EXOSmtpDaneInbound¶
Parameters¶
| Parameter | Attribute | DataType | Description | Allowed Values |
|---|---|---|---|---|
| DomainName | Key | String | Specifies the accepted domain in the Exchange Online organization where you want to enable SMTP DANE | |
| Ensure | Write | String | Present ensures SmtpDaneInbound is enabled, absent ensures it is disabled. | Present, Absent |
| Credential | Write | PSCredential | Credentials of the Exchange Global Admin | |
| ApplicationId | Write | String | Id of the Azure Active Directory application to authenticate with. | |
| TenantId | Write | String | Id of the Azure Active Directory tenant used for authentication. | |
| CertificateThumbprint | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | |
| CertificatePassword | Write | PSCredential | Username can be made up to anything but password will be used for CertificatePassword | |
| CertificatePath | Write | String | Path to certificate used in service principal usually a PFX file. | |
| ManagedIdentity | Write | Boolean | Managed ID being used for authentication. | |
| AccessTokens | Write | StringArray[] | Access token used for authentication. |
Description:¶
This resource configures SmtpDaneInbound for an accepted domain in Exchange Online. Reference: https://learn.microsoft.com/en-us/powershell/module/exchange/enable-smtpdaneinbound?view=exchange-ps
Note that enabling DANE requires that the accepted domain is configured for DNSSEC and the public MX-record updated correspondingly
Permissions¶
Exchange¶
To authenticate with Microsoft Exchange, this resource requires the following permissions:
Roles¶
- Security Admin, View-Only Configuration
Role Groups¶
- Security Administrator, View-Only Organization Management
Examples¶
Example 1¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOSmtpDaneInbound 'SmtpDaneInbound-mydomain.com'
{
DomainName = "mydomain.com"
Ensure = "Present" # note: DNSSEC for the domain must be enabled. See resource EXODnssecForVerifiedDomain
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}
Example 2¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOSmtpDaneInbound 'SmtpDaneInbound-mydomain.com'
{
DomainName = "mydomain.com"
Ensure = "Present" # note: DNSSEC for the domain must be enabled. See resource EXODnssecForVerifiedDomain
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}
Example 3¶
This example is used to test new resources and showcase the usage of new resources being worked on. It is not meant to use as a production baseline.
Configuration Example
{
param(
[Parameter()]
[System.String]
$ApplicationId,
[Parameter()]
[System.String]
$TenantId,
[Parameter()]
[System.String]
$CertificateThumbprint
)
Import-DscResource -ModuleName Microsoft365DSC
node localhost
{
EXOSmtpDaneInbound 'SmtpDaneInbound-mydomain.com'
{
DomainName = "mydomain.com"
Ensure = "Absent"
ApplicationId = $ApplicationId
TenantId = $TenantId
CertificateThumbprint = $CertificateThumbprint
}
}
}