Set-MsolDeviceRegistrationServicePolicy
Sets the Azure Active Directory device registration service settings.
Syntax
Set-MsolDeviceRegistrationServicePolicy
[-AllowedToAzureAdJoin <Scope>]
[-AllowedToWorkplaceJoin <Scope>]
[-MaximumDevicesPerUser <Int32>]
[-RequireMultiFactorAuth <Boolean>]
[<CommonParameters>] Description
The Set-MsolDeviceRegistrationServicePolicy cmdlet sets the Azure Active Directory device registration service settings.
Examples
Example 1: Set the maximum number of devices for a user
PS C:\> Set-MsolDeviceRegistrationServicePolicy -MaximumDevicesPerUser 50This command sets the maximum number of devices a user can have in Azure Active Directory.
Example 2: Enforce that a user use a second method of authentication
PS C:\> Set-MsolDeviceRegistrationServicePolicy -RequireMultiFactorAuth $TrueThis command enforces users that are adding devices from the internet first use a second method of authentication.
Example 3: Allow all users to workplace join devices
PS C:\> Set-MsolDeviceRegistrationServicePolicy -AllowedToWorkplaceJoin AllThis command allows all the users to workplace join devices.
Example 4: Disallow all users to workplace join devices
PS C:\> Set-MsolDeviceRegistrationServicePolicy -AllowedToWorkplaceJoin NoneThis command disallows any of the users to workplace join devices.
Example 5: Allow all users to Azure Active Directory join devices
PS C:\> Set-MsolDeviceRegistrationServicePolicy -AllowedToAzureAdJoin AllThis command allows all the users to Azure Active Directory join devices.
Parameters
-AllowedToAzureAdJoin
Specifies what users or group is allowed to join their devices to Azure Active Directory. When this value is set to All, all users are allowed to Azure Active Directory join devices. When this value is set to None, no one is allowed to Azure Active Directory join devices. When this value is set to Selected, you may specify what users or groups are allowed to Azure Active Directory join devices.
The acceptable values for this parameter are:
- All
- None
- Selected
| Type: | Scope |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AllowedToWorkplaceJoin
Specifies whether user is allowed to join their personal devices to their company. When set to All, ALL users are allowed to workplace join devices. When set to None, no one is allowed to workplace join devices.
| Type: | Scope |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-MaximumDevicesPerUser
Specifies the maximum number of devices a user can have in Azure Active Directory.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RequireMultiFactorAuth
Indicates whether users that add devices from the internet must first use a second method of authentication.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Related Links
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for