Merge branch 'main' into martinpchal/adding-externalaccesswithtrialtenants

Author: martinpechal1

exchange/docs-conceptual/app-only-auth-powershell-v2.md

@@ -481,7 +481,7 @@ For general instructions about assigning roles in Microsoft Entra ID, see [Assig
 >
 >  This method is supported only when you connect to Exchange Online PowerShell or Security & Compliance PowerShell in [REST API mode](exchange-online-powershell-v2.md#rest-api-connections-in-the-exo-v3-module). Security & Compliance PowerShell supports REST API mode in v3.2.0 or later.
 
-For information about creating custom role groups, see [Create role groups in Exchange Online](/exchange/permissions-exo/role-groups#create-role-groups) and [Create Email & collaboration role groups in the Microsoft Defender portal](/microsoft-365/security/office-365-security/mdo-portal-permissions#create-email--collaboration-role-groups-in-the-microsoft-defender-portal). The custom role group that you assign to the application can contain any combination of built-in and custom roles.
+For information about creating custom role groups, see [Create role groups in Exchange Online](/exchange/permissions-exo/role-groups#create-role-groups) and [Create Email & collaboration role groups in the Microsoft Defender portal](/defender-office-365/mdo-portal-permissions#create-email--collaboration-role-groups-in-the-microsoft-defender-portal). The custom role group that you assign to the application can contain any combination of built-in and custom roles.
 
 To assign custom role groups to the application using service principals, do the following steps:
 

exchange/docs-conceptual/connect-to-scc-powershell.md

@@ -33,7 +33,7 @@ To connect to Security & Compliance PowerShell for automation, see [App-only aut
   >
   > REST API connections in the Exchange Online PowerShell V3 module require the PowerShellGet and PackageManagement modules. For more information, see [PowerShellGet for REST-based connections in Windows](exchange-online-powershell-v2.md#powershellget-for-rest-based-connections-in-windows).
 
-- After you connect, the cmdlets and parameters that you have or don't have access to is controlled by role-based access control (RBAC). For more information, see [Permissions in the Microsoft Defender portal](/microsoft-365/security/office-365-security/mdo-portal-permissions) and [Permissions in the Microsoft Purview compliance portal](/microsoft-365/compliance/microsoft-365-compliance-center-permissions).
+- After you connect, the cmdlets and parameters that you have or don't have access to is controlled by role-based access control (RBAC). For more information, see [Permissions in the Microsoft Defender portal](/defender-office-365/mdo-portal-permissions) and [Permissions in the Microsoft Purview compliance portal](/purview/purview-compliance-portal-permissions).
 
 ## Step 1: Load the Exchange Online PowerShell module
 

exchange/docs-conceptual/find-exchange-cmdlet-permissions.md

@@ -3,7 +3,7 @@ title: "Find the permissions required to run any Exchange cmdlet"
 ms.author: chrisda
 author: chrisda
 manager: deniseb
-ms.date: 9/7/2023
+ms.date: 06/06/2024
 ms.audience: ITPro
 audience: ITPro
 ms.topic: article
@@ -26,16 +26,23 @@ You can use PowerShell to find the permissions required to run any Exchange or E
 
 - You can only use PowerShell to perform these procedures.
 
-- Basically, you need to be an administrator to complete this procedure. Specifically, you need access to the **Get-ManagementRole** and **Get-ManagementRoleAssignment** cmdlets. By default, access to these cmdlets is granted by the **View-Only Configuration** or **Role Management** roles in Exchange Online, which are assigned only to the **View-Only Organization Management** and **Organization Management** role groups by default.
-
-  In cloud-based organizations, membership in the **Global Administrators** role in Microsoft Entra ID gives you the required permissions.
-
 - The procedures in this article don't work in Security & Compliance PowerShell. For more information about Security & Compliance permissions, see the following articles:
-  - [Permissions in the Microsoft Defender portal](/microsoft-365/security/office-365-security/mdo-portal-permissions)
-  - [Permissions in the Microsoft Purview compliance portal](/microsoft-365/compliance/microsoft-365-compliance-center-permissions)
-
-> [!TIP]
-> Having problems? Ask for help in the Exchange forums. Visit the forums at: [Exchange Server](https://go.microsoft.com/fwlink/p/?linkId=60612) or [Exchange Online](https://go.microsoft.com/fwlink/p/?linkId=267542).
+  - [Permissions in the Microsoft Defender portal](/defender-office-365/mdo-portal-permissions)
+  - [Permissions in the Microsoft Purview compliance portal](/purview/purview-compliance-portal-permissions)
+
+- You need to be assigned permissions before you can do the procedures in this article. You have the following options:
+  - [Exchange Server permissions](/exchange/permissions/permissions): Membership in one of the following role groups:
+    - **Compliance Management**
+    - **Hygiene Management**
+    - **Organization Management**
+    - **View-Only Organization Management**
+  - [Exchange Online permissions](/exchange/permissions-exo/permissions-exo): Membership in one of the following role groups:
+    - **Compliance Management**
+    - **Delegated Setup**
+    - **Hygiene Management**
+    - **Organization Management**
+    - **View-Only Organization Management**
+  - [Microsoft Entra permissions](/entra/identity/role-based-access-control/manage-roles-portal): Membership in the **Global Administrator** or **Global Reader** roles gives users the required permissions _and_ permissions for other features in Microsoft 365.
 
 ## Use PowerShell to find the permissions required to run a cmdlet
 
@@ -50,8 +57,8 @@ You can use PowerShell to find the permissions required to run any Exchange or E
    $Perms = Get-ManagementRole -Cmdlet <Cmdlet> [-CmdletParameters <Parameter1>,<Parameter2>,...]
    ```
 
-  > [!TIP]
-  > If you specify multiple parameters, only roles that include _all_ of the specified parameters on the cmdlet are returned.
+   > [!TIP]
+   > If you specify multiple parameters, only roles that include _all_ of the specified parameters on the cmdlet are returned.
 
 3. Run the following command:
 

exchange/docs-conceptual/scc-powershell.md

@@ -37,6 +37,6 @@ Security & Compliance PowerShell contains the following types of cmdlets:
 - Basic cmdlets that are also available in Exchange Online PowerShell (for example, [Get-User](/powershell/module/exchange/get-user), and [Get-RoleGroup](/powershell/module/exchange/get-rolegroup)).
 - A few cmdlets that correspond to security features available in Exchange Online Protection (EOP) and Microsoft Defender for Office 365 in the Microsoft Defender portal (for example, [Set-SecOpsOverridePolicy](/powershell/module/exchange/set-secopsoverridepolicy)).
 
-  Cmdlets for most EOP and Defender for Office 365 security features (for example, [anti-spam policies](/microsoft-365/security/office-365-security/anti-spam-protection)) are available only in [Exchange Online PowerShell](exchange-online-powershell.md).
+  Cmdlets for most EOP and Defender for Office 365 security features (for example, [anti-spam policies](/defender-office-365/anti-spam-protection-about)) are available only in [Exchange Online PowerShell](exchange-online-powershell.md).
 
 Check the **Applies to** value in the cmdlet references article to verify the PowerShell environment where the cmdlet actually resides.

exchange/exchange-ps/exchange/Add-VivaModuleFeaturePolicy.md

@@ -81,7 +81,7 @@ This example adds a policy for the Reflection feature in Viva Insights. The poli
 
 ### Example 2
 ```powershell
-Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name MultipleGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name MultipleGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3
 ```
 
 This example adds a policy for the Reflection feature in Viva Insights. The policy disables the feature for all users in the specified groups.
@@ -95,7 +95,7 @@ This example adds a policy for the Reflection feature in Viva Insights. The poli
 
 ### Example 4
 ```powershell
-Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name UsersAndGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected] -UserIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name UsersAndGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3 -UserIds [email protected],[email protected]
 ```
 
 This example adds a policy for the Reflection feature in Viva Insights. The policy disables the feature for the specified users and group members.
@@ -109,7 +109,7 @@ This example adds a policy for the `<cateogry_id>` category in Viva. The policy
 
 ### Example 6
 ```powershell
-Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name MultipleGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name MultipleGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3
 ```
 
 This example adds a policy for the `<cateogry_id>` category in Viva. The policy disables the category (effectively all features under the category) for all users in the specified groups.
@@ -123,7 +123,7 @@ This example adds a policy for the `<cateogry_id>` category in Viva. The policy
 
 ### Example 8
 ```powershell
-Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name UsersAndGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected] -UserIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name UsersAndGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3 -UserIds [email protected],[email protected]
 ```
 
 This example adds a policy for the `<cateogry_id>` category in Viva. The policy disables the category (effectively all features under the category) for the specified users and group members.
@@ -291,7 +291,7 @@ Accept wildcard characters: False
 ```
 
 ### -GroupIds
-The GroupIds parameter specifies the SMTP addresses (email addresses) of the groups that the policy applies to. [Mail-enabled Microsoft Entra groups]( https://learn.microsoft.com/graph/api/resources/groups-overview#group-types-in-azure-ad-and-microsoft-graph) are supported. You can enter multiple values separated by commas.
+The GroupIds parameter specifies the email addresses or security group object IDs (GUIDs) of groups that the updated policy applies to. Both [Mail-enabled and non-mail-enabled Microsoft Entra groups](https://docs.microsoft.com/graph/api/resources/groups-overview#group-types-in-azure-ad-and-microsoft-graph) are supported. You can enter multiple values separated by commas.
 
 You can specify a maximum of 20 total users or groups (20 users and no groups, 10 users and 10 groups, etc.).
 

exchange/exchange-ps/exchange/Disable-ATPProtectionPolicyRule.md

@@ -30,7 +30,7 @@ Disable-ATPProtectionPolicyRule [-Identity] <RuleIdParameter>
 ## DESCRIPTION
 The State property in rules that are associated with preset security policies indicates whether the rule is Enabled or Disabled.
 
-For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://learn.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
+For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://learn.microsoft.com/defender-office-365/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://learn.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 

exchange/exchange-ps/exchange/Disable-DnssecForVerifiedDomain.md

@@ -0,0 +1,105 @@
+---
+external help file: Microsoft.Exchange.ServerStatus-Help.xml
+online version: https://learn.microsoft.com/powershell/module/exchange/disable-dnssecforverifieddomain
+applicable: Exchange Online
+title: Disable-DnssecForVerifiedDomain
+schema: 2.0.0
+author: chrisda
+ms.author: chrisda
+ms.reviewer:
+---
+
+# Disable-DnssecForVerifiedDomain
+
+## SYNOPSIS
+This cmdlet is available only in the cloud-based service.
+
+**Note**: This cmdlet and the associated features are currently in Preview, aren't available in all organizations, and are subject to change.
+
+Use the Disable-DnssecForVerifiedDomain cmdlet to disable Domain Name System Security (DNSSEC) for inbound mail to accepted domains in Exchange Online.
+
+For information about the parameter sets in the Syntax section below, see [Exchange cmdlet syntax](https://learn.microsoft.com/powershell/exchange/exchange-cmdlet-syntax).
+
+## SYNTAX
+
+```
+Disable-DnssecForVerifiedDomain [-DomainName] <String>
+ [-Confirm]
+ [-WhatIf]
+ [<CommonParameters>]
+```
+
+## DESCRIPTION
+For more information about debugging, enabling, and disabling SMTP DANE with DNSSEC, see [How SMTP DANE works](https://learn.microsoft.com/purview/how-smtp-dane-works).
+
+You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://learn.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
+
+## EXAMPLES
+
+### Example 1
+```powershell
+Disable-DnssecForVerifiedDomain -DomainName contoso.com
+```
+
+This example disables DNSSEC for mail sent to contoso.com.
+
+## PARAMETERS
+
+### -DomainName
+The DomainName parameter specifies the accepted domain in the Exchange Online organization where you want to disable DNSSEC (for example, contoso.com). Use the Get-DnssecForVerifiedDomain cmdlet to see information about DNSSEC for the domain.
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online
+
+Required: True
+Position: 1
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Confirm
+This parameter is reserved for internal Microsoft use.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: cf
+Applicable: Exchange Online
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -WhatIf
+This parameter is reserved for internal Microsoft use.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases: wi
+Applicable: Exchange Online
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### CommonParameters
+This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](http://go.microsoft.com/fwlink/p/?LinkID=113216).
+
+## INPUTS
+
+## OUTPUTS
+
+## NOTES
+
+## RELATED LINKS

exchange/exchange-ps/exchange/Disable-EOPProtectionPolicyRule.md

@@ -30,7 +30,7 @@ Disable-EOPProtectionPolicyRule [-Identity] <RuleIdParameter>
 ## DESCRIPTION
 The State property in rules that are associated with preset security policies indicates whether the rule is Enabled or Disabled.
 
-For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://learn.microsoft.com/microsoft-365/security/office-365-security/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
+For more information about preset security policies in PowerShell, see [Preset security policies in Exchange Online PowerShell](https://learn.microsoft.com/defender-office-365/preset-security-policies#preset-security-policies-in-exchange-online-powershell).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://learn.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).
 

exchange/exchange-ps/exchange/Disable-SafeAttachmentRule.md

@@ -28,7 +28,7 @@ Disable-SafeAttachmentRule [-Identity] <RuleIdParameter>
 ```
 
 ## DESCRIPTION
-Safe Attachments is a feature in Microsoft Defender for Office 365 that opens email attachments in a special hypervisor environment to detect malicious activity. For more information, see [Safe Attachments in Defender for Office 365](https://learn.microsoft.com/microsoft-365/security/office-365-security/safe-attachments-about).
+Safe Attachments is a feature in Microsoft Defender for Office 365 that opens email attachments in a special hypervisor environment to detect malicious activity. For more information, see [Safe Attachments in Defender for Office 365](https://learn.microsoft.com/defender-office-365/safe-attachments-about).
 
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see [Find the permissions required to run any Exchange cmdlet](https://learn.microsoft.com/powershell/exchange/find-exchange-cmdlet-permissions).