MicrosoftDocs
diff --git a/‎exchange/docs-conceptual/app-only-auth-powershell-v2.md
Lines changed: 2 additions & 2 deletions b/‎exchange/docs-conceptual/app-only-auth-powershell-v2.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎exchange/docs-conceptual/cmdlet-property-sets.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/cmdlet-property-sets.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/connect-exo-powershell-managed-identity.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/connect-exo-powershell-managed-identity.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/connect-to-exchange-online-powershell.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/connect-to-exchange-online-powershell.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/connect-to-exchange-online-protection-powershell.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/connect-to-exchange-online-protection-powershell.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/connect-to-exchange-servers-using-remote-powershell.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/connect-to-exchange-servers-using-remote-powershell.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/connect-to-exo-powershell-c-sharp.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/connect-to-exo-powershell-c-sharp.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/connect-to-scc-powershell.md
Lines changed: 2 additions & 2 deletions b/‎exchange/docs-conceptual/connect-to-scc-powershell.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎exchange/docs-conceptual/control-remote-powershell-access-to-exchange-servers.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/control-remote-powershell-access-to-exchange-servers.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/disable-access-to-exchange-online-powershell.md
Lines changed: 19 additions & 20 deletions b/‎exchange/docs-conceptual/disable-access-to-exchange-online-powershell.md
Lines changed: 19 additions & 20 deletions
@@ -2,7 +2,7 @@
 title: App-only authentication in Exchange Online PowerShell and Security & Compliance PowerShell
 ms.author: chrisda
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 12/12/2023
 ms.audience: Admin
 audience: Admin
@@ -481,7 +481,7 @@ For general instructions about assigning roles in Microsoft Entra ID, see [Assig
 >
 >  This method is supported only when you connect to Exchange Online PowerShell or Security & Compliance PowerShell in [REST API mode](exchange-online-powershell-v2.md#rest-api-connections-in-the-exo-v3-module). Security & Compliance PowerShell supports REST API mode in v3.2.0 or later.
 
-For information about creating custom role groups, see [Create role groups in Exchange Online](/exchange/permissions-exo/role-groups#create-role-groups) and [Create Email & collaboration role groups in the Microsoft Defender portal](/microsoft-365/security/office-365-security/mdo-portal-permissions#create-email--collaboration-role-groups-in-the-microsoft-defender-portal). The custom role group that you assign to the application can contain any combination of built-in and custom roles.
+For information about creating custom role groups, see [Create role groups in Exchange Online](/exchange/permissions-exo/role-groups#create-role-groups) and [Create Email & collaboration role groups in the Microsoft Defender portal](/defender-office-365/mdo-portal-permissions#create-email--collaboration-role-groups-in-the-microsoft-defender-portal). The custom role group that you assign to the application can contain any combination of built-in and custom roles.
 
 To assign custom role groups to the application using service principals, do the following steps:
 
 
@@ -2,7 +2,7 @@
 title: Property sets in Exchange Online PowerShell module cmdlets
 ms.author: chrisda
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 9/1/2023
 ms.audience: Admin
 audience: Admin
 
@@ -2,7 +2,7 @@
 title: Use Azure managed identities to connect to Exchange Online PowerShell
 ms.author: chrisda
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 8/24/2023
 ms.audience: Admin
 audience: Admin
 
@@ -1,7 +1,7 @@
 ---
 title: Connect to Exchange Online PowerShell
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 8/21/2023
 ms.audience: Admin
 audience: Admin
 
@@ -1,7 +1,7 @@
 ---
 title: Connect to Exchange Online Protection PowerShell
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 8/21/2023
 ms.audience: Admin
 audience: Admin
 
@@ -2,7 +2,7 @@
 title: "Connect to Exchange servers using remote PowerShell"
 ms.author: chrisda
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 9/7/2023
 ms.audience: ITPro
 audience: ITPro
 
@@ -2,7 +2,7 @@
 title: Use C# to connect to Exchange Online PowerShell
 ms.author: chrisda
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 8/21/2023
 ms.audience: Admin
 audience: Admin
 
@@ -1,7 +1,7 @@
 ---
 title: Connect to Security & Compliance PowerShell
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 12/12/2023
 ms.audience: Admin
 audience: Admin
@@ -33,7 +33,7 @@ To connect to Security & Compliance PowerShell for automation, see [App-only aut
   >
   > REST API connections in the Exchange Online PowerShell V3 module require the PowerShellGet and PackageManagement modules. For more information, see [PowerShellGet for REST-based connections in Windows](exchange-online-powershell-v2.md#powershellget-for-rest-based-connections-in-windows).
 
-- After you connect, the cmdlets and parameters that you have or don't have access to is controlled by role-based access control (RBAC). For more information, see [Permissions in the Microsoft Defender portal](/microsoft-365/security/office-365-security/mdo-portal-permissions) and [Permissions in the Microsoft Purview compliance portal](/microsoft-365/compliance/microsoft-365-compliance-center-permissions).
+- After you connect, the cmdlets and parameters that you have or don't have access to is controlled by role-based access control (RBAC). For more information, see [Permissions in the Microsoft Defender portal](/defender-office-365/mdo-portal-permissions) and [Permissions in the Microsoft Purview compliance portal](/purview/purview-compliance-portal-permissions).
 
 ## Step 1: Load the Exchange Online PowerShell module
 
 
@@ -2,7 +2,7 @@
 title: "Control remote PowerShell access to Exchange servers"
 ms.author: chrisda
 author: chrisda
-manager: dansimp
+manager: deniseb
 ms.date: 9/7/2023
 ms.audience: ITPro
 audience: ITPro
 
@@ -2,8 +2,8 @@
 title: "Enable or disable access to Exchange Online PowerShell"
 ms.author: chrisda
 author: chrisda
-manager: dansimp
-ms.date: 9/1/2023
+manager: deniseb
+ms.date: 5/16/2024
 ms.audience: Admin
 audience: Admin
 ms.topic: article
@@ -18,7 +18,7 @@ description: "Admins can learn how to disable or enable access to Exchange Onlin
 
 Exchange Online PowerShell is the administrative interface that enables admins to manage the Exchange Online part of a Microsoft 365 organization from the command line (including many security features in Exchange Online Protection and Microsoft Defender for Office 365).
 
-By default, all accounts in Microsoft 365 are allowed to use Exchange Online PowerShell. This access doesn't give users administrative capabilities in an organization. They're still limited by [role based access control (RBAC)](/exchange/permissions-exo/permissions-exo) (for example, they can configure settings on their own mailbox or manage distribution groups that they own).
+By default, all accounts in Microsoft 365 are allowed to use Exchange Online PowerShell. This access doesn't give users administrative capabilities in an organization. They're still limited by [role based access control (RBAC)](/exchange/permissions-exo/permissions-exo) (for example, they can configure settings on their own mailbox or manage distribution groups that they own, but not much else).
 
 Admins can use the procedures in this article to disable or enable a user's ability to connect to Exchange Online PowerShell.
 
@@ -30,10 +30,10 @@ Admins can use the procedures in this article to disable or enable a user's abil
 
 - You need to be assigned permissions before you can do the procedures in this article. You have the following options:
   - [Exchange Online RBAC](/exchange/permissions-exo/permissions-exo): Membership in the **Organization Management** or **Recipient Management** role groups.
-  - [Microsoft Entra RBAC](/microsoft-365/admin/add-users/about-admin-roles): Membership in the **Global Administrator** role.
+  - [Microsoft Entra RBAC](/microsoft-365/admin/add-users/about-admin-roles): Membership in the **Global Administrator** role gives users the required permissions *and* permissions for other features in Microsoft 365.
 
   > [!IMPORTANT]
-  > In your haste to quickly and globally disable PowerShell access in your organization, beware of commands like `Get-User | Set-User -RemotePowerShellEnabled $false` without considering admin accounts. Use the procedures in this article to selectively remove remote PowerShell access, or preserve access for those who need it by using the following syntax in your global removal command: `Get-User | Where-Object {$_.UserPrincipalName -ne '[email protected]' -and $_.UserPrincipalName -ne '[email protected]'...} | Set-User -RemotePowerShellEnabled $false`.
+  > In your haste to quickly and globally disable PowerShell access in your cloud-based organization, beware of commands like `Get-User | Set-User -EXOModuleEnabled $false` without considering admin accounts. Use the procedures in this article to selectively remove PowerShell access, or preserve access for those who need it by using the following syntax in your global removal command: `Get-User | Where-Object {$_.UserPrincipalName -ne '[email protected]' -and $_.UserPrincipalName -ne '[email protected]'...} | Set-User -EXOModuleEnabled $false`.
   >
   > If you accidentally lock yourself out of PowerShell access, create a new admin account in the Microsoft 365 admin center, and then use that account to give yourself PowerShell access using the procedures in this article.
 
@@ -44,24 +44,23 @@ Admins can use the procedures in this article to disable or enable a user's abil
 
 ## Enable or disable access to Exchange Online PowerShell for a user
 
-This example disables access to Exchange Online PowerShell for the user [email protected].
+This example disables access to Exchange Online PowerShell for the user `[email protected]`.
 
 ```powershell
-Set-User -Identity [email protected] -RemotePowerShellEnabled $false
+Set-User -Identity [email protected] -EXOModuleEnabled $false
 ```
 
-This example enables access to Exchange Online PowerShell for the user [email protected].
+This example enables access to Exchange Online PowerShell for the user `[email protected]`.
 
 ```powershell
-Set-User -Identity [email protected] -RemotePowerShellEnabled $true
+Set-User -Identity [email protected] -EXOModuleEnabled $true
 ```
 
 ## Disable access to Exchange Online PowerShell for many users
 
 To prevent access to Exchange Online PowerShell for a specific group of existing users, you have the following options:
 
-- **Filter users based on an existing attribute**: This method assumes that the target user accounts all share a unique filterable attribute. Some attributes, such as Title, Department, address information, and telephone number, are visible only when you use the **Get-User** cmdlet. Other attributes, such as CustomAttribute1-15, are visible only when you use the **Get-Mailbox** cmdlet.
-
+- **Filter users based on an existing attribute**: This method assumes that the target user accounts all share a unique filterable attribute. Some attributes, such as Title, Department, address information, and telephone number, are available only from the **Get-User** cmdlet. Other attributes, such as CustomAttribute1 to CustomAttribute15, are available only from the **Get-Mailbox** cmdlet.
 - **Use a list of specific users**: After you generate the list of specific users, you can use that list to disable their access to Exchange Online PowerShell.
 
 ### Filter users based on an existing attribute
@@ -71,15 +70,15 @@ To disable access to Exchange Online PowerShell for any number of users based on
 ```powershell
 $<VariableName> = <Get-Mailbox | Get-User> -ResultSize unlimited -Filter <Filter>
 
-$<VariableName> | foreach {Set-User -Identity $_.WindowsEmailAddress -RemotePowerShellEnabled $false}
+$<VariableName> | foreach {Set-User -Identity $_.WindowsEmailAddress -EXOModuleEnabled $false}
 ```
 
 This example removes access to Exchange Online PowerShell for all users whose **Title** attribute contains the value "Sales Associate".
 
 ```powershell
 $DSA = Get-User -ResultSize unlimited -Filter "(RecipientType -eq 'UserMailbox') -and (Title -like 'Sales Associate*')"
 
-$DSA | foreach {Set-User -Identity $_.WindowsEmailAddress -RemotePowerShellEnabled $false}
+$DSA | foreach {Set-User -Identity $_.WindowsEmailAddress -EXOModuleEnabled $false}
 ```
 
 ### Use a list of specific users
@@ -89,43 +88,43 @@ To disable access to Exchange Online PowerShell for a list of specific users, us
 ```powershell
 $<VariableName> = Get-Content <text file>
 
-$<VariableName> | foreach {Set-User -Identity $_ -RemotePowerShellEnabled $false}
+$<VariableName> | foreach {Set-User -Identity $_ -EXOModuleEnabled $false}
 ```
 
 The following example uses the text file C:\My Documents\NoPowerShell.txt to identify the users by their accounts. The text file must contain one account on each line as follows:
 
-> [email protected] <br/> [email protected] <br/> [email protected]
+> `[email protected]` <br/> `[email protected]` <br/> `[email protected]`
 
 After you populate the text file with the user accounts you want to update, run the following commands:
 
 ```powershell
 $NoPS = Get-Content "C:\My Documents\NoPowerShell.txt"
 
-$NoPS | foreach {Set-User -Identity $_ -RemotePowerShellEnabled $false}
+$NoPS | foreach {Set-User -Identity $_ -EXOModuleEnabled $false}
 ```
 
 ## View the Exchange Online PowerShell access status for users
 
 To view the PowerShell access status for a specific user, replace \<UserIdentity\> with the name or user principal name (UPN) of the user, and run the following command:
 
 ```powershell
-Get-User -Identity "<UserIdentity>" | Format-List RemotePowerShellEnabled
+Get-User -Identity "<UserIdentity>" | Format-List EXOModuleEnabled
 ```
 
 To display the Exchange Online PowerShell access status for all users, run the following command:
 
 ```powershell
-Get-User -ResultSize unlimited | Format-Table -Auto Name,DisplayName,RemotePowerShellEnabled
+Get-User -ResultSize unlimited | Format-Table -Auto DisplayName,EXOModuleEnabled
 ```
 
 To display all users who don't have access to Exchange Online PowerShell, run the following command:
 
 ```powershell
-Get-User -ResultSize unlimited -Filter 'RemotePowerShellEnabled -eq $false'
+Get-User -ResultSize unlimited -Filter 'EXOModuleEnabled -eq $false'
 ```
 
 To display all users who have access to Exchange Online PowerShell, run the following command:
 
 ```powershell
-Get-User -ResultSize unlimited -Filter 'RemotePowerShellEnabled -eq $true'
+Get-User -ResultSize unlimited -Filter 'EXOModuleEnabled -eq $true'
 ```