EXOOrganizationRelationship¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| Name | Key | String | The Name parameter specifies the unique name of the organization relationship. The maximum length is 64 characters. | |
| ArchiveAccessEnabled | Write | Boolean | The ArchiveAccessEnabled parameter specifies whether the organization relationship has been configured to provide remote archive access. | |
| DeliveryReportEnabled | Write | Boolean | The DeliveryReportEnabled parameter specifies whether Delivery Reports should be shared over the organization relationship. | |
| DomainNames | Write | StringArray[] | The DomainNames parameter specifies the SMTP domains of the external organization. You can specify multiple domains separated by commas. | |
| Enabled | Write | Boolean | The Enabled parameter specifies whether to enable the organization relationship. | |
| FreeBusyAccessEnabled | Write | Boolean | The FreeBusyAccessEnabled parameter specifies whether the organization relationship should be used to retrieve free/busy information from the external organization. | |
| FreeBusyAccessLevel | Write | String | The FreeBusyAccessLevel parameter specifies the maximum amount of detail returned to the requesting organization. Valid values are: None, AvailabilityOnly or LimitedDetails | None, AvailabilityOnly, LimitedDetails |
| FreeBusyAccessScope | Write | String | The FreeBusyAccessScope parameter specifies a mail-enabled security group in the internal organization that contains users whose free/busy information is accessible by an external organization. You can use any value that uniquely identifies the group. | |
| MailboxMoveEnabled | Write | Boolean | The MailboxMoveEnabled parameter specifies whether the organization relationship enables moving mailboxes to or from the external organization. | |
| MailboxMoveCapability | Write | String | The MailboxMoveCapability parameter is used in cross-tenant mailbox migrations. | Inbound, Outbound, RemoteInbound, RemoteOutbound, None |
| MailboxMovePublishedScopes | Write | StringArray[] | The MailboxMovePublishedScopes parameter is used in cross-tenant mailbox migrations to specify the mail-enabled security groups whose members are allowed to migrate. | |
| MailTipsAccessEnabled | Write | Boolean | The MailTipsAccessEnabled parameter specifies whether MailTips for users in this organization are returned over this organization relationship. | |
| MailTipsAccessLevel | Write | String | The MailTipsAccessLevel parameter specifies the level of MailTips data externally shared over this organization relationship. This parameter can have the following values: All, Limited, None | None, All, Limited |
| MailTipsAccessScope | Write | String | The MailTipsAccessScope parameter specifies a mail-enabled security group in the internal organization that contains users whose free/busy information is accessible by an external organization. You can use any value that uniquely identifies the group. | |
| OauthApplicationId | Write | String | The OAuthApplicationId is used in cross-tenant mailbox migrations to specify the application ID of the mailbox migration app that you consented to. | |
| OrganizationContact | Write | String | The OrganizationContact parameter specifies the email address that can be used to contact the external organization (for example, administrator@fourthcoffee.com). | |
| PhotosEnabled | Write | Boolean | The PhotosEnabled parameter specifies whether photos for users in the internal organization are returned over the organization relationship. | |
| TargetApplicationUri | Write | String | The TargetApplicationUri parameter specifies the target Uniform Resource Identifier (URI) of the external organization. The TargetApplicationUri parameter is specified by Exchange when requesting a delegated token to retrieve free and busy information, for example, mail.contoso.com. | |
| TargetAutodiscoverEpr | Write | String | The TargetAutodiscoverEpr parameter specifies the Autodiscover URL of Exchange Web Services for the external organization. Exchange uses Autodiscover to automatically detect the correct Exchangeserver endpoint to use for external requests. | |
| TargetOwaURL | Write | String | The TargetOwaURL parameter specifies the Outlook on the web (formerly Outlook Web App) URL of the external organization that's defined in the organization relationship. It is used for Outlook on the web redirection in a cross-premise Exchange scenario. Configuring this attribute enables users in the organization to use their current Outlook on the web URL to access Outlook on the web in the external organization. | |
| TargetSharingEpr | Write | String | The TargetSharingEpr parameter specifies the URL of the target Exchange Web Services for the external organization. | |
| Ensure | Write | String | Specify if the OrganizationRelationship should exist or not. | Present, Absent |
| Credential | Write | PSCredential | Credentials of the Exchange Global Admin | |
| ApplicationId | Write | String | Id of the Azure Active Directory application to authenticate with. | |
| TenantId | Write | String | Id of the Azure Active Directory tenant used for authentication. | |
| CertificateThumbprint | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | |
| CertificatePassword | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | |
| CertificatePath | Write | String | Path to certificate used in service principal usually a PFX file. | |
| ManagedIdentity | Write | Boolean | Managed ID being used for authentication. | |
| AccessTokens | Write | StringArray[] | Access token used for authentication. |
Description¶
This resource configures the Organization Relationship in Exchange Online.
Permissions¶
Exchange¶
To authenticate with Microsoft Exchange, this resource required the following permissions:
Roles¶
- Federated Sharing, Organization Transport Settings, View-Only Configuration, Mail Tips, Message Tracking, Organization Configuration
Role Groups¶
- Organization Management
Examples¶
Example 1¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOOrganizationRelationship 'ConfigureOrganizationRelationship'
{
Name = "Contoso"
ArchiveAccessEnabled = $True
DeliveryReportEnabled = $True
DomainNames = "mail.contoso.com"
Enabled = $True
FreeBusyAccessEnabled = $True
FreeBusyAccessLevel = "AvailabilityOnly"
MailboxMoveEnabled = $True
MailTipsAccessEnabled = $True
MailTipsAccessLevel = "None"
PhotosEnabled = $True
TargetApplicationUri = "mail.contoso.com"
TargetAutodiscoverEpr = "https://mail.contoso.com/autodiscover/autodiscover.svc/wssecurity"
Ensure = "Present"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}
Example 2¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOOrganizationRelationship 'ConfigureOrganizationRelationship'
{
Name = "Contoso"
ArchiveAccessEnabled = $False # Updated Property
DeliveryReportEnabled = $True
DomainNames = "mail.contoso.com"
Enabled = $True
FreeBusyAccessEnabled = $True
FreeBusyAccessLevel = "AvailabilityOnly"
MailboxMoveEnabled = $True
MailTipsAccessEnabled = $True
MailTipsAccessLevel = "None"
PhotosEnabled = $True
TargetApplicationUri = "mail.contoso.com"
TargetAutodiscoverEpr = "https://mail.contoso.com/autodiscover/autodiscover.svc/wssecurity"
Ensure = "Present"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}
Example 3¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOOrganizationRelationship 'ConfigureOrganizationRelationship'
{
Name = "Contoso"
Enabled = $True
Ensure = "Absent"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}