ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
id | string | The unique identifier for this domain. (e.g. "dev-o365.yourcompany.com" or "yourcompany.onmicrosoft.com") | |
DMARCRecordPublished | boolean | To get this value, use `nslookup -type=txt _dmarc.<domain>` and Ensure that a policy exists that starts with `v=DMARC1;`. Set this to "true" if the record is valid and existing. | |
IsCoexistenceDomain | boolean | Value that indicates whether the domain is a coexistence domain. | |
PendingRemoval | boolean | Value that indicates whether the domain is in the process of being removed. | |
spfRecordPublished | boolean | To get this value, use `nslookup -type=txt domain.com` and ensure that a value exists that contains `include:spf.protection.outlook.com.` Set this to "true" if the record is valid and existing. | |
MailFlowPartner | string | Specifies the mail flow partner of the domain. | |
CanHaveCloudCache | boolean | Specifies whether the domain can have cloud cache. | |
ObjectClass | list<string> | Specifies the object class of the resource. | |
OutboundOnly | boolean | Value that indicates whether the domain is used for outbound email only. | |
PendingFederatedAccountNamespace | boolean | Value that indicates whether the domain is pending a federation account request. | |
DMARCTxtRecords | list<string> | Specifies the DMARC TXT records of the domain. | |
PendingCompletion | boolean | Specifies whether the domain is pending completion. | |
FederatedOrganizationLink | string | Specifies the federated organization link of the domain. | |
InitialDomain | boolean | Value that indicates whether the domain is the initial domain for new accounts. | |
MatchSubDomains | boolean | Enables mail to be sent by and received from users on any subdomain of this accepted domain. | |
DomainType | string | Identifies the type of domain for which the Exchange server sends and receives email. | |
PendingFederatedDomain | boolean | Value that indicates whether the domain is pending a domain federation request. | |
DomainName | string | SMTP domain for which the server sends and receives email. | |
ExternallyManaged | boolean | Specifies whether the domain is externally managed. | |
IsValid | boolean | Specifies whether the domain is valid. | |
EmailOnly | boolean | Specifies whether the domain is email only. | |
SPFTxtRecords | list<string> | Specifies the SPF TXT records of the domain. | |
RawAuthenticationType | string | Specifies the raw authentication type of the domain. | |
SendingFromDomainDisabled | boolean | Specifies whether the domain has sending from disabled. | |
AddressBookEnabled | boolean | Value that indicates whether to enable recipient filtering for this accepted domain. | |
LiveIdInstanceType | string | Specifies the live id instance type of the domain. | |
AuthenticationType | string | Indicates how email addresses in the domain are authenticated. | |
Default | boolean | Value that indicates whether the domain is the default domain for the Exchange server. | |
EnableNego2Authentication | boolean | Value that indicates whether the domain will use Negotiated2 authentication. | |
IsDefaultFederatedDomain | boolean | Value that indicates whether the domain is the default domain for federation requests. | |
PerimeterDuplicateDetected | boolean | Value that indicates whether the domain is duplicated. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AdminAuditLogAgeLimit | string | Specifies how long each log entry should be kept before it's deleted. The default age limit is 90 days. | |
LogLevel | string | Specifies whether additional properties should be included in the log entries. Valid values are None and Verbose. | |
TestCmdletLoggingEnabled | boolean | Specifies whether the execution of test cmdlets should be logged. Test cmdlets begin with the verb Test. Valid values are true and false. The default value is false. | |
Name | string | Name of the AdminAuditLogConfig | |
AdminAuditLogExcludedCmdlets | list<string> | Specifies which cmdlets should be excluded from auditing. Use this parameter if you want to exclude specific cmdlets you don't want to audit even if they match a wildcard string specified in the AdminAuditLogCmdlets parameter. | |
AdminAuditLogCmdlets | list<string> | Specifies which cmdlets should be audited. You can specify one or more cmdlets, separated by commas. You can also use the wildcard character (*) to match multiple cmdlets in one or more of the entries in the cmdlet list. To audit all cmdlets, specify only the wildcard character (*). | |
Identity | string | Specifies the name of AdminAuditLog. | |
AdminAuditLogMailbox | string | Description pending. | |
id | string | ID of the AdminAuditLogConfig | |
IsValid | boolean | The validity for the AdminAuditLogConfig. | |
AdminAuditLogParameters | list<string> | Specifies which parameters should be audited on the cmdlets you specified using the AdminAuditLogCmdlets parameter. You can specify one or more parameters, separated by commas. You can also use the wildcard character (*) to match multiple parameters in one or more of the entries in the parameters list. To audit all parameters, specify only the wildcard character (*). | |
UnifiedAuditLogFirstOptInDate | number | Description pending. | |
AdminAuditLogEnabled | boolean | Indicate whether the audit log is enabled. | |
UnifiedAuditLogIngestionEnabled | boolean | Indicate whether the audit log search is turned on. | |
PartitionInfo | list<string> | Description pending. | |
RefreshInterval | number | Description pending. | |
LoadBalancerCount | number | Description pending. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
IsDefault | boolean | Whether the AntiPhishPolicy is the default policy. | |
Identity | string | Specifies the antiphish policy that you want to view. | |
id | string | id of the AntiPhishPolicy. | |
TargetedDomainProtectionAction | string | Specifies the action to take on detected domain impersonation messages. You specify the protected domains in the TargetedDomainsToProtect parameter. Valid values are: NoAction: This is the default value. BccMessage: Add the recipients specified by the TargetedDomainActionRecipients parameter to the Bcc field of the message. Delete: Delete the message during filtering. Use caution when selecting this value, because you can't recover the deleted message. MoveToJmf: Deliver the message to the recipient's mailbox, and move the message to the Junk Email folder. Quarantine: Move the message to quarantine. Quarantined high confidence phishing messages are only available to admins. As of April 2020, quarantined phishing messages are available to the intended recipients. Redirect: Redirect the message to the recipients specified by the TargetedDomainActionRecipients parameter. | |
EnableMailboxIntelligence | boolean | Specifies whether to enable or disable mailbox intelligence, which is artificial intelligence (AI) that determines user email patterns with their frequent contacts. Mailbox intelligence helps distinguish between messages from legitimate and impersonated senders based on a recipient's previous communication history. | |
EnableUnusualCharactersSafetyTips | boolean | Specifies whether to enable the safety tip that's shown to recipients for unusual characters in domain and user impersonation detections. | |
ExcludedSenders | list<string> | Specifies an exception for impersonation protection that looks for the specified message sender. | |
AuthenticationFailAction | string | When an incoming email message's sender fails authentication, this setting describes the possible default actions that will take place. Possible values are "MoveToJmf" (Moves the email to the junk folder), "Quarantine" (Moves the email to quarantine). | |
MailboxIntelligenceProtectionActionRecipients | list<string> | Specifies the recipients to add to detected messages when the MailboxIntelligenceProtectionAction parameter is set to the value Redirect or BccMessage. | |
EnableMailboxIntelligenceProtection | boolean | Specifies whether to enable or disable taking action for impersonation detections from mailbox intelligence results. This parameter is meaningful only if the EnableMailboxIntelligence parameter is set to the value true. | |
ExcludedDomains | list<string> | Specifies an exception for impersonation protection that looks for the specified domains in the message sender. | |
PhishThresholdLevel | number | Specifies the tolerance level that's used by machine learning in the handling of phishing messages. Valid values are: 1: Standard: This is the default value. The severity of the action that's taken on the message depends on the degree of confidence that the message is phishing (low, medium, high, or very high confidence). For example, messages that are identified as phishing with a very high degree of confidence have the most severe actions applied, while messages that are identified as phishing with a low degree of confidence have less severe actions applied. 2: Aggressive: Messages that are identified as phishing with a high degree of confidence are treated as if they were identified with a very high degree of confidence. 3: More aggressive: Messages that are identified as phishing with a medium or high degree of confidence are treated as if they were identified with a very high degree of confidence. 4: Most aggressive: Messages that are identified as phishing with a low, medium, or high degree of confidence are treated as if they were identified with a very high degree of confidence. | |
TargetedUserQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined by user impersonation protection (the TargetedUserProtectionAction parameter value is Quarantine). | |
EnableFirstContactSafetyTips | boolean | Specifies whether to enable or disable the safety tip that's shown when recipients first receive an email from a sender or do not often receive email from a sender. | |
TargetedDomainQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined by domain impersonation protection (the TargetedDomainProtectionAction parameter value is Quarantine). | |
EnableUnauthenticatedSender | boolean | "True" if Unauthenticated Sender Identification is enabled. (https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-worldwide#unauthenticated-sender) | |
EnableSimilarUsersSafetyTips | boolean | Specifies whether to enable the safety tip that's shown to recipients for user impersonation detections. | |
DmarcRejectAction | string | Description pending. | |
TargetedUserActionRecipients | list<string> | Specifies the replacement or additional recipients for detected user impersonation messages when the TargetedUserProtectionAction parameter is set to the value Redirect or BccMessage. | |
IsValid | boolean | The validity for the AntiPhishPolicy. | |
MailboxIntelligenceQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined by mailbox intelligence (the MailboxIntelligenceProtectionAction parameter value is Quarantine). | |
EnableSpoofIntelligence | boolean | "True" if "Spoof Intelligence" is enabled. | |
TargetedDomainActionRecipients | list<string> | Specifies the recipients to add to detected domain impersonation messages when the TargetedDomainProtectionAction parameter is set to the value Redirect or BccMessage. | |
EnableTargetedUserProtection | boolean | Specifies whether to enable user impersonation protection for a list of specified users. | |
TargetedDomainsToProtect | list<string> | Specifies the domains that are included in domain impersonation protection when the EnableTargetedDomainsProtection parameter is set to true. | |
DmarcQuarantineAction | string | Description pending. | |
MailboxIntelligenceProtectionAction | string | Specifies what to do with messages that fail mailbox intelligence protection. Valid values are: NoAction: This is the default value. Note that this value has the same result as setting the EnableMailboxIntelligenceProtection parameter to false when the EnableMailboxIntelligence parameter is true. BccMessage: Add the recipients specified by the MailboxIntelligenceProtectionActionRecipients parameter to the Bcc field of the message. Delete: Delete the message during filtering. Use caution when selecting this value, because you can't recover the deleted message. MoveToJmf: Deliver the message to the recipient's mailbox, and move the message to the Junk Email folder. Quarantine: Move the message to quarantine. Quarantined high confidence phishing messages are only available to admins. As of April 2020, quarantined phishing messages are available to the intended recipients. Redirect: Redirect the message to the recipients specified by the MailboxIntelligenceProtectionActionRecipients parameter. | |
TargetedUsersToProtect | list<string> | Specifies the users that are included in user impersonation protection when the EnableTargetedUserProtection parameter is set to true. | |
EnableOrganizationDomainsProtection | boolean | Specifies whether to enable domain impersonation protection for all registered domains in the Microsoft 365 organization. | |
ImpersonationProtectionState | string | Specifies the configuration of impersonation protection. Valid values are: Automatic: This is the default value in the default policy named Office365 AntiPhish Policy. Manual: This is the default value in custom policies that you create. Off. | |
Name | string | Name of the AntiPhish policy, e.g. "Office365 AntiPhish Default". | |
EnableViaTag | boolean | If "True", the "Via Tag" will be applied to certain email messages. See https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-worldwide#unauthenticated-sender for more details. | |
EnableTargetedDomainsProtection | boolean | Specifies whether to enable domain impersonation protection for a list of specified domains. | |
HonorDmarcPolicy | boolean | Description pending. | |
EnableSimilarDomainsSafetyTips | boolean | Specifies whether to enable the safety tip that's shown to recipients for domain impersonation detections. | |
SpoofQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined by spoof intelligence (the AuthenticationFailAction parameter value is Quarantine). | |
TargetedUserProtectionAction | string | Specifies the action to take on detected user impersonation messages. You specify the protected users in the TargetedUsersToProtect parameter. Valid values are: NoAction: This is the default value. BccMessage: Add the recipients specified by the TargetedDomainActionRecipients parameter to the Bcc field of the message. Delete: Delete the message during filtering. Use caution when selecting this value, because you can't recover the deleted message. MoveToJmf: Deliver the message to the recipient's mailbox, and move the message to the Junk Email folder. Quarantine: Move the message to quarantine. Quarantined high confidence phishing messages are only available to admins. As of April 2020, quarantined phishing messages are available to the intended recipients. Redirect: Redirect the message to the recipients specified by the TargetedDomainActionRecipients parameter. | |
AdminDisplayName | string | Specifies a description for the policy. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
EnableSafeDocs | boolean | The EnableSafeDocs parameter enables or disables Safe Documents for the entire organization. | |
AllowSafeDocsOpen | boolean | The AllowSafeDocsOpen parameter allows or prevents users from leaving Protected View (that is, opening the document) if the document has been identified as malicious. | |
IsValid | boolean | Whether the Atp policy is valid. | |
EnableATPForSPOTeamsODB | boolean | The EnableATPForSPOTeamsODB parameter enables or disables Safe Attachments for SharePoint, OneDrive, and Microsoft Teams. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowBasicAuthOfflineAddressBook | boolean | Whether to allow Basic authentication with Offline Address Books. | |
AllowBasicAuthRest | boolean | Whether to allow Basic authentication with REST API. | |
AllowBasicAuthWebServices | boolean | whether to allow Basic authentication with Exchange Web Services (EWS). | |
AllowBasicAuthImap | boolean | Whether to allow Basic authentication with IMAP. | |
Name | string | Name of the AuthenticationPolicy | |
IsValid | boolean | The validity for the AuthenticationPolicy. | |
Identity | string | Specifies the authentication policy you want to modify. | |
AllowBasicAuthSmtp | boolean | Whether to allow Basic authentication with SMTP. | |
id | string | ID of the AuthenticationPolicy | |
AllowBasicAuthActiveSync | boolean | Whether to allow Basic authentication with Exchange Active Sync. | |
AllowBasicAuthAutodiscover | boolean | Whether to allow Basic authentication with Autodiscover. | |
AllowBasicAuthMapi | boolean | Whether to allow Basic authentication with MAPI. | |
AllowBasicAuthOutlookService | boolean | Whether to allow Basic authentication with the Outlook service. | |
AllowBasicAuthPop | boolean | Whether to allow Basic authentication with POP. | |
AllowBasicAuthReportingWebServices | boolean | Whether to allow Basic authentication with reporting web services. | |
AllowBasicAuthPowershell | boolean | Whether to allow Basic authentication with PowerShell. | |
AllowBasicAuthRpc | boolean | Whether to allow Basic authentication with RPC. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
HeaderCanonicalization | string | Specifies the canonicalization algorithm that's used to create and verify the message header part of the DKIM signature. This value effectively controls the sensitivity of DKIM to changes to the message headers in transit. Valid values are: Relaxed: Common modifications to the message header are tolerated (for example, Header field line rewrapping, changes in unnecessary whitespace or empty lines, and changes in case for header fields). This is the default value. Simple: No changes to the header fields are tolerated. | |
Status | boolean | Status of DkimSigningConfig. | |
SelectorAfterRotateOnDate | string | Description pending. | |
Selector1KeySize | number | Description pending. | |
Selector1PublicKey | string | Description pending. | |
Selector2CNAME | string | Description pending. | |
Selector2PublicKey | string | Description pending. | |
BodyCanonicalization | string | Specifies the canonicalization algorithm that's used to create and verify the message body part of the DKIM signature. This value effectively controls the sensitivity of DKIM to changes to the message body in transit. Valid values are: Relaxed: Changes in whitespace and changes in empty lines at the end of the message body are tolerated. This is the default value. Simple: Only changes in empty lines at the end of the message body are tolerated. | |
IncludeKeyExpiration | boolean | Description pending. | |
Selector1CNAME | string | Description pending. | |
SelectorBeforeRotateOnDate | string | Description pending. | |
Domain | string | A domain under the current O365 tenant. | |
Enabled | boolean | "True" if DKIM signing is enabled for this tenant, "False" otherwise. | |
id | string | ID of the DkimSigningConfig | |
Name | string | Name of the DkimSigningConfig | |
IsValid | boolean | The validity for the DkimSigningConfig. | |
KeyCreationTime | number | Description pending. | |
RotateOnDate | number | Description pending. | |
Selector2KeySize | number | Description pending. | |
IsDefault | boolean | Whether the DkimSigningConfig is the default policy. | |
Identity | string | Specifies the DKIM signing policy that you want to view. | |
IncludeSignatureCreationTime | boolean | Description pending. | |
Algorithm | string | Description pending. | |
NumberOfBytesToSign | string | Description pending. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
passwordNotificationWindowInDays | number | Specifies the number of days before a user receives notification that their password will expire. If the property is not set, a default value of 14 days will be used | |
supportedServices | list<string> | List of supported services for this domain (e.g. "Intune") | |
passwordValidityPeriodInDays | number | Specifies the length of time that a password is valid before it must be changed. If the property is not set, a default value of 90 days will be used. | |
availabilityStatus | string | This property is always null except when the verify action is used. When the verify action is used, a domain entity is returned in the response. The availabilityStatus property of the domain entity in the response is either AvailableImmediately or EmailVerifiedDomainTakeoverScheduled | |
isDefault | boolean | true if this is the default domain that is used for user creation. There is only one default domain per company. | |
isRoot | boolean | true if the domain is a verified root domain. Otherwise, false if the domain is a subdomain or unverified | |
state | string | domainState | |
id | string | The unique identifier for this domain. (e.g. "dev-o365.yourcompany.com" or "yourcompany.onmicrosoft.com") | |
authenticationType | string | Indicates the configured authentication type for the domain. The value is either Managed or Federated. Managed indicates a cloud managed domain where Azure AD performs user authentication. Federated indicates authentication is federated with an identity provider such as the tenant's on-premises Active Directory via Active Directory Federation Services | |
isAdminManaged | boolean | The value of the property is false if the DNS record management of the domain has been delegated to Microsoft 365. Otherwise, the value is true. | |
isInitial | boolean | true if this is the initial domain created by Microsoft Online Services (companyname.onmicrosoft.com). There is only one initial domain per company | |
isVerified | boolean | true if the domain has completed domain ownership verification |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AnyMailTransportRuleRedirectMessageToExternalDomain | boolean | True if any of the mail transport rules is set up to redirect to any external domains. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
EnableOutsideAccess | boolean | Indicates whether the user is allowed to connect to Skype for Business Server over the Internet, without logging on to the organization's internal network. The default value is False. | |
EnablePublicCloudAudioVideoAccess | boolean | Indicates whether the user is allowed to conduct audio/video conversations with people who have SIP accounts with a public Internet connectivity provider such as MSN. When set to False, audio and video options in Skype for Business will be disabled any time a user is communicating with a public Internet connectivity contact. The default value is False. | |
RestrictTeamsConsumerAccessToExternalUserProfiles | boolean | Defines if a user is restricted to collaboration with Teams Consumer (TFL) user only in Extended Directory Possible Values: True, False. | |
EnableAcsFederationAccess | boolean | Indicates whether Teams meeting organized by the user can be joined by users of customer applications built using Azure Communication Services (ACS). | |
EnableFederationAccess | boolean | Indicates whether the user is allowed to communicate with people who have SIP accounts with a federated organization. The default value is True. | |
EnableTeamsConsumerAccess | boolean | Indicates whether the user is allowed to communicate with people who have who are using Teams with an account that's not managed by an organization. The default value is True. | |
EnableTeamsConsumerInbound | boolean | Indicates whether the user is allowed to be discoverable by people who are using Teams with an account that's not managed by an organization. It also controls if people who have who are using Teams with an account that's not managed by an organization can start the communication with the user. The default value is True. | |
EnableTeamsSmsAccess | boolean | Allows you to control whether users can have SMS text messaging capabilities within Teams. Possible Values: True, False. | |
EnableXmppAccess | boolean | Indicates whether the user is allowed to communicate with users who have SIP accounts with a federated XMPP (Extensible Messaging and Presence Protocol) partner. The default value is False. | |
Identity | boolean | Unique identifier for the external access policy to be modified. External access policies can be configured at the global, site, or per-user scopes. To modify the global policy, use this syntax: -Identity global. To modify a site policy, use syntax similar to this: -Identity site:Redmond. To modify a per-user policy, use syntax similar to this: -Identity SalesAccessPolicy. If this parameter is not specified then the global policy will be modified. | |
AllowedExternalDomains | list<string> | Indicates the domains that are allowed to communicate with the users of this policy. This is referenced only when CommunicationWithExternalOrgs is set to be AllowSpecificExternalDomains. | |
EnablePublicCloudAccess | boolean | Indicates whether the user is allowed to communicate with people who have SIP accounts with a public Internet connectivity provider such as MSN. The default value is False. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Enabled | boolean | True means the feature is enabled; False means the feature is disabled. | |
AllowList | list<string> | The list of exceptions. Messages received from the specified senders or senders in the specified domains don't receive the External icon in the area of subject line. | |
Identity | string | The identifier for ExternalInOutlook setting. | |
id | string | The id for the ExternalInOutlook setting. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
EnableSafeList | boolean | The EnableSafeList parameter enables or disables use of the safe list. The safe list is a dynamic allow list in the Microsoft datacenter that requires no customer configuration. | |
Identity | string | The Identity parameter specifies the connection filter policy that you want to modify. You can use any value that uniquely identifies the policy. | |
IPAllowList | list<string> | The IPAllowList parameter specifies IP addresses from which messages are always allowed. Messages from the IP addresses you specify won't be identified as spam, despite any other spam characteristics of the messages. | |
IPBlockList | list<string> | The IPBlockList parameter specifies IP addresses from which messages are never allowed. Messages from the IP addresses you specify are blocked without any further spam scanning. | |
AdminDisplayName | string | The AdminDisplayName parameter specifies a description for the policy. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
HighConfidenceSpamQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined as high confidence spam. | |
SpamQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined as spam. | |
MarkAsSpamEmptyMessages | string | Marks a message as spam when the message contains no subject, no content in the message body, and no attachments. | |
AddXHeaderValue | string | Specifies the X-header name (not value) to add to spam messages when a spam filtering verdict parameter is set to the value AddXHeader. | |
PhishQuarantineTag | string | Parameter specifies the quarantine policy that's used on messages that are quarantined as phishing (the PhishSpamAction parameter value is Quarantine). | |
MarkAsSpamBulkMail | string | Allows spam filtering to act on bulk email messages. | |
TestModeBccToRecipients | list<string> | Specifies the blind carbon copy (Bcc) recipients to add to spam messages when the TestModeAction ASF parameter is set to the value BccMessage. | |
MarkAsSpamFromAddressAuthFail | string | Marks a message as spam when Sender ID filtering encounters a hard fail. | |
MarkAsSpamWebBugsInHtml | string | Marks a message as spam when the message contains web bugs (also known as web beacons). | |
MarkAsSpamEmbedTagsInHtml | string | Marks a message as spam when the message contains HTML embed tag. | |
MarkAsSpamJavaScriptInHtml | string | Marks a message as spam when the message contains JavaScript or VBScript. | |
Identity | string | The identifier for this policy. | |
MarkAsSpamNdrBackscatter | string | The MarkAsSpamNdrBackscatter parameter marks a message as spam when the message is a non-delivery report (also known as an NDR or bounce messages) sent to a forged sender (known as backscatter). Valid values are: Off: The setting is disabled. This is the default value. On: The setting is enabled. Backscatter is given the SCL 9 (high confidence spam), and the X-header X-CustomSpam: Backscatter NDR is added to the message. | |
MarkAsSpamFormTagsInHtml | string | Parameter marks a message as spam when the message contains HTML form tags. | |
IncreaseScoreWithNumericIps | string | Increases the spam score of messages that contain links to IP addresses. | |
LanguageBlockList | string | Parameter enables or disables marking messages that were written in specific languages as spam. | |
MarkAsSpamSpfRecordHardFail | string | Parameter marks a message as spam when SPF record checking encounters a hard fail. | |
IncreaseScoreWithBizOrInfoUrls | string | Increases the spam score of messages that contain links to .biz or .info domains. | |
PhishSpamAction | string | The PhishSpamAction parameter specifies the action to take on messages that are marked as phishing (not high confidence phishing). Phishing messages use fraudulent links or spoofed domains to get personal information. Valid values are: AddXHeader: Add the AddXHeaderValue parameter value to the message header and deliver the message. Delete: Delete the message during filtering. Use caution when selecting this value, because you can't recover the deleted message. ModifySubject: Add the ModifySubject parameter value to the beginning of the subject line, deliver the message, and move the message to the Junk Email folder (same caveats as MoveToJmf). MoveToJmf: Deliver the message to the recipient's mailbox, and move the message to the Junk Email folder. The message is moved only if the junk email rule is enabled on the mailbox (it's enabled by default). Quarantine: Move the message to the quarantine. This is the default value. The quarantined message is available to the intended recipients (as of April, 2020) and admins. Redirect: Redirect the message to the recipients specified by the RedirectToRecipients parameter. | |
SpamAction | string | Specifies the action to take on messages that are marked as spam | |
MarkAsSpamSensitiveWordList | string | Marks a message as spam when the message contains words from the sensitive words list. | |
BlockedSenderDomains | list<string> | Specifies domains that are always marked as spam sources. | |
QuarantineRetentionPeriod | number | Specifies the number of days that spam messages remain in quarantine when a spam filtering verdict parameter is set to the value Quarantine. | |
AllowedSenderDomains | list<string> | Specifies trusted domains that aren't processed by the spam filter. Messages from senders in these domains are stamped with SFV:SKA in the X-Forefront-Antispam-Report header and receive a spam confidence level (SCL) of -1, so the messages are delivered to the recipient's inbox. | |
BlockedSenders | list<string> | Specifies senders that are always marked as spam sources. | |
ZapEnabled | boolean | If true, zero-hour auto purge (ZAP) is enabled for this HostedContentFilterPolicy. | |
IsValid | boolean | The validity for the HostedContentFilterPolicy. | |
BulkSpamAction | string | Specifies the action to take on messages that are marked as bulk email. | |
RegionBlockList | list<string> | Parameter specifies the source countries or regions that are marked as spam when the EnableRegionBlockList parameter value is true. | |
ModifySubjectValue | string | Specifies the text to prepend to the existing subject of messages when a spam filtering verdict parameter is set to the value ModifySubject. | |
AllowedSenders | list<string> | Specifies a list of trusted senders that skip spam filtering. | |
MarkAsSpamFramesInHtml | string | Marks a message as spam when the message contains HTML frame or iframe tags. | |
HighConfidencePhishQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined as high confidence phishing. | |
HighConfidencePhishAction | string | The HighConfidencePhishAction parameter specifies the action to take on messages that are marked as high confidence phishing (not phishing). Phishing messages use fraudulent links or spoofed domains to get personal information. Valid values are: MoveToJmf: Deliver the message to the recipient's mailbox, and move the message to the Junk Email folder. The message is moved only if the junk email rule is enabled on the mailbox (it's enabled by default). Redirect: Redirect the message to the recipients specified by the RedirectToRecipients parameter. Quarantine: Move the message to quarantine. By default, messages that are quarantined as high confidence phishing are available only to admins. Or, you can use the HighConfidencePhishQuarantineTag parameter to specify what end-users are allowed to do on quarantined messages. | |
PhishZapEnabled | boolean | The PhishZapEnabled parameter enables or disables zero-hour auto purge (ZAP) to detect phishing in already delivered messages in Exchange Online mailboxes. | |
MarkAsSpamObjectTagsInHtml | string | Parameter marks a message as spam when the message contains HTML <object> tags. | |
BulkQuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined as bulk email. | |
RedirectToRecipients | list<string> | Specifies the email addresses of replacement recipients when a spam filtering verdict parameter is set to the value Redirect. | |
EnableLanguageBlockList | boolean | Enables or disables marking messages that were written in specific languages as spam. | |
BulkThreshold | number | The BulkThreshold parameter specifies the BCL on messages that triggers the action specified by the BulkSpamAction parameter (greater than the specified BCL value, not greater than or equal to). A valid value is an integer from 1 to 9. The default value is 7, which means a BCL of 8 or 9 on messages will trigger the action that's specified by the BulkSpamAction parameter. A higher BCL indicates the message is more likely to generate complaints (and is therefore more likely to be spam). | |
DownloadLink | boolean | Shows or hides a link in end-user spam quarantine notifications to download the Junk Email Reporting Tool for Outlook. | |
EnableRegionBlockList | boolean | Enables or disables marking messages that are sent from specific countries or regions as spam. | |
TestModeAction | string | Specifies the additional action to take on messages when one or more IncreaseScoreWith* or MarkAsSpam*. | |
IncreaseScoreWithImageLinks | string | Increases the spam score of messages that contain image links to remote websites. | |
IncreaseScoreWithRedirectToOtherPort | string | Increases the spam score of messages that contain links that redirect to TCP ports other than 80 (HTTP), 8080 (alternate HTTP), or 443 (HTTPS). | |
InlineSafetyTipsEnabled | boolean | The InlineSafetyTipsEnabled parameter specifies whether to enable or disable safety tips that are shown to recipients in messages. | |
SpamZapEnabled | boolean | The SpamZapEnabled parameter enables or disables zero-hour auto purge (ZAP) to detect spam in already delivered messages in Exchange Online mailboxes. | |
HighConfidenceSpamAction | string | Specifies the action to take on messages that are marked as high confidence spam (not spam, bulk email, phishing, or high confidence phishing). |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
SentTo | list<string> | Specifies a condition for the rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient. | |
ExceptIfSentTo | list<string> | Specifies an exception for the rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient. | |
Identity | string | Specifies the spam filter rule that you want to view. | |
Conditions | list<string> | Description pending. | |
Priority | number | Specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value. | |
Comments | string | Specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters. | |
ExceptIfSentToMemberOf | list<string> | Specifies an exception for the rule that looks for messages sent to members of distribution groups, mail-enabled security groups, or sent to Microsoft 365 Groups. You can use any value that uniquely identifies the group. | |
Exceptions | list<string> | Description pending. | |
ImmutableId | string | Description pending. | |
id | string | ID of the HostedContentFilterRule | |
IsValid | boolean | The validity for the HostedContentFilterRule. | |
Description | string | Specifies a Description for the HostedContentFilterRule. | |
RecipientDomainIs | list<string> | Specifies a condition for the rule that looks for recipients with email address in the specified domains. | |
ExceptIfRecipientDomainIs | list<string> | Specifies an exception for the rule that looks for recipients with email address in the specified domains. | |
Name | string | Name of the HostedContentFilterRule | |
State | string | If Enabled, the HostedContentFilterRule is in use. | |
HostedContentFilterPolicy | string | HostedContentFilterPolicy | The HostedContentFilterPolicy associated with this HostedContentFilterRule. |
SentToMemberOf | list<string> | Specifies a condition that looks for messages sent to members of distribution groups, mail-enabled security groups, or sent to Microsoft 365 Groups. You can use any value that uniquely identifies the group. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Enabled | boolean | Whether this policy is enabled or not. | |
Identity | string | Unique Identifier for the policy. | |
Name | string | Name of the HostedOutboundSpamFilterPolicy | |
ActionWhenThresholdReached | string | Specifies the action to take when any of the limits specified in the policy are reached. Valid values are: Alert: No action, alert only. BlockUser: Prevent the user from sending email messages. BlockUserForToday: Prevent the user from sending email messages until the following day. This is the default value. | |
NotifyOutboundSpamRecipients | list<string> | Specifies the email addresses of admins to notify when an outgoing spam is detected. | |
AdminDisplayName | string | Specifies a description for the policy. | |
BccSuspiciousOutboundMail | boolean | Send copies of suspicious messages to specific people. | |
NotifyOutboundSpam | boolean | Notify specific people if senders are blocked. | |
id | string | id of the HostedOutboundSpamFilterPolicy | |
RecipientLimitInternalPerHour | number | Specifies the maximum number of internal recipients that a user can send to within an hour. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used. | |
IsValid | boolean | The validity for the HostedOutboundSpamFilterPolicy. | |
IsDefault | boolean | Whether the HostedOutboundSpamFilterPolicy is the default policy. | |
ConfigurationType | string | Description pending | |
AutoForwardingMode | string | Specifies how the policy controls automatic email forwarding to external recipients. Valid values are: Automatic: This is the default value. This setting is now the same as Off. When this setting was originally introduced, this value was equivalent to On. On: Automatic external email forwarding is not restricted. Off: Automatic external email forwarding is disabled and will result in a non-delivery report (also known as an NDR or bounce message) to the sender. | |
BccSuspiciousOutboundAdditionalRecipients | list<string> | Specifies an email address to add to the Bcc field of outgoing spam messages. | |
RecipientLimitPerDay | number | Specifies the maximum number of recipients that a user can send to within a day. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used. | |
RecipientLimitExternalPerHour | number | Specifies the maximum number of external recipients that a user can send to within an hour. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
RestrictDomainsToCertificate | boolean | The RestrictDomainsToCertificate parameter specifies whether the Subject value of the TLS certificate is checked before messages can use the connector. | |
CloudServicesMailEnabled | boolean | The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft 365. | |
TlsSenderCertificateName | string | The TlsSenderCertificateName parameter specifies the TLS certificate that is used when the value of the RequireTls parameter is $true. | |
EFUsers | list<string> | The EFUsers parameter specifies the recipients that Enhanced Filtering for Connectors applies to. The default value is blank ($null), which means Enhanced Filtering for Connectors is applied to all recipients. You can specify multiple recipient email addresses separated by commas. | |
IsValid | boolean | Whether this InboundConnector is valid or not. | |
ConnectorType | string | The type of connector. Can be "Partner" or "OnPremises". | |
RequireTls | boolean | Whether or not TLS is required. | |
TreatMessagesAsInternal | boolean | The TreatMessagesAsInternal parameter specifies an alternative method to identify messages sent from an on-premises organization as internal messages. You should only consider using this parameter when your on-premises organization does not use Exchange. | |
EFSkipLastIP | boolean | The EFSkipIPs parameter specifies the behavior of Enhanced Filtering for Connectors. | |
Name | string | Name of the inbound connector | |
Enabled | boolean | Whether this InboundConnector is enabled or not. | |
AssociatedAcceptedDomains | list<string> | The AssociatedAcceptedDomains parameter restricts the source domains that use the connector to the specified accepted domains. A valid value is an SMTP domain that is configured as an accepted domain in your Microsoft 365 organization. | |
RestrictDomainsToIPAddresses | boolean | The RestrictDomainsToIPAddresses parameter specifies whether to reject mail that comes from unknown source IP addresses. | |
EFSkipIPs | list<string> | The EFSkipIPs parameter specifies the source IP addresses to skip in Enhanced Filtering for Connectors when the EFSkipLastIP parameter value is $false. | |
Identity | string | The id of this InboundConnector. | |
SenderIPAddresses | list<string> | The SenderIPAddresses parameter specifies the source IPV4 IP addresses that the connector accepts messages from. | |
SenderDomains | list<string> | The SenderDomains parameter specifies the source domains that the connector accepts messages for. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
IsValid | boolean | The validity for the MalwareFilterPolicy. | |
EnableExternalSenderAdminNotifications | boolean | Enables or disables sending malware detection notification messages to an administrator for messages from external senders. | |
QuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined as malware. | |
EnableInternalSenderAdminNotifications | boolean | If true, an admin will receive an email notification if an internal user is detected sending malware. | |
InternalSenderAdminAddress | string | The email address of the admin who will receive notifications when an internal user is detected sending malware. | |
EnableFileFilter | boolean | The Common Attachment Types Filter lets a user block known and custom malicious file types from being attached to emails. This setting is set to "True" if the "Common Attachment Types" filter is enabled. | |
AdminDisplayName | string | Specifies a description for the policy. | |
CustomExternalBody | string | Specifies the body of the custom notification message for malware detections in messages from external senders. | |
FileTypes | list<string> | Specifies the file types that are automatically blocked by common attachment blocking (also known as the Common Attachment Types Filter), regardless of content. | |
FileTypeAction | string | Specifies what's done to messages that contain one or more attachments where the file extension is included in the FileTypes parameter (common attachment blocking). | |
id | string | ID of the MalwareFilterPolicy | |
ZapEnabled | boolean | If true, zero-hour auto purge (ZAP) is enabled for this anti-malware policy. ZAP will quarantine messages that contain malware attachments. | |
IsDefault | boolean | Whether the MalwareFilterPolicy is the default policy. | |
CustomFromName | string | Specifies the From name of the custom notification message for malware detections in messages from internal or external senders. | |
CustomInternalBody | string | Specifies the body of the custom notification message for malware detections in messages from internal senders. | |
Action | string | This parameter describes what actions to take if a message contains malwares. Available options are DeleteMessage, DeleteAttachmentAndUseDefaultAlert, and DeleteAttachmentAndUseCustomAlert. | |
Name | string | Name of the MalwareFilterPolicy | |
ExternalSenderAdminAddress | string | Specifies the email address of the administrator who will receive notification messages for malware detections in messages from external senders. | |
CustomExternalSubject | string | Specifies the subject of the custom notification message for malware detections in messages from external senders. | |
CustomInternalSubject | string | Specifies the subject of the custom notification message for malware detections in messages from internal senders. | |
CustomNotifications | boolean | Enables or disables custom notification messages for malware detections in messages from internal or external senders. | |
CustomFromAddress | string | Specifies the From address of the custom notification message for malware detections in messages from internal or external senders. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
ExceptIfSentTo | string | Specifies an exception that looks for recipients in messages. | |
MalwareFilterPolicy | string | MalwareFilterPolicy | The MalwareFilterPolicy associated. |
Exceptions | list<string> | Description pending. | |
id | string | ID of the MalwareFilterRule | |
SentTo | string | Specifies a condition that looks for recipients in messages. | |
ExceptIfRecipientDomainIs | string | Specifies an exception that looks for recipients with email address in the specified domains. | |
Conditions | list<string> | Description pending. | |
ImmutableId | string | Description pending. | |
IsValid | boolean | The validity for the MalwareFilterRule. | |
SentToMemberOf | list<string> | Specifies a condition that looks for messages sent to members of distribution groups, mail-enabled security groups, or sent to Microsoft 365 Groups. | |
State | string | If Enabled, the MalwareFilterRule is in use. | |
Identity | string | Specifies the malware filter rule that you want to view. You can use any value that uniquely identifies the rule. | |
Comments | string | Specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters. | |
Name | string | Name of the MalwareFilterRule | |
ExceptIfSentToMemberOf | string | Specifies an exception that looks for messages sent to members of distribution groups, mail-enabled security groups, or sent to Microsoft 365 Groups. | |
Description | string | Specifies a Description for the MalwareFilterRule. | |
Priority | number | Specifies a priority value for the rule that determines the order of rule processing. | |
RecipientDomainIs | string | Specifies a condition that looks for recipients with email address in the specified domains. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowExternalDeviceManagement | boolean | Specifies whether an external device management program is allowed to manage the mobile device. | |
PasswordExpiration | string | Specifies how long a password can be used on a mobile device before the user is forced to change the password. | |
AllowRemoteDesktop | boolean | Specifies whether the mobile device can initiate a remote desktop connection. | |
MaxEmailAgeFilter | string | Specifies the maximum number of days of email items to synchronize to the mobile device. | |
RequireEncryptedSMIMEMessages | boolean | Specifies whether the mobile device must send encrypted S/MIME messages. | |
AllowIrDA | boolean | Specifies whether infrared connections are allowed to the mobile device. | |
AttachmentsEnabled | boolean | Specifies whether attachments can be downloaded on the mobile device. | |
AllowSimplePassword | boolean | Specifies whether a simple password is allowed on the mobile device. | |
MaxPasswordFailedAttempts | string | Specifies the number of attempts a user can make to enter the correct password for the mobile device. | |
AllowStorageCard | boolean | Specifies whether the mobile device can access information stored on a storage card. | |
id | string | The unique identifier for this mobile device mailbox policy. | |
AllowMobileOTAUpdate | boolean | Specifies whether the policy can be sent to the mobile device over a cellular data connection. | |
AllowUnsignedApplications | boolean | Specifies whether unsigned applications can be installed on the mobile device. | |
DeviceEncryptionEnabled | boolean | Whether the mobile device mailbox policy has password enabled. | |
MinPasswordComplexCharacters | number | Parameter specifies the character sets that are required in the password of the mobile device. | |
AllowHTMLEmail | boolean | Specifies whether HTML-formatted email is enabled on the mobile device. | |
MinPasswordLength | number | Specifies the minimum number of characters in the mobile device password. | |
RequireDeviceEncryption | boolean | Specifies whether encryption is required on the mobile device.. | |
IrmEnabled | boolean | Specifies whether Information Rights Management (IRM) is enabled for the mobile device. | |
MaxInactivityTimeLock | string | Specifies the maximum amount of time (in minutes) allowed after the device is idle that will cause the device to become PIN or password locked. | |
AllowMicrosoftPushNotifications | boolean | Specifies whether push notifications are enabled on the mobile device.. | |
MaxAttachmentSize | string | Specifies the maximum size of attachments that can be downloaded to the mobile device. | |
RequireSignedSMIMEAlgorithm | string | Specifies the algorithm that's used to sign S/MIME messages on the mobile device. | |
AllowCamera | boolean | Specifies whether the mobile device's camera is allowed. | |
Identity | string | Specifies the name, distinguished name (DN),or GUID of the mobile device mailbox policy. | |
UNCAccessEnabled | boolean | Specifies whether access to Microsoft Windows file shares is enabled from the mobile device. | |
MaxCalendarAgeFilter | string | Specifies the maximum range of calendar days that can be synchronized to the mobile device. | |
DevicePolicyRefreshInterval | string | Specifies how often the policy is sent to the mobile device.. | |
AllowBrowser | boolean | Specifies whether Microsoft Pocket Internet Explorer is allowed on the mobile device. | |
WSSAccessEnabled | boolean | Specifies whether access to Microsoft Windows SharePoint Services is enabled from the mobile device. | |
MaxEmailHTMLBodyTruncationSize | string | Specifies the maximum size at which HTML-formatted email messages are truncated when synchronized to the mobile device.. | |
MaxEmailBodyTruncationSize | string | Specifies the maximum size at which email messages are truncated when synchronized to the mobile device. | |
AllowUnsignedInstallationPackages | boolean | Specifies whether unsigned installation packages are allowed to run on the mobile device. | |
PasswordEnabled | boolean | Whether the mobile device mailbox policy has password enabled. | |
PasswordHistory | number | Specifies the number of unique new passwords that need to be created on the mobile device before an old password can be reused. | |
AllowInternetSharing | boolean | Specifies whether the mobile device can be used as a modem to connect a computer to the Internet. | |
AllowPOPIMAPEmail | boolean | Specifies whether the user can configure a POP3 or IMAP4 email account on the mobile device. | |
Name | string | Unique name for the mobile device mailbox policy | |
IsDefault | boolean | Whether this is the default mobile device mailbox policy. | |
AllowNonProvisionableDevices | boolean | Whether mobile device mailbox policy allows non provisionable devices. | |
AlphanumericPasswordRequired | boolean | Whether mobile device mailbox policy requires alphanumeric password. | |
RequireStorageCardEncryption | boolean | Specifies whether storage card encryption is required on the mobile device. | |
AllowDesktopSync | boolean | Specifies whether the mobile device can synchronize with a desktop computer through a cable.. | |
AllowGooglePushNotifications | boolean | Controls whether the user can receive push notifications from Google for Outlook on the web for devices. | |
AllowSMIMEEncryptionAlgorithmNegotiation | string | Specifies whether the messaging application on the mobile device can negotiate the encryption algorithm if a recipient's certificate doesn't support the specified encryption algorithm. | |
AllowSMIMESoftCerts | boolean | Specifies whether S/MIME software certificates are allowed on the mobile device. | |
AllowConsumerEmail | boolean | Whether the user can configure a personal email account on the mobile device. | |
ApprovedApplicationList | list<string> | Specifies a configured list of approved applications for the device. | |
AllowWiFi | boolean | Specifies whether wireless Internet access is allowed on the mobile device. | |
UnapprovedInROMApplicationList | list<string> | Specifies a list of applications that can't be run in ROM on the mobile device. | |
PasswordRecoveryEnabled | boolean | Whether the mobile device mailbox policy has password recovery enabled. | |
RequireEncryptionSMIMEAlgorithm | string | Specifies the algorithm that's required to encrypt S/MIME messages on a mobile device.. | |
RequireManualSyncWhenRoaming | boolean | Specifies whether the mobile device must synchronize manually while roaming. | |
AllowTextMessaging | boolean | Specifies whether text messaging is allowed from the mobile device. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
SendEmailFromDisplayName | string | Specifies the display name to use in the "From" contact information on emails that are sent to users to notify them of their dial-in conferencing settings, or when their settings change. | |
SendEmailFromOverride | boolean | Specifies if the contact information on dial-in conferencing notifications will be the default generated by Office 365, or administrator defined values. | |
AllowPSTNOnlyMeetingsByDefault | boolean | Specifies the default value that gets assigned to the "AllowPSTNOnlyMeetings" setting of users when they are enabled for dial-in conferencing, or when a user's dial-in conferencing provider is set to Microsoft. | |
AutomaticallyReplaceAcpProvider | boolean | Specifies whether ACP Provider can be Replaced automatically. | |
SendEmailFromAddress | string | Specifies the email address to use in the "From" contact information on emails that are sent to users to notify them of their dial-in conferencing settings, or when their settings change. | |
UseUniqueConferenceIds | boolean | Specifies whether to use unique conference ids. | |
Identity | string | Name of the Online Dial Conferencing Setting instance. | |
IncludeTollFreeNumberInMeetingInvites | boolean | Specifies whether to include toll free number in meeting invites. | |
MaskPstnNumbersType | string | This parameter allows tenant administrators to configure masking of PSTN participant phone numbers in the roster view for Microsoft Teams meetings enabled for Audio Conferencing, scheduled within the organization. | |
PinLength | number | Specifies the number of digits in the automatically generated PINs. | |
EnableEntryExitNotifications | boolean | Specifies if, by default, announcements are made as users enter and exit a conference call. | |
EntryExitAnnouncementsType | string | Announcements type of entry and exit. | |
EnableNameRecording | boolean | Specifies whether the name of a user is recorded on entry to the conference. This recording is used during entry and exit notifications. | |
MigrateServiceNumbersOnCrossForestMove | boolean | Specifies does option to Migrate phone number or telephony configurations when moving users or services between different active directory forests. | |
AutomaticallyMigrateUserMeetings | boolean | Specifies whether user meetings can be Migrated automatically. | |
AutomaticallySendEmailsToUsers | boolean | Specifies whether advisory emails will be sent to users when the events listed occur. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Description | string | Description about the dial-in conference policy. | |
Identity | string | Specifies identity of the dial-in conference policy. | |
DataSource | string | Specifies where the policy information are stored. | |
AllowService | boolean | Specifies whether to allow dail-in conferencing. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
EwsAllowEntourage | boolean | Specifies whether to enable or disable Entourage 2008 to access Exchange Web Services (EWS) for the entire organization. | |
EnableOutlookEvents | boolean | Specifies whether Outlook or Outlook on the web (formerly known as Outlook Web App) automatically discovers events from email messages and adds them to user calendars. | |
IsTenantInGracePeriod | boolean | Description pending. | |
IntuneManagedStatus | boolean | Description pending. | |
DefaultAuthenticationPolicy | string | Specifies the authentication policy that's used for the whole organization. You can use any value that uniquely identifies the policy. | |
CompassEnabled | boolean | Description pending. | |
MapiHttpEnabled | boolean | Enables or disables access to mailboxes in Outlook by using MAPI over HTTP. | |
ACLableSyncedObjectEnabled | boolean | Specifies whether remote mailboxes in hybrid environments are stamped as ACLableSyncedMailboxUser. | |
MicrosoftExchangeRecipientReplyRecipient | string | Specifies the recipient that should receive messages sent to the Exchange recipient. Typically, you would configure a mailbox to receive the messages sent to the Exchange recipient. | |
IsAddressListPagingEnabled | boolean | Description pending. | |
ManagedFolderHomepage | string | Specifies the URL of the web page that's displayed when users click the Managed Folders folder in Outlook. If a URL isn't specified, Outlook doesn't display a managed folders home page. | |
HierarchicalAddressBookRoot | string | Specifies the user, contact, or group to be used as the root organization for a hierarchical address book in the Exchange organization. You can use any value that uniquely identifies the recipient. | |
IsGuidPrefixedLegacyDnDisabled | boolean | Description pending. | |
ActivityBasedAuthenticationTimeoutWithSingleSignOnEnabled | boolean | Enables or disables the inactivity interval for automatic logoff for single sign-on in Outlook on the Web. | |
ForwardSyncLiveIdBusinessInstance | boolean | Description pending. | |
AppsForOfficeEnabled | boolean | Specifies whether to enable apps for Outlook features. By default, the parameter is set to true. If the flag is set to false, no new apps can be activated for any user in the organization. | |
PublicFoldersEnabled | string | Specifies how public folders are deployed in your organization. This parameter uses one of the following values. Local: The public folders are deployed locally in your organization. Remote: The public folders are deployed in the remote forest. None: No public folders are deployed for this organization. | |
Identity | string | Specifies the name of the OrganizationConfig. | |
DataInsightsFlag | number | Description pending. | |
ConnectorsActionableMessagesEnabled | boolean | Specifies whether to enable or disable actionable buttons in messages (connector cards) from connected apps on Outlook on the web. | |
MailboxDataEncryptionEnabled | boolean | Description pending. | |
GroupsCreationEnabled | boolean | Description pending. | |
PublicFolderMailboxesMigrationComplete | boolean | Is used during public folder migration. true: Queued messages are rerouted to the new destination. false (This is the default value). | |
DefaultPublicFolderMovedItemRetention | string | Specifies how long items that have been moved between mailboxes are kept in the source mailbox for recovery purposes before being removed by the Public Folder Assistant. | |
DistributionGroupDefaultOU | string | Specifies the container where distribution groups are created by default. | |
EndUserDLUpgradeFlowsDisabled | boolean | Specifies whether to prevent users from upgrading their own distribution groups to Microsoft 365 Groups in an Exchange Online organization. | |
MailTipsMailboxSourcedTipsEnabled | boolean | Specifies whether MailTips that rely on mailbox data (out-of-office or full mailbox) are enabled. | |
MatchSenderOrganizerProperties | boolean | Available only in the cloud-based service. Description pending. | |
WebSuggestedRepliesDisabled | boolean | Specifies whether to enable or disable Suggested Replies in Outlook on the web. This feature provides suggested replies to emails so users can easily and quickly respond to messages. | |
DefaultGroupAccessType | string | Specifies the default access type for Microsoft 365 Groups. Valid values are: Public. Private (this is the default value). | |
SCLJunkThreshold | number | Specifies the spam confidence level (SCL) threshold. Messages with an SCL greater than the value that you specify for the SCLJunkThreshold parameter are moved to the Junk Email folder. Valid values are integers from 0 through 9, inclusive. | |
ExternalCloudAccessEnabled | boolean | Description pending. | |
DefaultPublicFolderProhibitPostQuota | string | Specifies the size of a public folder at which users are notified that the public folder is full. Users can't post to a folder whose size is larger than the DefaultPublicFolderProhibitPostQuota parameter value. | |
MaxInformationBarrierBridges | number | Description pending. | |
EwsAllowMacOutlook | boolean | Enables or disables access to mailboxes by Outlook for Mac clients that use Exchange Web Services | |
PublicComputersDetectionEnabled | boolean | Specifies whether Outlook on the web will detect when a user signs from a public or private computer or network, and then enforces the attachment handling settings from public networks. | |
AppsForOfficeCorpCatalogAppsCount | number | Description pending. | |
BookingsAuthEnabled | boolean | Specifies whether to enforce authentication to access all published Bookings pages. | |
BookingsPhoneNumberEntryRestricted | boolean | Specifies whether phone numbers can be collected from Bookings customers. | |
ConnectorsEnabledForYammer | boolean | Specifies whether to enable or disable connected apps on Yammer. | |
DisableMailboxForSubstrateOnlyFinished | boolean | Description pending. | |
ReadTrackingEnabled | boolean | Specifies whether the tracking for read status for messages in an organization is enabled. | |
BookingsNamingPolicyPrefix | string | Available only in the cloud-based service. Description pending. | |
DisplayName | string | Display name of OrganizationConfig. | |
FindTimeLockPollForAttendeesEnabled | boolean | Controls whether the Lock poll for attendees setting is managed by the organization. | |
RmsoSubscriptionStatus | string | Description pending. | |
IsGroupFoldersAndRulesEnabled | boolean | Available only in the cloud-based service. Description pending. | |
IPListBlocked | list<string> | Specifies the blocked IP addresses that aren't allowed to connect to Exchange Online organization. Valid values are: Single IP address. IP address range. Classless InterDomain Routing (CIDR) IP address range. | |
ConnectorsEnabledForTeams | boolean | Specifies whether to enable or disable connected apps on Teams. | |
GuestsEnabled | boolean | If true, guest group members will be able to access group content. | |
UpgradeIBInProgress | boolean | Description pending. | |
SharePointUrl | string | Description pending. | |
PublicFolderMigrationComplete | boolean | Is used during public folder migration. When you set the PublicFolderMigrationComplete parameter to true, transport starts rerouting the queued messages to a new destination. The default value is false. | |
ForeignForestRecipientAdminUSGSid | string | Description pending. | |
ResourceAddressLists | list<string> | Description pending. | |
IsJitEnabled | boolean | Description pending. | |
IsDualWriteEnabled | boolean | Description pending. | |
InformationBarriersRestrictPeopleSearch | boolean | Description pending. | |
HybridConfigurationStatus | string | Description pending. | |
RootPublicFolderMailbox | object | Description pending. | |
CanUpdate | boolean | Description pending. | |
HierarchyMailboxGuid | string | Description pending. | |
LockedForMigration | boolean | Indicates if the public folder hierarchy is locked or not. | |
IsValid | boolean | Specifies if RootPublicFolderMailbox is valid. | |
ForeignForestViewOnlyAdminUSGSid | string | Description pending. | |
TenantRelocationsAllowed | boolean | Description pending. | |
GroupsNamingPolicy | string | Description pending. | |
IsValid | boolean | The validity for the OrganizationConfig. | |
BookingsNamingPolicySuffix | string | Available only in the cloud-based service. Description pending. | |
MicrosoftExchangeRecipientPrimarySmtpAddress | string | Specifies the primary return SMTP email address for the Exchange recipient. If the MicrosoftExchangeRecipientEmailAddressPolicyEnabled parameter is set to true, you can't use the MicrosoftExchangeRecipientPrimarySmtpAddress parameter. | |
MessageRemindersEnabled | boolean | Enables or disables the message reminders feature in the organization. | |
FocusedInboxOn | boolean | Enables or disables Focused Inbox for the organization. | |
DefaultMinutesToReduceShortEventsBy | number | Specifies the number of minutes to reduce calendar events by if the events are less than 60 minutes long. A valid value is an integer from 0 to 29. The default value is 5. | |
ForeignForestOrgAdminUSGSid | string | Description pending. | |
InformationBarrierMode | string | Description pending. | |
IsDehydrated | boolean | Description pending. | |
OutlookGifPickerDisabled | boolean | Disables the GIF Search (powered by Bing) feature that's built into the Compose page in Outlook on the web. | |
MailTipsAllTipsEnabled | boolean | True if mail tips are enabled. | |
userMailboxAuditEnabled | boolean | If true, mailbox auditing is enabled for all user mailboxes. | |
InformationBarriersEnforcementEnabled | boolean | Description pending. | |
DefaultMinutesToReduceLongEventsBy | number | Specifies the number of minutes to reduce calendar events by if the events are 60 minutes or longer. A valid value is an integer from 0 to 29. The default value is 10. | |
DistributionGroupNameBlockedWordsList | list<string> | Specifies words that can't be included in the Display Name values of distribution groups that are created by users. | |
MaxConcurrentMigrations | string | Specifies the maximum number of concurrent migrations that your organization can configure at any specific time. | |
OrganizationPrivacyStatementLink | string | Description pending. | |
GuestsUsageGuidelinesLink | string | Description pending. | |
MobileAppEducationEnabled | boolean | Specifies whether to show or hide the Outlook for iOS and Android education reminder in Outlook on the web (formerly known as Outlook Web App). | |
AdfsSignCertificateThumbprints | list<string> | Specifies one or more X.509 token-signing certificates that are used for AD FS claims-based authentication. This parameter uses certificate thumbprint values (GUIDs) to identify the certificates. | |
HiddenMembershipGroupsCreationEnabled | boolean | Description pending. | |
AdfsAudienceUris | list<string> | Specifies one or more external URLs that are used for Active Directory Federation Services (AD FS) claims-based authentication. For example, the external Outlook on the web and external Exchange admin center (EAC) URLs. | |
RecallReadMessagesEnabled | boolean | Available only in the cloud-based service. Description pending. | |
OfficeGraphActivitySharingOrgOptout | boolean | Description pending. | |
ConnectorsEnabledForOutlook | boolean | Specifies whether to enable or disable connected apps in Outlook on the web. | |
AutoExpandingArchiveEnabled | boolean | Description pending. | |
BookingsSearchEngineIndexDisabled | boolean | Available only in the cloud-based service. Description pending. | |
RealTimeLogServiceEnabled | boolean | Description pending. | |
ForeignForestFQDN | list<string> | Description pending. | |
OutlookPayEnabled | boolean | Enables or disables Microsoft Pay in the Microsoft 365 organization. | |
AllowedMailboxRegions | list<string> | Description pending. | |
AutodiscoverPartialDirSync | boolean | Is for scenarios where tenants have Directory Synced some of their Active Directory users into the cloud, but still have on-premises Exchange users that are not Directory Synced. Setting this parameter to true will cause unknown users to be redirected to the on-premises endpoint and will allow on-premises users to discover their mailbox automatically. Online email addresses will be susceptible to enumeration. We recommend full Directory Sync for all Active Directory users and leaving this parameter with the default false. | |
IsProcessEhaMigratedMessagesEnabled | boolean | Description pending. | |
SendFromAliasEnabled | boolean | Allows mailbox users to send messages using aliases (proxy addresses). It does this by disabling the rewriting of aliases to their primary SMTP address. This change is implemented in the Exchange Online service. At the same time, Outlook clients are making changes to natively support aliases for sending and receiving messages. Even without an updated client, changes in behavior may be seen for users using any email client as the setting affects all messages sent and received by a mailbox. | |
EwsBlockList | list<string> | Specifies the applications that aren't allowed to access EWS or REST when the EwsApplicationAccessPolicy parameter is set to EnforceBlockList. All other applications that aren't specified by this parameter are allowed to access EWS or REST. You identify the application by its user agent string value. Wildcard characters (*) are supported. | |
SmtpActionableMessagesEnabled | boolean | Specifies whether to enable or disable action buttons in email messages in Outlook on the web. | |
IsEopTrialEnabled | boolean | Description pending. | |
DistributionGroupNamingPolicy | string | Specifies the additional text that's applied to the Display Name value of distribution groups created by users. You can require a prefix, a suffix, or both. The prefix and suffix can be text strings, user attribute values from the person who created the group, or a combination of text strings and attributes. | |
WebPushNotificationsDisabled | boolean | Specifies whether to enable or disable Web Push Notifications in Outlook on the Web. This feature provides web push notifications which appear on a user's desktop while the user is not using Outlook on the Web. This brings awareness of incoming messages while they are working elsewhere on their computer. | |
DefaultPublicFolderAgeLimit | string | Specifies the default age limit for the contents of public folders across the entire organization. Content in a public folder is automatically deleted when this age limit is exceeded. This attribute applies to all public folders in the organization that don't have their own AgeLimit setting. | |
ActivityBasedAuthenticationTimeoutEnabled | boolean | Enables or disables the inactivity interval for automatic logoff in Outlook on the web (formerly known as Outlook Web App). | |
MessageRecallEnabled | boolean | Available only in the cloud-based service. Description pending. | |
LeanPopoutEnabled | boolean | Specifies whether to enable faster loading of pop-out messages in Outlook on the web for Internet Explorer and Microsoft Edge. | |
MicrosoftExchangeRecipientEmailAddresses | list<string> | Specifies one or more email addresses for the recipient. All valid Microsoft Exchange email address types may be used. You can specify multiple values for this parameter as a comma-delimited list. If the MicrosoftExchangeRecipientEmailAddressPolicyEnabled parameter is set to true, the email addresses are automatically generated by the default email address policy. This means you can't use the MicrosoftExchangeRecipientEmailAddresses parameter. | |
ConnectorsEnabledForSharepoint | boolean | Specifies whether to enable or disable connected apps on SharePoint. | |
PreviousAdminDisplayVersion | string | Description pending. | |
AzurePremiumSubscriptionStatus | boolean | Description pending. | |
BasicAuthBlockedApps | string | Description pending. | |
AllowedMailboxRegionsLastUpdateTime | number | Description pending. | |
BookingsEnabledLastUpdateTime | number | Description pending. | |
GroupsCreationWhitelistedId | string | Description pending. | |
SiteMailboxCreationURL | string | Specifies the URL that's used to create site mailboxes. Site mailboxes improve collaboration and user productivity by allowing access to both SharePoint documents and Exchange email in Outlook 2013 or later. | |
IsExcludedFromOnboardMigration | boolean | Specifies that no new moves from your on-premises organization to the cloud are permitted. When this flag is set, no onboarding move requests are allowed. | |
GroupsUsageGuidelinesLink | string | Description pending. | |
ComplianceMLBgdCrawlEnabled | boolean | Available only in the cloud-based service. Description pending. | |
BookingsNamingPolicyPrefixEnabled | boolean | Available only in the cloud-based service. Description pending. | |
BookingsEnabled | boolean | If true, the entire origanization will be able to use Microsoft Bookings. | |
BookingsNamingPolicySuffixEnabled | boolean | Available only in the cloud-based service. Description pending. | |
Name | string | Name of OrganizationConfig. | |
BookingsSmsMicrosoftEnabled | boolean | Available only in the cloud-based service. Description pending. | |
LinkPreviewEnabled | boolean | Specifies whether link preview of URLs in email messages is allowed for the organization. | |
IsMixedMode | boolean | Description pending. | |
AllowToAddGuests | boolean | If true, group owners will be allowed to add people outside of the organization to Microsoft365 Groups as guests. | |
ConnectorsEnabled | boolean | Specifies whether to enable or disable all connected apps in organization. | |
DefaultMailboxRegionLastUpdateTime | number | Description pending. | |
OrganizationId | string | The identifier for the Exchange organization. | |
InPlaceHolds | list<string> | Description pending. | |
IsUpdatingServicePlan | boolean | Description pending. | |
PublicFolderShowClientControl | boolean | Enables or disables access to public folders in Microsoft Outlook. | |
BookingsAddressEntryRestricted | boolean | Specifies whether addresses can be collected from Bookings customers. | |
BookingsBlockedWordsEnabled | boolean | Available only in the cloud-based service. Description pending. | |
IsGroupMemberAllowedToEditContent | boolean | Available only in the cloud-based service. Description pending. | |
WorkspaceTenantEnabled | boolean | Enables or disables workspace booking in the organization. | |
CustomerFeedbackEnabled | boolean | Specifies whether the Exchange server is enrolled in the Microsoft Customer Experience Improvement Program. | |
BlockMoveMessagesForGroupFolders | boolean | Available only in the cloud-based service. Description pending. | |
EwsApplicationAccessPolicy | string | Specifies the client applications that have access to EWS and REST. Valid values are: EnforceAllowList: Only applications specified by the EwsAllowList parameter are allowed to access EWS and REST. Access by other applications is blocked. EnforceBlockList: All applications are allowed to access EWS and REST, except for the applications specified by the EwsBlockList parameter. | |
MaxInformationBarrierSegments | number | Description pending. | |
ShortenEventScopeDefault | string | Specifies whether calendar events start late or end early in the organization. Valid values are: 0 or None: Calendar events in the organization don't automatically start late or end early. This is the default value. 1 or EndEarly: By default, the end time of all calendar events is reduced by the number of minutes as specified by the values of the DefaultMinutesToReduceLongEventsBy and DefaultMinutesToReduceShortEventsBy parameters. 2 or StartLate: By default, the start time of all calendar events is delayed by the number of minutes as specified by the values of the DefaultMinutesToReduceLongEventsBy and DefaultMinutesToReduceShortEventsBy parameters. | |
OutlookTextPredictionDisabled | boolean | Available only in the cloud-based service. Description pending. | |
DefaultDataEncryptionPolicy | string | Description pending. | |
ElcProcessingDisabled | boolean | Specifies whether to enable or disable the processing of mailboxes by the Managed Folder Assistant. | |
id | string | id of the OrganizationConfig. | |
ServicePlan | string | Description pending. | |
IsExcludedFromOffboardMigration | boolean | Specifies that no new moves from the cloud to your on-premises organization are permitted. When this flag is set, no offboarding move requests are allowed. | |
IsMIPLabelForGroupsEnabled | boolean | Description pending. | |
PublicFolderMailboxesLockedForNewConnections | boolean | Specifies whether users are allowed to make new connections to public folder mailboxes. | |
DefaultMailboxRegion | string | The default mailbox region of the organization. | |
BookingsPaymentsEnabled | boolean | Specifies whether to enable the online payment node inside Bookings. | |
DefaultPublicFolderDeletedItemRetention | string | Specifies the default value of the length of time to retain deleted items for public folders across the entire organization. This attribute applies to all public folders in the organization that don't have their own RetainDeletedItemsFor attribute set. | |
BookingsCreationOfCustomQuestionsRestricted | boolean | Specifies whether Bookings admins can add custom questions. | |
Heuristics | string | Description pending. | |
RemotePublicFolderMailboxes | list<string> | Specifies the identities of the public folder objects (represented as mail user objects locally) corresponding to the public folder mailboxes created in the remote forest. The public folder values set here are used only if the public folder deployment is a remote deployment. | |
MaskClientIpInReceivedHeadersEnabled | boolean | Available only in the cloud-based service. Description pending. | |
ExchangeNotificationRecipients | list<string> | Specifies the recipients for Exchange notifications sent to administrators regarding their organizations. If the ExchangeNotificationEnabled parameter is set to false, no notification messages are sent. Be sure to enclose values that contain spaces in quotation marks (") and separate multiple values with commas. | |
ActivityBasedAuthenticationTimeoutInterval | string | Specifies the period of inactivity that causes an automatic logoff in Outlook on the web. | |
FindTimeAttendeeAuthenticationEnabled | boolean | Controls whether attendees are required to verify their identity in meeting polls using the FindTime Outlook add-in. | |
ForestConfigVersion | string | Description pending. | |
DefaultPublicFolderIssueWarningQuota | string | Specifies the default value across the entire organization for the public folder size at which a warning message is sent to this folder's owners, warning that the public folder is almost full. This attribute applies to all public folders within the organization that don't have their own warning quota attribute set. The default value of this attribute is unlimited. | |
IsComplianceTrialEnabled | boolean | Description pending. | |
DisablePlusAddressInRecipients | boolean | Specifies whether to enable or disable plus addressing (also known as subaddressing) for Exchange Online mailboxes. | |
OnlineMeetingsByDefaultEnabled | boolean | Specifies whether to set all meetings as Teams or Skype for Business by default during meeting creation. Valid values are: true: All meetings are online by default. false: All meetings are not online by default. null: If the organization value has not been specified, the default behavior is for meetings to be online. | |
DirectReportsGroupAutoCreationEnabled | boolean | Specifies whether to enable or disable the automatic creation of direct report Microsoft 365 Groups. | |
Industry | string | Specifies the industry that best represents your organization. | |
BookingsSocialSharingRestricted | boolean | Specifies whether users can see the social sharing options inside Bookings. | |
BookingsExposureOfStaffDetailsRestricted | boolean | Specifies whether the attributes of internal Bookings staff members (for example, email addresses) are visible to external Bookings customers. | |
EwsAllowList | list<string> | Specifies the applications that are allowed to access EWS or REST when the EwsApplicationAccessPolicy parameter is set to EwsAllowList. Other applications that aren't specified by this parameter aren't allowed to access EWS or REST. You identify the application by its user agent string value. Wildcard characters (*) are supported. | |
MimeTypes | list<string> | Description pending. | |
SharedDomainEmailAddressFlowEnabled | boolean | Available only in the cloud-based service. Description pending. | |
MessageHighlightsEnabled | boolean | Available only in the cloud-based service. Description pending. | |
ExchangeNotificationEnabled | boolean | Enables or disables Exchange notifications sent to administrators regarding their organizations. | |
IsMailboxForcedReplicationDisabled | boolean | Description pending. | |
MailTipsExternalRecipientsTipsEnabled | boolean | True if external recipient mail tips are enabled. | |
MailTipsGroupMetricsEnabled | boolean | True if mail tips group metrics are enabled. | |
RPSEnabled | boolean | Description pending. | |
VisibleMeetingUpdateProperties | string | Specifies whether meeting message updates will be auto-processed on behalf of attendees. Auto-processed updates are applied to the attendee's calendar item, and then the meeting message is moved to the deleted items. The attendee never sees the update in their inbox, but their calendar is updated. | |
FindTimeAutoScheduleDisabled | boolean | Controls automatically scheduling the meeting once a consensus is reached in meeting polls using the FindTime Outlook add-in. Valid values are: true: Reaching a consensus for the meeting time doesn't automatically schedule the meeting, and the meeting organizer can't change this setting (Off). false: By default, reaching a consensus for the meeting time doesn't automatically schedule the meeting, but meeting organizer is allowed to turn on this setting. | |
EwsEnabled | boolean | specifies whether to globally enable or disable EWS access for the entire organization, regardless of what application is making the request. Valid values are: true: All EWS access is enabled. false: All EWS access is disabled. null (blank): The setting isn't configured. Access to EWS is controlled individually by the related EWS parameters (for example EwsAllowEntourage). This is the default value. | |
ReleaseTrack | string | Description pending. | |
IsUpgradingOrganization | boolean | Description pending. | |
AuditDisabled | boolean | Specifies whether to disable or enable mailbox auditing for the organization. | |
InformationBarriersManagementEnabled | boolean | Description pending. | |
IsLicensingEnforced | boolean | Description pending. | |
BookingsMembershipApprovalRequired | boolean | Enables a membership approval requirement when new staff members are added to Bookings calendars. | |
DefaultPublicFolderMaxItemSize | string | Specifies the default maximum size for posted items within public folders across the entire organization. Items larger than the value of the DefaultPublicFolderMaxItemSize parameter are rejected. This attribute applies to all public folders within the organization that don't have their own MaxItemSize attribute set. The default value of this attribute is unlimited. | |
AdfsIssuer | string | Specifies URL of the AD FS server that's used for AD FS claims-based authentication. This is the URL where AD FS relying parties send users for authentication. | |
PrivateCatalogAppsCount | number | Description pending. | |
WACDiscoveryEndpoint | string | Specifies the discovery endpoint for Office Online Server (formerly known as Office Web Apps Server and Web Access Companion Server) for all mailboxes in the organization. | |
TargetServicePlan | string | Description pending. | |
AsyncSendEnabled | boolean | Specifies whether to enable or disable async send in Outlook on the web. | |
BookingsNotesEntryRestricted | boolean | Specifies whether appointment notes can be collected from Bookings customers. | |
LegacyExchangeDN | string | Description pending. | |
BookingsNamingPolicyEnabled | boolean | Available only in the cloud-based service. Description pending. | |
PublicFoldersLockedForMigration | boolean | Specifies whether users are locked out from accessing down level public folder servers. When you set the PublicFoldersLockedForMigration parameter to true, users are locked out from accessing down level public folder servers. This is used for public folder migration during final stages. The default value is false, which means that the user is able to access public folder servers. | |
OrganizationSummary | list<string> | Specifies a summarized description that best represents your organization. | |
ByteEncoderTypeFor7BitCharsets | number | Specifies the 7-bit transfer encoding method for MIME format for messages sent to this remote domain. The valid values for this parameter are: 0: Always use default 7-bit transfer encoding for HTML and plain text. 1: Always use QP (quoted-printable) encoding for HTML and plain text. 2: Always use Base64 encoding for HTML and plain text. 5: Use QP encoding for HTML and plain text unless line wrapping is enabled in plain text. If line wrapping is enabled, use 7-bit encoding for plain text. 6: Use Base64 encoding for HTML and plain text, unless line wrapping is enabled in plain text. If line wrapping is enabled in plain text, use Base64 encoding for HTML, and use 7-bit encoding for plain text. 13: Always use QP encoding for HTML. Always use 7-bit encoding for plain text. 14: Always use Base64 encoding for HTML. Always use 7-bit encoding for plain text. | |
MailTipsLargeAudienceThreshold | number | This setting defines a "large audience" in your tenant. If an email is about to be sent to a large audience, a mail tip will be shown to alert the user. | |
OAuth2ClientProfileEnabled | boolean | Whether OAuth 2.0 is enabled. | |
nonUserMailboxAuditEnabled | boolean | If true, all non-user mailboxes have audit enabled. Otherwise, at least 1 non-user mailbox has auditing disabled. You can get this information from PowerShell using the command `Get-Mailbox -Filter 'AuditEnabled -eq $false -and RecipientTypeDetails -ne "UserMailbox" -and RecipientTypeDetails -ne "SharedMailbox"' -ResultSize 1 | Select-Object Id, Name, AuditEnabled` | |
FindTimeOnlineMeetingOptionDisabled | boolean | Controls the availability of the Online meeting checkbox for Teams or Skype in meeting polls using the FindTime Outlook add-in. | |
OutlookMobileGCCRestrictionsEnabled | boolean | Specifies whether to enable or disable features within Outlook for iOS and Android that are not FedRAMP compliant for Microsoft 365 US Government Community Cloud (GCC) customers. | |
MicrosoftExchangeRecipientEmailAddressPolicyEnabled | boolean | Specifies whether the default email address policy is automatically applied to the Exchange recipient. The default value is true. If this parameter is set to true, Exchange automatically adds new email addresses to the Exchange recipient when email address policies are added or modified in the Exchange organization. If this parameter is set to false, you must manually add new email addresses to the Exchange recipient when email address policies are added or modified. | |
OcmGroupId | string | Description pending. | |
EwsAllowOutlook | boolean | Enables or disables access to mailboxes by Outlook clients that use Exchange Web Services. Outlook uses Exchange Web Services for free/busy, out-of-office settings, and calendar sharing. | |
IsTenantAccessBlocked | boolean | Description pending. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Enabled | boolean | Whether this OrganizationRelationship is enabled or not. | |
DomainNames | list<string> | A list of domain names in that are part of this OrganizationRelationship. | |
Identity | string | The id of this OrganizationRelationship. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
ConnectorType | string | The type of connector. Can be "Partner" or "OnPremises". | |
IsValid | boolean | Whether or not this OutboundConnector is valid. | |
SmartHosts | list<string> | The SmartHosts parameter specifies the smart host that the Outbound connector uses to route mail. | |
RouteAllMessagesViaOnPremises | boolean | The RouteAllMessagesViaOnPremises parameter specifies that all messages serviced by this connector are first routed through the on-premises messaging system in hybrid organizations. | |
ValidationRecipients | list<string> | The ValidationRecipients parameter specifies the email addresses of the validation recipients for the Outbound connector. | |
Enabled | boolean | Whether this OutboundConnector is enabled or not. | |
UseMXRecord | boolean | The UseMXRecord parameter enables or disables DNS routing for the connector. | |
RecipientDomains | list<string> | The RecipientDomains parameter specifies the domains that the Outbound connector routes mail to. You can specify multiple domains separated by commas. | |
TlsDomain | string | The TlsDomain parameter specifies the domain name that the Outbound connector uses to verify the FQDN of the target certificate when establishing a TLS secured connection. This parameter is only used if the TlsSettings parameter is set to DomainValidation. Valid input for the TlsDomain parameter is an SMTP domain. You can use a wildcard character to specify all subdomains of a specified domain, as shown in the following example: *.contoso.com. However, you can not embed a wildcard character, as shown in the following example: domain.*.contoso.com | |
CloudServicesMailEnabled | boolean | The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. | |
AllAcceptedDomains | boolean | The AllAcceptedDomains parameter specifies whether the Outbound connector is used in hybrid organizations where message recipients are in accepted domains of the cloud-based organization. | |
TestMode | boolean | The TestMode parameter specifies whether you want to enabled or disable test mode for the Outbound connector. | |
IsValidated | boolean | The IsValidated parameter specifies whether the Outbound connector has been validated. | |
Identity | string | The id of this OutboundConnector. | |
TlsSettings | string | The TlsSettings parameter specifies the TLS authentication level that is used for outbound TLS connections established by this Outbound connector. | |
IsTransportRuleScoped | boolean | The IsTransportRuleScoped parameter specifies whether the Outbound connector is associated with a transport rule (also known as a mail flow rule). | |
SenderRewritingEnabled | boolean | The SenderRewritingEnabled parameter specifies that all messages that normally qualify for SRS rewriting are rewritten for traffic to on-premises. This parameter is only effective for OnPremises connectors as Partner connectors already have SRS rewriting enabled. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
RulesEnabled | boolean | Specifies whether a user can view, create, or modify server-side rules in Outlook on the web. | |
ForceWacViewingFirstOnPrivateComputers | boolean | Specifies whether private computers must first preview an Office file as a web page in Office Online Server (formerly known as Office Web Apps Server and Web Access Companion Server) before opening the file in the local application. | |
MessagePreviewsDisabled | boolean | Description pending. | |
UserVoiceEnabled | boolean | Specifies whether to enable or disable Outlook UserVoice in Outlook on the web. Outlook UserVoice is a customer feedback area that's available in Microsoft 365. | |
UseISO885915 | boolean | Specifies whether to use the character set ISO8859-15 instead of ISO8859-1 in Outlook on the web. | |
OneWinNativeOutlookEnabled | boolean | Controls the availability of the new Outlook for Windows App. | |
ForceSaveAttachmentFilteringEnabled | boolean | Specifies whether files are filtered before they can be saved from Outlook on the web. | |
AdditionalStorageProvidersAvailable | boolean | If False, additional storage providers (such as Box, DropBox, etc.) in Outlook on the Web will be restricted. | |
JunkEmailEnabled | boolean | Specifies whether the Junk Email folder and junk email management are available in Outlook on the web. | |
WebReadyDocumentViewingSupportedMimeTypes | list<string> | This is a read-only parameter that can't be modified; use the WebReadyMimeTypes parameter instead. | |
AllowedFileTypes | list<string> | Specifies the attachment file types (file extensions) that can be saved locally or viewed from Outlook on the web. | |
LocalEventsEnabled | boolean | Specifies whether local events calendars are available in Outlook on the web. | |
OutlookBetaToggleEnabled | boolean | Specifies whether to enable or disable the Outlook on the web Preview toggle. The Preview toggle allows users to try the new Outlook on the web experience. | |
WeatherEnabled | boolean | Specifies whether to enable or disable weather information in the calendar in Outlook on the web. | |
ForceWacViewingFirstOnPublicComputers | boolean | Specifies whether public computers must first preview an Office file as a web page in Office Online Server before opening the file in the local application. | |
WacViewingOnPublicComputersEnabled | boolean | Specifies whether to enable or disable web viewing of supported Office documents in public computer sessions in Office Online Server. | |
WebReadyFileTypes | list<string> | Specifies the attachment file types (file extensions) that can be viewed by WebReady Document Viewing in Outlook on the web. | |
AllowedMimeTypes | list<string> | Specifies the MIME extensions of attachments that allow the attachments to be saved locally or viewed from Outlook on the web. | |
AllowCopyContactsToDeviceAddressBook | boolean | Specifies whether users can copy the contents of their Contacts folder to a mobile device's native address book when using Outlook on the web for devices. | |
GroupCreationEnabled | boolean | Specifies whether Microsoft 365 Group creation is available in Outlook and Outlook on the web. | |
InstantMessagingType | string | Specifies the type of instant messaging provider in Outlook on the web. Valid values are: None: This is the default value in on-premises Exchange. Ocs: Lync or Skype (formerly known as Office Communication Server). This is the default value in Exchange Online. | |
SMimeEnabled | boolean | Specifies whether users can download the S/MIME control for Outlook Web App and use it to read and compose signed and encrypted messages. | |
NotesEnabled | boolean | Specifies whether the Notes folder is available in Outlook on the web. | |
RemindersAndNotificationsEnabled | boolean | Specifies whether notifications and reminders are enabled in Outlook on the web. | |
GlobalAddressListEnabled | boolean | Specifies whether the global address list is available in Outlook on the web. | |
id | string | id of the OwaMailboxPolicy | |
PublicFoldersEnabled | boolean | Specifies whether a user can browse or read items in public folders in Outlook Web App. | |
SignaturesEnabled | boolean | Specifies whether to enable or disable the use of signatures in Outlook on the web. | |
PredictedActionsEnabled | boolean | Description pending. | |
AllowedOrganizationAccountDomains | list<string> | Available only in the cloud-based service. Description pending. | |
SetPhotoURL | string | Controls where users go to select their photo. Note that you can't specify a URL that contains one or more picture files, as there is no mechanism to copy a URL photo to the properties of the users' Exchange Online mailboxes. | |
WebPartsFrameOptionsType | string | Specifies what sources can access web parts in IFRAME or FRAME elements in Outlook on the web. Valid values are: None: There are no restrictions on displaying Outlook on the web content in a frame. SameOrigin: This is the default value and the recommended value. Display Outlook on the web content only in a frame that has the same origin as the content. Deny: Blocks display of Outlook on the web content in a frame, regardless of the origin of the site attempting to access it. | |
SkipCreateUnifiedGroupCustomSharepointClassification | boolean | Specifies whether to skip a custom SharePoint page during the creation of Microsoft 365 Groups in Outlook on the web. | |
ReportJunkEmailEnabled | boolean | Specifies whether users can report messages as junk or not junk to Microsoft in Outlook on the web. | |
PrintWithoutDownloadEnabled | boolean | Specifies whether to allow printing of supported files without downloading the attachment in Outlook on the web. | |
TeamsnapCalendarsEnabled | boolean | Specifies whether to allow users to connect to their personal TeamSnap calendars in Outlook on the web. | |
RecoverDeletedItemsEnabled | boolean | Specifies whether a user can use Outlook Web App to view, recover, or delete permanently items that have been deleted from the Deleted Items folder. | |
ForceWebReadyDocumentViewingFirstOnPublicComputers | boolean | Specifies whether Public computers must first preview an Office file as a web page in WebReady Document Viewing before opening the file from Outlook Web App. | |
UserDiagnosticEnabled | boolean | Description pending. | |
ItemsToOtherAccountsEnabled | boolean | Available only in the cloud-based service. Description pending. | |
TextMessagingEnabled | boolean | Specifies whether users can send and receive text messages in Outlook on the web. | |
ExternalImageProxyEnabled | boolean | Specifies whether to load all external images through the Outlook external image proxy. | |
FacebookEnabled | boolean | If False, Facebook contact synchronization is disabled. | |
OrganizationEnabled | boolean | When the OrganizationEnabled parameter is set to false, the Automatic Reply option doesn't include external and internal options, the address book doesn't show the organization hierarchy, and the Resources tab in Calendar forms is disabled. The default value is true. | |
ForceWebReadyDocumentViewingFirstOnPrivateComputers | boolean | Secifies whether private computers must first preview an Office file as a web page in WebReady Document Viewing before opening the file from Outlook Web App. | |
WacEditingEnabled | boolean | Specifies whether to enable or disable editing documents in Outlook on the web by using Office Online Server (formerly known as Office Web Apps Server and Web Access Companion Server). | |
UMIntegrationEnabled | boolean | Specifies whether Unified Messaging (UM) integration is enabled in Outlook on the web. | |
UseGB18030 | boolean | Specifies whether to use the GB18030 character set instead of GB2312 in Outlook on the web. | |
OWALightEnabled | boolean | Controls the availability of the light version of Outlook on the web. | |
DirectFileAccessOnPublicComputersEnabled | boolean | Specifies the left-click options for attachments in Outlook on the web for public computer sessions. | |
ThemeSelectionEnabled | boolean | Specifies whether users can change the theme in Outlook on the web. | |
PersonalAccountsEnabled | boolean | Available only in the cloud-based service. Description pending. | |
BlockedFileTypes | list<string> | Specifies a list of attachment file types (file extensions) that can't be saved locally or viewed from Outlook on the web. | |
ConditionalAccessFeatures | list<string> | Description pending. | |
InternalSPMySiteHostURL | string | Specifies the My Site Host URL for internal users (for example, https://sp01.contoso.com). | |
OnSendAddinsEnabled | boolean | Specifies whether to enable or disable on send add-ins in Outlook on the web (add-ins that support events when a user clicks Send). | |
ReferenceAttachmentsEnabled | boolean | Specifies whether users can attach files from the cloud as linked attachments in Outlook on the web. | |
SaveAttachmentsToCloudEnabled | boolean | Specifies whether users can save regular email attachments to the cloud. | |
DirectFileAccessOnPrivateComputersEnabled | boolean | Specifies the left-click options for attachments in Outlook on the web for private computer sessions. | |
ForceSaveFileTypes | list<string> | Specifies the attachment file types (file extensions) that can only be saved from Outlook on the web (not opened). | |
IsValid | boolean | The validity for the OwaMailboxPolicy. | |
SearchFoldersEnabled | boolean | Specifies whether Search Folders are available in Outlook on the web. | |
OutboundCharset | string | Specifies the character set that's used for outgoing messages in Outlook on the web. Valid values are: AutoDetect: Examine the first 2 kilobytes (KB) of text in the message to determine the character set that's used in outgoing messages. This is the default value. AlwaysUTF8: Always use UTF-8 encoded Unicode characters in outgoing messages, regardless of the detected text in the message, or the user's language choice in Outlook on the web. Use this value if replies to UTF-8 encoded messages aren't being encoded in UTF-8. UserLanguageChoice: Use the user's language choice in Outlook on the web to encode outgoing messages. | |
WebReadyDocumentViewingOnPrivateComputersEnabled | boolean | Specifies whether WebReady Document Viewing is available in private computer sessions. | |
ChangeSettingsAccountEnabled | boolean | Is functional only in the cloud-based service. Description pending. | |
FeedbackEnabled | boolean | Specifies whether to enable or disable inline feedback surveys in Outlook on the web. | |
ExplicitLogonEnabled | boolean | Specifies whether to allow a user to open someone else's mailbox in Outlook on the web (provided that user has permissions to the mailbox). | |
CalendarEnabled | boolean | Specifies whether to enable or disable the calendar in Outlook Web App. | |
PhoneticSupportEnabled | boolean | Specifies phonetically spelled entries in the address book. This parameter is available for use in Japan. | |
DisplayPhotosEnabled | boolean | Specifies whether users see sender photos in Outlook on the web. | |
WebReadyMimeTypes | list<string> | Specifies the MIME extensions of attachments that allow the attachments to be viewed by WebReady Document Viewing in Outlook on the web. | |
AdditionalAccountsEnabled | boolean | Available only in the cloud-based service. Description pending. | |
WacViewingOnPrivateComputersEnabled | boolean | Specifies whether to enable or disable web viewing of supported Office documents private computer sessions in Office Online Server (formerly known as Office Web Apps Server and Web Access Companion Server). | |
Identity | string | Specifies the Outlook on the web mailbox policy that you want to modify. | |
SilverlightEnabled | boolean | Specifies whether a user can use Microsoft Silverlight features in Outlook Web App. | |
BookingsMailboxCreationEnabled | boolean | Allows you disable Microsoft Bookings. | |
ConditionalAccessPolicy | string | Specifies the Outlook on the Web Policy for limited access. For this feature to work properly, you also need to configure a Conditional Access policy in the Azure Active Directory Portal. Valid values are: Off: No conditional access policy is applied to Outlook on the web. This is the default value. ReadOnly: Users can't download attachments to their local computer, and can't enable Offline Mode on non-compliant computers. They can still view attachments in the browser. ReadOnlyPlusAttachmentsBlocked: All restrictions from ReadOnly apply, but users can't view attachments in the browser. | |
WacExternalServicesEnabled | boolean | Specifies whether to enable or disable external services when viewing documents in Outlook on the web (for example, machine translation) by using Office Online Server. | |
BookingsMailboxDomain | string | Is available only in the cloud-based service. Description pending. | |
InstantMessagingEnabled | boolean | Specifies whether instant messaging is available in Outlook on the web. This does not affect chat capabilities provided by Skype for Business or Teams. | |
DelegateAccessEnabled | boolean | Specifies whether delegates can use Outlook on the web or Outlook Web App to open folders that they have delegate access to. | |
JournalEnabled | boolean | Specifies whether the Journal folder is available in Outlook on the web. | |
WebReadyDocumentViewingOnPublicComputersEnabled | boolean | Specifies whether WebReady Document Viewing is in public computer sessions. | |
ActionForUnknownFileAndMIMETypes | string | Specifies how to handle file types that aren't specified in the Allow, Block, and Force Save lists for file types and MIME types. Valid values are: Allow (This is the default value.) ForceSave. Block. | |
SpellCheckerEnabled | boolean | Specifies whether to enable or disable the built-in Outlook Web App spell checker in the full version of Outlook Web App. | |
ActiveSyncIntegrationEnabled | boolean | Specifies whether to enable or disable Exchange ActiveSync settings in Outlook on the web. | |
ProjectMocaEnabled | boolean | Enables or disables access to Project Moca in Outlook on the web. | |
PlacesEnabled | boolean | Specifies whether to enable or disable Places in Outlook on the web. Places lets users search, share, and map location details by using Bing. | |
BlockedMimeTypes | list<string> | Specifies MIME extensions in attachments that prevent the attachments from being saved locally or viewed from Outlook on the web. | |
ContactsEnabled | boolean | Specifies whether to enable or disable Contacts in Outlook Web App. | |
LogonAndErrorLanguage | number | Specifies the language that used in Outlook on the web for forms-based authentication and for error messages when a user's current language setting can't be read. | |
SatisfactionEnabled | boolean | Specifies whether to enable or disable the satisfaction survey. | |
InterestingCalendarsEnabled | boolean | Specifies whether interesting calendars are available in Outlook on the web | |
IRMEnabled | boolean | Specifies whether Information Rights Management (IRM) features are available in Outlook on the web. | |
WebReadyDocumentViewingForAllSupportedTypes | boolean | Specifies whether to enable WebReady Document Viewing for all supported file and MIME types. | |
PremiumClientEnabled | boolean | Controls the availability of the full version of Outlook Web App. | |
ClassicAttachmentsEnabled | boolean | Specifies whether users can attach local files as regular email attachments in Outlook on the web. | |
ExternalSPMySiteHostURL | string | Specifies the My Site Host URL for external users (for example, https://sp01.contoso.com). | |
DefaultTheme | string | Specifies the default theme that's used in Outlook on the web when the user hasn't selected a theme. | |
SMimeSuppressNameChecksEnabled | boolean | Specifies whether to suppress name check in S/MIME messages. You don't need to specify a value with this switch. | |
ShowOnlineArchiveEnabled | boolean | Available only in the cloud-based service. Description pending. | |
SetPhotoEnabled | boolean | Specifies whether users can add, change, and remove their sender photo in Outlook on the web. | |
NpsSurveysEnabled | boolean | Specifies whether to enable or disable the Net Promoter Score (NPS) survey in Outlook on the web. The survey allows users to rate Outlook on the web on a scale of 1 to 5, and to provide feedback and suggested improvements in free text. | |
TasksEnabled | boolean | Specifies whether Tasks folder is available in Outlook Web App. | |
ForceSaveMimeTypes | list<string> | Specifies the MIME extensions in attachments that only allow the attachments to be saved locally (not opened). | |
LinkedInEnabled | boolean | If False, LinkedIn contact synchronization is disabled. | |
PersonalAccountCalendarsEnabled | boolean | Specifies whether to allow users to connect to their personal Outlook.com or Google Calendar in Outlook on the web. | |
WebReadyDocumentViewingSupportedFileTypes | list<string> | This is a read-only parameter that can't be modified; use the WebReadyFileTypes parameter instead. | |
ThirdPartyFileProvidersEnabled | boolean | Description pending. | |
WacOMEXEnabled | boolean | Specifies whether to enable or disable apps for Outlook in Outlook on the web in Office Online Server. | |
AllAddressListsEnabled | boolean | Specifies which address lists are available in Outlook on the web. | |
ChangePasswordEnabled | boolean | Specifies whether users can change their passwords from inside Outlook on the web. | |
IsDefault | boolean | Specifies whether the Outlook on the web policy is the default policy that's used to configure the Outlook on the web settings for new mailboxes. | |
AllowOfflineOn | string | Specifies when Outlook Web App in offline mode is available for supported web browsers. Valid values are: PrivateComputersOnly: Offline mode is available in private computer sessions. By default in Exchange 2013 or later and Exchange Online, all Outlook on the web sessions are considered to be on private computers. In Exchange 2013 or later, users can only specify public computer sessions if you've enabled the private/public selection on the sign in page (the LogonPagePublicPrivateSelectionEnabled parameter value is $true on the Set-OwaVirtualDirectory cmdlet). NoComputers: Offline mode is disabled. AllComputers: Offline mode is available for public and private computer sessions. | |
Name | string | Name of the OwaMailboxPolicy |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Name | string | Name of the Quarantine policy, e.g. "DefaultFullAccessPolicy". | |
ESNEnabled | boolean | The ESNEnabled parameter specifies whether to enable quarantine notifications (formerly known as end-user spam notifications) for the policy. | |
EndUserQuarantinePermissions | list<object> | List of end user quarantine permissions. | |
isEnabled | boolean | Is permission enabled. | |
name | string | Permission name. | |
QuarantinePolicyType | string | Type of quarantine policy. | |
QuarantineRetentionDays | number | Retention of quarantine policy in days. | |
Identity | string | Specifies the name, distinguished name (DN), or GUID of the quarantine policy. | |
IsValid | boolean | Whether this QuarantinePolicy is valid or not. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
DomainName | string | The remote domain that is being configured. "*" represents any remote domain. The default Remote Domain setting in an O365 account has the name "Default" and domain "*". | |
AutoForwardEnabled | boolean | If False, AutoForwarding of email to this remote domain will not be allowed. | |
Name | string | The name of the Remote Domain asset. The default Remote Domain on an O365 account has name "Default", and domain "*". |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
id | string | The unique identifier for this retention policy. | |
Name | string | Unique name for the retention policy. | |
IsValid | boolean | Whether the retention policy is valid. | |
IsDefaultArbitrationMailbox | boolean | Whether default retention policy for arbitration mailboxes in Exchange Online organization. | |
Identity | string | Specifies the name, distinguished name (DN),or GUID of the retention policy. | |
RetentionId | string | The identity of the retention policy to ensure mailboxes moved from an on-premises Exchange deployment to the cloud continue to have the same retention policy applied to them. | |
IsDefault | boolean | Whether the retention policy is the default retention policy. | |
RetentionPolicyTagLinks | list<string> | RetentionPolicyTag | The RetentionPolicyTags associated. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Identity | string | Specifies the name of the tag. | |
RetentionEnabled | boolean | Specifies whether the tag is enabled. When set to False, the tag is disabled, and no retentionaction is taken on messages that have the tag applied. | |
RetentionAction | string | Specifies the action for the retention policy. | |
AgeLimitForRetention | number | Specifies the age at which retention is enforced on an item. The age limit corresponds to the number of days from the date the item was delivered,or the date an item was created if it wasn't delivered. | |
MessageClass | string | Specifies the message type to which the tag applies. If not specified, the default value is set to '*'. | |
RetentionId | string | Specifies an alternate tag ID to ensure the retention tag found on mailbox items tagged in one Exchangeorganization matches the tag when the mailbox is moved to another Exchange organization. | |
IsValid | boolean | Specifies whether the retention policy tag is valid. | |
LocalizedRetentionPolicyTagName | list<string> | Specifies localized tag names and their languages. | |
Comment | string | Specifies a comment for the tag. | |
id | string | The unique identifier for this retention policy tag. | |
IsPrimary | boolean | Specifies whether its primary retention policy tag. | |
SystemTag | boolean | Specifies that the tag is created for internal Exchange functionality. | |
Description | string | Specifies a Description for the tag. | |
LegacyManagedFolder | string | Specifies the name of a managed folder. The retention tag is created by using retention settings from the managed folder and its managed content settings. You can use this parameter to create retention tags based on existing managed folders to migrate users from managed folder mailbox policies to retention policies. | |
TriggerForRetention | string | Specifies the date that's considered as the start date of the retention period. An item can reach its retention limit a specific number of days after the item was delivered or after it was moved into a specific folder. Valid values include: WhenDelivered The item expires based on when it was delivered. WhenMoved The item expires based on the date it was moved. If this parameter isn't present and the RetentionEnabled parameter is set to $true, an error is returned. | |
MessageClassDisplayName | string | Specifies the message class display name. | |
RawRetentionId | string | Specifies the raw RetentionId. | |
Name | string | Specifies the name of the retention policy tag. | |
MustDisplayCommentEnabled | boolean | Specifies whether the comment can be hidden.. | |
LocalizedComment | list<string> | Specifies localized comments and their languages. | |
MoveToDestinationFolder | string | Description pending. | |
Type | string | Specifies the type of retention tag being created. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Name | string | Name of the policy. | |
Description | string | Description of the role assignment policy. | |
IsDefault | boolean | True if this is the default role assignment policy. | |
IsValid | boolean | True if this is a valid role assignment policy. | |
AssignedRoles | list<string> | List of roles assigned to this policy. Some sample values are "My Custom Apps", "My Marketplace Apps", "My ReadWriteMailbox Apps". |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Redirect | boolean | Specifies whether to deliver messages that were identified by Safe Attachments as containing malware attachments to another email address. | |
id | string | id of the SafeAttachmentPolicy | |
Name | string | Name of the SafeAttachmentPolicy | |
IsBuiltInProtection | boolean | Description pending. | |
IsValid | boolean | The validity for the SafeAttachmentPolicy. | |
IsDefault | boolean | Whether the SafeAttachmentPolicy is the default policy. | |
QuarantineTag | string | Specifies the quarantine policy that's used on messages that are quarantined as malware by Safe Attachments. | |
EnableOrganizationBranding | boolean | Description pending. | |
RedirectAddress | string | Specifies the email address to deliver messages that were identified by Safe Attachments as containing malware attachments when the Redirect parameter is set to the value true. | |
Identity | string | The identifier for this policy. | |
Action | string | The Action parameter specifies the action for the safe attachment policy. Valid values are: Allow: Deliver the message if malware is detected in the attachment and track scanning results. This value corresponds to Monitor for the Safe Attachments unknown malware response property of the policy in the admin center. Block: Block the email message that contains the malware attachment. This is the default value. Replace: Deliver the email message, but remove the malware attachment and replace it with warning text. DynamicDelivery: Deliver the email message with a placeholder for each email attachment. The placeholder remains until a copy of the attachment is scanned and determined to be safe. | |
Enable | boolean | If true, the Action parameter specifies the action for the Safe Attachment policy. If false, Attachments are not scanned by Safe Attachments. | |
AdminDisplayName | string | Specifies a description for the policy. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
IsValid | boolean | Whether SafeLinksPolicy is valid one. | |
RecommendedPolicyType | string | Used for Standard and Strict policy creation. | |
DeliverMessageAfterScan | boolean | Specifies whether to deliver email messages only after Safe Links scanning is complete. | |
DisableUrlRewrite | boolean | Specifies whether to rewrite (wrap) URLs in email message. | |
EnableOrganizationBranding | boolean | Specifies whether your organization's logo is displayed on Safe Links warning and notification pages.. | |
EnableSafeLinksForTeams | boolean | Specifies whether Safe Links is enabled for Microsoft Teams. | |
TrackClicks | boolean | Specifies whether to track user clicks related to Safe Links protection of links. | |
ScanUrls | boolean | Specifies whether to enable or disable real-time scanning of clicked links in email messages. | |
AllowClickThrough | boolean | The AllowClickThrough parameter specifies whether to allow users to click through to the original URL on warning pages. | |
EnableSafeLinksForEmail | boolean | The EnableSafeLinksForEmail parameter specifies whether to enable Safe Links protection for email messages. | |
EnableSafeLinksForOffice | boolean | The EnableSafeLinksForOffice parameter specifies whether to enable Safe Links protection for Microsoft Office Apps. | |
DoNotRewriteUrls | list<string> | Specifies the URLs that are not rewritten by Safe Links scanning. | |
id | string | Unique ID of the SafeLinksPolicy. | |
EnableForInternalSenders | boolean | Specifies whether the Safe Links policy is applied to messages sent between internal senders and internal recipients within the same Exchange Online organization. | |
CustomNotificationText | string | Specifies the customized notification text to show to users. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
id | string | Combination of azureTenantId_createdDateTime. | |
azureTenantId | string | GUID string for tenant ID. | |
createdDateTime | number | The date when the entity is created. | |
maxScore | number | Tenant maximum possible score on specified date. | |
currentScore | number | Tenant current attained score on specified date. | |
controlScores | list<object> | Contains tenant scores for a set of controls. | |
on | boolean | Indicate whether the policy is turned on. | |
description | string | Description of the control. | |
isEnforced | boolean | Whether this control score is enforced or not. | |
scoreInPercentage | number | The current score as a percentage. | |
count | number | Count of violated resources for this control | |
implementationStatus | string | Description of current status, e.g. "You currently have 4 global admins". | |
lastSynced | number | The datetime when last synced in epoch time. | |
total | number | Number of applicable resources for this control | |
reviewed | number | Unix timestamp. | |
controlName | string | Unique name for the control. | |
controlCategory | string | Control action category (Identity, Data, Device, Apps, Infrastructure). | |
score | number | Tenant achieved score for the control (it varies day by day depending on tenant operations on the control). | |
IsApplicable | boolean | Whether this control score is applicable or not. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
requireAcceptingAccountMatchInvitedAccount | boolean | If true, external users must accept sharing invitations using the same account that the invitations were sent to. | |
bccExternalSharingInvitations | boolean | When the feature is enabled, all external sharing invitations that are sent will blind copy the e-mail messages listed in the BccExternalSharingsInvitationList. | |
isFluidEnabled | boolean | Specifies whether Fluid Framework is enabled or not. | |
defaultSharingLinkType | string | Lets administrators choose what type of link appears is selected in the "Get a link" sharing dialog box in OneDrive for Business and SharePoint Online. | |
iPAddressAllowList | string | Comma separated list of allowed IP addresses or IP address ranges. | |
officeClientADALDisabled | boolean | When set to true this will disable the ability to use Modern Authentication that leverages ADAL across the tenant. | |
publicCdnEnabled | boolean | Enables or disables the public CDN. | |
showPeoplePickerSuggestionsForGuestUsers | boolean | Shows people picker suggestions for guest users. | |
stopNew2010Workflows | boolean | Prevents creation of new SharePoint 2010 classic workflows. | |
disableOutlookPSTVersionTrimming | boolean | Specifies whether Outlook PST version trimming is disabled or not. | |
notificationsInOneDriveForBusinessEnabled | boolean | Enables or disables notifications in OneDrive for Business. | |
oDBAccessRequests | string | Specifies if AccessRequests is On, Off or Unspecified for Onedrive for Business. | |
startASiteFormUrl | string | Specifies URL of the form to load in the Start a Site dialog. | |
allowEditing | boolean | Prevents users from editing Office files in the browser and copying and pasting Office file contents out of the browser window. | |
contentTypeSyncSiteTemplatesList | list<string> | When the feature is enabled, the Content Type Hub will push content types to OneDrive for Business sites. | |
coreRequestFilesLinkExpirationInDays | number | Specifies the number of days before a Request files link expires for all SharePoint sites (not including OneDrive sites). | |
markNewFilesSensitiveByDefault | string | If external sharing is turned on, sensitive content could be shared and accessed by guests before the Office DLP rule finishes processing, you can address this issue by configuring this parameter. | |
storageQuotaAllocated | number | Storage quota that is allocated for all sites in the tenant. | |
oneDriveForGuestsEnabled | boolean | Lets OneDrive for Business creation for administrator managed guest users. Administrator managed Guest users use credentials in the resource tenant to access the resources. | |
showOpenInDesktopOptionForSyncedFiles | boolean | The ShowOpenInDesktopOptionForSyncedFiles setting displays the "Open in desktop" option when users go to SharePoint or OneDrive on the web and open the shortcut menu for a file that they're syncing with the OneDrive sync app. | |
blockUserInfoVisibilityInOneDrive | string | Specifies block user info visibility in OneDrive. | |
defaultLinkPermission | string | Lets administrators choose the default permission of the link in the sharing dialog box in OneDrive for Business and SharePoint Online. This applies to anonymous access, internal and direct links. | |
stopNew2013Workflows | boolean | Prevents creation of new SharePoint 2013 classic workflows. | |
allowCommentsTextOnEmailEnabled | boolean | When this parameter is true, the email notification that a user receives when is mentioned, includes the surrounding document context. | |
displayNamesOfFileViewers | boolean | If true, file owners can see the names of people who viewed their files in OneDrive. | |
folderAnonymousLinkType | string | Type of anonymous access link of folders to allow recipients to only view or view and edit. | |
isCollabMeetingNotesFluidEnabled | boolean | Specifies whether CollabMeetingNotes Fluid Framework is enabled or not. | |
mediaTranscription | string | Defines the media transcription policy. | |
notificationsInSharePointEnabled | boolean | Enables or disables notifications in SharePoint. | |
allowedDomainListForSyncClient | list<string> | The list of allowed domains if "isUnManagedSyncClientForTenantRestricted" is set to True. | |
coreSharingCapability | string | Determines what level of sharing is available for SharePoint sites (not including OneDrive sites). | |
enableAutoNewsDigest | boolean | Enable or disable auto news digest. | |
externalServicesEnabled | boolean | Enables external services(services that are not in the Office 365 datacenters) for a tenant. | |
publicCdnOrigins | list<string> | Specifies a list of the Public CDN origins. | |
workflow2010Disabled | boolean | Specifies whether workflow 2010 is disabled or not. | |
sharingDomainRestrictionMode | string | The sharing domain restriction being used. Possible values are: "None", "AllowList", "BlockList". | |
blockAccessOnUnmanagedDevices | boolean | If true, unmanaged devices will not be allowed access to SharePoint. Note only one of the allowLimitedAccessOnUnmanagedDevices and blockAccessOnUnmanagedDevices settings can be true at the same time. If both settings are false, then all devices, unmanaged or not, will have full access to SharePoint. | |
blockUserInfoVisibilityInSharePoint | string | Specifies block user info visibility in SharePoint. | |
iPAddressEnforcement | boolean | Allows access from network locations that are defined by an administrator. | |
blockSendLabelMismatchEmail | boolean | When a sensitivity label mismatch occurs between the label on the document uploaded and the label on the site, SharePoint Online captures an audit record, and sends an Incompatible sensitivity label detected email notification to the person who uploaded the document and the site owner. The notification contains details of the document which caused the problem and the label assigned to the document and to the site. The comparison happens between the priority of these two labels. | |
disabledWebPartIds | list<string> | Allows administrators to prevent certain web parts from being added to pages or rendering on pages on which they were previously added. | |
oneDriveRequestFilesLinkEnabled | boolean | Enable or disable the Request files link on the OneDrive partition for all OneDrive sites. | |
oneDriveStorageQuota | number | Specifies a default OneDrive for Business storage quota for the tenant. It will be used for new OneDrive for Business sites created. | |
provisionSharedWithEveryoneFolder | boolean | Creates a Shared with Everyone folder in every user's new OneDrive for Business document library. | |
searchResolveExactEmailOrUPN | boolean | Removes the search capability from People Picker. This also does not allow SharePoint users to search for security groups or SharePoint groups. | |
showEveryoneClaim | boolean | Enables the administrator to hide the Everyone claim in the People Picker. | |
reduceTempTokenLifetimeValue | number | Specifies the session timeout value for temporary URLs. The value can be in between 5 and 15 minutes and the default value is 15 minutes. | |
sharingCapability | string | Specifies what level of sharing is available for the site. | |
sharingAllowedDomainList | list<string> | List of domains that resources are allowed to be shared with, if "sharingDomainRestrictionMode" = "AllowList" | |
blockMacSync | boolean | If True, MacOS devices cannot sync files from OneDrive / SharePoint. | |
notifyOwnersWhenInvitationsAccepted | boolean | If true, OneDrive owners will receive a notification when external users accept invitations to access files. | |
conditionalAccessPolicyErrorHelpLink | string | A Link for help when Conditional Access Policy blocks a user. | |
externalUserExpireInDays | number | Specifies the number of days before an external user will expire and be removed from the site collection if the policy is enabled. Value can be from 30 to 730 days. | |
iPAddressWACTokenLifetime | number | Allows to set the session timeout. If you are a tenant administrator and you begin IP address enforcement for OneDrive for Business in Office 365, this enforcement automatically activates a tenant parameter IPAddressWACTokenLifetime. The default value is 15 minutes, when IP Address Enforcement is True. | |
showPeoplePickerGroupSuggestionsForIB | boolean | The ShowPeoplePickerGroupSuggestionsForIB setting allows showing group suggestions for information barriers (IBs) in the People Picker. | |
storageQuota | number | Storage quota that is available for all sites in the tenant. | |
syncPrivacyProfileProperties | boolean | Specifies whether privacy profile properties synced or not. | |
legacyAuthProtocolsEnabled | boolean | If False, basic authentication and other legacy authentication mechanisms are not allowed for this SharePoint tenant. | |
coreRequestFilesLinkEnabled | boolean | Enable or disable the Request files link on the core partition for all SharePoint sites (not including OneDrive sites). If this value is not set, Request files will only show for OneDrives with Anyone links enabled. | |
blockDownloadLinksFileType | string | Specifies the type of files that can be displayed when the block download links feature is being used. | |
resourceQuota | number | Resource quota that is available for all sites in the tenant. | |
viewInFileExplorerEnabled | boolean | Enables or disables the ability to use View in Explorer in Microsoft Edge (93) or above. | |
anyoneLinkTrackUsers | boolean | Specifies whether anyone links should track link users. | |
fileAnonymousLinkType | string | Type of anonymous access link of files to allow recipients to only view or view and edit. | |
emailAttestationReAuthDays | number | The number of days for email attestation re-authentication. Value can be from 1 to 365 days. | |
oDBMembersCanShare | string | Specifies if MembersCanShare is On, Off or Unspecified for Onedrive for Business. | |
displayStartASiteOption | boolean | If false, the site creation command will be hidden in SharePoint. | |
specialCharactersStateInFileFolderNames | string | Permits the use of special characters in file and folder names in SharePoint Online and OneDrive for Business document libraries. | |
allowGuestUserShareToUsersNotInSiteCollection | boolean | This setting will allow guests to share to users not in the site. | |
disableSpacesActivation | boolean | Specifies whether activation of spaces are disabled or not. | |
informationBarriersSuspension | boolean | Specifies whether information barriers suspensed or not. | |
limitedAccessFileType | string | Allows users to preview only Office files in the browser. This option increases security, but may be a barrier to user productivity. | |
disallowInfectedFileDownload | boolean | If True, files that ATP has detected as infected will not be allowed to be downloaded via SharePoint. | |
disableCustomAppAuthentication | boolean | Prevents apps using an Azure Access Control (ACS) app-only access token to access SharePoint. | |
externalUserExpirationRequired | boolean | Specifies whether to enable the external user expiration policy. | |
excludedFileExtensionsForSyncClient | list<string> | The list of excluded file extensions when syncing OneDrive files. | |
reduceTempTokenLifetimeEnabled | boolean | Enables reduced session timeout for temporary URLs used by apps for document download scenarios. | |
socialBarOnSitePagesDisabled | boolean | The Social Bar will appear on all modern SharePoint pages with the exception of the home page of a site. It will give users the ability to like a page, see the number of views, likes, and comments on a page, and see the people who have liked a page. | |
userVoiceForFeedbackEnabled | boolean | Enables or disables the User Voice Feedback button. | |
disableBackToClassic | boolean | Specifies whether back to classic link is disabled in Modern UX. | |
disabledModernListTemplateIds | list<string> | An array of modern List template ids that are disabled on the tenant. | |
viewersCanCommentOnMediaDisabled | boolean | Controls whether viewers commenting on media items is disabled or not. | |
preventExternalUsersFromResharing | boolean | If True, external users will not be able to share files and folders unless they were the original owner of the resource. | |
orphanedPersonalSitesRetentionPeriod | number | Specifies the number of days after a user's Active Directory account is deleted that their OneDrive for Business content will be deleted. | |
applyAppEnforcedRestrictionsToAdHocRecipients | boolean | When the feature is enabled, all guest users are subject to conditional access policy. By default guest users who are accessing SharePoint Online files with pass code are exempt from the conditional access policy. | |
permissiveBrowserFileHandlingOverride | boolean | Enables the Permissive browser file handling. By default, the browser file handling is set to Strict. | |
allowOverrideForBlockUserInfoVisibility | boolean | Specifies whether to override block user info visibility. | |
filePickerExternalImageSearchEnabled | boolean | For Webparts that support inserting images, like for example Image or Hero webpart, the Web search (Powered by Bing) option will be available if enabled. | |
emailAttestationRequired | boolean | Sets email attestation to required. | |
oneDriveRequestFilesLinkExpirationInDays | number | Specifies the number of days before a Request files link expires for all OneDrive sites. The value can be from 0 to 730 days. | |
showEveryoneExceptExternalUsersClaim | boolean | Enables the administrator to hide the "Everyone except external users" claim in the People Picker. | |
oneDriveLoopSharingCapability | string | Specifies sharing capabilities of Onedrive loop. | |
useFindPeopleInPeoplePicker | boolean | This feature enables tenant admins to enable ODB and SPO to respect Exchange supports Address Book Policy (ABP) policies in the people picker. | |
displayNamesOfFileViewersInSpo | boolean | If true, file owners can see the names of people who viewed their files in SharePoint. | |
notifyOwnersWhenItemsReshared | boolean | If true, OneDrive owners will receive a notification when other users invite additional external users to shared files. | |
commentsOnListItemsDisabled | boolean | Disables or enables commenting functionality on list items. | |
compatibilityRange | string | Determines which compatibility range is available for new site collections | |
enableAzureADB2BIntegration | boolean | Enables the preview for OneDrive and SharePoint integration with Azure AD B2B. | |
enableGuestSignInAcceleration | boolean | Accelerates guest-enabled site collections as well as member-only site collections when the SignInAccelerationDomain parameter is set. | |
allowAnonymousMeetingParticipantsToAccessWhiteboards | string | Specifies whether to allow anonymous meeting participants to access whiteboards. | |
conditionalAccessPolicy | string | Specifies conditional access policy for the tenant. | |
enableAIPIntegration | boolean | This parameter enables SharePoint to process the content of files stored in SharePoint and OneDrive with sensitivity labels that include encryption. | |
requireAnonymousLinksExpireInDays | number | The number of days before an anonymous sharing link for a file expires. A value of -1 indicates no expiry. | |
allowLimitedAccessOnUnmanagedDevices | boolean | If true, unmanaged devices will only be allowed limited, web-only access to SharePoint. Note only one of the allowLimitedAccessOnUnmanagedDevices and blockAccessOnUnmanagedDevices settings can be true at the same time. If both settings are false, then all devices, unmanaged or not, will have full access to SharePoint. | |
bccExternalSharingInvitationsList | string | Specifies a list of e-mail addresses to be BCC'd when the BCC for External Sharing feature is enabled. Multiple addresses can be specified by creating a comma separated list with no spaces. | |
commentsOnSitePagesDisabled | boolean | Disables or enables commenting functionality on the site pages. | |
showAllUsersClaim | boolean | Enables the administrator to hide the All Users claim groups in People Picker. | |
sharingBlockedDomainList | list<string> | List of domains that resources will not be allowed to be shared with, if "sharingDomainRestrictionMode" = "BlockList" | |
isUnmanagedSyncClientForTenantRestricted | boolean | If True, file syncing for OneDrive / SharePoint will only be allowed on PCs joined to specific domains. (See property "allowedDomainListForSyncClient") | |
commentsOnFilesDisabled | boolean | Disables or enables commenting functionality on the files. | |
includeAtAGlanceInShareEmails | boolean | Enable or disable the At A Glance feature in sharing e-mails. This provides the key points and time to read for the shared item if available. | |
publicCdnAllowedFileTypes | string | Specifies public CDN allowed file types. | |
resourceQuotaAllocated | number | Resource quota that is allocated for all sites in the tenant. | |
signInAccelerationDomain | string | Specifies the home realm discovery value to be sent to Azure Active Directory (AAD) during the user sign-in process. | |
ownerAnonymousNotification | boolean | If true, OneDrive owners will receive a notification when an anonymous link is created or changed. | |
customizedExternalSharingServiceUrl | string | Specifies a URL that will be appended to the error message that is surfaced when a user is blocked from sharing externally by policy. This URL can be used to direct users to internal portals to request help or to inform them about your organization's policies. An example value is "https://www.contoso.com/sharingpolicies". | |
disablePersonalListCreation | boolean | Specifies whether personal list creation is disabled or not. | |
isWBFluidEnabled | boolean | Specifies whether Whiteboard is enabled or disabled for OneDrive for Business users. Whiteboard on OneDrive for Business is automatically enabled for applicable Microsoft 365 tenants but can be disabled. | |
labelMismatchEmailHelpLink | string | This parameter allows tenant admins to customize the "Help Link" in email with the subject "Incompatible sensitivity label detected." | |
noAccessRedirectUrl | string | Specifies the URL of the redirected site for those site collections which have the locked state "NoAccess." |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
sharingEnabled | boolean | The "enabled" setting from the PowerShell command. If "False", no calendar sharing is allowed with users outside of the O365 organization. | |
domains | list<object> | List of domains and what kind of calendar details can be shared with them. | |
domain | string | Possible values are "*" (represents users outside of the o365 organization who have an o365 account), "Anonymous" (represents users outside of the o365 organization who do not have an o365 account). | |
sharingAllowedDetails | string | Possible values are "CalendarSharingFreeBusySimple" (share free/busy hours only), "CalendarSharingFreeBusyDetail" (share free/busy hours, subject, and location), "CalendarSharingFreeBusyReviewer" (share free/busy hours, subject, location, and the body of the message or calendar item), "ContactsSharing" (share contacts only). | |
id | string | id of the SharingPolicy. | |
isDefault | boolean | True if this is the default sharing policy. | |
name | string | Name of the sharing policy. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
OWAEncryptionAlgorithms | string | Specifies a list of symmetric encryption algorithms that are used by Outlook on the web to encrypt messages. Valid values are: 6601: DES (56-bit). 6602: RC2. Supported key lengths are 40, 56, 64, and 128. RC2 is the only supported algorithm that offers multiple key lengths. 6603: 3DES (168-bit). 660E: AES128. 660F: AES192. 6610: AES256 (This is the default value). | |
OWAIncludeCertificateChainAndRootCertificate | boolean | Specifies whether the certificate chains and root certificates of the signing or encryption certificates are included in the message in Outlook on the web. | |
OWAIncludeSMIMECapabilitiesInMessage | boolean | Specifies whether signed and encrypted messages in Outlook on the web include attributes that describe the supported encryption and signing algorithms. | |
SMIMEExpiredCertificateThumbprint | string | Description pending. | |
OWADisableCRLCheck | boolean | Enables or disables CRL checking in Outlook on the web. Valid values are: true: CRL checks are disabled when validating certificates. false: CRL checks are enabled when validating certificates.This is the default value. | |
SMIMECertificateIssuingCA | list<string> | Specifies the serialized certificate store (SST) that contains the Certificate Authority (CA) signing and intermediate certificate information. | |
IsValid | boolean | Whether the smime config is valid. | |
OWACRLRetrievalTimeout | boolean | Specifies the time in milliseconds that Outlook on the web waits to retrieve all CRLs when validating a certificate. VA valid value is an integer between 0 and 4294967295 (UInt32). The default value is 10000 (10 seconds). | |
OWAForceSMIMEClientUpgrade | boolean | Specifies whether or not users are forced to upgrade an S/MIME control that's older than their current version in Outlook on the web. true: Users need to download and install the new control before they can use S/MIME. This is the default value. false: Users receive a warning if the S/MIME control on their computer is not current, but they can still use S/MIME without updating the control. | |
OWASenderCertificateAttributesToDisplay | string | Controls which certificate attributes are displayed when signature verification proceeds despite a mismatch between the sender's email address and the email address in sender's certificate. | |
OWAUseKeyIdentifier | boolean | Specifies whether a certificate's key identifier is used to encode the asymmetrically encrypted token in Outlook on the web. | |
OWAUseSecondaryProxiesWhenFindingCertificates | boolean | Specifies whether alternative proxies are used during the certificate search in Outlook on the web. | |
SMIMECertificatesExpiryDate | number | Description pending. | |
OWAAllowUserChoiceOfSigningCertificate | boolean | Specifies whether to allow users to select the certificate to use when they digitally sign email messages in Outlook on the web. | |
OWABCCEncryptedEmailForking | number | Specifies how Bcc messages are encrypted in Outlook on the web. Valid values are: 0: One encrypted message per Bcc recipient. This is the default value. 1: One single encrypted message for all Bcc recipients. 2: One encrypted message without Bcc forking. | |
OWAEncryptTemporaryBuffers | boolean | Specifies whether the Outlook on the web client-side temporary message storage buffers are encrypted. | |
OWAOnlyUseSmartCard | boolean | Specifies whether smartcard-based certificates are required for Outlook on the web message signing and decryption. | |
id | string | The unique identifier for this smime config. | |
OWAAlwaysSign | boolean | Specifies whether all outgoing messages are automatically signed in Outlook on the web. | |
OWADLExpansionTimeout | number | Specifies the time in milliseconds that Outlook on the web waits when sending encrypted messages to members of a distribution group that requires expansion. A valid value is an integer between 0 and 4294967295 (UInt32). The default value is 60000 (60 seconds). If the operation doesn't complete in the time specified by this parameter, the operation fails and the message is not sent. | |
OWATripleWrapSignedEncryptedMail | boolean | Specifies whether signed and encrypted email messages in Outlook on the web are triple-wrapped. Valid values are: true: A signed message is encrypted, and then the encrypted message is signed (signed-encrypted-signed). false: A signed message is encrypted only (there is no additional signing of the encrypted message). This is the default value. | |
OWACRLConnectionTimeout | number | Specifies the time in milliseconds that Outlook on the web waits while connecting to retrieve a single CRL as part of a certificate validation operation. A valid value is an integer between 0 and 4294967295 (UInt32). The default value is 60000 (60 seconds). | |
OWAIncludeCertificateChainWithoutRootCertificate | boolean | Specifies whether the certificate chains of the signing or encryption certificates are included in messages in Outlook on the web. Valid values are: true: Signed or encrypted messages include the full certificate chain, but not the root certificate. false: Signed or encrypted messages include only the signing and encrypting certificates, not their corresponding certificate chains. This is the default value. | |
OWASignedEmailCertificateInclusion | boolean | Specifies whether the sender's encryption certificate is excluded from a signed email message in Outlook on the web. Valid values are: true: Outlook on the web and the S/MIME control include both signing and encrypting certificates with signed email messages. This is the default value. false: Outlook on the web and the S/MIME control do not include signing and encrypting certificates with signed email messages. | |
OWASigningAlgorithms | string | Specifies the list of symmetric encryption signing algorithms that are used by Outlook on the web to sign messages with the S/MIME control. Valid values are: 8003: CALG_MD5 or 128-bit MD5. 800E: CALG_SHA_512 or 512-bit Secure Hash Algorithm (SHA). 800D: CALG_SHA_384 or 384-bit SHA. 800C: CALG_SHA_256 or 256-bit SHA. 8004: SHA1 or 160-bit SHA-1 (This is the default value) | |
Name | string | Unique name for the smime config. | |
OWAAlwaysEncrypt | boolean | Specifies whether all outgoing messages are automatically encrypted in Outlook on the web. | |
OWACheckCRLOnSend | boolean | Specifies how the certificate revocation list (CRL) check is enforced when an email message is sent in Outlook on the web. Valid values are: true: When the CRL distribution point is inaccessible, Outlook on the web displays a warning dialog box and prevents signed or encrypted messages from being sent. false: When the CRL distribution point is inaccessible, Outlook on the web allows signed or encrypted messages to be sent. This is the default value. | |
OWAClearSign | boolean | Specifies how email messages are signed in Outlook on the web. Valid values are: true: Digitally signed messages are clear-signed. This is the default value. false: digitally signed messages are opaque-signed. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Enabled | boolean | Enables the browser idle sign-out policy. | |
SignOutAfter | object | Specifies a time interval of inactivity before the user gets signed out | |
Days | number | Days | |
Hours | number | Hours | |
Milliseconds | number | Milliseconds | |
Microseconds | number | Microseconds | |
Nanoseconds | number | Nanoseconds | |
Minutes | number | Minutes | |
Ticks | number | Ticks | |
WarnAfter | object | Specifies a time interval of inactivity before the user gets a warning about being signed out. | |
Minutes | number | Minutes | |
Ticks | number | Ticks | |
Days | number | Days | |
Hours | number | Hours | |
Milliseconds | number | Milliseconds | |
Microseconds | number | Microseconds | |
Nanoseconds | number | Nanoseconds |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
CommentsOnSitePagesDisabled | boolean | Disables or enables commenting functionality on the site pages | |
Owner | string | Gets or sets the login name of the site owner. | |
DisableAppViews | string | DisableAppViews | |
LockIssue | string | Gets a description of the lock issue. | |
OverrideTenantExternalUserExpirationPolicy | boolean | OverrideTenantExternalUserExpirationPolicy | |
Title | string | Gets or sets the title of the site. | |
DisableFlows | string | DisableFlows | |
ExternalUserExpirationInDays | number | ExternalUserExpirationInDays | |
GroupId | string | GroupId | |
IsTeamsConnected | boolean | IsTeamsConnected | |
SensitivityLabel | string | SensitivityLabel | |
SharingBlockedDomainList | list<string> | SharingBlockedDomainList | |
SocialBarOnSitePagesDisabled | boolean | Disables or enables the Social Bar. | |
CompatibilityLevel | number | Gets the compatibility level of the site. | |
PWAEnabled | string | PWAEnabled | |
ResourceUsageAverage | number | ResourceUsageAverage | |
StorageQuota | number | StorageQuota | |
Template | string | Gets or sets the web template name of the site. | |
WebsCount | number | Gets the number of [SPWeb] objects in the site. | |
SiteDefinedSharingCapability | string | SiteDefinedSharingCapability | |
LocaleId | number | LocaleId | |
LockState | string | Gets or sets the lock state of the site. | |
HubSiteId | string | HubSiteId | |
DefaultSharingLinkType | string | Lets administrators choose what type of link appears is selected in the "Get a link" sharing dialog box in OneDrive for Business and SharePoint Online. | |
InformationSegment | string | InformationSegment | |
ResourceQuota | number | ResourceQuota | |
SandboxedCodeActivationCapability | string | SandboxedCodeActivationCapability | |
StorageQuotaWarningLevel | number | StorageQuotaWarningLevel | |
AnonymousLinkExpirationInDays | number | AnonymousLinkExpirationInDays | |
BlockDownloadLinksFileType | string | ServerRendered (Office Only) and WebPreviewable (All supported files). | |
DisableSharingForNonOwnersStatus | boolean | DisableSharingForNonOwnersStatus | |
IsHubSite | boolean | IsHubSite | |
ResourceUsageCurrent | number | ResourceUsageCurrent | |
AllowDownloadingNonWebViewableFiles | boolean | AllowDownloadingNonWebViewableFiles | |
AllowEditing | boolean | Prevents users from editing Office files in the browser and copying and pasting Office file contents out of the browser window. | |
ConditionalAccessPolicy | string | ConditionalAccessPolicy | |
Description | string | Description of the Sharepoint Site | |
OwnerName | string | Name of Sharepoint Site owner | |
SharingDomainRestrictionMode | string | SharingDomainRestrictionMode | |
StorageQuotaType | string | StorageQuotaType | |
LimitedAccessFileType | string | Allows users to preview only Office files in the browser. This option increases security, but may be a barrier to user productivity. | |
ResourceQuotaWarningLevel | number | ResourceQuotaWarningLevel | |
SharingCapability | string | Determines what level of sharing is available for the site. | |
OverrideTenantAnonymousLinkExpirationPolicy | boolean | OverrideTenantAnonymousLinkExpirationPolicy | |
OwnerEmail | string | Email of Sharepoint Site owner | |
RestrictedToGeo | string | RestrictedToGeo | |
SharingAllowedDomainList | list<string> | SharingAllowedDomainList | |
Status | string | Gets the status of the site. | |
Url | string | Gets the URL of the site. | |
DefaultLinkToExistingAccess | boolean | DefaultLinkToExistingAccess | |
RelatedGroupId | string | RelatedGroupId | |
StorageUsageCurrent | number | StorageUsageCurrent | |
ShowPeoplePickerSuggestionsForGuestUsers | boolean | Shows people picker suggestions for guest users. | |
AllowSelfServiceUpgrade | boolean | Gets or sets a value that indicates whether a site supports self-service upgrade. | |
DefaultLinkPermission | string | Lets administrators choose the default permission of the link in the sharing dialog box in OneDrive for Business and SharePoint Online. | |
DenyAddAndCustomizePages | string | Gets or sets a value of the DenyAddAndCustomizePagesStatus enumeration for the site. | |
DisableCompanyWideSharingLinks | string | DisableCompanyWideSharingLinks | |
IsTeamsChannelConnected | boolean | IsTeamsChannelConnected | |
OwnerLoginName | string | Login name of Sharepoint Site owner | |
ProtectionLevelName | string | ProtectionLevelName | |
TeamsChannelType | string | TeamsChannelType |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowedDomainList | list<string> | Configure OneDrive to sync only on PCs that are joined to specific domains. | |
ExcludedFileExtensions | list<string> | Prevent users from uploading specific file types when they sync their OneDrive files. | |
OptOutOfGrooveBlock | boolean | Whether user is allowed to sync OneDrive for Business libraries with the old OneDrive for Business sync client. | |
OptOutOfGrooveSoftBlock | boolean | OptOutOfGrooveSoftBlock. | |
DisableReportProblemDialog | boolean | DisableReportProblemDialog | |
TenantRestrictionEnabled | boolean | TenantRestrictionEnabled. | |
BlockMacSync | boolean | Block Mac sync clients-- the Beta version and the new sync client (OneDrive.exe). |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Identity | string | Specifies the collection of tenant federation configuration settings to be modified. Because each tenant is limited to a single. | |
AllowedAcsResources | list<string> | The list of the ACS resources (at least one) for which federation is enabled, when EnableAcsUsers is set to true. If EnableAcsUsers is set to false, then this list is ignored and should be null/empty. | |
EnableAcsUsers | boolean | Set to True to enable federation between Teams and ACS. When set to False, all other parameters are ignored. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowTranscriptionForCalling | boolean | Determines whether post-call transcriptions are allowed. Set this to True to allow. Set this to False to prohibit. | |
AllowWebPSTNCalling | boolean | Allows PSTN calling from the Teams web client. | |
Copilot | string | Setting this parameter lets you control how Copilot is used during calls and if transcription is needed to be turned on and saved after the call. | |
InboundFederatedCallRoutingTreatment | string | Setting this parameter lets you control how inbound federated calls should be routed. | |
PopoutForIncomingPstnCalls | string | Setting this parameter allows you to control the tenant users' ability to launch an external website URL automatically in the browser window upon incoming PSTN calls for specific users or user groups. Valid options are Enabled and Disabled. | |
PreventTollBypass | boolean | Setting this parameter to True will send calls through PSTN and incur charges rather than going through the network and bypassing the tolls. | |
SpamFilteringEnabledType | string | Determines if spam detection is enabled for inbound PSTN calls. | |
AllowCallForwardingToPhone | boolean | Enables the user to configure in the Microsoft Teams client call forwarding or simultaneous ringing of inbound calls to any phone number. | |
AllowCallGroups | boolean | Enables the user to configure call groups in the Microsoft Teams client and that inbound calls should be routed to call groups. | |
AllowCloudRecordingForCalls | boolean | Determines whether cloud recording is allowed in a user's 1:1 Teams or PSTN calls. Set this to True to allow the user to be able to record 1:1 calls. Set this to False to prohibit the user from recording 1:1 calls. | |
AllowSIPDevicesCalling | boolean | Determines whether the user is allowed to use a SIP device for calling on behalf of a Teams client. | |
LiveCaptionsEnabledTypeForCalling | string | Determines whether real-time captions are available for the user in Teams calls. | |
Identity | string | Name of the policy instance being created. | |
AllowCallRedirect | string | Setting this parameter enables local call redirection for SIP devices connecting via the Microsoft Teams SIP gateway. | |
AllowDelegation | boolean | Enables the user to configure delegation in the Microsoft Teams client and that inbound calls to be routed to delegates; allows delegates to make outbound calls on behalf of the users for whom they have delegated permissions. | |
AllowVoicemail | string | Enables inbound calls to be routed to voicemail. | |
InboundPstnCallRoutingTreatment | string | Setting this parameter lets you control how inbound PSTN calls should be routed. | |
MusicOnHoldEnabledType | string | Setting this parameter allows you to turn on or turn off the music on hold when a caller is placed on hold. | |
AllowCallForwardingToUser | boolean | Enables the user to configure in the Microsoft Teams client call forwarding or simultaneous ringing of inbound calls to other users in your tenant. | |
AllowPrivateCalling | boolean | Controls all calling capabilities in Teams. Turning this off will turn off all calling functionality in Teams. If you use Skype for Business for calling, this policy will not affect calling functionality in Skype for Business. | |
BusyOnBusyEnabledType | string | Setting this parameter lets you configure how incoming calls are handled when a user is already in a call or conference or has a call placed on hold. | |
CallRecordingExpirationDays | number | Sets the expiration of the recorded 1:1 calls. Default is 60 days. | |
PopoutAppPathForIncomingPstnCalls | string | Setting this parameter allows you to set the PopoutForIncomingPstnCalls setting's URL path of the website to launch upon receiving incoming PSTN calls. This parameter accepts an HTTPS URL with less than 1024 characters. The URL can contain a {phone} placeholder that is replaced with the caller's PSTN number in E.164 format when launched. | |
Description | string | Enables administrators to provide explanatory text about the calling policy. For example, the Description might indicate the users to whom the policy should be assigned. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowEgnyte | boolean | Designates whether users are able to leverage Egnyte as a third party storage solution in Microsoft Teams. If true, users will be able to add Egnyte in the client and interact with the files stored there | |
AllowShareFile | boolean | Designates whether users are able to leverage Citrix ShareFile as a third party storage solution in Microsoft Teams. If true, users will be able to add Citrix ShareFile in the client and interact with the files stored there. | |
ResourceAccountContentAccess | string | Require a secondary form of authentication to access meeting content. Possible values: NoAccess, PartialAccess and FullAccess. | |
AllowBox | boolean | Designates whether users are able to leverage Box as a third party storage solution in Microsoft Teams. If true, users will be able to add Box in the client and interact with the files stored there. | |
AllowDropBox | boolean | Designates whether users are able to leverage DropBox as a third party storage solution in Microsoft Teams. If true, users will be able to add DropBox in the client and interact with the files stored there | |
AllowOrganizationTab | boolean | When set to true, users will be able to see the organizational chart icon other users contact cards, and when clicked, this icon will display the detailed organizational chart | |
ContentPin | string | This setting applies only to Skype for Business Online (not Microsoft Teams) and defines whether the user must provide a secondary form of authentication to access the meeting content from a resource device account. Meeting content is defined as files that are shared to the Content Bin - files that have been attached to the meeting. Possible Values: NotRequired, RequiredOutsideScheduleMeeting, AlwaysRequired . Default Value: RequiredOutsideScheduleMeeting. | |
RestrictedSenderList | string | Senders domains can be further restricted to ensure that only allowed SMTP domains can send emails to the Teams channels. This is a semicolon-separated string of the domains you'd like to allow to send emails to Teams channels. | |
AllowEmailIntoChannel | boolean | When set to true, mail hooks are enabled, and users can post messages to a channel by sending an email to the email address of Teams channel | |
AllowGoogleDrive | boolean | Designates whether users are able to leverage GoogleDrive as a third party storage solution in Microsoft Teams. If true, users will be able to add Google Drive in the client and interact with the files stored there | |
AllowResourceAccountSendMessage | boolean | Surface Hub uses a device account to provide email and collaboration services (IM, video, voice). This device account is used as the originating identity (the "from" party) when sending email, IM, and placing calls. As this account is not coming from an individual, identifiable user, it is deemed "anonymous" because it originated from the Surface Hub's device account. If set to true, these device accounts will be able to send chat messages in Skype for Business Online (does not apply to Microsoft Teams). | |
AllowSkypeBusinessInterop | boolean | When set to true, Teams conversations automatically show up in Skype for Business for users that aren't enabled for Teams. | |
Identity | string | The only valid value is Global - the tenant wide configuration | |
AllowGuestUser | boolean | Designates whether or not guest users in your organization will have access to the Teams client. If true, guests in your tenant will be able to access the Teams client. Note that this setting has a core dependency on Guest Access being enabled in your Office 365 tenant. | |
AllowRoleBasedChatPermissions | boolean | When set to True, Supervised Chat is enabled for the tenant. | |
AllowScopedPeopleSearchandAccess | boolean | If set to true, the Exchange address book policy (ABP) will be used to provide customized view of the global address book for each user. This is only a virtual separation and not a legal separation |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Enabled | boolean | Controls whether this Teams recording policy is active or not. Setting this to True and having the right set of ComplianceRecordingApplications will initiate automatic policy-based recording for all new calls and meetings of all Microsoft Teams users who are assigned this policy. Existing calls and meetings are unaffected. Setting this to False will stop automatic policy-based recording for any new calls or meetings of all Microsoft Teams users who are assigned this policy. Existing calls and meetings are unaffected. | |
Identity | string | Unique identifier to be assigned to the new Teams recording policy. | |
RecordReroutedCalls | boolean | Setting this attribute to true enables compliance recording for calls that have been re-routed from a compliance recording-enabled user. Supported call scenarios include forward, transfer, delegation, call groups, and simultaneous ring. | |
WarnUserOnRemoval | boolean | This parameter is reserved for future use. | |
ComplianceRecordingApplications | list<string> | A list of application instances of policy-based recording applications to assign to this policy. The Id of each of these application instances must be the ObjectId of the application instance as obtained by the Get-CsOnlineApplicationInstance cmdlet. | |
CustomBanner | string | References the Custom Banner text in the storage | |
Description | string | Enables administrators to provide explanatory text to accompany a Teams recording policy. For example, the Description might include information about the users the policy should be assigned to. | |
DisableComplianceRecordingAudioNotificationForCalls | boolean | Setting this attribute to true disables recording audio notifications for 1:1 calls that are under compliance recording. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Description | string | Enables administrators to provide explanatory text to accompany a Teams enhanced encryption policy. For example, the Description might include information about the users the policy should be assigned to. | |
Identity | string | Unique identifier assigned to the Teams enhanced encryption policy. Use the "Global" Identity if you wish to retrieve the policy set for the entire tenant. | |
MeetingEndToEndEncryption | string | Determines whether end-to-end encrypted meetings are available in Teams (requires a Teams Premium license). Set this to DisabledUserOverride to allow users to schedule end-to-end encrypted meetings. Set this to Disabled to prohibit. | |
CallingEndtoEndEncryptionEnabledType | string | Determines whether end-to-end encrypted calling is available for the user in Teams. Set this to DisabledUserOverride to allow user to turn on end-to-end encrypted calls. Set this to Disabled to prohibit. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowWebinars | string | This setting governs if a user can create webinars using Teams Events. Possible values are: Enabled, Disabled. | |
Description | string | Enables administrators to provide explanatory text to accompany a Teams Events policy. | |
Identity | string | Unique identifier assigned to the Teams Events policy. | |
TownhallChatExperience | string | This setting governs whether the user can enable the Comment Stream chat experience for Town Halls. Possible values are: Optimized, None. | |
AllowedQuestionTypesInRegistrationForm | string | This setting governs which users in a tenant can add which registration form questions to an event registration page for attendees to answer when registering for the event. Possible values are: DefaultOnly, DefaultAndPredefinedOnly, AllQuestions. | |
AllowedTownhallTypesForRecordingPublish | string | This setting describes how IT admins can control which types of Town Hall attendees can have their recordings published. Possible values are: None, InviteOnly, EveryoneInCompanyIncludingGuests, Everyone. | |
AllowEmailEditing | string | This setting governs if a user is allowed to edit the communication emails in Teams Town Hall or Teams Webinar events. Possible values are: Enabled, Disabled | |
AllowEventIntegrations | boolean | This setting governs access to the integrations tab in the event creation workflow. Possible values true, false. | |
AllowedWebinarTypesForRecordingPublish | string | This setting describes how IT admins can control which types of webinar attendees can have their recordings published. Possible values are: None, InviteOnly, EveryoneInCompanyIncludingGuests, Everyone. | |
AllowTownhalls | string | This setting governs if a user can create town halls using Teams Events. Possible values are: Enabled, Disabled. | |
EventAccessType | string | This setting governs which users can access the event registration page or the event site to register. It also governs which user type is allowed to join the session/s in the event. Possible values are: Everyone, EveryoneInCompanyExcludingGuests. | |
UseMicrosoftECDN | boolean | This setting governs whether the admin disables this property and prevents the organizers from creating town halls that use Microsoft eCDN even though they have been assigned a Teams Premium license. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowPrivateCalling | boolean | Designates whether guests who have been enabled for Teams can use calling functionality. If $false, guests cannot call. | |
Identity | string | Specifies name of guest calling configuration, The only option is Global. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
ScreenSharingMode | string | Determines the mode in which guests can share a screen in calls or meetings. can set to allow SingleApplication or EntireScreen else Disable screen sharing. | |
AllowIPVideo | boolean | Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow guests to share their video. Set this to FALSE to prohibit guests from sharing their video | |
AllowMeetNow | boolean | Determines whether guests can start ad-hoc meetings. Set this to TRUE to allow guests to start ad-hoc meetings. Set this to FALSE to prohibit guests from starting ad-hoc meetings. | |
AllowTranscription | boolean | Determines whether post-meeting captions and transcriptions are allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
Identity | string | Specifies the name of guest meeting configuration, The only input allowed is "Global". | |
LiveCaptionsEnabledType | string | Determines whether real-time captions are available for guests in Teams meetings. Set this to DisabledUserOverride to allow guests to turn on live captions. Set this to Disabled to prohibit. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowUserDeleteChat | boolean | Turn this setting on to allow users to permanently delete their one-on-one chat, group chat, and meeting chat as participants (this deletes the chat only for them, not other users in the chat). Set this to TRUE to allow. Set this to FALSE to prohibit. | |
AllowUserDeleteMessage | boolean | Determines if a user is allowed to delete their own messages. | |
AllowUserEditMessage | boolean | Determines if a user is allowed to edit their own messages. | |
Identity | string | Specifies the name of Teams Guest Messaging Configuration | |
AllowImmersiveReader | boolean | Determines if immersive reader for viewing messages is enabled. | |
AllowMemes | boolean | Determines if memes are available for use. | |
AllowStickers | boolean | Determines if stickers are available for use. | |
AllowUserChat | boolean | Determines if a user is allowed to chat. | |
GiphyRatingType | string | Determines Giphy content restrictions. Default value is "Moderate", other options are "NoRestriction" and "Strict". | |
AllowGiphy | boolean | Determines if Giphy images are available. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
ClientAppSharingPort | number | Determines the starting port number for client screen sharing or application sharing. Minimum allowed value: 1024 Maximum allowed value: 65535 Default value: 50040. | |
ClientMediaPortRangeEnabled | boolean | Determines whether custom media port and range selections need to be enforced. When set to True, clients will use the specified port range for media traffic. When set to False (the default value) for any available port (from port 1024 through port 65535) will be used to accommodate media traffic. | |
HelpURL | string | URL to a website where users can obtain assistance on joining the meeting.This would be included in the meeting invite. | |
Identity | string | Name of the meeting configuration. | |
LogoURL | string | URL to a logo image. This would be included in the meeting invite. | |
ClientAudioPortRange | number | Determines the total number of ports available for client audio. Default value is 20. | |
ClientVideoPort | number | Determines the starting port number for client video. Minimum allowed value: 1024 Maximum allowed value: 65535 Default value: 50020. | |
CustomFooterText | string | Text to be used on custom meeting invitations. | |
LegalURL | string | URL to a website containing legal information and meeting disclaimers. This would be included in the meeting invite. | |
ClientAudioPort | number | Determines the starting port number for client audio. Minimum allowed value: 1024 Maximum allowed value: 65535 Default value: 50000. | |
ClientVideoPortRange | number | Determines the total number of ports available for client video. Default value is 20. | |
DisableAnonymousJoin | boolean | Determines whether anonymous users are blocked from joining meetings in the tenant. Set this to TRUE to block anonymous users from joining. Set this to FALSE to allow anonymous users to join meetings. | |
EnableQoS | boolean | Determines whether Quality of Service Marking for real-time media (audio, video, screen/app sharing) is enabled in the tenant. Set this to TRUE to enable and FALSE to disable. | |
ClientAppSharingPortRange | number | Determines the total number of ports available for client sharing or application sharing. Default value is 20. | |
DisableAppInteractionForAnonymousUsers | boolean | Determines if anonymous users can interact with apps in meetings. Set to TRUE to disable App interaction. | |
FeedbackSurveyForAnonymousUsers | string | Determines if anonymous participants receive surveys to provide feedback about their meeting experience. Set to Disabled to disable anonymous meeting participants to receive surveys. Set to Enabled to allow anonymous meeting participants to receive surveys. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AttendeeIdentityMasking | string | his setting will allow admins to enable or disable Masked Attendee mode in Meetings. Masked Attendee meetings will hide attendees' identifying information (e.g., name, contact information, profile photo). Possible Values: Enabled(Hides attendees' identifying information in meetings), Disabled(Does not allow attendees' to hide identifying information in meetings). | |
ExplicitRecordingConsent | string | This setting will enable Tenant Admins to turn on/off Explicit Recording Consent feature. Possible Values: Enabled(Turns on the Explicit Recording Consent feature) and Disabled(Turns off the Explicit Recording Consent feature). | |
LiveCaptionsEnabledType | string | Determines whether real-time captions are available for the user in Teams meetings. Set this to DisabledUserOverride to allow user to turn on live captions. Set this to Disabled to prohibit. | |
UsersCanAdmitFromLobby | string | This policy controls who can admit from the lobby. | |
AllowAvatarsInGallery | boolean | If admins disable avatars in 2D meetings, then users cannot represent themselves as avatars in the Gallery view. This does not disable avatars in Immersive view. | |
AllowIPAudio | boolean | Determines whether audio is enabled in a user's meetings or calls. Set this to TRUE to allow the user to share their audio. Set this to FALSE to prohibit the user from sharing their audio. | |
AllowParticipantGiveRequestControl | boolean | Determines whether participants can request or give control of screen sharing during meetings scheduled by this user. Set this to TRUE to allow the user to be able to give or request control. Set this to FALSE to prohibit the user from giving, requesting control in a meeting. | |
AllowPSTNUsersToBypassLobby | boolean | Determines whether a PSTN user joining the meeting is allowed or not to bypass the lobby. If you set this parameter to True, PSTN users are allowed to bypass the lobby as long as an authenticated user is joined to the meeting. | |
WatermarkForCameraVideoPattern | string | Allows the pattern design of watermark to be customizable | |
AllowMeetingCoach | boolean | This setting will allow admins to allow users the option of turning on Meeting Coach during meetings, which provides users with private personalized feedback on their communication and inclusivity. If set to True, then users will see and be able to click the option for turning on Meeting Coach during calls. If set to False, then users will not have the option to turn on Meeting Coach during calls. | |
AutoRecording | string | This setting will enable Tenant Admins to turn on/off auto recording feature. | |
ExternalMeetingJoin | string | Determines whether the user is allowed to join external meetings. Possible values are: EnabledForAnyone, EnabledForTrustedOrgs, and Disabled. | |
WatermarkForCameraVideoOpacity | number | Allows the transparency of watermark to be customizable | |
AutomaticallyStartCopilot | string | This setting gives admins the ability to auto-start Copilot. Possible values are: Enabled and Disabled. | |
VoiceIsolation | string | Determines whether you provide support for your users to enable voice isolation in Teams meeting calls. Possible values are: Enabled(default), Disabled. | |
CaptchaVerificationForMeetingJoin | string | Require a verification check for meeting join. | |
ConnectToMeetingControls | string | Allows external connections of third-party apps to Microsoft Teams. Possible values are: Enabled and Enabled. | |
ScreenSharingMode | string | Determines the mode in which a user can share a screen in calls or meetings. Set this to SingleApplication to allow the user to share an application at a given point in time. Set this to EntireScreen to allow the user to share anything on their screens. Set this to Disabled to prohibit the user from sharing their screens. | |
WatermarkForScreenSharingOpacity | number | Allows the transparency of watermark to be customizable | |
AllowAnonymousUsersToDialOut | boolean | Determines whether anonymous users are allowed to dial out to a PSTN number. Set this to TRUE to allow anonymous users to dial out. Set this to FALSE to prohibit anonymous users from dialing out. | |
AllowMeetNow | boolean | Determines whether a user can start ad-hoc meetings. Set this to TRUE to allow a user to start ad-hoc meetings. Set this to FALSE to prohibit the user from starting ad-hoc meetings. | |
AllowScreenContentDigitization | boolean | This parameter is reserved for internal Microsoft use. | |
AllowTasksFromTranscript | string | This policy setting allows for the extraction of AI-Assisted Action Items/Tasks from the Meeting Transcript | |
BlockedAnonymousJoinClientTypes | list<string> | A user can join a Teams meeting anonymously using a Teams client or using a custom application built using Azure Communication Services. When anonymous meeting join is enabled, both types of clients may be used by default. This optional parameter can be used to block one of the client types that can be used. The allowed values are ACS (to block the use of Azure Communication Services clients) or Teams (to block the use of Teams clients). Both can also be specified, separated by a comma, but this is equivalent to disabling anonymous join completely. | |
DesignatedPresenterRoleMode | string | Determines if users can change the default value of the Who can present? setting in Meeting options in the Teams client. This policy setting affects all meetings, including Meet Now meetings. Possible values are: EveryoneUserOverride(All meeting participants can be presenters. This is the default value. This parameter corresponds to the Everyone setting in Teams), EveryoneInCompanyUserOverride(Authenticated users in the organization, including guest users, can be presenters. This parameter corresponds to the People in my organization setting in Teams), EveryoneInSameAndFederatedCompanyUserOverride(Authenticated users in the organization, including guest users and users from federated organizations, can be presenters. This parameter corresponds to the People in my organization and trusted organizations setting in Teams), OrganizerOnlyUserOverride(Only the meeting organizer can be a presenter and all meeting participants are designated as attendees. This parameter corresponds to the Only me setting in Teams). | |
VideoFiltersMode | string | Determines the background effects that a user can configure in the Teams client. Possible values are: NoFilters, BlurOnly, BlurAndDefaultBackgrounds, AllFilters. | |
AllowCloudRecording | boolean | Determines whether cloud recording is allowed in a user's meetings. Set this to TRUE to allow the user to be able to record meetings. Set this to FALSE to prohibit the user from recording meetings. | |
AllowExternalParticipantGiveRequestControl | boolean | Determines whether external participants can request or give control of screen sharing during meetings scheduled by this user. Set this to TRUE to allow the user to be able to give or request control. Set this to FALSE to prohibit an external user from giving or requesting control in a meeting. | |
AllowPowerPointSharing | boolean | Determines whether Powerpoint sharing is allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
AllowWhiteboard | boolean | Determines whether whiteboard is allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
AllowPrivateMeetingScheduling | boolean | Determines whether a user can schedule private meetings. Set this to TRUE to allow a user to schedule private meetings. Set this to FALSE to prohibit the user from scheduling private meetings. Note: This only restricts from scheduling and not from joining a meeting scheduled by another user. | |
DetectSensitiveContentDuringScreenSharing | boolean | Allows the admin to enable sensitive content detection during screen share. | |
NewMeetingRecordingExpirationDays | number | Specifies the number of days before meeting recordings will expire and move to the recycle bin. Value can be from 1 to 99,999 days. Value can also be -1 to set meeting recordings to never expire. | |
AllowTranscription | boolean | Determines whether post-meeting captions and transcriptions are allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
ParticipantNameChange | string | This setting will enable Tenant Admins to turn on/off participant renaming feature. Possible Values: Enabled(Turns on the Participant Renaming feature) and Disabled(Turns off the Participant Renaming feature) | |
ChannelRecordingDownload | string | Controls how channel meeting recordings are saved, permissioned, and who can download them. Possible values: Allow (Saves channel meeting recordings to a "Recordings" folder in the channel. The permissions on the recording files will be based on the Channel SharePoint permissions. This is the same as any other file uploaded for the channel) and Block (Saves channel meeting recordings to a "Recordings\View only" folder in the channel. Channel owners will have full rights to the recordings in this folder, but channel members will have read access without the ability to download). | |
IPVideoMode | string | Determines whether video can be turned on in meetings and group calls. Set this to ENABLEDOUTGOINGINCOMING to allow outgoing and incoming video in the meeting. Set this to DISABLED to prohibit outgoing and incoming video in the meeting. | |
MediaBitRateKb | number | Determines the media bit rate for audio/video/app sharing transmissions in meetings | |
MeetingInviteLanguages | string | Controls how the join information in meeting invitations is displayed by enforcing a common language or enabling up to two languages to be displayed. The preliminary list of available languages is shown below: ar-SA,az-Latn-AZ,bg-BG,ca-ES,cs-CZ,cy-GB,da-DK,de-DE,el-GR,en-GB,en-US,es-ES,es-MX,et-EE,eu-ES,fi-FI,fil-PH,fr-CA,fr-FR,gl-ES,he-IL,hi-IN,hr-HR,hu-HU,id-ID,is-IS,it-IT,ja-JP,ka-GE,kk-KZ,ko-KR,lt-LT,lv-LV,mk-MK,ms-MY,nb-NO,nl-NL,nn-NO,pl-PL,pt-BR,pt-PT,ro-RO,ru-RU,sk-SK,sl-SL,sq-AL,sr-Latn-RS,sv-SE,th-TH,tr-TR,uk-UA,vi-VN,zh-CN,zh-TW. | |
AllowAnonymousUsersToJoinMeeting | boolean | Determines whether anonymous users can join the meetings that impacted users organize. Set this to TRUE to allow anonymous users to join a meeting. Set this to FALSE to prohibit them from joining a meeting. | |
AllowChannelMeetingScheduling | boolean | Determines whether a user can schedule channel meetings. Set this to TRUE to allow a user to schedule channel meetings. Set this to FALSE to prohibit the user from scheduling channel meetings. | |
AllowNDIStreaming | boolean | This parameter enables the use of NDI technology to capture and deliver broadcast-quality audio and video over your network. | |
AutoAdmittedUsers | string | Determines what types of participants will automatically be added to meetings organized by this user. Possible values are: EveryoneInCompany(if you would like meetings to place every external user in the lobby but allow all users in the company to join the meeting immediately), EveryoneInSameAndFederatedCompany(if you would like meetings to allow federated users to join like your company's users, but place all other external users in a lobby), Everyone(if you'd like to admit anonymous users by default), OrganizerOnly(if you would like that only meeting organizers can bypass the lobby), EveryoneInCompanyExcludingGuests(if you would like meetings to place every external and guest users in the lobby but allow all other users in the company to join the meeting immediately), and InvitedUsers(if you would like that only meeting organizers and invited users can bypass the lobby). This setting also applies to participants joining via a PSTN device (i.e. a traditional phone). | |
AllowSharedNotes | boolean | Determines whether users are allowed to take shared Meeting notes. Set this to TRUE to allow. Set this to FALSE to prohibit.. | |
ContentSharingInExternalMeetings | string | This policy allows admins to determine whether the user can share content in meetings organized by external organizations. The user should have a Teams Premium license to be protected under this policy. | |
Copilot | string | This setting allows the admin to choose whether Copilot will be enabled with a persisted transcript or a non-persisted transcript. Possible values are: Enabled and EnabledWithTranscript. | |
RoomAttributeUserOverride | string | Possible values: Off, Distinguish, Attribute. | |
AllowBreakoutRooms | boolean | Set to true to enable Breakout Rooms, set to false to disable the Breakout Rooms functionality. | |
AllowedStreamingMediaInput | string | Enables the use of RTMP-In in Teams meetings. Possible values are <blank>, RTMP. | |
AllowLocalRecording | boolean | This parameter is reserved for internal Microsoft use | |
AllowMeetingReactions | boolean | Set to false to disable Meeting Reactions. | |
SmsNotifications | string | Participants can sign up for text message meeting reminders. | |
EnrollUserOverride | string | Turn on/off Biometric enrollment Possible values are: Disabled and Enabled. | |
QnAEngagementMode | string | This setting enables Microsoft 365 Tenant Admins to Enable or Disable the Questions and Answers experience (Q+A). When Enabled, Organizers can turn on Q+A for their meetings. When Disabled, Organizers cannot turn on Q+A in their meetings. The setting is enforced when a meeting is created or is updated by Organizers. Attendees can use Q+A in meetings where it was previously added. Organizers can remove Q+A for those meetings through Teams and Outlook Meeting Options. Possible values: Enabled, Disabled. | |
AllowCartCaptionsScheduling | string | Determines whether a user can add a URL for captions from a Communications Access Real-Time Translation (CART) captioner for providing real time captions in meetings. Possible values are EnabledUserOverride(CART captions is available by default but a user can disable), DisabledUserOverride(if you would like users to be able to use CART captions in meetings but by default it is disabled), and Disabled(if you'd like to not allow CART captions in meeting). | |
AllowedUsersForMeetingContext | string | This policy controls which users should have the ability to see the meeting info details on the join screen. 'None' option should disable the feature completely | |
AllowUserToJoinExternalMeeting | boolean | Currently, this parameter has no effect. Possible values are - Enabled, FederatedOnly, Disabled. | |
AllowWatermarkForScreenSharing | boolean | This setting allows scheduling meetings with watermarking for screen sharing enabled. | |
Identity | string | Specify the name of the policy being created. | |
IPAudioMode | string | Determines whether audio can be turned on in meetings and group calls. Set this to ENABLEDOUTGOINGINCOMING to allow outgoing and incoming audio in the meeting. Set this to DISABLED to prohibit outgoing and incoming audio in the meeting. | |
TeamsCameraFarEndPTZMode | string | Possible values are: Disabled, AutoAcceptInTenant, AutoAcceptAll. | |
WatermarkForAnonymousUsers | string | Determines the meeting experience and watermark content of an anonymous user | |
RoomPeopleNameUserOverride | string | Enabling people recognition requires the tenant CsTeamsMeetingPolicy roomPeopleNameUserOverride to be "On" and roomAttributeUserOverride to be Attribute for allowing individual voice and face profiles to be used for recognition in meetings. | |
AllowAnnotations | boolean | This setting will allow admins to choose which users will be able to use the Annotation feature. | |
AllowDocumentCollaboration | string | This setting will allow admins to choose which users will be able to use the Document Collaboration feature. | |
AllowRecordingStorageOutsideRegion | boolean | Allows storing recordings outside of the region. All meeting recordings will be permanently stored in another region, and can't be migrated. This does not apply to recordings saved in OneDrive or SharePoint. | |
LiveStreamingMode | string | Determines whether you provide support for your users to stream their Teams meetings to large audiences through Real-Time Messaging Protocol (RTMP). Possible values are: Disabled and Enabled. | |
InfoShownInReportMode | string | This policy controls what kind of information get shown for the user's attendance in attendance report/dashboard. | |
MeetingChatEnabledType | string | Specifies if users will be able to chat in meetings. Possible values are: Disabled, Enabled, and EnabledExceptAnonymous | |
RecordingStorageMode | string | This parameter can take two possible values: Stream, OneDriveForBusiness. | |
AllowExternalNonTrustedMeetingChat | boolean | This field controls whether a user is allowed to chat in external meetings with users from non trusted organizations. | |
AllowImmersiveView | boolean | If admins have disabled avatars, this does not disable using avatars in Immersive view on Teams desktop or web. Additionally, it does not prevent users from joining the Teams meeting on VR headsets. | |
AllowNetworkConfigurationSettingsLookup | boolean | Determines whether network configuration setting lookup can be made for users who are not Enterprise Voice enabled. It is used to enable Network Roaming policy. | |
AllowPrivateMeetNow | boolean | This setting controls whether a user can start an ad hoc private meeting. | |
AudibleRecordingNotification | string | The setting controls whether recording notification is played to all attendees or just PSTN users. | |
LiveInterpretationEnabledType | string | Allows meeting organizers to configure a meeting for language interpretation, selecting attendees of the meeting to become interpreters that other attendees can select and listen to the real-time translation they provide. Possible values are: DisabledUserOverride(if you would like users to be able to use interpretation in meetings but by default it is disabled) and Disabled(prevents the option to be enabled in Meeting Options). | |
WhoCanRegister | string | Controls the attendees who can attend a webinar meeting. The default is Everyone, meaning that everyone can register. If you want to restrict registration to internal accounts set the value to 'EveryoneInCompany'. | |
AllowAnonymousUsersToStartMeeting | boolean | Determines whether anonymous users can initiate a meeting. Set this to TRUE to allow anonymous users to initiate a meeting. Set this to FALSE to prohibit them from initiating a meeting. | |
AllowEngagementReport | string | Determines whether meeting organizers are allowed to download the attendee engagement report. Possible values are: Enabled(allow the meeting organizer to download the report), Disabled(disable attendee report generation and prohibit meeting organizer from downloading it), and ForceEnabled(enable attendee report generation and prohibit meeting organizer from disabling it). If set to Enabled or ForceEnabled, only meeting organizers and co-organizers will get a link to download the report in Teams. Regular attendees will have no access to it. | |
AllowMeetingRegistration | boolean | Controls if a user can create a webinar meeting. The default value is True. | |
AllowTrackingInReport | boolean | This parameter is reserved for internal Microsoft use. | |
SpeakerAttributionMode | string | Determines if users are identified in transcriptions and if they can change the value of the Automatically identify me in meeting captions and transcripts setting. Possible values: Enabled, EnabledUserOverride, DisabledUserOverride, Disabled. | |
WatermarkForScreenSharingPattern | string | Allows the pattern design of watermark to be customizable | |
AllowCarbonSummary | boolean | This setting will enable Tenant Admins to enable/disable the sharing of location data necessary to provide the end of meeting carbon summary screen for either the entire tenant or for a particular user. If set to True the meeting organizer will share their location to the client of the participant to enable the calculation of distance and the resulting carbon. | |
AllowOutlookAddIn | boolean | Determines whether a user can schedule Teams Meetings in Outlook desktop client. Set this to TRUE to allow the user to be able to schedule Teams meetings in Outlook client. Set this to FALSE to prohibit a user from scheduling Teams meeting in Outlook client. | |
AllowWatermarkForCameraVideo | boolean | This setting allows scheduling meetings with watermarking for video enabled. | |
CopyRestriction | boolean | This parameter enables a setting that controls a meeting option which allows users to disable right-click or Ctrl+C to copy, Copy link, Forward message, and Share to Outlook for meeting chat messages. | |
AllowIPVideo | boolean | Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow the user to share their video. Set this to FALSE to prohibit the user from sharing their video. | |
Description | string | Enables administrators to provide explanatory text about the meeting policy. For example, the Description might indicate the users the policy should be assigned to. | |
PreferredMeetingProviderForIslandsMode | string | Determines the Outlook meeting add-in available to users on Islands mode. By default, this is set to TeamsAndSfb, and the users sees both the Skype for Business and Teams add-ins. Set this to Teams to remove the Skype for Business add-in and only show the Teams add-in. | |
StreamingAttendeeMode | string | Controls if Teams uses overflow capability once a meeting reaches its capacity (1,000 users with full functionality). Possible values are: Disabled, Enabled. Set this to Enabled to allow up to 20,000 extra view-only attendees to join. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
AllowMemes | boolean | Determines whether a user is allowed to access and post memes. Set this to TRUE to allow. Set this FALSE to prohibit. | |
AllowUserTranslation | boolean | Determines whether a user is allowed to translate messages to their client languages. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
Description | string | Provide a description of your policy to identify purpose of creating it. | |
ChatPermissionRole | string | Determines the Supervised Chat role of the user. Set this to Full to allow the user to supervise chats. Supervisors have the ability to initiate chats with and invite any user within the environment. Set this to Limited to allow the user to initiate conversations with Full and Limited permissioned users, but not Restricted. Set this to Restricted to block chat creation with anyone other than Full permissioned users. | |
AllowCommunicationComplianceEndUserReporting | boolean | This setting determines if users can report offensive messages to their admin for Communication Compliance. Possible Values: True, False. | |
AllowGiphyDisplay | boolean | Determines if Giphy images should be displayed that had been already sent or received in chat. Possible values: True, False. | |
AllowImmersiveReader | boolean | Determines whether a user is allowed to use Immersive Reader for reading conversation messages. Set this to TRUE to allow. Set this FALSE to prohibit. | |
AllowSecurityEndUserReporting | boolean | This setting determines if users can report any security concern posted in message to their admin. Possible values: True, False. | |
AllowUserEditMessage | boolean | Determines whether a user is allowed to edit their own messages. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
ReadReceiptsEnabledType | string | Use this setting to specify whether read receipts are user controlled, enabled for everyone, or disabled. Set this to UserPreference, Everyone or None. | |
AllowPriorityMessages | boolean | Determines whether a user is allowed to send priority messages. Set this to TRUE to allow. Set this FALSE to prohibit. | |
AllowRemoveUser | boolean | Determines whether a user is allowed to remove a user from a conversation. Set this to TRUE to allow. Set this FALSE to prohibit. | |
GiphyRatingType | string | Determines the Giphy content restrictions applicable to a user. Set this to STRICT, MODERATE or NORESTRICTION. | |
AllowUserChat | boolean | Determines whether a user is allowed to chat. Set this to TRUE to allow a user to chat across private chat, group chat and in meetings. Set this to FALSE to prohibit all chat. | |
AllowUserDeleteChat | boolean | Turn this setting on to allow users to permanently delete their 1:1, group chat, and meeting chat as participants (this deletes the chat only for them, not other users in the chat). Set this to TRUE to allow. Set this to FALSE to prohibit. | |
AllowUserDeleteMessage | boolean | Determines whether a user is allowed to delete their own messages. Set this to TRUE to allow. Set this to FALSE to prohibit. If this value is set to FALSE, the team owner will not be able to delete their own messages. | |
AllowFullChatPermissionUserToDeleteAnyMessage | boolean | This setting determines if users with the 'Full permissions' role can delete any group or meeting chat message within their tenant. Possible values: True, False. | |
AllowGiphy | boolean | Determines whether a user is allowed to access and post Giphys. Set this to TRUE to allow. Set this FALSE to prohibit. | |
AllowGroupChatJoinLinks | boolean | This setting determines if users in a group chat can create and share join links for other users within the organization to join that chat. Possible values: True, False. | |
AllowPasteInternetImage | boolean | Determines if a user is allowed to paste internet-based images in compose. Possible values: True, False. | |
AllowStickers | boolean | Determines whether a user is allowed to access and post stickers. Set this to TRUE to allow. Set this FALSE to prohibit. | |
AudioMessageEnabledType | string | Determines whether a user is allowed to send audio messages. Possible values are: ChatsAndChannels, ChatsOnly, Disabled | |
DeleteCustomEmojis | boolean | These settings enable and disable the editing and deletion of custom emojis and reactions for the users included in the messaging policy. | |
DesignerForBackgroundsAndImages | boolean | This setting determines whether a user is allowed to create custom AI-powered backgrounds and images with MS Designer. Possible values are: Enabled, Disabled. | |
AllowChatWithGroup | boolean | This setting determines if users can chat with groups (Distribution, M365 and Security groups). Possible values: True, False. | |
AllowCustomGroupChatAvatars | boolean | These settings enables, disables updating or fetching custom group chat avatars for the users included in the messaging policy. Possible values: True, False. | |
AllowOwnerDeleteMessage | boolean | Determines whether owners are allowed to delete all the messages in their team. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
Identity | string | Identity for the teams messaging policy you're modifying. To modify the global policy, use this syntax: -Identity global | |
InOrganizationChatControl | string | This setting determines if chat regulation for internal communication in the tenant is allowed. | |
CreateCustomEmojis | boolean | This setting enables the creation of custom emojis and reactions within an organization for the specified policy users. | |
AllowSmartCompose | boolean | Turn on this setting to let a user get text predictions for chat messages. | |
AllowSmartReply | boolean | Turn this setting on to enable suggested replies for chat messages. Set this to TRUE to allow. Set this to FALSE to prohibit. | |
ChannelsInChatListEnabledType | string | On mobile devices, enable to display favorite channels above recent chats. Possible values are: DisabledUserOverride, EnabledUserOverride. | |
AllowFluidCollaborate | boolean | This field enables or disables Fluid Collaborate feature for users. Possible values: True, False. | |
AllowUrlPreviews | boolean | Use this setting to turn automatic URL previewing on or off in messages. Set this to TRUE to turn on. Set this to FALSE to turn off. Note: Optional Connected Experiences must be also enabled for URL previews to be allowed. | |
AllowVideoMessages | boolean | This setting determines if users can create and send video messages. Possible values: True, False. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
IPAudioMobileMode | string | When set to WifiOnly, prohibits the user from making, receiving calls or joining meetings using VoIP calls on the mobile device while on cellular data connection. | |
IPVideoMobileMode | string | When set to WifiOnly, prohibits the user from making, receiving video calls or enabling video in meetings using VoIP calls on the mobile device while on cellular data connection. | |
MobileDialerPreference | string | Determines the mobile dialer preference, possible values are: Teams, Native, UserOverride. | |
Description | string | Enables administrators to provide explanatory text about the policy. For example, the Description might indicate the users the policy should be assigned to. | |
Identity | string | Specify the name of the policy that you are creating. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
ZapEnabled | boolean | The ZapEnabled parameter specifies whether to enable zero-hour auto purge (ZAP) for malware and high confidence phishing messages in Teams messages. | |
AdminDisplayName | string | The AdminDisplayName parameter specifies a description for the policy. | |
HighConfidencePhishQuarantineTag | string | The HighConfidencePhishQuarantineTag parameter specifies the quarantine policy that's used for messages that are quarantined as high confidence phishing by ZAP for Teams. You can use any value that uniquely identifies the quarantine policy. | |
Identity | string | The Identity parameter specifies the Teams protection policy that you want to modify. There's only one Teams protection policy in an organization named Teams Protection Policy. | |
MalwareQuarantineTag | string | The MalwareQuarantineTag parameter specifies the quarantine policy that's used for messages that are quarantined as malware by ZAP for Teams. You can use any value that uniquely identifies the quarantine policy. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
EnableWorkLocationDetection | boolean | This setting allows your organization to collect the work location of users when they connect, interact, or are detected near your organization's networks and devices. It also captures the geographic location information users share from personal and mobile devices. This gives users the ability to consent to the use of this location data to set their current work location. | |
Identity | string | Name of the new policy instance to be updated |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
CustomizeFederation | boolean | Defines if we enable more customized federation settings in ExternalAccessPolicy or not. For example, when this is true, if the AllowedDomains includes [a.com, b.com], but the AllowedExternalDomains of the ExternalAccessPolicy includes [c.com], then users assigned by the ExternalAccessPolicy will only be allowed to access c.com, all other users will have access to a.com and b.com as defined in AllowedDomains. Possible values: True, False. | |
SharedSipAddressSpace | boolean | When set to True, indicates that the users homed on Skype for Business Online use the same SIP domain as users homed on the on-premises version of Skype for Business Server. The default value is False, meaning that the two sets of users have different SIP domains. | |
AllowPublicUsers | boolean | When set to True (the default value) users will be potentially allowed to communicate with users who have accounts on public IM and presence providers such as Windows Live, Yahoo, and AOL. The collection of public providers that users can actually communicate with is managed by using the Set-CsTenantPublicProvider cmdlet. | |
AllowTeamsConsumer | boolean | Allows federation with people using Teams with an account that's not managed by an organization. | |
AllowedDomains | list<string> | Domain objects (created by using the New-CsEdgeAllowList cmdlet or the New-CsEdgeAllowAllKnownDomains cmdlet) that represent the domains that users are allowed to communicate with. If the New-CsEdgeAllowAllKnownDomains cmdlet is used then users can communicate with any domain that does not appear on the blocked domains list. If the New-CsEdgeAllowList cmdlet is used then users can only communicate with domains that have been added to the allowed domains list. | |
AllowFederatedUsers | boolean | When set to True (the default value) users will be potentially allowed to communicate with users from other domains. If this property is set to False then users cannot communicate with users from other domains regardless of the values assigned to the AllowedDomains and BlockedDomains properties. | |
BlockAllSubdomains | boolean | If the BlockedDomains parameter is used, then BlockAllSubdomains can be used to activate all subdomains blocking. If the BlockedDomains parameter is ignored, then BlockAllSubdomains is also ignored. Just like for BlockedDomains, users will be disallowed from communicating with users from blocked domains. But all subdomains for domains in this list will also be blocked. | |
ExternalAccessWithTrialTenants | string | When set to 'Blocked', all external access with users from Teams subscriptions that contain only trial licenses will be blocked. This means users from these trial-only tenants will not be able to reach to your users via chats, Teams calls, and meetings (using the users authenticated identity) and your users will not be able to reach users in these trial-only tenants. If this setting is set to "Blocked", users from the trial-only tenant will also be removed from existing chats. Allowed - Communication with other tenants is allowed based on other settings. Blocked - Communication with users in tenants that contain only trial licenses will be blocked. | |
TreatDiscoveredPartnersAsUnverified | boolean | When set to True, messages sent from discovered partners are considered unverified. That means that those messages will be delivered only if they were sent from a person who is on the recipient's Contacts list. The default value is False ($False). | |
AllowedDomainsAsAList | list<string> | You can specify allowed domains using a List object that contains the domains that users are allowed to communicate with. | |
AllowedTrialTenantDomains | list<string> | You can whitelist specific "trial-only" tenant domains, while keeping the ExternalAccessWithTrialTenants set to Blocked. This will allow you to protect your organization against majority of tenants that don't have any paid subscriptions, while still being able to collaborate externally with those trusted trial-tenants in the list. | |
AllowTeamsConsumerInbound | boolean | Allows people using Teams with an account that's not managed by an organization, to discover and start communication with users in your organization. When -AllowTeamsConsumer is enabled and this parameter is disabled, only the users in your organization will be able to discover and start communication with people using Teams with an account that's not managed by an organization, but they will not discover and start communications with users in your organization. | |
BlockedDomains | list<string> | If the AllowedDomains property has been set to AllowAllKnownDomains, then users will be allowed to communicate with users from any domain except domains that appear in the blocked domains list. If the AllowedDomains property has not been set to AllowAllKnownDomains, then the blocked list is ignored, and users can only communicate with domains that have been expressly added to the allowed domains list. The BlockedDomains parameter can support up to 4,000 domains. | |
Identity | string | Specifies the collection of tenant federation configuration settings to be modified. Because each tenant is limited to a single, global collection of federation settings there is no need include this parameter when calling the Set-CsTenantFederationConfiguration cmdlet. | |
RestrictTeamsConsumerToExternalUserProfiles | boolean | Defines if a user is restricted to collaboration with Teams Consumer (TFL) user only in Extended Directory. Possible values: True, False. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
ExternalDsnMaxMessageAttachSize | boolean | The ExternalDsnMaxMessageAttachSize parameter specifies the maximum size of the original message attached to an external DSN message. If the original message exceeds this size, only the headers of the original message are included in the DSN message. The default value is 10 megabytes (MB). This parameter is available only in on-premises Exchange. | |
Rfc2231EncodingEnabled | boolean | The Rfc2231EncodingEnabled parameter specifies whether the RFC 2231 encoding of MIME parameters for outbound messages is enabled in your organization. Valid input for this parameter is $true or $false. The default value is $false. | |
ShadowResubmitTimeSpan | string | The ShadowResubmitTimeSpan parameter specifies amount of time a server waits before deciding that a primary server has failed and assumes ownership of shadow messages in the shadow queue for the primary server that's unreachable. Valid input for this parameter is 00:00:01 to 1.00:00:00. The default value is 03:00:00 or 3 hours. | |
AllowLegacyTLSClients | boolean | The AllowLegacyTLSClients parameter specifies whether to allow clients that use legacy TLS versions to connect. | |
QueueDiagnosticsAggregationInterval | string | The QueueDiagnosticsAggregationInterval parameter specifies the polling interval that's used to retrieve message queue diagnostic information. The default value is 00:01:00 or one minute. This parameter is available only in on-premises Exchange. | |
ShadowMessagePreferenceSetting | string | The ShadowMessagePreferenceSetting parameter specifies the preferred location for making a shadow copy of a message. Valid values are - LocalOnly: A shadow copy of the message should only be made on a server in the local Active Directory site, RemoteOnly: A shadow copy of the message should only be made on a server in a different Active Directory site, PreferRemote: Try to make a shadow copy of the message in a different Active Directory site. If the operation fails, try make a shadow copy of the message on a server in the local Active Directory site. The default value is PreferRemote. | |
DSNConversionMode | string | The DSNConversionMode parameter controls how Exchange handles delivery status notifications (also known as DSNs, non-delivery reports, NDRs, or bounce messages) that are generated by earlier versions of Exchange or other email systems. Valid values are: DoNotConvert: DSNs aren't modified. The DSN is delivered as a standard message. PreserveDSNBody: DSNs are converted to the Exchange 2010 or later format, and the text in the body of the DSN message is retained. UseExchangeDSNs: DSNs are converted to the Exchange 2010 or later format. However, any customized text or attachments that were associated with the original DSN are overwritten. | |
ExternalDsnSendHtml | boolean | The ExternalDsnSendHtml parameter specifies whether external DSN messages should be HTML or plain text. | |
MaxSendSize | string | The MaxSendSize parameter specifies the maximum message size that can be sent by senders in the organization. The default value is 10 MB. This parameter is available only in on-premises Exchange. | |
MaxReceiveSize | string | The MaxReceiveSize parameter specifies the maximum message size that can be received by recipients in the organization. The default value is 10 MB. | |
RejectMessageOnShadowFailure | boolean | The RejectMessageOnShadowFailure parameter specifies whether to accept or reject messages when shadow copies of the messages can't be created. Valid values are - $true: Messages are rejected with the SMTP code 450 4.5.1. Use this value only if you have multiple Mailbox servers in a database availability group (DAG) or in an Active Directory site where shadow copies of the messages can be created, $false: Messages are accepted without making shadow copies. This is the default value. | |
SupervisionTags | list<string> | The SupervisionTags parameter specifies the various tags that are used for transport supervision in the organization. When you install Exchange, two tags, Allow and Reject, are created by default. | |
ExternalDsnLanguageDetectionEnabled | boolean | The ExternalDsnLanguageDetectionEnabled parameter specifies whether the server should try to send an external DSN message in the same language as the original message that generated the notification. | |
InternalDsnMaxMessageAttachSize | string | The InternalDsnMaxMessageAttachSize parameter specifies the maximum size of the original message that generated an internal DSN message. If the original message exceeds this size, only the headers of the original message are included in the DSN message. The default value is 10 MB. This parameter is available only in on-premises Exchange. | |
LegacyJournalingMigrationEnabled | boolean | The LegacyJournalingMigrationEnabled parameter specifies whether journal messages generated in Microsoft Exchange Server 2003 will be reformatted by Exchange 2010. This parameter is available only in Exchange Server 2010. | |
HeaderPromotionModeSetting | string | The HeaderPromotionModeSetting parameter specifies whether named properties are created for custom X-headers on messages received. Valid values are:MustCreate: Exchange creates a named property for each new custom X-headerMayCreate: Exchange creates a named property for each new custom X-header on messages received from authenticated senders. No named properties are created for custom X-headers on messages received from unauthenticated sendersNoCreate: Exchange won't create any named properties based on custom X-headers on incoming messages. This is the default value. | |
JournalingReportNdrTo | string | The JournalingReportNdrTo parameter specifies the email address to which journal reports are sent if the journaling mailbox is unavailable. By default, if this parameter is left empty, Exchange continues to try to deliver the journal report to the journaling mailbox. We recommended that you use a dedicated (non-user) mailbox as the value for this parameter. Like the journaling mailbox, the alternate journaling mailbox can't be an Exchange Online mailbox. | |
AddressBookPolicyRoutingEnabled | boolean | The AddressBookPolicyRoutingEnabled parameter controls how recipients are resolved in an organization that uses address book policies to create separate virtual organizations within the same Exchange organization. Specifically, the global address list (GAL) that's specified in the user's address book policy controls how recipients are resolved. When the value of this parameter is true, users that are assigned different GALs appear as external recipients. When the value of this parameter is false, users that are assigned different GALs appear as internal recipients. | |
DiagnosticsAggregationServicePort | number | The DiagnosticsAggregationServicePort parameter specifies the TCP port that's used to collect message queue diagnostic information. The default value is 9710. | |
ExternalPostmasterAddress | string | The ExternalPostmasterAddress parameter specifies the email address in the From header field of an external DSN message. The default value is blank ($null). | |
GenerateCopyOfDSNFor | list<string> | The GenerateCopyOfDSNFor parameter controls the non-delivery reports (NDRs) that are copied to a mailbox by specifying the DSN codes that you want to monitor. You must configure the list of monitored DSNs on one Mailbox server and locally on each Edge Transport server in your Exchange organization. This parameter is available only in on-premises Exchange. | |
MaxAllowedAgentGeneratedMessageDepthPerAgent | number | The MaxAllowedAgentGeneratedMessageDepthPerAgent parameter specifies how many times a single agent can process any resulting copies of the same message. The default value is 2.The value of the MaxAllowedAgentGeneratedMessageDepth parameter should be larger than the value of the MaxAllowedAgentGeneratedMessageDepthPerAgent parameter. | |
ShadowMessageAutoDiscardInterval | string | The ShadowMessageAutoDiscardInterval parameter specifies how long a server retains discard events for shadow messages. A primary server queues discard events until queried by the shadow server. However, if the shadow server doesn't query the primary server for the duration specified in this parameter, the primary server deletes the queued discard events. Valid input for this parameter is 00:00:05 to 90.00:00:00. The default value is 2.00:00:00 or 2 days. | |
DomainController | boolean | The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com. The DomainController parameter isn't supported on Edge Transport servers. An Edge Transport server uses the local instance of Active Directory Lightweight Directory Services (AD LDS) to read and write data. This parameter is available only in on-premises Exchange. | |
JournalMessageExpirationDays | number | The JournalMessageExpirationDays parameter extends the number of days that undeliverable journal reports are queued before they expire. A valid value is an integer from 0 to 7. The default value is 0, which means undeliverable journal reports are treated like regular undeliverable messages. | |
ReplyAllStormDetectionMinimumRecipients | number | Reply All Storm Detection Minimum Recipients count. This parameter is available only in the cloud-based service | |
ConvertDisclaimerWrapperToEml | boolean | The ConvertDisclaimerWrapperToEml parameter specifies whether the original message will be added as a TNEF attachment or a regular EML attachment to a disclaimer when all of the following are true: Message is sent to an external user. The sender has signed the message.The message is processed by a Transport rule that adds a disclaimer. When a Transport rule that adds disclaimers to outbound messages encounters a message signed by the sender, the Transport rule can't add the disclaimer directly to the message. As a result, the disclaimer is sent to the intended recipient with the original message as an attachment. | |
InternalDelayDsnEnabled | boolean | The InternalDelayDsnEnabled parameter specifies whether a delay DSN message should be created for messages sent to or from recipients or senders in the same Exchange organization that couldn't be immediately delivered. | |
InternalDsnReportingAuthority | string | The InternalDsnReportingAuthority parameter specifies the domain in the machine-readable part of internal DSN messages. The default value is blank ($null), which means the value is the authoritative domain that you specified during the creation of the organization. | |
ExternalDsnDefaultLanguage | string | The ExternalDsnDefaultLanguage parameter specifies which Exchange server language should be used by default when you create external DSN messages. The default value is the default Windows server language. | |
ReplyAllStormProtectionEnabled | boolean | ReplyAllStormProtectionEnabled. This parameter is available only in the cloud-based service | |
ShadowHeartbeatTimeoutInterval | string | The ShadowHeartbeatTimeoutInterval parameter specifies the amount of time a server waits before establishing a connection to a primary server to query the discard status of shadow messages. Valid input for this parameter is 00:00:01 to 1.00:00:00. The default value is 00:15:00 or 15 minutes. | |
MaxDumpsterTime | string | The MaxDumpsterTime parameter specifies how long an email message should remain in the transport dumpster on a Hub Transport server. The default value is seven days. This parameter is available only in on-premises Exchange. This parameter isn't used by Exchange Server 2016. It's used only by Exchange 2010 servers in coexistence environments. | |
MaxRetriesForRemoteSiteShadow | number | The MaxRetriesForRemoteSiteShadow parameter specifies the maximum number of attempts to make a shadow copy of the message in a different Active Directory site. Valid input for this parameter is an integer between 0 and 255. The default value is 4. The total number of attempts to create a shadow copy of the message is controlled by the ShadowMessagePreferenceSetting parameter - If ShadowMessagePreferenceSetting is set to RemoteOnly, the total number of attempts to make a shadow copy of the message is the value of the MaxRetriesForRemoteSiteShadow parameter, If ShadowMessagePreferenceSetting is set to PreferRemote, the total number of attempts to make a shadow copy of the message is the value of the MaxRetriesForLocalSiteShadow and MaxRetriesForRemoteSiteShadow parameters added together, If ShadowMessagePreferenceSetting is set to LocalOnly, the value of MaxRetriesForRemoteSiteShadow is 0, and the MaxRetriesForRemoteSiteShadow parameter has no effect on the total number of attempts to create a shadow copy of the message. | |
ReplyAllStormBlockDurationHours | number | Reply All Storm Block Duration Hours setting blocks subsequent replies to a thread for a specified number of hours. This parameter is available only in the cloud-based service. | |
VerifySecureSubmitEnabled | boolean | The VerifySecureSubmitEnabled parameter verifies that email clients submitting messages from mailboxes on Mailbox servers are using encrypted MAPI submission. The valid values for this parameter are $true or $false. The default value is $false. | |
AgentGeneratedMessageLoopDetectionInSubmissionEnabled | string | The AgentGeneratedMessageLoopDetectionInSubmissionEnabled parameter controls the behavior of messages loop detection in for loops caused by transport agents in the Mailbox Transport Submission service. An agent-generated loop occurs when an agent creates a new copy of a message or adds recipients to a message, and the agent continues to process these resulting messages by creating copies or adding recipients. This parameter is available only in on-premises Exchange. | |
InternalDsnSendHtml | boolean | The InternalDsnSendHtml parameter specifies whether internal DSN messages should be HTML or plain text. | |
MaxRetriesForLocalSiteShadow | number | The MaxRetriesForLocalSiteShadow parameter specifies the maximum number of attempts to make a shadow copy of the message in the local Active Directory site. Valid input for this parameter is an integer between 0 and 255. The default value is 2. The total number of attempts to create a shadow copy of the message is controlled by the ShadowMessagePreferenceSetting parameter - If ShadowMessagePreferenceSetting is set to LocalOnly, the total number of attempts to make a shadow copy of the message is the value of the MaxRetriesForLocalSiteShadow parameter, If ShadowMessagePreferenceSetting is set to PreferRemote, the total number of attempts to make a shadow copy of the message is the value of the MaxRetriesForLocalSiteShadow and MaxRetriesForRemoteSiteShadow parameters added together, If ShadowMessagePreferenceSetting is set to RemoteOnly, the value of MaxRetriesForLocalSiteShadow is 0, and the MaxRetriesForLocalSiteShadow parameter has no effect on the total number of attempts to create a shadow copy of the message. | |
MaxRecipientEnvelopeLimit | string | In on-premises Exchange, the default value is 500. The valid input range for this parameter is from 0 through 2147483647. If you enter a value of Unlimited, no limit is imposed on the number of recipients in a message. The MaxRecipientEnvelopeLimit parameter specifies the maximum number of recipients in a message. Exchange treats an unexpanded distribution group as one recipient. | |
SmtpClientAuthenticationDisabled | boolean | The SmtpClientAuthenticationDisabled parameter specifies whether to disable authenticated SMTP (SMTP AUTH) for the whole organization. This parameter is available only in the cloud-based service. Valid values for this parameter are: $true: Authenticated SMTP is disabled. This is the default value for organizations created after January 2020, $false: Authenticated SMTP is enabled. | |
ShadowRedundancyEnabled | boolean | The ShadowRedundancyEnabled parameter specifies whether shadow redundancy is enabled in the organization. Valid input for this parameter is $true or $false. The default value is $true. | |
Identity | string | This parameter is available only in on-premises Exchange. | |
InternalDsnDefaultLanguage | string | The InternalDsnDefaultLanguage parameter specifies which Exchange server language should be used by default when you create internal DSN messages. | |
MessageExpiration | string | The MessageExpiration parameter specifies the message expiration timeout interval for the organization. This parameter is available only in the cloud-based service. | |
AgentGeneratedMessageLoopDetectionInSmtpEnabled | boolean | The AgentGeneratedMessageLoopDetectionInSmtpEnabled parameter controls the behavior of messages loop detection in for loops caused by transport agents in the Transport service. An agent-generated loop occurs when an agent creates a new copy of a message or adds recipients to a message, and the agent continues to process these resulting messages by creating copies or adding recipients. This parameter is available only in on-premises Exchange. | |
TLSReceiveDomainSecureList | list<string> | The TLSReceiveDomainSecureList parameter specifies the domains from which you want to receive domain secured email by using mutual Transport Layer Security (TLS) authentication. | |
Xexch50Enabled | boolean | The Xexch50Enabled parameter specifies whether Xexch50 authentication should be enabled for backward compatibility with computers running Exchange 2003. Valid input for this parameter is $true or $false. The default value is $true. | |
MaxAllowedAgentGeneratedMessageDepth | number | The MaxAllowedAgentGeneratedMessageDepth parameter specifies how many times all agents can process any resulting copies of the same message. The default value is 3. | |
SafetyNetHoldTime | string | The SafetyNetHoldTime parameter specifies how long a copy of a successfully processed message is retained in Safety Net. Unacknowledged shadow copies of messages auto-expire from Safety Net based on adding the values of the SafetyNetHoldTime parameter and the MessageExpirationTimeout parameter on the Set-TransportService cmdlet. The default value is 2.00:00:00 or 2 days. | |
ShadowHeartbeatRetryCount | number | The ShadowHeartbeatRetryCount parameter specifies the number of time-outs a server waits before deciding that a primary server has failed and assumes ownership of shadow messages in the shadow queue for the primary server that's unreachable. Valid input for this parameter is an integer between 1 and 15. The default value is 12. | |
TLSSendDomainSecureList | list<string> | The TLSSendDomainSecureList parameter specifies the domains from which you want to send domain secured email by using mutual TLS authentication. | |
VoicemailJournalingEnabled | boolean | The VoicemailJournalingEnabled parameter specifies whether Unified Messaging voice mail messages are journaled by the Journaling agent. Valid input for this parameter is $true or $false. The default value is $true. | |
ClearCategories | boolean | The ClearCategories parameter keeps or removes Microsoft Outlook message categories during content conversion. Valid input for this parameter is $true or $false. | |
ExternalDsnReportingAuthority | string | The ExternalDsnReportingAuthority parameter specifies the domain in the machine-readable part of external DSN messages. The default value is blank ($null), which means the value is the authoritative domain that you specified during the creation of the organization. | |
InternalDsnLanguageDetectionEnabled | boolean | The InternalDsnLanguageDetectionEnabled parameter specifies whether the server should try to send an internal DSN message in the same language as the original message that generated the notification. | |
ReplyAllStormDetectionMinimumReplies | number | ReplyAllStormDetectionMinimumReplies. This parameter is available only in the cloud-based service | |
ShadowHeartbeatFrequency | string | The ShadowHeartbeatFrequency parameter specifies the amount of time a server waits before establishing a connection to a primary server to query the discard status of shadow messages. Valid input for this parameter is 00:00:01 to 1.00:00:00. The default value is 00:02:00 or 2 minutes. | |
TransportRuleAttachmentTextScanLimit | string | The TransportRuleAttachmentTextScanLimit parameter specifies the maximum size of text to extract from attachments for scanning by attachment scanning predicates in transport rules and data loss prevention (DLP) policies. | |
ExternalDelayDsnEnabled | boolean | The ExternalDelayDsnEnabled parameter specifies whether a delay delivery status notification (DSN) message should be created for external messages that couldn't be immediately delivered. | |
InternalSMTPServers | list<string> | The InternalSMTPServers parameter specifies a list of internal SMTP server IP addresses or IP address ranges that should be ignored by Sender ID and connection filtering. This parameter is available only in on-premises Exchange. | |
MaxDumpsterSizePerDatabase | string | The MaxDumpsterSizePerDatabase parameter specifies the maximum size of the transport dumpster on a Hub Transport server for each database. The default value is 18 MB. The valid input range for this parameter is from 0 through 2147483647 KB. This parameter is available only in on-premises Exchange. This parameter isn't used by Exchange Server 2016. It's used only by Exchange 2010 servers in coexistence environments. |
ATTRIBUTE | TYPE | REFERS TO | DESCRIPTION |
---|---|---|---|
Name | string | The name of the Mail Transport Rule. | |
State | string | The state of the TransportRule. For example, "Enabled" | |
SetScl | number | Spam Confidence Level. -1 = Bypass spam filters. 0-4 = perform normal spam filtering. 5-6 = mark as spam. 7-9 = mark as high confidence spam. See https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/use-mail-flow-rules-to-set-the-spam-confidence-level-scl-in-messages?view=o365-worldwide for more info. | |
FromScope | string | The "from scope" condition being checked in this Transport Rule. Possible values are "InOrganization" "NotInOrganization". See https://docs.microsoft.com/en-us/powershell/module/exchange/set-transportrule?view=exchange-ps for more details. | |
MessageTypeMatches | string | Specifies a condition that looks for messages of a specified type. Possible values are "OOF", "AutoForward", "Encrypted", "Calendaring", "PermissionControlled", Voicemail", "Signed", "ApprovalRequest", and "ReadReceipt". See https://docs.microsoft.com/en-us/powershell/module/exchange/set-transportrule?view=exchange-ps for more information. | |
RejectMessageEnhancedStatusCode | string | Specifies the enhanced status code that's used when the rule rejects messages. See https://docs.microsoft.com/en-us/powershell/module/exchange/set-transportrule?view=exchange-ps for more information. | |
Identity | string | The id of the TransportRule | |
SenderDomainIs | list<string> | The sender domain that is being checked in this Mail Transport Rule. | |
Priority | number | The priority level of the Transport Rule that determines the order of rule processing. 0 is the highest priority. | |
SentToScope | string | The "sent to scope" condition being checked in this Transport Rule. Possible values are "InOrganization", "NotInOrganization", "ExternalPartner" and "ExternalNonPartner". See https://docs.microsoft.com/en-us/powershell/module/exchange/set-transportrule?view=exchange-ps for more details. | |
RejectMessageReasonText | string | Specifies the explanation text that's used when a TransportRule rejects a message. | |
RedirectMessageTo | string | An email address that this MailTransportRule will auto-forward emails to. |