Updates to TABL cmdlets for advanced delivery

Author: chrisda

exchange/exchange-ps/exchange/Get-TenantAllowBlockListItems.md

@@ -25,20 +25,24 @@ For information about the parameter sets in the Syntax section below, see [Excha
 
 ## SYNTAX
 
-### NoExpiration
+### Expiration (Default)
 ```
-Get-TenantAllowBlockListItems -ListType <ListType> [-NoExpiration]
+Get-TenantAllowBlockListItems -ListType <ListType> [-ExpirationDate <DateTime>]
+ [-Allow]
  [-Block]
  [-Entry <String>]
+ [-ListSubType <ListSubType[]>]
  [-OutputJson]
  [<CommonParameters>]
 ```
 
-### Expiration
+### NoExpiration
 ```
-Get-TenantAllowBlockListItems -ListType <ListType>  [-ExpirationDate <DateTime>]
+Get-TenantAllowBlockListItems -ListType <ListType> [-NoExpiration]
+ [-Allow]
  [-Block]
  [-Entry <String>]
+ [-ListSubType <ListSubType[]>]
  [-OutputJson]
  [<CommonParameters>]
 ```
@@ -50,7 +54,7 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 
 ### Example 1
 ```powershell
-Get-TenantAllowBlockListItems -ListType Url -Action Block
+Get-TenantAllowBlockListItems -ListType Url -Block
 ```
 
 This example returns all blocked URLs.
@@ -62,6 +66,13 @@ Get-TenantAllowBlockListItems -ListType FileHash -Entry "9f86d081884c7d659a2feaa
 
 This example returns information for the specified file hash value.
 
+### Example 3
+```powershell
+Get-TenantAllowBlockListItems -ListType Url -ListSubType AdvancedDelivery
+```
+
+This example returns information for all allowed third-party phishing simulation URLs. For more information, see [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](https://docs.microsoft.com/microsoft-365/security/office-365-security/configure-advanced-delivery).
+
 ## PARAMETERS
 
 ### -ListType
@@ -118,6 +129,22 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Allow
+The Allow switch filters the results for allow entries. You don't need to specify a value with this switch.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Block
 The Block switch filters the results for block entries. You don't need to specify a value with this switch.
 
@@ -155,6 +182,26 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -ListSubType
+The ListSubType parameter filters the results by subtype. Valid values are:
+
+- AdvancedDelivery
+- Submission
+- Tenant
+
+```yaml
+Type: ListSubType[]
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -OutputJson
 The OutputJson switch specifies whether to return all entries in a single JSON value. You don't need to specify a value with this switch.
 

exchange/exchange-ps/exchange/New-TenantAllowBlockListItems.md

@@ -27,19 +27,25 @@ For information about the parameter sets in the Syntax section below, see [Excha
 
 ### Expiration
 ```
-New-TenantAllowBlockListItems -Action <ItemAction> -Entries <String[]> -ListType <ListType>
- [-ExpirationDate <DateTime>]
+New-TenantAllowBlockListItems -Entries <String[]> -ListType <ListType> [-ExpirationDate <DateTime>]
+ [-Allow]
+ [-Block]
+ [-ListSubType <ListSubType>]
  [-Notes <String>]
  [-OutputJson]
+ [-SubmissionID <String>]
  [<CommonParameters>]
 ```
 
 ### NoExpiration
 ```
-New-TenantAllowBlockListItems -Action <ItemAction> -Entries <String[]> -ListType <ListType>
- [-NoExpiration]
+New-TenantAllowBlockListItems -Entries <String[]> -ListType <ListType> [-NoExpiration]
+ [-Allow]
+ [-Block]
+ [-ListSubType <ListSubType>]
  [-Notes <String>]
  [-OutputJson]
+ [-SubmissionID <String>]
  [<CommonParameters>]
 ```
 
@@ -50,38 +56,26 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 
 ### Example 1
 ```powershell
-New-TenantAllowBlockListItems -ListType Url -Action Block -Entries ~contoso.com~
+New-TenantAllowBlockListItems -ListType Url -Block -Entries ~contoso.com~
 ```
 
 This example adds a URL block entry for contoso.com and all subdomains (for example, contoso.com, www.contoso.com, xyz.abc.contoso.com, and www.contoso.com/b). Because we didn't use the ExpirationDate or NoExpiration parameters, the entry expires after 30 days.
 
 ### Example 2
 ```powershell
-New-TenantAllowBlockListItems -ListType FileHash -Action Allow -Entries "768a813668695ef2483b2bde7cf5d1b2db0423a0d3e63e498f3ab6f2eb13ea3","2c0a35409ff0873cfa28b70b8224e9aca2362241c1f0ed6f622fef8d4722fd9a" -NoExpiration
+New-TenantAllowBlockListItems -ListType FileHash -Block -Entries "768a813668695ef2483b2bde7cf5d1b2db0423a0d3e63e498f3ab6f2eb13ea3","2c0a35409ff0873cfa28b70b8224e9aca2362241c1f0ed6f622fef8d4722fd9a" -NoExpiration
 ```
 
-This example adds a file allow entry for the specified files that never expires.
+This example adds a file block entry for the specified files that never expires.
 
-## PARAMETERS
-
-### -Action
-The Action parameter specifies the action type for the entry. Valid values are:
-
-- Allow
-- Block
+### Example 3
+```powershell
+New-TenantAllowBlockListItems -ListType Url -Allow -ListSubType AdvancedDelivery -Entries phishing.fabrikam.com -NoExpiration
+```
 
-```yaml
-Type: ItemAction
-Parameter Sets: (All)
-Aliases:
-Applicable: Exchange Online, Exchange Online Protection
+This example adds a URL allow entry for the specified third-party phishing simulation URL. For more information, see [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](https://docs.microsoft.com/microsoft-365/security/office-365-security/configure-advanced-delivery).
 
-Required: True
-Position: Named
-Default value: None
-Accept pipeline input: False
-Accept wildcard characters: False
-```
+## PARAMETERS
 
 ### -Entries
 The Entries parameter specifies the URL or files that you want to add to the Tenant Allow/Block List based on the value of the ListType parameter:
@@ -166,6 +160,58 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -Allow
+The Allow switch specifies that this is an allow entry for advanced delivery (third-party phishing simulation URLs). You don't need to specify a value with this switch.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -Block
+The Block switch specifies that this is a block entry. You don't need to specify a value with this switch.
+
+```yaml
+Type: SwitchParameter
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
+### -ListSubType
+The ListSubType parameter specifies the subtype for this entry. Valid values are:
+
+- AdvancedDelivery
+- Submission
+- Tenant
+
+```yaml
+Type: ListSubType
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Notes
 The Notes parameters specifies additional information about the object. If the value contains spaces, enclose the value in quotation marks (").
 
@@ -200,6 +246,22 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -SubmissionID
+{{ Fill SubmissionID Description }}
+
+```yaml
+Type: String
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### CommonParameters
 This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see [about_CommonParameters](https://go.microsoft.com/fwlink/p/?LinkID=113216).
 

exchange/exchange-ps/exchange/Remove-TenantAllowBlockListItems.md

@@ -25,8 +25,18 @@ For information about the parameter sets in the Syntax section below, see [Excha
 
 ## SYNTAX
 
+### Entries
+```
+Remove-TenantAllowBlockListItems -Entries <String[]> -ListType <ListType>
+ [-ListSubType <ListSubType>]
+ [-OutputJson]
+ [<CommonParameters>]
+```
+
+### Ids
 ```
 Remove-TenantAllowBlockListItems -Ids <String[]> -ListType <ListType>
+ [-ListSubType <ListSubType>]
  [-OutputJson]
  [<CommonParameters>]
 ```
@@ -41,20 +51,54 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 Remove-TenantAllowBlockListItems -ListType Url -Ids "RgAAAAAI8gSyI_NmQqzeh-HXJBywBwCqfQNJY8hBTbdlKFkv6BcUAAAl_QCZAACqfQNJY8hBTbdlKFkv6BcUAAAl_oSPAAAA0l"
 ```
 
-This example removes the specified URL entry from the Allow/Block List.
+This example removes the specified URL entry from the Tenant Allow/Block List.
+
+### Example 2
+```powershell
+Remove-TenantAllowBlockListItems -ListType Url -ListSubType AdvancedDelivery -Entries phishing.fabrikam.com
+```
+
+This example removes the URL allow entry for the specified third-party phishing simulation URL. For more information, see [Configure the delivery of third-party phishing simulations to users and unfiltered messages to SecOps mailboxes](https://docs.microsoft.com/microsoft-365/security/office-365-security/configure-advanced-delivery).
 
 ## PARAMETERS
 
+### -Entries
+The Entries parameter specifies the URL or files that you want to remove from the Tenant Allow/Block List based on the value of the ListType parameter:
+
+- URLs: Use IPv4 or IPv6 addresses or hostnames. Wildcards (* and ~) are supported in hostnames. Protocols, TCP/UDP ports, or user credentials are not supported. For details, see [URL syntax for the Tenant Allow/Block List](https://docs.microsoft.com/microsoft-365/security/office-365-security/tenant-allow-block-list#url-syntax-for-the-tenant-allowedblocked-list).
+- Files: Use the SHA256 hash value of the file. In Windows, you can find the SHA256 hash value by running the following command in a Command Prompt: `certutil.exe -hashfile "<Path>\<Filename>" SHA256`. An example value is `768a813668695ef2483b2bde7cf5d1b2db0423a0d3e63e498f3ab6f2eb13ea3`.
+
+To enter multiple values, use the following syntax: `"Value1","Value2",..."ValueN"`.
+
+You can't mix URL and file values or allow and block actions in the same command.
+
+You can't use this parameter with the Ids parameter.
+
+```yaml
+Type: String[]
+Parameter Sets: Entries
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: True
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -Ids
 The Ids parameter specifies the entry that you want to modify. To find this value, use the Get-TenantAllowBlockListItems cmdlet and the Entry property value (a URL or a file hash).
 
 An example value for this parameter is `RgAAAAAI8gSyI_NmQqzeh-HXJBywBwCqfQNJY8hBTbdlKFkv6BcUAAAl_QCZAACqfQNJY8hBTbdlKFkv6BcUAAAl_oSPAAAA0`.
 
 You can specify multiple values separated by commas.
 
+You can't use this parameter with the Entries parameter.
+
 ```yaml
 Type: String[]
-Parameter Sets: (All)
+Parameter Sets: Ids
 Aliases:
 Applicable: Exchange Online, Exchange Online Protection
 
@@ -84,6 +128,26 @@ Accept pipeline input: False
 Accept wildcard characters: False
 ```
 
+### -ListSubType
+The ListSubType specifies the subtype of this entry. Valid values are:
+
+- AdvancedDelivery
+- Submission
+- Tenant
+
+```yaml
+Type: ListSubType
+Parameter Sets: (All)
+Aliases:
+Applicable: Exchange Online, Exchange Online Protection
+
+Required: False
+Position: Named
+Default value: None
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+
 ### -OutputJson
 The OutputJson switch specifies whether to return all entries in a single JSON value. You don't need to specify a value with this switch.