Set-PolicyConfig
This cmdlet is available only in Security & Compliance PowerShell. For more information, see Security & Compliance PowerShell.
Use the Set-PolicyConfig cmdlet to modify the endpoint restrictions that are configured in the organization.
For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.
Syntax
Set-PolicyConfig
[[-Identity] <OrganizationIdParameter>]
[-CaseHoldPolicyLimit <Int32>]
[-ClassificationScheme <ClassificationScheme>]
[-ComplianceUrl <String>]
[-Confirm]
[-DlpAppGroups <PswsHashtable[]>]
[-DlpAppGroupsPsws <PswsHashtable[]>]
[-DocumentIsUnsupportedSeverity <RuleSeverity>]
[-EnableLabelCoauth <Boolean>]
[-EnableSpoAipMigration <Boolean>]
[-EndpointDlpGlobalSettings <PswsHashtable[]>]
[-EndpointDlpGlobalSettingsPsws <PswsHashtable[]>]
[-ExtendTeamsDlpPoliciesToSharePointOneDrive <Boolean>]
[-OnPremisesWorkload <Workload>]
[-ProcessingLimitExceededSeverity <RuleSeverity>]
[-PurviewLabelConsent <Boolean>]
[-ReservedForFutureUse <Boolean>]
[-RetentionForwardCrawl <Boolean>]
[-RuleErrorAction <PolicyRuleErrorAction>]
[-SenderAddressLocation <PolicySenderAddressLocation>]
[-WhatIf]
[<CommonParameters>] Description
To use this cmdlet in Security & Compliance PowerShell, you need to be assigned permissions. For more information, see Permissions in the Microsoft Purview compliance portal.
Examples
Example 1
{{ Add example code here }}{{ Add example description here }}
Parameters
{{ Fill CaseHoldPolicyLimit Description }}
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill ClassificationScheme Description }}
| Type: | ClassificationScheme |
| Accepted values: | Default, V0_AggregatedOnly, V1_DetailedResults |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill ComplianceUrl Description }}
| Type: | String |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.
- Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.
- Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill DlpAppGroups Description }}
| Type: | PswsHashtable[] |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill DlpAppGroupsPsws Description }}
| Type: | PswsHashtable[] |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill DocumentIsUnsupportedSeverity Description }}
| Type: | RuleSeverity |
| Accepted values: | Low, Medium, High, None, Informational, Information |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill EnableLabelCoauth Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill EnableSpoAipMigration Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
The EndpointDlpGlobalSettings parameter specifies the global endpoints. This parameter uses the following syntax: @(@{"Setting"="<Setting>"; "Value"="<Value>}",@{"Setting"="<Setting>"; "Value"="<Value>"},...).
The value of <Setting> is one of the supported values.
Example values:
@{"Setting"="PathExclusion"; "Value"="C:\Windows";}@{"Setting"="PathExclusion"; "Value"="%AppData%\Mozilla";}@{"Setting"="PathExclusion"; "Value"="C:\Users\*\Desktop";}@{"Setting"="UnallowedApp"="Notepad ++;"Executable"="notepad++"}@{"Setting"="UnallowedApp"="Executable"="cmd"}@{"Setting"="UnallowedBrowser"="Chrome";"Executable"="chrome"}@{"Setting"="CloudAppRestrictions"="Allow"}@{"Setting"="CloudAppRestrictionList"="1.1.2.2"}@{"Setting"="CloudAppRestrictionList"="subdomain.com"}@{"Setting"="CloudAppRestrictionList"="another.differentdomain.edu"}@{"Setting"="ShowEndpointJustificationDropdown"; "True";}
| Type: | PswsHashtable[] |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill EndpointDlpGlobalSettingsPsws Description }}
| Type: | PswsHashtable[] |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill ExtendTeamsDlpPoliciesToSharePointOneDrive Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill Identity Description }}
| Type: | OrganizationIdParameter |
| Position: | 0 |
| Default value: | None |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill OnPremisesWorkload Description }}
| Type: | Workload |
| Accepted values: | None, Exchange, SharePoint, Intune, OneDriveForBusiness, PublicFolder, SharePointOnPremises, ExchangeOnPremises, AuditAlerting, Skype, ModernGroup, DynamicScope, Teams, UnifiedAuditAzure, EndpointDevices, ThirdPartyApps, OnPremisesScanner |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill ProcessingLimitExceededSeverity Description }}
| Type: | RuleSeverity |
| Accepted values: | Low, Medium, High, None, Informational, Information |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill PurviewLabelConsent Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill ReservedForFutureUse Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
{{ Fill RetentionForwardCrawl Description }}
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
The RuleErrorAction parameter specifies what to do if an error is encountered during the evaluation of the rule. Valid values are:
- Ignore
- RetryThenBlock (This is the default value)
| Type: | PolicyRuleErrorAction |
| Accepted values: | Ignore, RetryThenBlock |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
The SenderAddressLocation parameter specifies where to look for sender addresses in conditions and exceptions that examine sender email addresses. Valid values are:
- Header: Only examine senders in the message headers (for example, the From, Sender, or Reply-To fields). This is the default value.
- Envelope: Only examine senders from the message envelope (the MAIL FROM value that was used in the SMTP transmission, which is typically stored in the Return-Path field).
- HeaderOrEnvelope: Examine senders in the message header and the message envelope.
| Type: | PolicySenderAddressLocation |
| Accepted values: | Header, Envelope, HeaderOrEnvelope |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
The WhatIf switch doesn't work in Security & Compliance PowerShell.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
| Applies to: | Security & Compliance |
Saran dan Komentar
Kirim dan lihat umpan balik untuk