New-SecOpsOverridePolicy

This cmdlet is available only in Security & Compliance Center PowerShell. For more information, see Security & Compliance Center PowerShell.

Use the New-SecOpsOverridePolicy cmdlet to create SecOps mailbox override policies to bypass Exchange Online Protection filtering. For more information, see Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

Syntax

New-SecOpsOverridePolicy
   [-Name] <String>
   -SentTo <MultiValuedProperty>
   [-Comment <String>]
   [-Confirm]
   [-Enabled <Boolean>]
   [-WhatIf]
   [<CommonParameters>]

Description

You need to be assigned permissions in the Security & Compliance Center before you can use this cmdlet. For more information, see Permissions in the Security & Compliance Center.

Examples

Example 1

New-SecOpsOverridePolicy -Name SecOpsOverridePolicy -SendTo secops@contoso.com

This example creates the SecOps mailbox override policy with the specified settings.

Parameters

-Comment

The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks ("), for example: "This is an admin note".

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-Confirm

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

  • Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.
  • Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-Enabled

The Enabled parameter specifies whether the policy is enabled. Valid values are:

  • $true: The policy is enabled. This is the default value.
  • $false: The policy is disabled.
Type:Boolean
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-Name

The Name parameter specifies the name for the SecOps mailbox override policy. Regardless of the value you specify, the name will be SecOpsOverridePolicy.

Type:String
Position:0
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-SentTo

The SentTo parameter specifies the email address of the SecOps mailbox. Groups are not allowed.

You can specify multiple email addresses separated by commas.

Type:MultiValuedProperty
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center
-WhatIf

The WhatIf switch doesn't work in Security & Compliance Center PowerShell.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center

Inputs

Outputs