Updates to AuthServer cmdlets

chrisda · chrisda · commit 0381983aff2b · 2019-03-18T10:12:38.000-07:00
Per Issue #3081
diff --git a/exchange/exchange-ps/exchange/move-and-migration/Resume-PublicFolderMigrationRequest.md b/exchange/exchange-ps/exchange/move-and-migration/Resume-PublicFolderMigrationRequest.md
@@ -1,12 +1,12 @@
 ---
 external help file: Microsoft.Exchange.ProvisioningAndMigration-Help.xml
-applicable: Exchange Server 2016, Exchange Server 2019, Exchange Online
+applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Online
 title: Resume-PublicFolderMigrationRequest
 schema: 2.0.0
 author: chrisda
 ms.author: chrisda
 ms.reviewer:
-monikerRange: "exchserver-ps-2016 || exchserver-ps-2019 || exchonline-ps"
+monikerRange: "exchserver-ps-2013 || exchserver-ps-2016 || exchserver-ps-2019 || exchonline-ps"
 ---
 
 # Resume-PublicFolderMigrationRequest
@@ -57,7 +57,7 @@ The Identity parameter specifies the identity of the migration request. This par
 Type: PublicFolderMigrationRequestIdParameter
 Parameter Sets: (All)
 Aliases:
-Applicable: Exchange Server 2016, Exchange Server 2019, Exchange Online
+Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Online
 Required: True
 Position: 1
 Default value: None
@@ -76,7 +76,7 @@ The Confirm switch specifies whether to show or hide the confirmation prompt. Ho
 Type: SwitchParameter
 Parameter Sets: (All)
 Aliases: cf
-Applicable: Exchange Server 2016, Exchange Server 2019, Exchange Online
+Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Online
 Required: False
 Position: Named
 Default value: None
@@ -93,7 +93,7 @@ The DomainController parameter specifies the domain controller that's used by th
 Type: Fqdn
 Parameter Sets: (All)
 Aliases:
-Applicable: Exchange Server 2016, Exchange Server 2019
+Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019
 Required: False
 Position: Named
 Default value: None
@@ -108,7 +108,7 @@ The WhatIf switch simulates the actions of the command. You can use this switch
 Type: SwitchParameter
 Parameter Sets: (All)
 Aliases: wi
-Applicable: Exchange Server 2016, Exchange Server 2019, Exchange Online
+Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Online
 Required: False
 Position: Named
 Default value: None
diff --git a/exchange/exchange-ps/exchange/organization/Get-AuthServer.md b/exchange/exchange-ps/exchange/organization/Get-AuthServer.md
@@ -33,42 +33,55 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 
 ### -------------------------- Example 1 --------------------------
 ```
-Get-AuthServer | Format-List *
+Get-AuthServer
 ```
 
-This example retrieves all settings for all authorization servers in the Exchange organization.
+This example returns a summary list of all authorization servers in the Exchange organization.
+
+### -------------------------- Example 2 --------------------------
+```
+Get-AuthServer -Identity WindowsAzureAC | Format-List
+```
+
+This example retrieves detailed information for the authorization server named WindowsAzureAC.
 
 ## PARAMETERS
 
-### -DomainController
-This parameter is available only in on-premises Exchange.
+### -Identity
+The Identity parameter specifies the authorization server object that you want to view. You can use any value that uniquely identifies the authorization server. For example:
 
-The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.
+- Name
+
+- Distinguished name (DN)
+
+- GUID
 
 ```yaml
-Type: Fqdn
+Type: AuthServerIdParameter
 Parameter Sets: (All)
 Aliases:
-Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019
+Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Online
 Required: False
-Position: Named
+Position: 1
 Default value: None
-Accept pipeline input: False
+Accept pipeline input: True
 Accept wildcard characters: False
 ```
 
-### -Identity
-The Identity parameter specifies the identity of an authorization server.
+### -DomainController
+This parameter is available only in on-premises Exchange.
+
+The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.
 
 ```yaml
-Type: AuthServerIdParameter
+Type: Fqdn
 Parameter Sets: (All)
 Aliases:
-Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Online
+Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019
 Required: False
-Position: 1
+Position: Named
 Default value: None
-Accept pipeline input: True
+Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
diff --git a/exchange/exchange-ps/exchange/organization/New-AuthServer.md b/exchange/exchange-ps/exchange/organization/New-AuthServer.md
@@ -50,53 +50,61 @@ New-AuthServer [-Name] <String> -Type <Unknown | MicrosoftACS | Facebook | Linke
 ## DESCRIPTION
 Partner applications authorized by Exchange can access their resources after they're authenticated using server-to-server authentication. A partner application can authenticate by using self-issued tokens trusted by Exchange or by using an authorization server trusted by Exchange.
 
-The New-AuthServer cmdlet creates a trusted authorization server object in Exchange, which allows it to trust tokens issued by the authorization server.
-
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet (https://technet.microsoft.com/library/mt432940.aspx).
 
 ## EXAMPLES
 
 ### -------------------------- Example 1 --------------------------
 ```
-New-AuthServer HRAppAuth -AuthMetadataUrl http://hrappauth.contoso.com/metadata/json/1
+New-AuthServer -Name WindowsAzureACS -AuthMetadataUrl https://accounts.accesscontrol.windows.net/contoso.onmicrosoft.com/metadata/json/1
 ```
 
-This command creates an authorization server.
+This command creates an authorization server object with the specified settings.
 
 ## PARAMETERS
 
-### -AuthMetadataUrl
-The AuthMetadataUrl parameter specifies the URL for the Office 365 authorization server for your cloud-based organization. For details, see the Office 365 documentation.
+### -Name
+The Name parameter specifies a unique name for the authorization server object. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").
 
 ```yaml
 Type: String
-Parameter Sets: AuthMetadataUrl, NativeClientAuthServer
+Parameter Sets: (All)
 Aliases:
 Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019
 Required: True
-Position: Named
+Position: 1
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
-### -Name
-The Name parameter specifies a name for the authorization server.
+### -AuthMetadataUrl
+The AuthMetadataUrl parameter specifies the URL for the Office 365 authorization server for your cloud-based organization. For details, see the Office 365 documentation.
 
 ```yaml
 Type: String
-Parameter Sets: (All)
+Parameter Sets: AuthMetadataUrl, NativeClientAuthServer
 Aliases:
 Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019
 Required: True
-Position: 1
+Position: Named
 Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
 ### -Type
-This parameter is reserved for internal Microsoft use.
+The Type parameter specifies the type of authorization tokens that are issued by the authorization server. Valid values are:
+
+- ADFS
+
+- AzureAD
+
+- Facebook
+
+- LinkedIn
+
+- MicrosoftACS
 
 ```yaml
 Type: Unknown | MicrosoftACS | Facebook | LinkedIn | ADFS | AzureAD
@@ -145,7 +153,11 @@ Accept wildcard characters: False
 ```
 
 ### -Enabled
-The Enabled parameter specifies whether the authorization server is enabled. Set the parameter to $false to prevent authorization tokens issued by this authorization server from being accepted.
+The Enabled parameter specifies whether the authorization server is enabled. Valid values are:
+
+- $true: Authorization tokens that are issued by the authorization server are accepted. This is the default value
+
+- $false: Authorization tokens that are issued by the authorization server are are not accepted.
 
 ```yaml
 Type: $true | $false
@@ -160,7 +172,9 @@ Accept wildcard characters: False
 ```
 
 ### -TrustAnySSLCertificate
-This parameter is reserved for internal Microsoft use.
+The TrustAnySSLCertificate switch specifies whether Exchange should accept certificates from an untrusted certification authority. You don't need to specify a value with this switch.
+
+We don't recommend using this switch in a production environment.
 
 ```yaml
 Type: SwitchParameter
diff --git a/exchange/exchange-ps/exchange/organization/Remove-AuthServer.md b/exchange/exchange-ps/exchange/organization/Remove-AuthServer.md
@@ -35,12 +35,18 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Remove-AuthServer AMC
 ```
 
-This example removes the authorization server AMC.
+This example removes the authorization server named AMC.
 
 ## PARAMETERS
 
 ### -Identity
-The Identity parameter specifies the identity of the authorization server.
+The Identity parameter specifies the authorization server object that you want to remove. You can use any value that uniquely identifies the authorization server. For example:
+
+- Name
+
+- Distinguished name (DN)
+
+- GUID
 
 ```yaml
 Type: AuthServerIdParameter
diff --git a/exchange/exchange-ps/exchange/organization/Set-AuthServer.md b/exchange/exchange-ps/exchange/organization/Set-AuthServer.md
@@ -69,7 +69,13 @@ This command disables the authorization server ACS.
 ## PARAMETERS
 
 ### -Identity
-The Identity parameter specifies the identity of authorization server.
+The Identity parameter specifies the authorization server object that you want to modify. You can use any value that uniquely identifies the authorization server. For example:
+
+- Name
+
+- Distinguished name (DN)
+
+- GUID
 
 ```yaml
 Type: AuthServerIdParameter
@@ -135,6 +141,12 @@ Accept wildcard characters: False
 ### -Enabled
 The Enabled parameter specifies whether the authorization server is enabled. Only enabled authorization servers can issue and accept tokens. Disabling the authorization server prevents any partner applications configured to use the authorization server from getting a token.
 
+The Enabled parameter specifies whether the authorization server is enabled. Valid values are:
+
+- $true: Authorization tokens that are issued by the authorization server are accepted. This is the default value
+
+- $false: The authorization server does not issue or accept authorization tokens.
+
 ```yaml
 Type: $true | $false
 Parameter Sets: (All)
@@ -148,9 +160,11 @@ Accept wildcard characters: False
 ```
 
 ### -IsDefaultAuthorizationEndpoint
-The IsDefaultAuthorizationEndpoint parameter specifies whether this server is the default authorization endpoint. This server's authorization URL is advertised to calling partner applications and applications need to get their OAuth access tokens from this authorization server.
+The IsDefaultAuthorizationEndpoint parameter specifies whether this server is the default authorization endpoint. Valid values are:
 
-Valid input for this parameter is $true or $false. The default value is $false.
+$true: The authorization server's URL is advertised to calling partner applications and applications that need to get their OAuth access tokens from the authorization server.
+
+$false: The authorization server's URL is not advertised. The default value is $false.
 
 ```yaml
 Type: $true | $false
@@ -165,7 +179,7 @@ Accept wildcard characters: False
 ```
 
 ### -Name
-The Name parameter specifies a name for the authorization server.
+The Name parameter specifies a unique name for the authorization server object. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks (").
 
 ```yaml
 Type: String
@@ -180,7 +194,7 @@ Accept wildcard characters: False
 ```
 
 ### -RefreshAuthMetadata
-The RefreshAuthMetadata switch specifies whether Exchange should refresh the auth metadata from the specified URL.
+The RefreshAuthMetadata switch specifies whether Exchange should refresh the auth metadata from the specified URL. You don't need to specify a value with this switch.
 
 ```yaml
 Type: SwitchParameter
@@ -195,7 +209,9 @@ Accept wildcard characters: False
 ```
 
 ### -TrustAnySSLCertificate
-The TrustAnySSLCertificate switch specifies whether Exchange should accept certificates from an untrusted certification authority. We don't recommend using this switch in a production environment.
+The TrustAnySSLCertificate switch specifies whether Exchange should accept certificates from an untrusted certification authority. You don't need to specify a value with this switch.
+
+We don't recommend using this switch in a production environment.
 
 ```yaml
 Type: SwitchParameter
