Merge pull request #7427 from MicrosoftDocs/chrisda

Chrisda to Master

Author: chrisda

exchange/docs-conceptual/app-only-auth-powershell-v2.md

@@ -54,15 +54,15 @@ The following examples show how to use the Exchange Online PowerShell V2 module
 >
 > - In the **Connect-ExchangeOnline** commands, be sure to use an `.onmicrosoft.com` domain in the _Organization_ parameter value. Otherwise, you might encounter cryptic permission issues when you run commands in the app context.
 >
-> - App-only authentication does not support delegation. Unattended scripting in delegation scenarios is supported with the Secure App Model. For more information, go [here](https://docs.microsoft.com/powershell/partnercenter/multi-factor-auth#exchange).
+> - App-only authentication does not support delegation. Unattended scripting in delegation scenarios is supported with the Secure App Model. For more information, go [here](/powershell/partnercenter/multi-factor-auth#exchange).
 
 ## How does it work?
 
 The EXO V2 module uses the Active Directory Authentication Library to fetch an app-only token using the application Id, tenant Id (organization), and certificate thumbprint. The application object provisioned inside Azure AD has a Directory Role assigned to it, which is returned in the access token. Exchange Online configures the session RBAC using the directory role information that's available in the token.
 
 ## Set up app-only authentication
 
-An initial onboarding is required for authentication using application objects. Application and service principal are used interchangeably, but an application is like a class object while a service principal is like an instance of the class. You can learn more about this at [Application and service principal objects in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/develop/app-objects-and-service-principals).
+An initial onboarding is required for authentication using application objects. Application and service principal are used interchangeably, but an application is like a class object while a service principal is like an instance of the class. You can learn more about this at [Application and service principal objects in Azure Active Directory](/azure/active-directory/develop/app-objects-and-service-principals).
 
 For a detailed visual flow about creating applications in Azure AD, see <https://aka.ms/azuread-app>.
 
@@ -101,7 +101,7 @@ For a detailed visual flow about creating applications in Azure AD, see <https:/
 
 ## Step 1: Register the application in Azure AD
 
-**Note**: If you encounter problems, check the [required permissions](https://docs.microsoft.com/azure/active-directory/develop/howto-create-service-principal-portal#required-permissions) to verify that your account can create the identity.
+**Note**: If you encounter problems, check the [required permissions](/azure/active-directory/develop/howto-create-service-principal-portal#required-permissions) to verify that your account can create the identity.
 
 1. Open the Azure AD portal at <https://portal.azure.com/>.
 
@@ -125,7 +125,7 @@ For a detailed visual flow about creating applications in Azure AD, see <https:/
 
    - **Redirect URI (optional)**: In the first box, verify that **Web** is selected. In the second box, enter the URI where the access token is sent.
 
-     Note that you can't create credentials for [native applications](https://docs.microsoft.com/azure/active-directory/manage-apps/application-proxy-configure-native-client-application), because you can't use that type for automated applications.
+     Note that you can't create credentials for [native applications](/azure/active-directory/manage-apps/application-proxy-configure-native-client-application), because you can't use that type for automated applications.
 
      ![Register an application](media/exo-app-only-auth-register-app.png)
 
@@ -186,7 +186,7 @@ For a detailed visual flow about creating applications in Azure AD, see <https:/
 
 Create a self-signed x.509 certificate using one of the following methods:
 
-- (Recommended) Use the [New-SelfSignedCertificate](https://docs.microsoft.com/powershell/module/pkiclient/new-selfsignedcertificate), [Export-Certificate](https://docs.microsoft.com/powershell/module/pkiclient/export-certificate) and [Export-PfxCertificate](https://docs.microsoft.com/powershell/module/pkiclient/export-pfxcertificate) cmdlets in an elevated (run as administrator) Windows PowerShell session to request a self-signed certificate and export it to `.cer` and `.pfx` (SHA1 by default). For example:
+- (Recommended) Use the [New-SelfSignedCertificate](/powershell/module/pkiclient/new-selfsignedcertificate), [Export-Certificate](/powershell/module/pkiclient/export-certificate) and [Export-PfxCertificate](/powershell/module/pkiclient/export-pfxcertificate) cmdlets in an elevated (run as administrator) Windows PowerShell session to request a self-signed certificate and export it to `.cer` and `.pfx` (SHA1 by default). For example:
 
   ```powershell
   # Create certificate
@@ -251,7 +251,7 @@ Azure AD has more than 50 admin roles available. For app-only authentication in
 - Exchange administrator
 - Global Reader
 
-For general instructions about assigning roles in Azure AD, see [View and assign administrator roles in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/roles/manage-roles-portal).
+For general instructions about assigning roles in Azure AD, see [View and assign administrator roles in Azure Active Directory](/azure/active-directory/roles/manage-roles-portal).
 
 1. On the Azure AD portal at <https://portal.azure.com/>, under **Manage Azure Active Directory**, click **View**.
 

exchange/docs-conceptual/exchange-online-powershell-v2.md

@@ -275,19 +275,59 @@ If the module is already installed on your computer, you can run the following c
 
 For detailed syntax and parameter information, see [Update-Module](https://docs.microsoft.com/powershell/module/powershellget/update-module).
 
-**Note**: If you receive the following error:
+### Troubleshoot installing the EXO V2 module
 
-> The specified module 'ExchangeOnlineManagement' with PowerShellGetFormatVersion '\<version\>' is not supported by the current version of PowerShellGet. Get the latest version of the PowerShellGet module to install this module, 'ExchangeOnlineManagement'.
+- If you receive the following error:
 
-Update your installation of the PowerShellGet module to the latest version as described in [Installing PowerShellGet](https://docs.microsoft.com/powershell/scripting/gallery/installing-psget). Be sure to close and re-open the elevated PowerShell window before you attempt to update the ExchangeOnlineManagement module again.
+  > The specified module 'ExchangeOnlineManagement' with PowerShellGetFormatVersion '\<version\>' is not supported by the current version of PowerShellGet. Get the latest version of the PowerShellGet module to install this module, 'ExchangeOnlineManagement'.
+
+  Update your installation of the PowerShellGet module to the latest version as described in [Installing PowerShellGet](https://docs.microsoft.com/powershell/scripting/gallery/installing-psget). Be sure to close and re-open the PowerShell window before you attempt to update the ExchangeOnlineManagement module again.
+
+- As of April 2020, the PowerShell Gallery only supports connections using TLS 1.2 or later. For more information, see [PowerShell Gallery TLS Support](https://devblogs.microsoft.com/powershell/powershell-gallery-tls-support/).
+
+  To check your current settings in the Microsoft .NET Framework, run the following command in Windows PowerShell:
+
+  ```powershell
+  [Net.ServicePointManager]::SecurityProtocol
+  ```
+
+  As described in the PowerShell Gallery TLS Support article, to *temporarily* change the security protocol to TLS 1.2 to install the PowerShellGet or ExchangeOnlineManagement modules, run the following command in Windows PowerShell *before* you install the module:
+
+  ```powershell
+  [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12 
+  ```
+
+  To *permanently* enable strong cryptography in the Microsoft .NET Framework version 4.x or later, run one of the following commands based on your Windows architecture:
+
+  - x64:
+
+    ```powershell
+    Set-ItemProperty -Path 'HKLM:\SOFTWARE\Wow6432Node\Microsoft.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Type DWord -Value '1'
+    ```
+
+  - x86
+
+    ```powershell
+    Set-ItemProperty -Path 'HKLM:\SOFTWARE\Microsoft.NetFramework\v4.0.30319' -Name 'SchUseStrongCrypto' -Type DWord -Value '1'
+    ```
+
+  For more information, see [SchUseStrongCrypto](/dotnet/framework/network-programming/tls#schusestrongcrypto).
 
 ### Uninstall the EXO V2 module
 
-To uninstall the module, run the following command **in an elevated PowerShell window**:
+To uninstall the module, run **one** of the following commands based on how you originally installed the module (in an elevated PowerShell window vs. `Scope CurrentUser`):
 
-```powershell
-Uninstall-Module -Name ExchangeOnlineManagement
-```
+- In an elevated PowerShell window (all users):
+
+  ```powershell
+  Uninstall-Module -Name ExchangeOnlineManagement
+  ```
+
+- Only for the current user account:
+
+  ```powershell
+  Uninstall-Module -Name ExchangeOnlineManagement
+  ```
 
 For detailed syntax and parameter information, see [Uninstall-Module](https://docs.microsoft.com/powershell/module/powershellget/uninstall-module).
 

exchange/exchange-ps/exchange/Enable-Mailbox.md

@@ -231,7 +231,8 @@ Enable-Mailbox [-Identity] <UserIdParameter>
 ```
 Enable-Mailbox [-Identity] <UserIdParameter>]
  [-Archive]
- [-ArchiveDatabase <DatabaseIdParameter>  [-ArchiveGuid <Guid>]
+ [-ArchiveDatabase <DatabaseIdParameter>]
+ [-ArchiveGuid <Guid>]
  [-ArchiveName <MultiValuedProperty>]
  [-ActiveSyncMailboxPolicy <MailboxPolicyIdParameter>]
  [-Alias <String>

exchange/exchange-ps/exchange/Enable-RemoteMailbox.md

@@ -83,7 +83,8 @@ Enable-RemoteMailbox [-Identity] <UserIdParameter>
 ```
 Enable-RemoteMailbox [-Identity] <UserIdParameter>
  [-Shared]
- [-ACLableSyncedObjectEnabled [-Alias <String>]
+ [-ACLableSyncedObjectEnabled]
+ [-Alias <String>]
  [-Confirm]
  [-DisplayName <String>]
  [-DomainController <Fqdn>]

exchange/exchange-ps/exchange/Remove-PublicFolderAdministrativePermission.md

@@ -34,7 +34,7 @@ Remove-PublicFolderAdministrativePermission [-Identity] <PublicFolderIdParameter
 
 ### Instance
 ```
-Remove-PublicFolderAdministrativePermission[[-Identity] <PublicFolderIdParameter>] -Instance <PublicFolderAdministrativeAceObject>
+Remove-PublicFolderAdministrativePermission [[-Identity] <PublicFolderIdParameter>] -Instance <PublicFolderAdministrativeAceObject>
  [-AccessRights <MultiValuedProperty>]
  [-Confirm]
  [-Deny]