Set-OrganizationSegment

This cmdlet is available only in Security & Compliance Center PowerShell. For more information, see Security & Compliance Center PowerShell.

Use the Set-OrganizationSegment cmdlet to modify organization segments in the Security & Compliance Center. Organization Segments are not in effect until you apply information barrier policies.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

Syntax

Set-OrganizationSegment
   [-Identity] <PolicyIdParameter>
   [-UserGroupFilter <String>]
   [<CommonParameters>]

Description

Segments are defined by using certain attributes in Azure Active Directory.

You need to be assigned permissions in the Security & Compliance Center before you can use this cmdlet. For more information, see Permissions in the Security & Compliance Center.

Examples

Example 1

Set-OrganizationSegment -Identity c96e0837-c232-4a8a-841e-ef45787d8fcd -UserGroupFilter "Department -eq 'HRDept'"

In this example, for the segment that has the GUID c96e0837-c232-4a8a-841e-ef45787d8fcd, we updated the department name to "HRDept".

Parameters

-Identity

The Identity parameter specifies the organization segment that you want to modify. You can use any value that uniquely identifies the segment. For example:

  • Name
  • Distinguished name (DN)
  • GUID
Type:PolicyIdParameter
Position:0
Default value:None
Accept pipeline input:True
Accept wildcard characters:False
Applies to:Security & Compliance Center
-UserGroupFilter

The UserGroupFilter parameter uses OPath filter syntax to specify the members of the organization segment. The syntax is "Property -ComparisonOperator 'Value'" (for example, "MemberOf -eq 'Engineering Department'" or "ExtensionAttribute1 -eq 'DayTrader'").

  • Enclose the whole OPath filter in double quotation marks " ". If the filter contains system values (for example, $true, $false, or $null), use single quotation marks ' ' instead. Although this parameter is a string (not a system block), you can also use braces { }, but only if the filter doesn't contain variables.
  • Property is a filterable property. For more information, see Attributes for information barrier policies.
  • ComparisonOperator is an OPath comparison operator (for example -eq for equals and -like for string comparison). For more information about comparison operators, see about_Comparison_Operators.
  • Value is the property value to search for. Enclose text values and variables in single quotation marks ('Value' or '$Variable'). If a variable value contains single quotation marks, you need to identify (escape) the single quotation marks to expand the variable correctly. For example, instead of '$User', use '$($User -Replace "'","''")'. Don't enclose integers or system values (for example, 500, $true, $false, or $null).

Use the same property for all of your segments, and verify that your segments don't overlap (a user must be assigned to only one segment).

Type:String
Position:Named
Default value:None
Accept pipeline input:False
Accept wildcard characters:False
Applies to:Security & Compliance Center

Inputs

Outputs