **StorageRequireMobileDeviceEncryption** | Write | Boolean | Indicating whether or not to require encryption on a mobile device. || +| **UsbBlocked** | Write | Boolean | Indicates whether or not to Block the user from USB connection. || +| **VoiceRecordingBlocked** | Write | Boolean | Indicates whether or not to Block the user from voice recording. || +| **WiFiBlockAutomaticConnectHotspots** | Write | Boolean | Indicating whether or not to block automatically connecting to Wi-Fi hotspots. Has no impact if Wi-Fi is blocked. || +| **WiFiBlocked** | Write | Boolean | Indicates whether or not to Block the user from using Wi-Fi. || +| **WiFiBlockManualConfiguration** | Write | Boolean | Indicates whether or not to Block the user from using Wi-Fi manual configuration. || +| **WiFiScanInterval** | Write | UInt64 | Specify how often devices scan for Wi-Fi networks. Supported values are 1-500, where 100 = default, and 500 = low frequency. Valid values 1 to 500 || +| **WirelessDisplayBlockProjectionToThisDevice** | Write | Boolean | Indicates whether or not to allow other devices from discovering this PC for projection. || +| **WirelessDisplayBlockUserInputFromReceiver** | Write | Boolean | Indicates whether or not to allow user input from wireless display receiver. || +| **WirelessDisplayRequirePinForPairing** | Write | Boolean | Indicates whether or not to require a PIN for new devices to initiate pairing. || +| **WindowsStoreBlocked** | Write | Boolean | Indicates whether or not to Block the user from using the Windows store. || +| **AppsAllowTrustedAppsSideloading** | Write | String | Indicates whether apps from AppX packages signed with a trusted certificate can be side loaded. Possible values are: notConfigured, blocked, allowed. || +| **WindowsStoreBlockAutoUpdate** | Write | Boolean | Indicates whether or not to block automatic update of apps from Windows Store. || +| **DeveloperUnlockSetting** | Write | String | Indicates whether or not to allow developer unlock. Possible values are: notConfigured, blocked, allowed. || +| **SharedUserAppDataAllowed** | Write | Boolean | Indicates whether or not to block multiple users of the same app to share data. || +| **AppsBlockWindowsStoreOriginatedApps** | Write | Boolean | Indicates whether or not to disable the launch of all apps from Windows Store that came pre-installed or were downloaded. || +| **WindowsStoreEnablePrivateStoreOnly** | Write | Boolean | Indicates whether or not to enable Private Store Only. || +| **StorageRestrictAppDataToSystemVolume** | Write | Boolean | Indicates whether application data is restricted to the system drive. || +| **StorageRestrictAppInstallToSystemVolume** | Write | Boolean | Indicates whether the installation of applications is restricted to the system drive. || +| **GameDvrBlocked** | Write | Boolean | Indicates whether or not to block DVR and broadcasting. || +| **ExperienceBlockDeviceDiscovery** | Write | Boolean | Indicates whether or not to enable device discovery UX. || +| **ExperienceBlockErrorDialogWhenNoSIM** | Write | Boolean | NIndicates whether or not to allow the error dialog from displaying if no SIM card is detected. || +| **ExperienceBlockTaskSwitcher** | Write | Boolean | Indicates whether or not to enable task switching on the device. || +| **LogonBlockFastUserSwitching** | Write | Boolean | Disables the ability to quickly switch between users that are logged on simultaneously without logging off. || +| **TenantLockdownRequireNetworkDuringOutOfBoxExperience** | Write | Boolean | Whether the device is required to connect to the network. || +| **Ensure** | Write | String | Present ensures the site collection exists, absent ensures it is removed |Present, Absent| +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || +| **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || +| **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || +| **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || + + +# IntuneDeviceConfigurationPolicyWindows10 + +This resource configures an Intune device configuration profile for an Windows 10 Device. + +## Examples + +### Example 1 + +This example creates a new General Device Configuration Policy for Windows . + +```powershell +Configuration Example +{ + param( + [Parameter(Mandatory = $true)] + [PSCredential] + $credsGlobalAdmin + ) + Import-DscResource -ModuleName Microsoft365DSC + + node localhost + { + IntuneDeviceConfigurationPolicyWindows10 0467863a-17e0-455c-af2f-266ac7b07c77 + { + displayName = "CONTOSO | W10 | Device Restriction" + description = "Default device restriction settings" + defenderBlockEndUserAccess = $true + defenderRequireRealTimeMonitoring = $true + defenderRequireBehaviorMonitoring = $true + defenderRequireNetworkInspectionSystem = $true + defenderScanDownloads = $true + defenderScanScriptsLoadedInInternetExplorer = $true + defenderSignatureUpdateIntervalInHours = 8 + defenderMonitorFileActivity = 'monitorIncomingFilesOnly' # userDefined,monitorAllFiles,monitorIncomingFilesOnly,monitorOutgoingFilesOnly + defenderDaysBeforeDeletingQuarantinedMalware = 3 + defenderScanMaxCpu = 2 + defenderScanArchiveFiles = $true + defenderScanIncomingMail = $true + defenderScanRemovableDrivesDuringFullScan = $true + defenderScanMappedNetworkDrivesDuringFullScan = $false + defenderScanNetworkFiles = $false + defenderRequireCloudProtection = $true + defenderCloudBlockLevel = 'high' + defenderPromptForSampleSubmission = 'alwaysPrompt' + defenderScheduledQuickScanTime = '13:00:00.0000000' + defenderScanType = 'quick' #quick,full,userDefined + defenderSystemScanSchedule = 'monday' #days of week + defenderScheduledScanTime = '11:00:00.0000000' + defenderDetectedMalwareActions = @("lowSeverity=clean","moderateSeverity=quarantine","highSeverity=remove","severeSeverity=block") + defenderFileExtensionsToExclude = "[`"csv,jpg,docx`"]" + defenderFilesAndFoldersToExclude = "[`"c:\\2,C:\\1`"]" + defenderProcessesToExclude = "[`"notepad.exe,c:\\Windows\\myprocess.exe`"]" + lockScreenAllowTimeoutConfiguration = $true + lockScreenBlockActionCenterNotifications = $true + lockScreenBlockCortana = $true + lockScreenBlockToastNotifications = $false + lockScreenTimeoutInSeconds = 90 + passwordBlockSimple = $true + passwordExpirationDays = 6 + passwordMinimumLength = 5 + passwordMinutesOfInactivityBeforeScreenTimeout = 15 + passwordMinimumCharacterSetCount = 1 + passwordPreviousPasswordBlockCount = 2 + passwordRequired = $true + passwordRequireWhenResumeFromIdleState = $true + passwordRequiredType = "alphanumeric" + passwordSignInFailureCountBeforeFactoryReset = 12 + privacyAdvertisingId = "blocked" + privacyAutoAcceptPairingAndConsentPrompts = $true + privacyBlockInputPersonalization = $true + startBlockUnpinningAppsFromTaskbar = $true + startMenuAppListVisibility = "collapse" + startMenuHideChangeAccountSettings = $true + startMenuHideFrequentlyUsedApps = $true + startMenuHideHibernate = $true + startMenuHideLock = $true + startMenuHidePowerButton = $true + startMenuHideRecentJumpLists = $true + startMenuHideRecentlyAddedApps = $true + startMenuHideRestartOptions = $true + startMenuHideShutDown = $true + startMenuHideSignOut = $true + startMenuHideSleep = $true + startMenuHideSwitchAccount = $true + startMenuHideUserTile = $true + startMenuLayoutXml = "+DQogICAGlmaWNhdGlvblRlbXBsYXRlPg==" + startMenuMode = "fullScreen" + startMenuPinnedFolderDocuments = "hide" + startMenuPinnedFolderDownloads = "hide" + startMenuPinnedFolderFileExplorer = "hide" + startMenuPinnedFolderHomeGroup = "hide" + startMenuPinnedFolderMusic = "hide" + startMenuPinnedFolderNetwork = "hide" + startMenuPinnedFolderPersonalFolder = "hide" + startMenuPinnedFolderPictures = "hide" + startMenuPinnedFolderSettings = "hide" + startMenuPinnedFolderVideos = "hide" + settingsBlockSettingsApp = $true + settingsBlockSystemPage = $true + settingsBlockDevicesPage = $true + settingsBlockNetworkInternetPage = $true + settingsBlockPersonalizationPage = $true + settingsBlockAccountsPage = $true + settingsBlockTimeLanguagePage = $true + settingsBlockEaseOfAccessPage = $true + settingsBlockPrivacyPage = $true + settingsBlockUpdateSecurityPage = $true + settingsBlockAppsPage = $true + settingsBlockGamingPage = $true + windowsSpotlightBlockConsumerSpecificFeatures = $true + windowsSpotlightBlocked = $true + windowsSpotlightBlockOnActionCenter = $true + windowsSpotlightBlockTailoredExperiences = $true + windowsSpotlightBlockThirdPartyNotifications = $true + windowsSpotlightBlockWelcomeExperience = $true + windowsSpotlightBlockWindowsTips = $true + windowsSpotlightConfigureOnLockScreen = "disabled" + networkProxyApplySettingsDeviceWide = $true + networkProxyDisableAutoDetect = $true + networkProxyAutomaticConfigurationUrl = "https://example.com/networkProxyAutomaticConfigurationUrl/" + accountsBlockAddingNonMicrosoftAccountEmail = $true + antiTheftModeBlocked = $true + bluetoothBlocked = $true + bluetoothAllowedServices = "[`"8e473eaa-ead4-4c60-ba9c-2c5696d71492`",`"21913f2d-a803-4f36-8039-669fd94ce5b3`"]" + bluetoothBlockAdvertising = $true + bluetoothBlockDiscoverableMode = $true + bluetoothBlockPrePairing = $true + cameraBlocked = $true + connectedDevicesServiceBlocked = $true + certificatesBlockManualRootCertificateInstallation = $true + copyPasteBlocked = $true + cortanaBlocked = $true + deviceManagementBlockFactoryResetOnMobile = $true + deviceManagementBlockManualUnenroll = $true + safeSearchFilter = "strict" + edgeBlockPopups = $true + edgeBlockSearchSuggestions = $true + edgeBlockSendingIntranetTrafficToInternetExplorer = $true + edgeSendIntranetTrafficToInternetExplorer = $true + edgeRequireSmartScreen = $true + edgeFirstRunUrl = "https://contoso.com/" + edgeBlockAccessToAboutFlags = $true + edgeHomepageUrls = "[`"https://microsoft.com`"]" + smartScreenBlockPromptOverride = $true + smartScreenBlockPromptOverrideForFiles = $true + webRtcBlockLocalhostIpAddress = $true + internetSharingBlocked = $true + settingsBlockAddProvisioningPackage = $true + settingsBlockRemoveProvisioningPackage = $true + settingsBlockChangeSystemTime = $true + settingsBlockEditDeviceName = $true + settingsBlockChangeRegion = $true + settingsBlockChangeLanguage = $true + settingsBlockChangePowerSleep = $true + locationServicesBlocked = $true + microsoftAccountBlocked = $true + microsoftAccountBlockSettingsSync = $true + nfcBlocked = $true + resetProtectionModeBlocked = $true + screenCaptureBlocked = $true + storageBlockRemovableStorage = $true + storageRequireMobileDeviceEncryption = $true + usbBlocked = $true + voiceRecordingBlocked = $true + wiFiBlockAutomaticConnectHotspots = $true + wiFiBlocked = $true + wiFiBlockManualConfiguration = $true + wiFiScanInterval = 1 + wirelessDisplayBlockProjectionToThisDevice = $true + wirelessDisplayBlockUserInputFromReceiver = $true + wirelessDisplayRequirePinForPairing = $true + windowsStoreBlocked = $true + appsAllowTrustedAppsSideloading = "blocked" + windowsStoreBlockAutoUpdate = $true + developerUnlockSetting = "blocked" + sharedUserAppDataAllowed = $true + appsBlockWindowsStoreOriginatedApps = $true + windowsStoreEnablePrivateStoreOnly = $true + storageRestrictAppDataToSystemVolume = $true + storageRestrictAppInstallToSystemVolume = $true + gameDvrBlocked = $true + edgeSearchEngine = "bing" + #edgeSearchEngine = "https://go.microsoft.com/fwlink/?linkid=842596" #'Google' + experienceBlockDeviceDiscovery = $true + experienceBlockErrorDialogWhenNoSIM = $true + experienceBlockTaskSwitcher = $true + logonBlockFastUserSwitching = $true + tenantLockdownRequireNetworkDuringOutOfBoxExperience = $true + enterpriseCloudPrintDiscoveryEndPoint = "https://cloudprinterdiscovery.contoso.com" + enterpriseCloudPrintDiscoveryMaxLimit = 4 + enterpriseCloudPrintMopriaDiscoveryResourceIdentifier = "http://mopriadiscoveryservice/cloudprint" + enterpriseCloudPrintOAuthClientIdentifier = "30fbf7e8-321c-40ce-8b9f-160b6b049257" + enterpriseCloudPrintOAuthAuthority = "https:/tenant.contoso.com/adfs" + enterpriseCloudPrintResourceIdentifier = "http://cloudenterpriseprint/cloudPrint" + networkProxyServer = @("address=proxy.contoso.com:8080","exceptions=*.contoso.com`r`n*.internal.local","useForLocalAddresses=false") + Ensure = 'Present' + Credential = $credsGlobalAdmin; + } + } +} +``` + diff --git a/IntuneDeviceConfigurationPolicyiOS.md b/IntuneDeviceConfigurationPolicyiOS.md index 29a8ceb..18d9d3d 100644 --- a/IntuneDeviceConfigurationPolicyiOS.md +++ b/IntuneDeviceConfigurationPolicyiOS.md @@ -130,10 +130,11 @@ | **VoiceDialingBlocked** | Write | Boolean | N/A || | **WallpaperBlockModification** | Write | Boolean | N/A || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceConfigurationPolicyiOS @@ -269,7 +270,7 @@ Configuration Example VoiceDialingBlocked = $False; WallpaperBlockModification = $False; Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/IntuneDeviceEnrollmentLimitRestriction.md b/IntuneDeviceEnrollmentLimitRestriction.md index 52ee147..56d599f 100644 --- a/IntuneDeviceEnrollmentLimitRestriction.md +++ b/IntuneDeviceEnrollmentLimitRestriction.md @@ -8,10 +8,11 @@ | **Description** | Write | String | Description of the device enrollment limit restriction. || | **Limit** | Write | UInt32 | Specifies the maximum number of devices a user can enroll || | **Ensure** | Write | String | Present ensures the restriction exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceEnrollmentLimitRestriction @@ -41,7 +42,7 @@ Configuration Example Description = "My Restriction"; DisplayName = "My DSC Limit"; Ensure = "Present" - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; Limit = 12; } } diff --git a/IntuneDeviceEnrollmentPlatformRestriction.md b/IntuneDeviceEnrollmentPlatformRestriction.md index f7decb3..3ab4115 100644 --- a/IntuneDeviceEnrollmentPlatformRestriction.md +++ b/IntuneDeviceEnrollmentPlatformRestriction.md @@ -27,10 +27,11 @@ | **WindowsMobileOSMinimumVersion** | Write | String | N/A || | **WindowsMobileOSMaximumVersion** | Write | String | N/A || | **Ensure** | Write | String | Present ensures the restriction exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Intune Admin || +| **Credential** | Write | PSCredential | Credentials of the Intune Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory tenant used for authentication. || +| **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || # IntuneDeviceEnrollmentPlatformRestriction @@ -62,7 +63,7 @@ Configuration Example Description = ""; DisplayName = "My DSC Restriction"; Ensure = "Present" - GlobalAdminAccount = $GlobalAdminAccount; + Credential = $Credential; iOSOSMaximumVersion = "11.0"; iOSOSMinimumVersion = "9.0"; iOSPersonalDeviceEnrollmentBlocked = $False; diff --git a/O365AdminAuditLogConfig.md b/O365AdminAuditLogConfig.md index 1ca56c5..2a8d0b5 100644 --- a/O365AdminAuditLogConfig.md +++ b/O365AdminAuditLogConfig.md @@ -7,7 +7,7 @@ | **IsSingleInstance** | Key | String | Specifies the resource is a single instance, the value must be 'Yes' |Yes| | **Ensure** | Write | String | 'Present' is the only value accepted. |Present| | **UnifiedAuditLogIngestionEnabled** | Required | String | Determins if Unified Audit Log Ingestion is enabled |Enabled, Disabled| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -33,10 +33,10 @@ IsSingleInstance - Required: Yes - Description: Single instance resource, the value must be 'Yes' -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of the SharePoint Global Admin +- Description: Credentials of the account to authenticate with UnifiedAuditLogIngestionEnabled @@ -50,7 +50,7 @@ UnifiedAuditLogIngestionEnabled IsSingleInstance = 'Yes' Ensure = 'Present' UnifiedAuditLogIngestionEnabled = 'Enabled' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential } ``` @@ -78,7 +78,7 @@ Configuration Example IsSingleInstance = "Yes" UnifiedAuditLogIngestionEnabled = "Enabled" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/O365Group.md b/O365Group.md index 812fc87..5e3ee92 100644 --- a/O365Group.md +++ b/O365Group.md @@ -10,7 +10,7 @@ | **Description** | Write | String | The group's description. || | **Members** | Write | StringArray[] | Members of the group. || | **Ensure** | Write | String | Present ensures the group exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -48,7 +48,7 @@ Configuration Example ManagedBy = "TenantAdmin@contoso.onmicrosoft.com" Members = @("Bob.Houle", "John.Smith") Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/O365OrgCustomizationSetting.md b/O365OrgCustomizationSetting.md index 2feffe0..a32d3a2 100644 --- a/O365OrgCustomizationSetting.md +++ b/O365OrgCustomizationSetting.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **IsSingleInstance** | Key | String | Specifies the resource is a single instance, the value must be 'Yes' |Yes| | **Ensure** | Write | String | Since there is only one setting availble, this must be set to 'Present' |Present| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -38,10 +38,10 @@ Ensure - Description: `Present` is the only value accepted. Configurations using `Ensure = 'Absent'` will throw an Error! -GlobalAdminAccount +Credential - Required: Yes -- Description: Credentials of the Office 365 Global Admin +- Description: Credentials of the account to authenticate with ## Example @@ -49,7 +49,7 @@ GlobalAdminAccount O365OrgCustomizationSettting EnableOgranizationCustomization { IsSingleInstance = 'Yes' Ensure = 'Present' - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential } ``` @@ -77,7 +77,7 @@ Configuration Example { IsSingleInstance = "Yes" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/O365User.md b/O365User.md index 0fa01bd..a1a35ed 100644 --- a/O365User.md +++ b/O365User.md @@ -27,7 +27,7 @@ | **Title** | Write | String | Specifies the title of the user || | **UserType** | Write | String | Specifies the title of the user |Guest, Member, Other, Viral| | **Ensure** | Write | String | Present ensures the user exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -69,7 +69,7 @@ Configuration Example LicenseAssignment = @("O365dsc1:ENTERPRISEPREMIUM") UsageLocation = "US" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/ODSettings.md b/ODSettings.md index 5e6ed35..6891038 100644 --- a/ODSettings.md +++ b/ODSettings.md @@ -18,7 +18,7 @@ | **ExcludedFileExtensions** | Write | StringArray[] | Exclude files from being synced to OneDrive || | **GrooveBlockOption** | Write | String | Groove block options |OptOut, HardOptIn, SoftOptIn| | **Ensure** | Write | String | Present ensures the user exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || | **CertificatePassword** | Write | PSCredential | Username can be made up to anything but password will be used for certificatePassword || @@ -67,7 +67,7 @@ Configuration Example ODSettings OneDriveSettings { IsSingleInstance = "Yes" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin OneDriveStorageQuota = "1024" ExcludedFileExtensions = @("pst") DomainGuids = "786548dd-877b-4760-a749-6b1efbc1190a" diff --git a/PPPowerAppsEnvironment.md b/PPPowerAppsEnvironment.md index 509895f..f2cc3be 100644 --- a/PPPowerAppsEnvironment.md +++ b/PPPowerAppsEnvironment.md @@ -8,7 +8,7 @@ | **Location** | Required | String | Location of the PowerApps environment. |canada, unitedstates, europe, asia, australia, india, japan, unitedkingdom, unitedstatesfirstrelease, southamerica, france, usgov| | **EnvironmentSKU** | Required | String | Environment type. |Production, Standard, Trial, Sandbox| | **Ensure** | Write | String | Only accepted value is 'Present'. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Azure Active Directory Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Power Platform Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -41,7 +41,7 @@ Configuration Example DisplayName = "My Demo Environment" Ensure = "Present" EnvironmentSKU = "Production" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Location = "canada" } } diff --git a/PPTenantSettings.md b/PPTenantSettings.md index d80f3b7..fa5aeb9 100644 --- a/PPTenantSettings.md +++ b/PPTenantSettings.md @@ -20,7 +20,7 @@ | **DisableShareWithEveryone** | Write | Boolean | When set to true this will disable the ability to share apps with the whole tenant. || | **EnableGuestsToMake** | Write | Boolean | When set to true this will enable the ability for guests in your tenant to create Power Platform resources. || | **ShareWithColleaguesUserLimit** | Write | UInt32 | The amount of people an app can be shared with in Dataverse for Teams (maximum is 10,000). || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Power Platform Admin || +| **Credential** | Write | PSCredential | Credentials of the Power Platform Admin || # PPTenantSettings @@ -62,7 +62,7 @@ Configuration Example DisableShareWithEveryone = $false EnableGuestsToMake = $false ShareWithColleaguesUserLimit = 10000 - GlobalAdminAccount = $GlobalAdminAccount + Credential = $Credential } } } diff --git a/PlannerTask.md b/PlannerTask.md index aca3036..4959829 100644 --- a/PlannerTask.md +++ b/PlannerTask.md @@ -25,7 +25,7 @@ | **ConversationThreadId** | Write | String | Id of the group conversation thread associated with the comments section for this task. || | **Ensure** | Write | String | Present ensures the Plan exists, absent ensures it is removed |Present, Absent| | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Global Admin || ## Description diff --git a/SCAuditConfigurationPolicy.md b/SCAuditConfigurationPolicy.md index cf6be98..48f40fb 100644 --- a/SCAuditConfigurationPolicy.md +++ b/SCAuditConfigurationPolicy.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Workload** | Key | String | Workload associated with the policy. |Exchange, SharePoint, OneDriveForBusiness| | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Global Admin || # SCAuditConfigurationPolicy @@ -38,21 +38,21 @@ Configuration Example { Workload = "Exchange" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } SCAuditConfigurationPolicy OneDriveAuditPolicy { Workload = "OneDriveForBusiness" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } SCAuditConfigurationPolicy SharePointAuditPolicy { Workload = "SharePoint" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCCaseHoldPolicy.md b/SCCaseHoldPolicy.md index 45bf159..20591ac 100644 --- a/SCCaseHoldPolicy.md +++ b/SCCaseHoldPolicy.md @@ -12,7 +12,7 @@ | **PublicFolderLocation** | Write | StringArray[] | The PublicFolderLocation parameter specifies that you want to include all public folders in the case hold policy. You use the value All for this parameter. || | **SharePointLocation** | Write | StringArray[] | The SharePointLocation parameter specifies the SharePoint Online and OneDrive for Business sites to include. You identify a site by its URL value. || | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Global Admin || # SCCaseHoldPolicy @@ -49,7 +49,7 @@ Configuration Example Comment = "This is a demo"; Ensure = "Present"; Enabled = $True; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; } } } diff --git a/SCCaseHoldRule.md b/SCCaseHoldRule.md index 76ada83..d1d07ca 100644 --- a/SCCaseHoldRule.md +++ b/SCCaseHoldRule.md @@ -10,7 +10,7 @@ | **ContentMatchQuery** | Write | String | The ContentMatchQuery parameter specifies a content search filter. Use this parameter to create a query-based hold so only the content that matches the specified search query is placed on hold. This parameter uses a text search string or a query that's formatted by using the Keyword Query Language (KQL). || | **Disabled** | Write | Boolean | The Disabled parameter specifies whether the case hold rule is enabled or disabled. || | **Ensure** | Write | String | Present ensures the rule exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Global Admin Account || +| **Credential** | Required | PSCredential | Credentials of the Global Admin Account || # SCCaseHoldRule @@ -46,7 +46,7 @@ Configuration Example Disabled = $false ContentMatchQuery = "filename:2016 budget filetype:xlsx" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCComplianceCase.md b/SCComplianceCase.md index ce9b1c9..4e862a1 100644 --- a/SCComplianceCase.md +++ b/SCComplianceCase.md @@ -8,7 +8,7 @@ | **Description** | Write | String | The description of the case. || | **Ensure** | Write | String | Specify if this case should exist or not. |Present, Absent| | **Status** | Write | String | Status for the case. Can either be 'Active' or 'Closed' |Active, Closed| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Global Admin Account || +| **Credential** | Required | PSCredential | Credentials of the Global Admin Account || # SCComplianceCase @@ -41,7 +41,7 @@ Configuration Example Description = "MyPolicy" Status = "Active" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCComplianceSearch.md b/SCComplianceSearch.md index f9c4b00..29987c7 100644 --- a/SCComplianceSearch.md +++ b/SCComplianceSearch.md @@ -18,7 +18,7 @@ | **SharePointLocation** | Write | StringArray[] | The SharePointLocation parameter specifies the SharePoint Online sites to include. You identify the site by its URL value, or you can use the value All to include all sites. || | **SharePointLocationExclusion** | Write | StringArray[] | This parameter specifies the SharePoint Online sites to exclude when you use the value All for the SharePointLocation parameter. You identify the site by its URL value. || | **Ensure** | Write | String | Specify if this search should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Global Admin Account || +| **Credential** | Required | PSCredential | Credentials of the Global Admin Account || # SCComplianceSearch @@ -52,7 +52,7 @@ Configuration Example Name = "Demo Compliance Search"; Ensure = "Present"; Language = "iv"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; AllowNotFoundExchangeLocationsEnabled = $False; SharePointLocation = @("All"); } diff --git a/SCComplianceSearchAction.md b/SCComplianceSearchAction.md index c595c99..a757f87 100644 --- a/SCComplianceSearchAction.md +++ b/SCComplianceSearchAction.md @@ -14,7 +14,7 @@ | **RetryOnError** | Write | Boolean | The RetryOnError switch specifies whether to retry the action on any items that failed without re-running the entire action all over again. || | **ActionScope** | Write | String | The ActionScope parameter specifies the items to include when the action is Export. |IndexedItemsOnly, UnindexedItemsOnly, BothIndexedAndUnindexedItems| | **Ensure** | Write | String | Specify if this action should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCComplianceSearchAction @@ -44,7 +44,7 @@ Configuration Example SCComplianceSearchAction DemoPurge { Action = "Purge"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; PurgeType = "SoftDelete"; IncludeCredential = $True; Ensure = "Present"; @@ -56,7 +56,7 @@ Configuration Example IncludeSharePointDocumentVersions = $False; Action = "Export"; SearchName = "Demo Search"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; FileTypeExclusionsForUnindexedItems = $null; IncludeCredential = $False; RetryOnError = $False; @@ -69,7 +69,7 @@ Configuration Example IncludeSharePointDocumentVersions = $False; Action = "Retention"; SearchName = "Demo Search"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; FileTypeExclusionsForUnindexedItems = $null; IncludeCredential = $False; RetryOnError = $False; diff --git a/SCComplianceTag.md b/SCComplianceTag.md index 344c5ab..298ee2d 100644 --- a/SCComplianceTag.md +++ b/SCComplianceTag.md @@ -22,7 +22,7 @@ | **RetentionDuration** | Write | String | The RetentionDuration parameter specifies the hold duration for the retention rule. Valid values are: An integer - The hold duration in days, Unlimited - The content is held indefinitely. || | **RetentionAction** | Write | String | The RetentionAction parameter specifies the action for the label. Valid values are: Delete, Keep or KeepAndDelete. |Delete, Keep, KeepAndDelete| | **RetentionType** | Write | String | The RetentionType parameter specifies whether the retention duration is calculated from the content creation date, tagged date, or last modification date. Valid values are: CreationAgeInDays, EventAgeInDays,ModificationAgeInDays, or TaggedAgeInDays. |CreationAgeInDays, EventAgeInDays, ModificationAgeInDays, TaggedAgeInDays| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCComplianceTag @@ -65,7 +65,7 @@ Configuration Example FilePlanPropertySubcategory = "DemoSub" } Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCDLPCompliancePolicy.md b/SCDLPCompliancePolicy.md index 1e0cb55..c7c9768 100644 --- a/SCDLPCompliancePolicy.md +++ b/SCDLPCompliancePolicy.md @@ -18,7 +18,7 @@ | **TeamsLocation** | Write | StringArray[] | Teams locations to include || | **TeamsLocationException** | Write | StringArray[] | Teams locations to exclude. || | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCDLPCompliancePolicy @@ -53,7 +53,7 @@ Configuration Example Priority = 1 SharePointLocation = "https://contoso.sharepoint.com/sites/demo" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCDLPComplianceRule.md b/SCDLPComplianceRule.md index 508c8f2..b5a3dfe 100644 --- a/SCDLPComplianceRule.md +++ b/SCDLPComplianceRule.md @@ -41,7 +41,7 @@ | **ReportSeverityLevel** | Write | String | The ReportSeverityLevel parameter specifies the severity level of the incident report for content detections based on the rule. |Low, Medium, High, None| | **RuleErrorAction** | Write | String | The RuleErrorAction parameter specifies what to do if an error is encountered during the evaluation of the rule. |Ignore, RetryThenBlock| | **Ensure** | Write | String | Specify if this rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || | **AnyOfRecipientAddressContainsWords** | Write | StringArray[] | The AnyOfRecipientAddressContainsWords parameter specifies a condition for the DLP rule that looks for words or phrases in recipient email addresses. || | **AnyOfRecipientAddressMatchesPatterns** | Write | StringArray[] | The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in recipient email addresses by using regular expressions.. || | **RemoveRMSTemplate** | Write | Boolean | The RemoveRMSTemplate parameter specifies an action for the DLP rule that removes Office 365 Message Encryption from messages and their attachments. || @@ -108,7 +108,7 @@ Configuration Example ExceptIfHasSenderOverride = $False; ExceptIfProcessingLimitExceeded = $False; GenerateIncidentReport = @("SiteAdmin"); - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; HasSenderOverride = $False; IncidentReportContent = @("DocumentLastModifier","Detections","Severity","DetectionDetails","OriginalContent"); Name = "Low volume EU Sensitive content found"; diff --git a/SCDeviceConditionalAccessPolicy.md b/SCDeviceConditionalAccessPolicy.md index d15cf5c..a95a21d 100644 --- a/SCDeviceConditionalAccessPolicy.md +++ b/SCDeviceConditionalAccessPolicy.md @@ -8,7 +8,7 @@ | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| | **Comment** | Write | String | The Comment parameter specifies an optional comment. || | **Enabled** | Write | Boolean | The Enabled parameter specifies whether the policy is enabled. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of Security and Compliance Center Admin || +| **Credential** | Required | PSCredential | Credentials of Security and Compliance Center Admin || # SCDeviceConditionalAccessPolicy diff --git a/SCDeviceConfigurationPolicy.md b/SCDeviceConfigurationPolicy.md index b686d85..117db76 100644 --- a/SCDeviceConfigurationPolicy.md +++ b/SCDeviceConfigurationPolicy.md @@ -8,7 +8,7 @@ | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| | **Comment** | Write | String | The Comment parameter specifies an optional comment. || | **Enabled** | Write | Boolean | The Enabled parameter specifies whether the policy is enabled. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of Security and Compliance Center Admin || +| **Credential** | Required | PSCredential | Credentials of Security and Compliance Center Admin || # SCDeviceConfigurationPolicy diff --git a/SCFilePlanPropertyAuthority.md b/SCFilePlanPropertyAuthority.md index 63cdd11..a6c382b 100644 --- a/SCFilePlanPropertyAuthority.md +++ b/SCFilePlanPropertyAuthority.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Name** | Key | String | The Name parameter specifies the unique name of the Authority. || | **Ensure** | Write | String | Specify if this authority should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCFilePlanPropertyAuthority @@ -38,7 +38,7 @@ Configuration Example { Name = "My Authority" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCFilePlanPropertyCategory.md b/SCFilePlanPropertyCategory.md index 4465911..b1ae6bc 100644 --- a/SCFilePlanPropertyCategory.md +++ b/SCFilePlanPropertyCategory.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Name** | Key | String | The Name parameter specifies the unique name of the category. || | **Ensure** | Write | String | Specify if this category should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCFilePlanPropertyCategory @@ -38,7 +38,7 @@ Configuration Example { Name = "My Category" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCFilePlanPropertyCitation.md b/SCFilePlanPropertyCitation.md index 07e7356..b6cda0d 100644 --- a/SCFilePlanPropertyCitation.md +++ b/SCFilePlanPropertyCitation.md @@ -8,7 +8,7 @@ | **CitationUrl** | Write | String | URL of the citation. || | **CitationJurisdiction** | Write | String | Jurisdiction of the citation. || | **Ensure** | Write | String | Specify if this citation should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCFilePlanPropertyCitation @@ -42,7 +42,7 @@ Configuration Example CitationURL = "https://contoso.com" CitationJurisdiction = "Federal" Ensure = "Present"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/SCFilePlanPropertyDepartment.md b/SCFilePlanPropertyDepartment.md index d8ce877..968f22f 100644 --- a/SCFilePlanPropertyDepartment.md +++ b/SCFilePlanPropertyDepartment.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Name** | Key | String | The Name parameter specifies the unique name of the department. || | **Ensure** | Write | String | Specify if this department should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCFilePlanPropertyDepartment @@ -38,7 +38,7 @@ Configuration Example { Name = "Demo Department" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCFilePlanPropertyReferenceId.md b/SCFilePlanPropertyReferenceId.md index 4c92e65..f0c1a19 100644 --- a/SCFilePlanPropertyReferenceId.md +++ b/SCFilePlanPropertyReferenceId.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Name** | Key | String | The Name parameter specifies the unique name of the reference id. || | **Ensure** | Write | String | Specify if this reference id should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCFilePlanPropertyReferenceId @@ -38,7 +38,7 @@ Configuration Example { Name = "My Reference ID" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCFilePlanPropertySubCategory.md b/SCFilePlanPropertySubCategory.md index 415577a..5f31b34 100644 --- a/SCFilePlanPropertySubCategory.md +++ b/SCFilePlanPropertySubCategory.md @@ -7,7 +7,7 @@ | **Name** | Key | String | The Name parameter specifies the unique name of the sub-category. || | **Category** | Required | String | The Category parameter specifies the name of the parent category associated with the sub-category. || | **Ensure** | Write | String | Specify if this category should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCFilePlanPropertySubCategory @@ -39,7 +39,7 @@ Configuration Example Name = "My Sub-Category" Category = "My Category" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCLabelPolicy.md b/SCLabelPolicy.md index ad21cba..686d485 100644 --- a/SCLabelPolicy.md +++ b/SCLabelPolicy.md @@ -25,7 +25,7 @@ | **RemoveModernGroupLocation** | Write | StringArray[] | The RemoveModernGroupLocation parameter specifies the Microsoft 365 Groups to remove from the policy. || | **RemoveModernGroupLocationException** | Write | StringArray[] | The RemoveModernGroupLocationException parameter specifies the Microsoft 365 Groups to remove from excluded values when you're using the value All for the ModernGroupLocation parameter. || | **RemoveLabels** | Write | StringArray[] | The RemoveLabels parameter specifies the sensitivity labels that are removed from the policy. You can use any value that uniquely identifies the label. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCLabelPolicy @@ -70,7 +70,7 @@ Configuration Example Value = "Enabled" } ) - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } } diff --git a/SCRetentionCompliancePolicy.md b/SCRetentionCompliancePolicy.md index 977deb0..ba6bba4 100644 --- a/SCRetentionCompliancePolicy.md +++ b/SCRetentionCompliancePolicy.md @@ -25,7 +25,7 @@ | **TeamsChannelLocationException** | Write | StringArray[] | This parameter specifies the SharePoint Online sites to exclude when you use the value All for the TeamsChannelLocation parameter. You identify the site by its URL value. || | **TeamsChatLocation** | Write | StringArray[] | The TeamsChatLocation parameter specifies the Teams Chat to include in the policy. || | **TeamsChatLocationException** | Write | StringArray[] | This parameter specifies the SharePoint Online sites to exclude when you use the value All for the TeamsChatLocation parameter. You identify the site by its URL value. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCRetentionCompliancePolicy @@ -58,7 +58,7 @@ Configuration Example Comment = "Test Policy" SharePointLocation = "https://contoso.sharepoint.com/sites/demo" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCRetentionComplianceRule.md b/SCRetentionComplianceRule.md index 90087b3..31b912e 100644 --- a/SCRetentionComplianceRule.md +++ b/SCRetentionComplianceRule.md @@ -14,7 +14,7 @@ | **RetentionComplianceAction** | Write | String | The RetentionComplianceAction parameter specifies the retention action for the rule. Valid values are: Delete, Keep and KeepAndDelete. |Delete, Keep, KeepAndDelete| | **RetentionDuration** | Write | String | The RetentionDuration parameter specifies the hold duration for the retention rule. Valid values are: An integer - The hold duration in days, Unlimited - The content is held indefinitely. || | **RetentionDurationDisplayHint** | Write | String | The RetentionDurationDisplayHint parameter specifies the units that are used to display the retention duration in the Security and Compliance Center. Valid values are: Days, Months or Years. |Days, Months, Years| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCRetentionComplianceRule @@ -48,7 +48,7 @@ Configuration Example Comment = "This is a Demo Rule" RetentionComplianceAction = "Keep" RetentionDuration = "Unlimited" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } } diff --git a/SCRetentionEventType.md b/SCRetentionEventType.md index dbfd457..ad7ba48 100644 --- a/SCRetentionEventType.md +++ b/SCRetentionEventType.md @@ -7,7 +7,7 @@ | **Name** | Key | String | The Name parameter specifies the unique name of the retention event type. || | **Ensure** | Write | String | Specify if this rule should exist or not. |Present, Absent| | **Comment** | Write | String | The Comment parameter specifies an optional comment. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCRetentionEventType @@ -39,7 +39,7 @@ Configuration Example Name = "DemoEventType" Comment = "Demo event comment" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCSensitivityLabel.md b/SCSensitivityLabel.md index 4f7b387..0bc19f0 100644 --- a/SCSensitivityLabel.md +++ b/SCSensitivityLabel.md @@ -54,7 +54,7 @@ | **SiteAndGroupProtectionBlockAccess** | Write | Boolean | The SiteAndGroupProtectionBlockAccess parameter blocks access. || | **SiteAndGroupProtectionEnabled** | Write | Boolean | The SiteAndGroupProtectionEnabled parameter enables or disables the Site and Group Protection action for the labels. || | **SiteAndGroupProtectionPrivacy** | Write | String | The SiteAndGroupProtectionPrivacy parameter specifies the privacy level for the label. |Public, Private| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCSensitivityLabel @@ -83,38 +83,38 @@ Configuration Example { SCSensitivityLabel DemoRule { - Name = "DemoLabel" - Comment = "Demo Label comment" - ToolTip = "Demo tool tip" - DisplayName = "Demo Label" - ApplyContentMarkingFooterAlignment = "Center" - ApplyContentMarkingFooterEnabled= $true - ApplyContentMarkingFooterFontColor= "#FF0000" - ApplyContentMarkingFooterFontName= "calibri" - ApplyContentMarkingFooterFontSize=10 - ApplyContentMarkingFooterMargin= 5 - ApplyContentMarkingFooterText= "Demo footer text" - ApplyContentMarkingHeaderAlignment= "Center" - ApplyContentMarkingHeaderEnabled= $true - ApplyContentMarkingHeaderFontColor= "#FF0000" - ApplyContentMarkingHeaderFontName= "calibri" - ApplyContentMarkingHeaderFontSize= 10 - ApplyContentMarkingHeaderMargin= 5 - ApplyContentMarkingHeaderText= "demo header text" - ApplyWaterMarkingEnabled= $true - ApplyWaterMarkingFontColor= "#FF0000" - ApplyWaterMarkingFontName= "calibri" - ApplyWaterMarkingFontSize= 10 - ApplyWaterMarkingLayout="Diagonal" - ApplyWaterMarkingText= "demo watermark" - SiteAndGroupProtectionAllowAccessToGuestUsers= $true - SiteAndGroupProtectionAllowEmailFromGuestUsers= $true - SiteAndGroupProtectionAllowFullAccess= $true - SiteAndGroupProtectionAllowLimitedAccess= $true - SiteAndGroupProtectionBlockAccess= $true - SiteAndGroupProtectionEnabled= $true - SiteAndGroupProtectionPrivacy= "Private" - LocaleSettings = @( + Name = "DemoLabel" + Comment = "Demo Label comment" + ToolTip = "Demo tool tip" + DisplayName = "Demo Label" + ApplyContentMarkingFooterAlignment = "Center" + ApplyContentMarkingFooterEnabled = $true + ApplyContentMarkingFooterFontColor = "#FF0000" + ApplyContentMarkingFooterFontName = "calibri" + ApplyContentMarkingFooterFontSize = 10 + ApplyContentMarkingFooterMargin = 5 + ApplyContentMarkingFooterText = "Demo footer text" + ApplyContentMarkingHeaderAlignment = "Center" + ApplyContentMarkingHeaderEnabled = $true + ApplyContentMarkingHeaderFontColor = "#FF0000" + ApplyContentMarkingHeaderFontName = "calibri" + ApplyContentMarkingHeaderFontSize = 10 + ApplyContentMarkingHeaderMargin = 5 + ApplyContentMarkingHeaderText = "demo header text" + ApplyWaterMarkingEnabled = $true + ApplyWaterMarkingFontColor = "#FF0000" + ApplyWaterMarkingFontName = "calibri" + ApplyWaterMarkingFontSize = 10 + ApplyWaterMarkingLayout = "Diagonal" + ApplyWaterMarkingText = "demo watermark" + SiteAndGroupProtectionAllowAccessToGuestUsers = $true + SiteAndGroupProtectionAllowEmailFromGuestUsers = $true + SiteAndGroupProtectionAllowFullAccess = $true + SiteAndGroupProtectionAllowLimitedAccess = $true + SiteAndGroupProtectionBlockAccess = $true + SiteAndGroupProtectionEnabled = $true + SiteAndGroupProtectionPrivacy = "Private" + LocaleSettings = @( MSFT_SCLabelLocaleSettings { LocaleKey = "DisplayName" @@ -160,9 +160,9 @@ Configuration Example Value = "Enabled" } ) - ParentId = "Personal" - GlobalAdminAccount = $credsGlobalAdmin - Ensure = "Present" + ParentId = "Personal" + Credential = $credsGlobalAdmin + Ensure = "Present" } } } diff --git a/SCSupervisoryReviewPolicy.md b/SCSupervisoryReviewPolicy.md index 0687e33..2c3b5ef 100644 --- a/SCSupervisoryReviewPolicy.md +++ b/SCSupervisoryReviewPolicy.md @@ -8,7 +8,7 @@ | **Comment** | Write | String | The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks. || | **Reviewers** | Required | StringArray[] | The Reviewers parameter specifies the SMTP addresses of the reviewers for the supervisory review policy. You can specify multiple email addresses separated by commas. || | **Ensure** | Write | String | Specify if this rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCSupervisoryReviewPolicy @@ -41,7 +41,7 @@ Configuration Example Comment = "Test Policy" Reviewers = @("admin@contoso.com") Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SCSupervisoryReviewRule.md b/SCSupervisoryReviewRule.md index 032afd3..e842ab9 100644 --- a/SCSupervisoryReviewRule.md +++ b/SCSupervisoryReviewRule.md @@ -9,7 +9,7 @@ | **Condition** | Write | String | The Condition parameter specifies the conditions and exceptions for the rule. || | **SamplingRate** | Write | UInt32 | The SamplingRate parameter specifies the percentage of communications for review. If you want reviewers to review all detected items, use the value 100. || | **Ensure** | Write | String | Specify if this rule should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Exchange Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Exchange Global Admin || # SCSupervisoryReviewRule @@ -43,7 +43,7 @@ Configuration Example SamplingRate = 100 Policy = 'TestPolicy' Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOAccessControlSettings.md b/SPOAccessControlSettings.md index 49d8eeb..e27f8cb 100644 --- a/SPOAccessControlSettings.md +++ b/SPOAccessControlSettings.md @@ -17,7 +17,7 @@ | **EmailAttestationRequired** | Write | Boolean | Sets email attestation to required || | **EmailAttestationReAuthDays** | Write | UInt32 | Sets email attestation re-auth days || | **Ensure** | Write | String | Only value accepted is 'Present' |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -66,7 +66,7 @@ Configuration Example SPOAccessControlSettings MyTenantAccessControlSettings { IsSingleInstance = "Yes" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin DisplayStartASiteOption = $false StartASiteFormUrl = "https://o365dsc1.sharepoint.com" IPAddressEnforcement = $false diff --git a/SPOApp.md b/SPOApp.md index a8f2a5d..6f93882 100644 --- a/SPOApp.md +++ b/SPOApp.md @@ -9,7 +9,7 @@ | **Publish** | Write | Boolean | This will deploy/trust an app into the app catalog. || | **Overwrite** | Write | Boolean | Overwrites the existing app package if it already exists. || | **Ensure** | Write | String | Present ensures the site collection exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -59,7 +59,7 @@ Configuration Example Identity = "DemoApp" Path = "C:\Demo\DemoApp.sppkg" Publish = $true - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } @@ -68,7 +68,7 @@ Configuration Example Identity = "DemoApp2" Path = "C:\Demo\DemoApp2.app" Publish = $true - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } } diff --git a/SPOBrowserIdleSignout.md b/SPOBrowserIdleSignout.md index 4f40bdb..7120b18 100644 --- a/SPOBrowserIdleSignout.md +++ b/SPOBrowserIdleSignout.md @@ -8,7 +8,7 @@ | **Enabled** | Write | Boolean | Enables the browser idle sign-out policy || | **SignOutAfter** | Write | String | Specifies a time interval of inactivity before the user gets signed out || | **WarnAfter** | Write | String | Specifies a time interval of inactivity before the user gets a warning about being signed out || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Admin || +| **Credential** | Write | PSCredential | Credentials of the SharePoint Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -57,7 +57,7 @@ Configuration Example SPOBrowserIdleSignout MyTenant { Enabled = $True; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; IsSingleInstance = "Yes"; SignOutAfter = "04:00:00"; WarnAfter = "03:30:00"; diff --git a/SPOHomeSite.md b/SPOHomeSite.md index e87b01c..b445e34 100644 --- a/SPOHomeSite.md +++ b/SPOHomeSite.md @@ -7,7 +7,7 @@ | **IsSingleInstance** | Key | String | Specifies the resource is a single instance, the value must be 'Yes' |Yes| | **Url** | Write | String | The URL of the home site collection || | **Ensure** | Write | String | Present ensures the site collection is registered as home site, absent ensures it is unregistered |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -64,7 +64,7 @@ Configuration Example IsSingleInstance = "Yes" Url = "https://office365dsc.sharepoint.com/sites/Marketing" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOHubSite.md b/SPOHubSite.md index b99473d..0e9042d 100644 --- a/SPOHubSite.md +++ b/SPOHubSite.md @@ -12,7 +12,7 @@ | **AllowedToJoin** | Write | StringArray[] | The users or mail-enabled security groups which are allowed to associate their site with a hub site || | **SiteDesignId** | Write | String | The guid of the site design to link to the hub site || | **Ensure** | Write | String | Present ensures the site collection is registered as hub site, absent ensures it is unregistered |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -74,7 +74,7 @@ Configuration Example AllowedToJoin = @("admin@office365dsc.onmicrosoft.com", "superuser@office365dsc.onmicrosoft.com") SiteDesignId = "f7eba920-9cca-4de8-b5aa-1da75a2a893c" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOOrgAssetsLibrary.md b/SPOOrgAssetsLibrary.md index 3068351..f32a9a3 100644 --- a/SPOOrgAssetsLibrary.md +++ b/SPOOrgAssetsLibrary.md @@ -8,7 +8,7 @@ | **CdnType** | Write | String | Specifies the CDN type. The valid values are public or private. |Public, Private| | **ThumbnailUrl** | Write | String | Indicates the absolute URL of the library to be designated as a central location for organization Indicates the URL of the background image used when the library is publicly displayed. If no thumbnail URL is indicated, the card will have a gray background. || | **Ensure** | Write | String | Specify if the SPO Org Assets library should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Admin || +| **Credential** | Write | PSCredential | Credentials of the SharePoint Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -59,7 +59,7 @@ Configuration Example LibraryUrl = "https://contoso.sharepoint.com/sites/org/Branding" ThumbnailUrl = "https://contoso.sharepoint.com/sites/org/Branding/Logo/Owagroup.png" CdnType = "Public" - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; Ensure = "Present" } } diff --git a/SPOPropertyBag.md b/SPOPropertyBag.md index 2319b1f..838a7d6 100644 --- a/SPOPropertyBag.md +++ b/SPOPropertyBag.md @@ -8,7 +8,7 @@ | **Key** | Key | String | Key that should be configured. || | **Value** | Key | String | Value of the assigned key. || | **Ensure** | Write | String | Specify if this policy should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -60,7 +60,7 @@ Configuration Example Key = "MyKey" Value = "MyValue" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOSearchManagedProperty.md b/SPOSearchManagedProperty.md index 9ead1a9..13540c3 100644 --- a/SPOSearchManagedProperty.md +++ b/SPOSearchManagedProperty.md @@ -24,7 +24,7 @@ | **MappedCrawledProperties** | Write | StringArray[] | Names of the crawled properties that are mapped to this managed property || | **CompanyNameExtraction** | Write | Boolean | Enables the system to extract company name entities from the managed property when crawling new or updated items. Afterwards, the extracted entities can be used to set up refiners in the web part. || | **Ensure** | Write | String | Present ensures the Search Managed Property exists. |Present| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -61,7 +61,7 @@ Configuration Example Searchable = $True FullTextIndex = "" MappedCrawledProperties = @() - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin LanguageNeutralTokenization = $True CompanyNameExtraction = $False AllowMultipleValues = $True diff --git a/SPOSearchResultSource.md b/SPOSearchResultSource.md index f996bd7..ab27641 100644 --- a/SPOSearchResultSource.md +++ b/SPOSearchResultSource.md @@ -13,7 +13,7 @@ | **ShowPartialSearch** | Write | Boolean | Show partial search or not || | **UseAutoDiscover** | Write | Boolean | Specifies if AutoDiscover should be used for the Exchange Source URL || | **Ensure** | Write | String | Present ensures the Search Result Source exists. |Present| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -51,7 +51,7 @@ Configuration Example Description = "Description of item" Protocol = "Local" Type = "SharePoint" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } } diff --git a/SPOSharingSettings.md b/SPOSharingSettings.md index 9569135..c88990e 100644 --- a/SPOSharingSettings.md +++ b/SPOSharingSettings.md @@ -26,7 +26,7 @@ | **DefaultLinkPermission** | Write | String | Specifies the link permission on the tenant level. |None, View, Edit| | **RequireAcceptingAccountMatchInvitedAccount** | Write | Boolean | Ensures that an external user can only accept an external sharing invitation with an account matching the invited email address.Administrators who desire increased control over external collaborators should consider enabling this feature. False (default) - When a document is shared with an external user, bob@contoso.com, it can be accepted by any user with access to the invitation link in the original e-mail.True - User must accept this invitation with bob@contoso.com. || | **Ensure** | Write | String | Only accepted value is 'Present'. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -62,7 +62,7 @@ Configuration Example SPOSharingSettings MyTenant { IsSingleInstance = "Yes" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin SharingCapability = 'ExternalUserSharingOnly' ShowEveryoneClaim = $false ShowAllUsersClaim = $false @@ -81,7 +81,7 @@ Configuration Example FileAnonymousLinkType = "Edit" FolderAnonymousLinkType = "Edit" NotifyOwnersWhenItemsReshared = $true - DefaultLinkPermission ="View" + DefaultLinkPermission ="View" RequireAcceptingAccountMatchInvitedAccount = $false Ensure = "Present" } diff --git a/SPOSite.md b/SPOSite.md index 2eb2678..f257deb 100644 --- a/SPOSite.md +++ b/SPOSite.md @@ -31,7 +31,7 @@ | **SocialBarOnSitePagesDisabled** | Write | Boolean | Disables or enables the Social Bar for Site Collection. || | **OverrideTenantAnonymousLinkExpirationPolicy** | Write | Boolean | False - Respect the organization-level policy for anonymous or anyone link expiration. True - Override the organization-level policy for anonymous or anyone link expiration (can be more or less restrictive) || | **Ensure** | Write | String | Present ensures the site collection exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -81,7 +81,7 @@ Configuration Example StorageMaximumLevel = 26214400 LocaleId = 1033 Template = "STS#3" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Owner = "admin@contoso.onmicrosoft.com" Title = "TestSite" TimeZoneId = 13 diff --git a/SPOSiteAuditSettings.md b/SPOSiteAuditSettings.md index a6e66e3..7c09a4f 100644 --- a/SPOSiteAuditSettings.md +++ b/SPOSiteAuditSettings.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Url** | Key | String | URL of the site collection to configure. || | **AuditFlags** | Required | String | Audit flag for the site collection. Can be 'All' or 'None'. |All, None| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -56,7 +56,7 @@ Configuration Example { Url = "https://contoso.sharepoint.com/sites/DemoSite" AuditFlags = "All" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOSiteDesign.md b/SPOSiteDesign.md index 86527b1..588db7e 100644 --- a/SPOSiteDesign.md +++ b/SPOSiteDesign.md @@ -13,7 +13,7 @@ | **PreviewImageUrl** | Write | String | Site design preview image url. || | **Version** | Write | UInt32 | Site design version number. || | **Ensure** | Write | String | Used to add or remove site design. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || +| **Credential** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -69,7 +69,7 @@ Configuration Example Description = "Created by DSC" PreviewImageAltText = "Office 365" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOSiteDesignRights.md b/SPOSiteDesignRights.md index 22e2f63..83da0f7 100644 --- a/SPOSiteDesignRights.md +++ b/SPOSiteDesignRights.md @@ -8,7 +8,7 @@ | **Rights** | Key | String | Rights to grant user principals on site design rights. |View, None| | **UserPrincipals** | Write | StringArray[] | List of user principals with seperated by commas to site design rights. || | **Ensure** | Write | String | Used to add or remove list of users from site design rights. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || +| **Credential** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -60,7 +60,7 @@ Configuration Example UserPrincipals = "jdoe@O365DSC1.onmicrosoft.com" Rights = "View" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOSiteGroup.md b/SPOSiteGroup.md index 33f9540..ba4d46e 100644 --- a/SPOSiteGroup.md +++ b/SPOSiteGroup.md @@ -9,7 +9,7 @@ | **Owner** | Write | String | The owner (email address) of the site group || | **PermissionLevels** | Write | StringArray[] | The permission level of the site group || | **Ensure** | Write | String | Used to add or remove site design. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || +| **Credential** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -61,7 +61,7 @@ Configuration Example Owner = "admin@Office365DSC.onmicrosoft.com" PermissionLevels = @("Edit", "Read") Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } SPOSiteGroup adfd6217-29de-4297-95d4-7004455d3daa @@ -71,7 +71,7 @@ Configuration Example Owner = "admin@Office365DSC.onmicrosoft.com" PermissionLevels = @("Edit", "Read") Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOSiteScript.md b/SPOSiteScript.md index 4e7308e..8a2f4d1 100644 --- a/SPOSiteScript.md +++ b/SPOSiteScript.md @@ -9,7 +9,7 @@ | **Description** | Write | String | The description of the site script. || | **Content** | Write | String | A JSON string containing the site script. || | **Ensure** | Write | String | Present ensures the site script exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || diff --git a/SPOStorageEntity.md b/SPOStorageEntity.md index c1ad25e..8d3591e 100644 --- a/SPOStorageEntity.md +++ b/SPOStorageEntity.md @@ -11,7 +11,7 @@ | **Comment** | Write | String | Comment for the storage entity. || | **Ensure** | Write | String | Used to add or remove storage entity. |Present, Absent| | **SiteUrl** | Required | String | The url of site collection or tenant. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || +| **Credential** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -66,7 +66,7 @@ Configuration Example Comment = "Comment from DSC" Ensure = "Present" SiteUrl = "https://o365dsc1-admin.sharepoint.com" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/SPOTenantCDNPolicy.md b/SPOTenantCDNPolicy.md index cd5725f..7865162 100644 --- a/SPOTenantCDNPolicy.md +++ b/SPOTenantCDNPolicy.md @@ -7,7 +7,7 @@ | **CDNType** | Key | String | Type of Content Delivery Network. Can be 'Private' or 'Public'. |Private, Public| | **ExcludeRestrictedSiteClassifications** | Write | StringArray[] | List of site classifications to exclude. || | **IncludeFileExtensions** | Write | StringArray[] | List of file extensions to include in the Policy. || -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || +| **Credential** | Write | PSCredential | Credentials of the Office365 Tenant Admin. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -59,14 +59,14 @@ Configuration Example SPOTenantCDNPolicy PublicCDNPolicy { IncludeFileExtensions = @('.jpg', '.png'); - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin CDNType = "Public"; ExcludeRestrictedSiteClassifications = @(); } SPOTenantCDNPolicy PrivateCDNPolicy { IncludeFileExtensions = @('.gif'); - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin CDNType = "Private"; ExcludeRestrictedSiteClassifications = @(); } diff --git a/SPOTenantCdnEnabled.md b/SPOTenantCdnEnabled.md index db74fa3..9106481 100644 --- a/SPOTenantCdnEnabled.md +++ b/SPOTenantCdnEnabled.md @@ -7,7 +7,7 @@ | **CdnType** | Key | String | Specifies the CDN type. The valid values are public or private. |Public, Private| | **Enable** | Write | Boolean | Specify to enable or disable tenant CDN. || | **Ensure** | Write | String | Get-PNPTenantCdnEnabled always returns a value, only support value is Present |Present| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Admin || +| **Credential** | Write | PSCredential | Credentials of the SharePoint Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -60,7 +60,7 @@ Configuration Example { Enable = $True CdnType = "Public" - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; Ensure = "Present" } diff --git a/SPOTenantSettings.md b/SPOTenantSettings.md index a2b1fbf..1824d88 100644 --- a/SPOTenantSettings.md +++ b/SPOTenantSettings.md @@ -26,7 +26,7 @@ | **ConditionalAccessPolicy** | Write | String | Allow or Block Conditional Access Policy on the SharePoint Tenant |AllowFullAccess, AllowLimitedAccess, BlockAccess| | **DisabledWebPartIds** | Write | String | Provide GUID for the Web Parts that are to be disabled on the Sharepoint Site || | **Ensure** | Write | String | Only accepted value is 'Present'. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -76,7 +76,7 @@ Configuration Example SPOTenantSettings MyTenantSettings { IsSingleInstance = "Yes" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin MinCompatibilityLevel = 16 MaxCompatibilityLevel = 16 SearchResolveExactEmailOrUPN = $false diff --git a/SPOTheme.md b/SPOTheme.md index 16fa82f..6c588c6 100644 --- a/SPOTheme.md +++ b/SPOTheme.md @@ -10,7 +10,7 @@ | **IsInverted** | Write | Boolean | This value should be false for light themes and true for dark themes; it controls whether SharePoint uses dark or light theme colors to render text on colored backgrounds. || | **Palette** | Write | InstanceArray[] | Specifies the color scheme which composes your theme. || | **Ensure** | Write | String | Only accepted value is 'Present'. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the account to authenticate with. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -75,7 +75,7 @@ Configuration Example { SPOTheme MySPOTheme { - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Name = "PSTheme1" IsInverted = $false Palette = @(MSFT_SPOThemePaletteProperty { diff --git a/SPOUserProfileProperty.md b/SPOUserProfileProperty.md index a61f7e9..a230bd5 100644 --- a/SPOUserProfileProperty.md +++ b/SPOUserProfileProperty.md @@ -9,7 +9,7 @@ | **UserName** | Key | String | Username of the user to configure the profile properties for. E.g. John.Smith@contoso.com || | **Properties** | Write | InstanceArray[] | Array of MSFT_SPOUserProfilePropertyInstance representing the profile properties to set. || | **Ensure** | Write | String | Only accepted value is 'Present'. |Present| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Global Admin. || +| **Credential** | Required | PSCredential | Credentials of the Global Admin. || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **ApplicationSecret** | Write | String | Secret of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com || @@ -63,7 +63,7 @@ Configuration Example Value = "MyValue" } ) - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } } diff --git a/TeamsCallingPolicy.md b/TeamsCallingPolicy.md index 43d94b2..29760a1 100644 --- a/TeamsCallingPolicy.md +++ b/TeamsCallingPolicy.md @@ -23,7 +23,7 @@ | **AutoAnswerEnabledType** | Write | String | This setting allows the tenant admin to enable or disable the Auto-Answer setting. Valid options are: Enabled, Disabled. |Enabled, Disabled| | **SpamFilteringEnabledType** | Write | String | Setting this parameter determines whether calls identified as Spam will be rejected or not (probably). Valid options are: Enabled, Disabled. |Enabled, Disabled| | **Ensure** | Write | String | Present ensures the policyexists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin. || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin. || # TeamsCallingPolicy @@ -42,7 +42,7 @@ Configuration Example param( [Parameter(Mandatory = $true)] [PSCredential] - $credsGlobalAdmin + $credsAdmin ) Import-DscResource -ModuleName Microsoft365DSC @@ -60,7 +60,7 @@ Configuration Example PreventTollBypass = $true BusyOnBusyEnabledType = 'Enabled' Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsAdmin } } } diff --git a/TeamsChannel.md b/TeamsChannel.md index b87df04..230c9ff 100644 --- a/TeamsChannel.md +++ b/TeamsChannel.md @@ -9,7 +9,7 @@ | **NewDisplayName** | Write | String | Used to update current channel name || | **Description** | Write | String | Channel description || | **Ensure** | Write | String | Present ensures the Team channel exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the Teams Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Teams Global Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -57,7 +57,7 @@ Configuration Example NewDisplayName = "SP2016 Review teams group" Description = "SP2016 Code reviews for SPFX" Ensure = "Present" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/TeamsChannelsPolicy.md b/TeamsChannelsPolicy.md index 4d5a17c..552ac81 100644 --- a/TeamsChannelsPolicy.md +++ b/TeamsChannelsPolicy.md @@ -10,7 +10,7 @@ | **AllowPrivateTeamDiscovery** | Write | Boolean | Determines whether a user is allowed to discover private teams in suggestions and search results. Set this to TRUE to allow. Set this FALSE to prohibit. || | **AllowPrivateChannelCreation** | Write | Boolean | Determines whether a user is allowed to create a private channel. Set this to TRUE to allow. Set this FALSE to prohibit. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin || # TeamsChannelsPolicy @@ -37,13 +37,13 @@ Configuration Example { TeamsChannelsPolicy ChannelsPolicy { - Identity = 'New Channels Policy' + Identity = 'New Channels Policy' AllowOrgWideTeamCreation = $True; AllowPrivateChannelCreation = $True; AllowPrivateTeamDiscovery = $True; Description = 'This is an example'; - Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin + Ensure = 'Present' + Credential = $credsGlobalAdmin } } } diff --git a/TeamsClientConfiguration.md b/TeamsClientConfiguration.md index 48484dd..3d131f8 100644 --- a/TeamsClientConfiguration.md +++ b/TeamsClientConfiguration.md @@ -19,7 +19,7 @@ | **ContentPin** | Write | String | This setting applies only to Skype for Business Online (not Microsoft Teams) and defines whether the user must provide a secondary form of authentication to access the meeting content from a resource device account. Meeting content is defined as files that are shared to the Content Bin - files that have been attached to the meeting. |NotRequired, RequiredOutsideScheduleMeeting, AlwaysRequired| | **ResourceAccountContentAccess** | Write | String | Require a secondary form of authentication to access meeting content. |NoAccess, PartialAccess, FullAccess| | **RestrictedSenderList** | Write | StringArray[] | Senders domains can be further restricted to ensure that only allowed SMTP domains can send emails to the Teams channels. This is a comma-separated string of the domains you'd like to allow to send emails to Teams channels. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || ## Description @@ -57,7 +57,7 @@ Configuration Example AllowShareFile = $True; AllowSkypeBusinessInterop = $True; ContentPin = "RequiredOutsideScheduleMeeting"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; Identity = "Global"; ResourceAccountContentAccess = "NoAccess"; } diff --git a/TeamsEmergencyCallRoutingPolicy.md b/TeamsEmergencyCallRoutingPolicy.md index efa5a4b..a7a29bb 100644 --- a/TeamsEmergencyCallRoutingPolicy.md +++ b/TeamsEmergencyCallRoutingPolicy.md @@ -12,7 +12,7 @@ | **EmergencyNumbers** | Write | InstanceArray[] | Emergency number(s) associated with the policy. || | **AllowEnhancedEmergencyServices** | Write | Boolean | Flag to enable Enhanced Emergency Services || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin. || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin. || # TeamsEmergencyCallRoutingPolicy @@ -50,7 +50,7 @@ Configuration Example } ); Ensure = "Present"; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; Identity = "Unit Test"; } } diff --git a/TeamsEmergencyCallingPolicy.md b/TeamsEmergencyCallingPolicy.md index 6cf3cd0..c980848 100644 --- a/TeamsEmergencyCallingPolicy.md +++ b/TeamsEmergencyCallingPolicy.md @@ -10,7 +10,7 @@ | **NotificationGroup** | Write | String | NotificationGroup is a email list of users and groups to be notified of an emergency call. || | **NotificationMode** | Write | String | The type of conference experience for security desk notification. |NotificationOnly, ConferenceMuted, ConferenceUnMuted| | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin. || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin. || # TeamsEmergencyCallingPolicy @@ -43,7 +43,7 @@ Configuration Example NotificationGroup = 'john.smith@contoso.com'; NotificationMode = "NotificationOnly"; Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/TeamsGuestCallingConfiguration.md b/TeamsGuestCallingConfiguration.md index b55d3d1..748f1f8 100644 --- a/TeamsGuestCallingConfiguration.md +++ b/TeamsGuestCallingConfiguration.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Identity** | Key | String | The only valid input is Global - the tenant wide configuration |Global| | **AllowPrivateCalling** | Required | Boolean | Designates whether guests who have been enabled for Teams can use calling functionality. If $false, guests cannot call. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || ## Description @@ -34,7 +34,7 @@ Configuration Example { Identity = "Global"; AllowPrivateCalling = $True; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; } } } diff --git a/TeamsGuestMeetingConfiguration.md b/TeamsGuestMeetingConfiguration.md index 467bbb5..e7ea5c2 100644 --- a/TeamsGuestMeetingConfiguration.md +++ b/TeamsGuestMeetingConfiguration.md @@ -8,7 +8,7 @@ | **AllowIPVideo** | Write | Boolean | Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow guests to share their video. Set this to FALSE to prohibit guests from sharing their video. || | **ScreenSharingMode** | Write | String | Determines the mode in which guests can share a screen in calls or meetings. Set this to SingleApplication to allow the user to share an application at a given point in time. Set this to EntireScreen to allow the user to share anything on their screens. Set this to Disabled to prohibit the user from sharing their screens. |Disabled, EntireScreen, SingleApplication| | **AllowMeetNow** | Write | Boolean | Determines whether guests can start ad-hoc meetings. Set this to TRUE to allow guests to start ad-hoc meetings. Set this to FALSE to prohibit guests from starting ad-hoc meetings. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || ## Description @@ -37,7 +37,7 @@ Configuration Example { AllowIPVideo = $True; AllowMeetNow = $True; - GlobalAdminAccount = $credsGlobalAdmin; + Credential = $credsGlobalAdmin; Identity = "Global"; ScreenSharingMode = "EntireScreen"; } diff --git a/TeamsGuestMessagingConfiguration.md b/TeamsGuestMessagingConfiguration.md index b150889..4e31729 100644 --- a/TeamsGuestMessagingConfiguration.md +++ b/TeamsGuestMessagingConfiguration.md @@ -13,7 +13,7 @@ | **AllowStickers** | Write | Boolean | Determines if stickers are available for use. || | **AllowGiphy** | Write | Boolean | Determines if Giphy are available for use. || | **AllowImmersiveReader** | Write | Boolean | Determines if Immersive Reader is enabled. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || ## Description @@ -47,7 +47,7 @@ Configuration Example AllowUserDeleteMessage = $False; AllowUserEditMessage = $True; GiphyRatingType = "Moderate"; - GlobalAdminAccount = $credsglobaladmin; + Credential = $credsglobaladmin; Identity = "Global"; } } diff --git a/TeamsMeetingBroadcastConfiguration.md b/TeamsMeetingBroadcastConfiguration.md index 4abf175..a4c34c0 100644 --- a/TeamsMeetingBroadcastConfiguration.md +++ b/TeamsMeetingBroadcastConfiguration.md @@ -11,7 +11,7 @@ | **SdnLicenseId** | Write | String | Specifies the Software Defined Network (SDN) license identifier. This is required and provided by some SDN providers. This parameter is only required if AllowSdnProviderForBroadcastMeeting is set to $true. || | **SdnApiTemplateUrl** | Write | String | Specifies the Software Defined Network (SDN) provider's HTTP API endpoint. This information is provided to you by the SDN provider. This parameter is only required if AllowSdnProviderForBroadcastMeeting is set to $true. || | **SdnApiToken** | Write | String | Specifies the Software Defined Network (SDN) provider's authentication token which is required to use their SDN license. This is required by some SDN providers who will give you the required token. This parameter is only required if AllowSdnProviderForBroadcastMeeting is set to $true. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || ## Description diff --git a/TeamsMeetingBroadcastPolicy.md b/TeamsMeetingBroadcastPolicy.md index 6ca8f6d..6e0b211 100644 --- a/TeamsMeetingBroadcastPolicy.md +++ b/TeamsMeetingBroadcastPolicy.md @@ -10,7 +10,7 @@ | **BroadcastAttendeeVisibilityMode** | Write | String | Specifies the attendee visibility mode of the broadcast events created by this user. This setting controls who can watch the broadcast event - e.g. anyone can watch this event including anonymous users or only authenticated users in my company can watch the event. Note: this setting is applicable to broadcast events that use Teams Meeting production only and does not apply when external encoder is used as production method. |Everyone, EveryoneInCompany, InvitedUsersInCompany, EveryoneInCompanyAndExternal, InvitedUsersInCompanyAndExternal| | **BroadcastRecordingMode** | Write | String | Specifies whether broadcast events created by this user are always recorded, never recorded or user can choose whether to record or not. Note: this setting is applicable to broadcast events that use Teams Meeting production only and does not apply when external encoder is used as production method. |AlwaysEnabled, AlwaysDisabled, UserOverride| | **Ensure** | Write | String | Present ensures the Policy exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || ## Description @@ -41,7 +41,7 @@ Configuration Example BroadcastAttendeeVisibilityMode = "EveryoneInCompany"; BroadcastRecordingMode = "AlwaysEnabled"; Ensure = "Present"; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; Identity = "MyDemoPolicy"; } } diff --git a/TeamsMeetingConfiguration.md b/TeamsMeetingConfiguration.md index ba58a76..b33a534 100644 --- a/TeamsMeetingConfiguration.md +++ b/TeamsMeetingConfiguration.md @@ -18,7 +18,7 @@ | **ClientAppSharingPort** | Write | UInt32 | Determines the starting port number for client screen sharing or application sharing. Minimum allowed value: 1024 Maximum allowed value: 65535 Default value: 50040. || | **ClientMediaPortRangeEnabled** | Write | Boolean | Determines whether custom media port and range selections need to be enforced. When set to True, clients will use the specified port range for media traffic. When set to False (the default value) for any available port (from port 1024 through port 65535) will be used to accommodate media traffic. || | **ClientAppSharingPortRange** | Write | UInt32 | Determines the total number of ports available for client sharing or application sharing. Default value is 20. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || ## Description @@ -54,7 +54,7 @@ Configuration Example CustomFooterText = "This is some custom footer text"; DisableAnonymousJoin = $False; EnableQoS = $False; - GlobalAdminAccount = $credsglobaladmin; + Credential = $credsglobaladmin; HelpURL = "https://github.com/Microsoft/Office365DSC/Help"; Identity = "Global"; LegalURL = "https://github.com/Microsoft/Office365DSC/Legal"; diff --git a/TeamsMeetingPolicy.md b/TeamsMeetingPolicy.md index f80e517..d208192 100644 --- a/TeamsMeetingPolicy.md +++ b/TeamsMeetingPolicy.md @@ -46,7 +46,7 @@ | **TeamsCameraFarEndPTZMode** | Write | String | Determines whether or not meetings created by users with this policy are able to utilize the Camera Far-End PTZ Mode. |Disabled, Enabled| | **AllowMeetingReactions** | Write | Boolean | Determines whether or not meetings created by users with this policy are able to utilize the Meeting Reactions feature. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin. || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin. || # TeamsMeetingPolicy @@ -89,7 +89,7 @@ Configuration Example AutoAdmittedUsers = "Everyone"; Description = "My Demo Meeting Policy"; Ensure = "Present"; - GlobalAdminAccount = $credsglobaladmin; + Credential = $credsglobaladmin; Identity = "Demo Policy"; MediaBitRateKb = 50000; ScreenSharingMode = "EntireScreen"; diff --git a/TeamsMessagingPolicy.md b/TeamsMessagingPolicy.md index b04a87d..0e93e26 100644 --- a/TeamsMessagingPolicy.md +++ b/TeamsMessagingPolicy.md @@ -24,7 +24,7 @@ | **AudioMessageEnabledType** | Write | String | Determines whether a user is allowed to send audio messages. Possible values are: ChatsAndChannels,ChatsOnly,Disabled. |ChatsAndChannels, ChatsOnly, Disabled| | **Tenant** | Write | String | Globally unique identifier (GUID) of the tenant account whose external user communication policy are being created. || | **Ensure** | Write | String | Present ensures the Team Message Policy exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Service Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Service Admin || ## Description @@ -67,7 +67,7 @@ Configuration Example AllowMemes = $False AudioMessageEnabledType = "ChatsOnly" AllowOwnerDeleteMessage = $False - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } } diff --git a/TeamsPstnUsage.md b/TeamsPstnUsage.md index 2459f35..76b984e 100644 --- a/TeamsPstnUsage.md +++ b/TeamsPstnUsage.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **Usage** | Key | String | An online PSTN usage (such as Local or Long Distance) that can be used in conjunction with voice routes and voice routing policies. || | **Ensure** | Write | String | Present ensures the policyexists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin || # TeamsPstnUsage @@ -35,7 +35,7 @@ Configuration Example { Usage = 'Long Distance' Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/TeamsTeam.md b/TeamsTeam.md index f15983a..fdcc062 100644 --- a/TeamsTeam.md +++ b/TeamsTeam.md @@ -28,7 +28,7 @@ | **AllowCreateUpdateChannels** | Write | Boolean | Allow members to create and update channels within Team. || | **ShowInTeamsSearchAndSuggestions** | Write | Boolean | determines whether or not private teams should be searchable from Teams clients for users who do not belong to that team. Set to $false to make those teams not discoverable from Teams clients. || | **Ensure** | Write | String | Present ensures the Team exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Teams Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -93,7 +93,7 @@ Configuration Example AllowCustomMemes = $True AllowGuestCreateUpdateChannels = $true AllowGuestDeleteChannels = $true - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin Ensure = "Present" } } diff --git a/TeamsTenantDialPlan.md b/TeamsTenantDialPlan.md index 6178a49..42064f6 100644 --- a/TeamsTenantDialPlan.md +++ b/TeamsTenantDialPlan.md @@ -17,7 +17,7 @@ | **OptimizeDeviceDialing** | Write | Boolean | Specifies if the dial plan should optimize device dialing or not. || | **SimpleName** | Write | String | The SimpleName parameter is a display name for the tenant dial plan. This name must be unique among all tenant dial plans within the Skype for Business Server deployment.This string can be up to 49 characters long. Valid characters are alphabetic or numeric characters, hyphen (-), dot (.) and parentheses (()). || | **Ensure** | Write | String | Specify if this dial plan should exist or not. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin || ## Description @@ -45,7 +45,7 @@ Configuration Example { Description = 'This is a demo dial plan'; Ensure = "Present"; - GlobalAdminAccount = $Credsglobaladmin; + Credential = $Credsglobaladmin; Identity = "DemoPlan"; NormalizationRules = MSFT_TeamsVoiceNormalizationRule{ Pattern = '^00(\d+)$' diff --git a/TeamsUpgradeConfiguration.md b/TeamsUpgradeConfiguration.md index ad0809b..e11c355 100644 --- a/TeamsUpgradeConfiguration.md +++ b/TeamsUpgradeConfiguration.md @@ -7,7 +7,7 @@ | **IsSingleInstance** | Key | String | Specifies the resource is a single instance, the value must be 'Yes' |Yes| | **DownloadTeams** | Write | Boolean | The DownloadTeams property allows admins to control whether the Skype for Business client should automatically download Teams in the background. This Boolean setting is only honored on Windows clients, and only for certain values of the user's TeamsUpgradePolicy. If NotifySfbUser=true or if Mode=TeamsOnly in TeamsUpgradePolicy, this setting is honored. Otherwise it is ignored. || | **SfBMeetingJoinUx** | Write | String | The SfBMeetingJoinUx property allows admins to specify which app is used to join Skype for Business meetings, even after the user has been upgraded to Teams. Allowed values are: 'SkypeMeetingsApp' and 'NativeLimitedClient'. 'NativeLimitedClient' means the existing Skype for Business rich client will be used, but since the user is upgraded, only meeting functionality is available. Calling and Messaging are done via Teams. 'SkypeMeetingsApp' means use the web-downloadable app. This setting can be useful for organizations that have upgraded to Teams and no longer want to install Skype for Business on their users' computers. |SkypeMeetingsApp, NativeLimitedClient| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || # TeamsUpgradeConfiguration @@ -36,7 +36,7 @@ Configuration Example TeamsUpgradeConfiguration UpgradeConfig { DownloadTeams = $True; - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin IsSingleInstance = "Yes" SfBMeetingJoinUx = "NativeLimitedClient" } diff --git a/TeamsUpgradePolicy.md b/TeamsUpgradePolicy.md index f2151fa..8a576f3 100644 --- a/TeamsUpgradePolicy.md +++ b/TeamsUpgradePolicy.md @@ -7,7 +7,7 @@ | **Identity** | Key | String | Identity of the Teams Upgrade Policy. || | **Users** | Write | StringArray[] | List of users that will be granted the Upgrade Policy to. || | **MigrateMeetingsToTeams** | Write | Boolean | Specifies whether to move existing Skype for Business meetings organized by the user to Teams. This parameter can only be true if the mode of the specified policy instance is either TeamsOnly or SfBWithTeamsCollabAndMeetings, and if the policy instance is being granted to a specific user. It not possible to trigger meeting migration when granting TeamsUpgradePolicy to the entire tenant. || -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Admin || # TeamsUpgradePolicy @@ -37,7 +37,7 @@ Configuration Example Identity = 'Islands' Users = @("John.Smith@contoso.com", "Nik.Charlebois@contoso.com") MigrateMeetingsToTeams = $true - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/TeamsUser.md b/TeamsUser.md index 39162ec..8a340c2 100644 --- a/TeamsUser.md +++ b/TeamsUser.md @@ -8,7 +8,7 @@ | **User** | Key | String | UPN of user to add to Team || | **Role** | Write | String | User role in Team |Guest, Member, Owner| | **Ensure** | Write | String | Present ensures the Team user exists, absent ensures it is removed |Present, Absent| -| **GlobalAdminAccount** | Write | PSCredential | Credentials of the SharePoint Global Admin || +| **Credential** | Write | PSCredential | Credentials of the Teams Admin || | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. || | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. || | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. || @@ -55,7 +55,7 @@ Configuration Example User = "jdoe@dsazure.com" Role = "Member" Ensure = "Absent" - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/TeamsVoiceRoute.md b/TeamsVoiceRoute.md index 1545963..335ba9f 100644 --- a/TeamsVoiceRoute.md +++ b/TeamsVoiceRoute.md @@ -11,7 +11,7 @@ | **OnlinePstnUsages** | Write | StringArray[] | A list of online PSTN usages (such as Local, Long Distance, etc.) that can be applied to this online voice route. The PSTN usage must be an existing usage (PSTN usages can be retrieved by calling the Get-CsOnlinePstnUsage cmdlet). || | **Priority** | Write | UInt32 | A number could resolve to multiple online voice routes. The priority determines the order in which the routes will be applied if more than one route is possible. || | **Ensure** | Write | String | Present ensures the route exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin || # TeamsVoiceRoute @@ -45,7 +45,7 @@ Configuration Example OnlinePstnUsages = @('Long Distance','Local','Internal') Priority = 10 Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } } diff --git a/TeamsVoiceRoutingPolicy.md b/TeamsVoiceRoutingPolicy.md index 53bc950..143d29b 100644 --- a/TeamsVoiceRoutingPolicy.md +++ b/TeamsVoiceRoutingPolicy.md @@ -8,7 +8,7 @@ | **OnlinePstnUsages** | Write | StringArray[] | A list of online PSTN usages (such as Local or Long Distance) that can be applied to this online voice routing policy. The online PSTN usage must be an existing usage (PSTN usages can be retrieved by calling the Get-CsOnlinePstnUsage cmdlet). || | **Description** | Write | String | Enables administrators to provide explanatory text to accompany an online voice routing policy. For example, the Description might include information about the users the policy should be assigned to. || | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. |Present, Absent| -| **GlobalAdminAccount** | Required | PSCredential | Credentials of the Teams Global Admin || +| **Credential** | Required | PSCredential | Credentials of the Teams Global Admin || # TeamsVoiceRoutingPolicy @@ -39,7 +39,7 @@ Configuration Example OnlinePstnUsages = @('Long Distance','Local','Internal') Description = 'This is a sample Voice Routing Policy' Ensure = 'Present' - GlobalAdminAccount = $credsGlobalAdmin + Credential = $credsGlobalAdmin } } }