New-MgDirectoryCustomSecurityAttributeDefinition

Create a new customSecurityAttributeDefinition object.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryCustomSecurityAttributeDefinition

Syntax

New-MgDirectoryCustomSecurityAttributeDefinition
   [-ResponseHeadersVariable <String>]
   [-AdditionalProperties <Hashtable>]
   [-AllowedValues <IMicrosoftGraphAllowedValue[]>]
   [-AttributeSet <String>]
   [-Description <String>]
   [-Id <String>]
   [-IsCollection]
   [-IsSearchable]
   [-Name <String>]
   [-Status <String>]
   [-Type <String>]
   [-UsePreDefinedValuesOnly]
   [-Headers <IDictionary>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]
New-MgDirectoryCustomSecurityAttributeDefinition
   -BodyParameter <IMicrosoftGraphCustomSecurityAttributeDefinition>
   [-ResponseHeadersVariable <String>]
   [-Headers <IDictionary>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

Create a new customSecurityAttributeDefinition object.

Permissions

Permission type Least privileged permissions Higher privileged permissions
Delegated (work or school account) CustomSecAttributeDefinition.ReadWrite.All Not available.
Delegated (personal Microsoft account) Not supported. Not supported.
Application CustomSecAttributeDefinition.ReadWrite.All Not available.

Examples

Example 1: Add a custom security attribute

Import-Module Microsoft.Graph.Identity.DirectoryManagement

$params = @{
	attributeSet = "Engineering"
	description = "Target completion date"
	isCollection = $false
	isSearchable = $true
	name = "ProjectDate"
	status = "Available"
	type = "String"
	usePreDefinedValuesOnly = $false
}

New-MgDirectoryCustomSecurityAttributeDefinition -BodyParameter $params

This example will add a custom security attribute

Example 2: Add a custom security attribute that supports multiple predefined values

Import-Module Microsoft.Graph.Identity.DirectoryManagement

$params = @{
	attributeSet = "Engineering"
	description = "Active projects for user"
	isCollection = $true
	isSearchable = $true
	name = "Project"
	status = "Available"
	type = "String"
	usePreDefinedValuesOnly = $true
}

New-MgDirectoryCustomSecurityAttributeDefinition -BodyParameter $params

This example will add a custom security attribute that supports multiple predefined values

Example 3: Add a custom security attribute with a list of predefined values

Import-Module Microsoft.Graph.Identity.DirectoryManagement

$params = @{
	attributeSet = "Engineering"
	description = "Active projects for user"
	isCollection = $true
	isSearchable = $true
	name = "Project"
	status = "Available"
	type = "String"
	usePreDefinedValuesOnly = $true
	allowedValues = @(
		@{
			id = "Alpine"
			isActive = $true
		}
		@{
			id = "Baker"
			isActive = $true
		}
		@{
			id = "Cascade"
			isActive = $true
		}
	)
}

New-MgDirectoryCustomSecurityAttributeDefinition -BodyParameter $params

This example will add a custom security attribute with a list of predefined values

Parameters

-AdditionalProperties

Additional Parameters

Type:Hashtable
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AllowedValues

Values that are predefined for this custom security attribute. This navigation property is not returned by default and must be specified in an $expand query. For example, /directory/customSecurityAttributeDefinitions$expand=allowedValues. To construct, see NOTES section for ALLOWEDVALUES properties and create a hash table.

Type:IMicrosoftGraphAllowedValue[]
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-AttributeSet

Name of the attribute set. Case insensitive.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-BodyParameter

customSecurityAttributeDefinition To construct, see NOTES section for BODYPARAMETER properties and create a hash table.

Type:IMicrosoftGraphCustomSecurityAttributeDefinition
Position:Named
Default value:None
Required:True
Accept pipeline input:True
Accept wildcard characters:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:SwitchParameter
Aliases:cf
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Description

Description of the custom security attribute. Can be up to 128 characters long and include Unicode characters. Can be changed later.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Headers

Optional headers that will be added to the request.

Type:IDictionary
Position:Named
Default value:None
Required:False
Accept pipeline input:True
Accept wildcard characters:False

-Id

The unique identifier for an entity. Read-only.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-IsCollection

Indicates whether multiple values can be assigned to the custom security attribute. Cannot be changed later. If type is set to Boolean, isCollection cannot be set to true.

Type:SwitchParameter
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-IsSearchable

Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute values. Cannot be changed later.

Type:SwitchParameter
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Name

Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and include Unicode characters. Cannot contain spaces or special characters. Cannot be changed later. Case insensitive.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ProgressAction

{{ Fill ProgressAction Description }}

Type:ActionPreference
Aliases:proga
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-ResponseHeadersVariable

Optional Response Headers Variable.

Type:String
Aliases:RHV
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Status

Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and Deprecated. Can be changed later.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-Type

Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Cannot be changed later.

Type:String
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-UsePreDefinedValuesOnly

Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can later be changed from true to false, but cannot be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly cannot be set to true.

Type:SwitchParameter
Position:Named
Default value:False
Required:False
Accept pipeline input:False
Accept wildcard characters:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:SwitchParameter
Aliases:wi
Position:Named
Default value:None
Required:False
Accept pipeline input:False
Accept wildcard characters:False

Inputs

Microsoft.Graph.PowerShell.Models.IMicrosoftGraphCustomSecurityAttributeDefinition

System.Collections.IDictionary

Outputs

Microsoft.Graph.PowerShell.Models.IMicrosoftGraphCustomSecurityAttributeDefinition

Notes

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

ALLOWEDVALUES <IMicrosoftGraphAllowedValue- []>: Values that are predefined for this custom security attribute. This navigation property is not returned by default and must be specified in an $expand query. For example, /directory/customSecurityAttributeDefinitions$expand=allowedValues.

  • [Id <String>]: The unique identifier for an entity. Read-only.
  • [IsActive <Boolean?>]: Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be assigned to any other supported directory objects.

BODYPARAMETER <IMicrosoftGraphCustomSecurityAttributeDefinition>: customSecurityAttributeDefinition

  • [(Any) <Object>]: This indicates any property can be added to this object.
  • [Id <String>]: The unique identifier for an entity. Read-only.
  • [AllowedValues <IMicrosoftGraphAllowedValue- []>]: Values that are predefined for this custom security attribute. This navigation property is not returned by default and must be specified in an $expand query. For example, /directory/customSecurityAttributeDefinitions?$expand=allowedValues.
    • [Id <String>]: The unique identifier for an entity. Read-only.
    • [IsActive <Boolean?>]: Indicates whether the predefined value is active or deactivated. If set to false, this predefined value can't be assigned to any other supported directory objects.
  • [AttributeSet <String>]: Name of the attribute set. Case insensitive.
  • [Description <String>]: Description of the custom security attribute. Can be up to 128 characters long and include Unicode characters. Can be changed later.
  • [IsCollection <Boolean?>]: Indicates whether multiple values can be assigned to the custom security attribute. Cannot be changed later. If type is set to Boolean, isCollection cannot be set to true.
  • [IsSearchable <Boolean?>]: Indicates whether custom security attribute values are indexed for searching on objects that are assigned attribute values. Cannot be changed later.
  • [Name <String>]: Name of the custom security attribute. Must be unique within an attribute set. Can be up to 32 characters long and include Unicode characters. Cannot contain spaces or special characters. Cannot be changed later. Case insensitive.
  • [Status <String>]: Specifies whether the custom security attribute is active or deactivated. Acceptable values are: Available and Deprecated. Can be changed later.
  • [Type <String>]: Data type for the custom security attribute values. Supported types are: Boolean, Integer, and String. Cannot be changed later.
  • [UsePreDefinedValuesOnly <Boolean?>]: Indicates whether only predefined values can be assigned to the custom security attribute. If set to false, free-form values are allowed. Can later be changed from true to false, but cannot be changed from false to true. If type is set to Boolean, usePreDefinedValuesOnly cannot be set to true.