Set-AzureADMSAuthorizationPolicy
Updates an authorization policy, which represents a policy that can control Azure Active Directory authorization settings.
Syntax
Set-AzureADMSAuthorizationPolicy
[-AllowedToSignUpEmailBasedSubscriptions <Boolean>]
[-AllowedToUseSSPR <Boolean>]
[-AllowEmailVerifiedUsersToJoinOrganization <Boolean>]
[-BlockMsolPowerShell <Boolean>]
[-DefaultUserRolePermissions <DefaultUserRolePermissions>]
[-Description <String>]
[-DisplayName <String>]
[<CommonParameters>] Description
The Set-AzureADMSAuthorizationPolicy cmdlet updates an Azure Active Directory authorization policy.
Examples
Example 1: Update an authorization policy
PS C:\>Set-AzureADMSAuthorizationPolicy -DisplayName "updated displayname" -Description "updated description" -DefaultUserRolePermissions @{ AllowedToCreateApps = $false }This command updates the specified parameters of the authorization policy.
Parameters
-AllowedToSignUpEmailBasedSubscriptions
Specifies whether users can sign up for email based subscriptions. The initial default value is true.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AllowedToUseSSPR
Specifies whether the Self-Serve Password Reset feature can be used by users on the tenant. The initial default value is true.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-AllowEmailVerifiedUsersToJoinOrganization
Specifies whether a user can join the tenant by email validation. The initial default value is true.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BlockMsolPowerShell
Specifies whether the user-based access to the legacy service endpoint used by MSOL PowerShell is blocked or not.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DefaultUserRolePermissions
Contains various customizable default user role permissions.
| Type: | DefaultUserRolePermissions |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Description
Specifies the description of the authorization policy.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisplayName
Specifies the display name of the authorization policy.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.Open.MSGraph.Model.DefaultUserRolePermissions
Notes
See the migration guide for Set-AzureADMSAuthorizationPolicy to the Microsoft Graph PowerShell.