Enable-DnssecForVerifiedDomain

Reference

Module:: ExchangePowerShell

Applies to:: Exchange Online

This cmdlet is available only in the cloud-based service.

Use the Enable-DnssecForVerifiedDomain cmdlet to enable Domain Name System Security (DNSSEC) for inbound mail to accepted domains in Exchange Online.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

Syntax

Enable-DnssecForVerifiedDomain
      [-DomainName] <String>
      [-Confirm]
      [-WhatIf]
      [<CommonParameters>]

Description

The output of this cmdlet is an MX record value that you need to add to DNS for the specified domain.

For more information about debugging, enabling, and disabling SMTP DANE with DNSSEC, see How SMTP DANE works.

You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet.

Examples

Example 1

Enable-DnssecForVerifiedDomain -DomainName contoso.com

This example enables DNSSEC for mail sent to contoso.com.

Parameters

-Confirm

This parameter is reserved for internal Microsoft use.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	Exchange Online

-DomainName

The DomainName parameter specifies the accepted domain in the Exchange Online organization where you want to enable DNSSEC (for example, contoso.com). Use the Get-AcceptedDomain cmdlet to see the accepted domains in the organization.

Type:	String
Position:	1
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False
Applies to:	Exchange Online

-WhatIf