Set-CMCollectionCloudSync
Configure collection membership synchronization to Microsoft Entra groups for a device or user collection. For more information, see How to synchronize collection members to Microsoft Entra groups
Syntax
Set-CMCollectionCloudSync
-InputObject <IResultObject#SMS_Collection>
[-AddGroupName <string[]>][-EnableAssignEndpointSecurityPolicy <bool>]
[-RemoveGroupName <string[]>]
[-TenantId <string>][-TenantName <string>]
[-TenantObject <IResultObject#SMS_AAD_Tenant_Ex>]
[-DisableWildcardHandling]
[-ForceWildcardHandling][-WhatIf]
[-Confirm]
[<CommonParameters>] Set-CMCollectionCloudSync
-Id <string>
[-AddGroupName <string[]>]
[-EnableAssignEndpointSecurityPolicy <bool>][-RemoveGroupName <string[]>]
[-TenantId <string>]
[-TenantName <string>]
[-TenantObject <IResultObject#SMS_AAD_Tenant_Ex>][-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm][<CommonParameters>] Set-CMCollectionCloudSync
-Name <string>
[-AddGroupName <string[]>]
[-EnableAssignEndpointSecurityPolicy <bool>][-RemoveGroupName <string[]>]
[-TenantId <string>]
[-TenantName <string>]
[-TenantObject <IResultObject#SMS_AAD_Tenant_Ex>][-DisableWildcardHandling]
[-ForceWildcardHandling]
[-WhatIf]
[-Confirm][<CommonParameters>] Description
Use this cmdlet to configure collection membership synchronization to Microsoft Entra groups for a device or user collection.
Note
Run Configuration Manager cmdlets from the Configuration Manager site drive, for example PS XYZ:\>. For more information, see getting started.
Examples
Example 1: Enable a collection to synchronize members to Microsoft Entra group
The first command gets the collection object named testUserCollection and stores it in the $userCollection variable. The second command gets the Microsoft Entra tenant named contoso and stores it in the $AADTenant variable. The third command enables the synchronization of the collection with Microsoft Entra group named testUserGroup belonging to tenant name "contoso"
$userCollection = Get-CMCollection -Name "testUserCollection"
$AADTenant = Get-CMAADTenant -Name "contoso"
Set-CMCollectionCloudSync -InputObject $userCollection -AddGroupName "testUserGroup" -EnableAssignEndpointSecurityPolicy $true -TenantObject $AADTenantExample 2: Remove collection synchronization with Microsoft Entra group
The first command gets the collection object named testUserCollection and stores it in the $userCollection variable. The second command removes the synchronization of the collection with Microsoft Entra group named testUserGroup belonging to tenant name "contoso", which is passed as value for -TenantName parameter. Alternatively -TenantId parameter can also be used.
$userCollection = Get-CMCollection -Name "testUserCollection"
Set-CMCollectionCloudSync -InputObject $userCollection -RemoveGroupName "testUserGroup" -EnableAssignEndpointSecurityPolicy $true -TenantName "contoso"Parameters
-AADGroupName
Specify target Microsoft Entra group name with which the collection's members needs to be synchronized.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DisableWildcardHandling
This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-EnableAssignEndpointSecurityPolicy
Use this parameter enable or disable the collection to show up in Intune portal to assign endpoint security policies in Tenant Attach scenario.
| Type: | Boolean |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ForceWildcardHandling
This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Id
Specify the ID of the collection to configure. This value is the CollectionID property, for example, XYZ00012.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
Specify a collection object to configure. To get this object, use the Get-CMCollection, Get-CMDeviceCollection, or Get-CMUserCollection cmdlets.
| Type: | IResultObject |
| Aliases: | Collection |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Name
Specify the name of a collection to configure.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RemoveGroupName
Use this parameter to remove synchronization with the specified Microsoft Entra group.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantId
Specify the ID of the Microsoft Entra tenant. This value is the TenantId property, for example, 72f988bf-00ab-11cd-22ef-2d7cd011db00.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantName
Specify the name of the Microsoft Entra tenant, for example, contoso.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-TenantObject
Specify an object for the Microsoft Entra tenant. To get this object, use the Get-CMAADTenant cmdlet.
| Type: | IResultObject |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet doesn't run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.ConfigurationManagement.ManagementProvider.IResultObject
Outputs
System.Object