Merge branch 'main' into patch-6

Author: mayurkl100

exchange/docs-conceptual/find-exchange-cmdlet-permissions.md

@@ -3,7 +3,7 @@ title: "Find the permissions required to run any Exchange cmdlet"
 ms.author: chrisda
 author: chrisda
 manager: deniseb
-ms.date: 9/7/2023
+ms.date: 06/06/2024
 ms.audience: ITPro
 audience: ITPro
 ms.topic: article
@@ -26,16 +26,23 @@ You can use PowerShell to find the permissions required to run any Exchange or E
 
 - You can only use PowerShell to perform these procedures.
 
-- Basically, you need to be an administrator to complete this procedure. Specifically, you need access to the **Get-ManagementRole** and **Get-ManagementRoleAssignment** cmdlets. By default, access to these cmdlets is granted by the **View-Only Configuration** or **Role Management** roles in Exchange Online, which are assigned only to the **View-Only Organization Management** and **Organization Management** role groups by default.
-
-  In cloud-based organizations, membership in the **Global Administrators** role in Microsoft Entra ID gives you the required permissions.
-
 - The procedures in this article don't work in Security & Compliance PowerShell. For more information about Security & Compliance permissions, see the following articles:
   - [Permissions in the Microsoft Defender portal](/defender-office-365/mdo-portal-permissions)
   - [Permissions in the Microsoft Purview compliance portal](/purview/purview-compliance-portal-permissions)
 
-> [!TIP]
-> Having problems? Ask for help in the Exchange forums. Visit the forums at: [Exchange Server](https://go.microsoft.com/fwlink/p/?linkId=60612) or [Exchange Online](https://go.microsoft.com/fwlink/p/?linkId=267542).
+- You need to be assigned permissions before you can do the procedures in this article. You have the following options:
+  - [Exchange Server permissions](/exchange/permissions/permissions): Membership in one of the following role groups:
+    - **Compliance Management**
+    - **Hygiene Management**
+    - **Organization Management**
+    - **View-Only Organization Management**
+  - [Exchange Online permissions](/exchange/permissions-exo/permissions-exo): Membership in one of the following role groups:
+    - **Compliance Management**
+    - **Delegated Setup**
+    - **Hygiene Management**
+    - **Organization Management**
+    - **View-Only Organization Management**
+  - [Microsoft Entra permissions](/entra/identity/role-based-access-control/manage-roles-portal): Membership in the **Global Administrator** or **Global Reader** roles gives users the required permissions _and_ permissions for other features in Microsoft 365.
 
 ## Use PowerShell to find the permissions required to run a cmdlet
 
@@ -50,8 +57,8 @@ You can use PowerShell to find the permissions required to run any Exchange or E
    $Perms = Get-ManagementRole -Cmdlet <Cmdlet> [-CmdletParameters <Parameter1>,<Parameter2>,...]
    ```
 
-  > [!TIP]
-  > If you specify multiple parameters, only roles that include _all_ of the specified parameters on the cmdlet are returned.
+   > [!TIP]
+   > If you specify multiple parameters, only roles that include _all_ of the specified parameters on the cmdlet are returned.
 
 3. Run the following command:
 

exchange/exchange-ps/exchange/Add-VivaModuleFeaturePolicy.md

@@ -81,7 +81,7 @@ This example adds a policy for the Reflection feature in Viva Insights. The poli
 
 ### Example 2
 ```powershell
-Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name MultipleGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name MultipleGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3
 ```
 
 This example adds a policy for the Reflection feature in Viva Insights. The policy disables the feature for all users in the specified groups.
@@ -95,7 +95,7 @@ This example adds a policy for the Reflection feature in Viva Insights. The poli
 
 ### Example 4
 ```powershell
-Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name UsersAndGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected] -UserIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -ModuleId VivaInsights -FeatureId Reflection -Name UsersAndGroups -IsFeatureEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3 -UserIds [email protected],[email protected]
 ```
 
 This example adds a policy for the Reflection feature in Viva Insights. The policy disables the feature for the specified users and group members.
@@ -109,7 +109,7 @@ This example adds a policy for the `<cateogry_id>` category in Viva. The policy
 
 ### Example 6
 ```powershell
-Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name MultipleGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name MultipleGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3
 ```
 
 This example adds a policy for the `<cateogry_id>` category in Viva. The policy disables the category (effectively all features under the category) for all users in the specified groups.
@@ -123,7 +123,7 @@ This example adds a policy for the `<cateogry_id>` category in Viva. The policy
 
 ### Example 8
 ```powershell
-Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name UsersAndGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected] -UserIds [email protected],[email protected]
+Add-VivaModuleFeaturePolicy -CategoryId <category_id> -Name UsersAndGroups -IsCategoryEnabled $false -GroupIds [email protected],[email protected],57680382-61a5-4378-85ad-f72095d4e9c3 -UserIds [email protected],[email protected]
 ```
 
 This example adds a policy for the `<cateogry_id>` category in Viva. The policy disables the category (effectively all features under the category) for the specified users and group members.
@@ -291,7 +291,7 @@ Accept wildcard characters: False
 ```
 
 ### -GroupIds
-The GroupIds parameter specifies the SMTP addresses (email addresses) of the groups that the policy applies to. [Mail-enabled Microsoft Entra groups]( https://learn.microsoft.com/graph/api/resources/groups-overview#group-types-in-azure-ad-and-microsoft-graph) are supported. You can enter multiple values separated by commas.
+The GroupIds parameter specifies the email addresses or security group object IDs (GUIDs) of groups that the updated policy applies to. Both [Mail-enabled and non-mail-enabled Microsoft Entra groups](https://docs.microsoft.com/graph/api/resources/groups-overview#group-types-in-azure-ad-and-microsoft-graph) are supported. You can enter multiple values separated by commas.
 
 You can specify a maximum of 20 total users or groups (20 users and no groups, 10 users and 10 groups, etc.).
 

exchange/exchange-ps/exchange/Get-MyAnalyticsFeatureConfig.md

@@ -29,7 +29,9 @@ Get-MyAnalyticsFeatureConfig -Identity <String>
 ```
 
 ## DESCRIPTION
-This cmdlet requires the .NET Framework 4.7.2 or later. To run this cmdlet, you need to be a member of one of the following directory role groups in the destination organization:
+This cmdlet requires the .NET Framework 4.7.2 or later.
+
+To run this cmdlet, you need to be a member of one of the following directory role groups in the destination organization:
 
 - Global Administrator
 - Exchange Administrator

exchange/exchange-ps/exchange/Get-UserBriefingConfig.md

@@ -26,7 +26,9 @@ Get-UserBriefingConfig -Identity <String>
 ```
 
 ## DESCRIPTION
-This cmdlet requires the .NET Framework 4.7.2 or later. To run this cmdlet, you need to be a member of one of the following directory role groups in the destination organization:
+This cmdlet requires the .NET Framework 4.7.2 or later.
+
+To run this cmdlet, you need to be a member of one of the following directory role groups in the destination organization:
 
 - Global Administrator
 - Exchange Administrator

exchange/exchange-ps/exchange/Get-VivaInsightsSettings.md

@@ -30,7 +30,9 @@ Get-VivaInsightsSettings -Identity <String>
 ```
 
 ## DESCRIPTION
-This cmdlet requires the .NET Framework 4.7.2 or later. To run this cmdlet, you need to be a member of one of the following directory role groups in the destination organization:
+This cmdlet requires the .NET Framework 4.7.2 or later.
+
+To run this cmdlet, you need to be a member of one of the following directory role groups in the destination organization:
 
 - Global Administrator
 - Exchange Administrator

exchange/exchange-ps/exchange/Get-VivaModuleFeatureEnablement.md

@@ -34,7 +34,7 @@ You need to use the Connect-ExchangeOnline cmdlet to authenticate.
 
 This cmdlet requires the .NET Framework 4.7.2 or later.
 
-Currently, you need to be a member of the Global administrators role to run this cmdlet.
+Currently, you need to be a member of the Global Administrators role to run this cmdlet.
 
 To learn more about administrator role permissions in Microsoft Entra ID, see [Role template IDs](https://learn.microsoft.com/entra/identity/role-based-access-control/permissions-reference#role-template-ids).
 

exchange/exchange-ps/exchange/Get-VivaModuleFeaturePolicy.md

@@ -50,7 +50,7 @@ You need to use the Connect-ExchangeOnline cmdlet to authenticate.
 
 This cmdlet requires the .NET Framework 4.7.2 or later.
 
-Currently, you need to be a member of the Global administrators role or the roles that have been assigned at the feature level to run this cmdlet.
+Currently, you need to be a member of the Global Administrators role or the roles that have been assigned at the feature level to run this cmdlet.
 
 To learn more about assigned roles at the feature level, see [Features Available for Feature Access Management](https://learn.microsoft.com/viva/feature-access-management#features-available-for-feature-access-management).
 

exchange/exchange-ps/exchange/New-Label.md

@@ -171,6 +171,8 @@ Some of the settings that you configure with this parameter are supported only b
 
 Supported settings for built-in labeling:
 
+- **BlockContentAnalysisServices**: Specifies a privacy setting to allow or prevent content in Word, Excel, PowerPoint, and Outlook from being sent to Microsoft for content analysis. Available values are True, and False (the default). This setting impacts services such as data loss prevention policy tips, automatic and recommended labeling, and Microsoft Copilot for Microsoft 365. Example: `New-Label -Identity Confidential -AdvancedSettings @{BlockContentAnalysisServices="True"}`. For more information, see [Prevent some connected experiences that analyze content](https://learn.microsoft.com/purview/sensitivity-labels-office-apps#prevent-some-connected-experiences-that-analyze-content).
+
 - **Color**: Specifies a label color as a hex triplet code for the red, green, and blue (RGB) components of the color. Example: `New-Label -DisplayName "General" -Name "General" -Tooltip "Business data that is not intended for public consumption." -AdvancedSettings @{color="#40e0d0"}`. For more information, see [Configuring custom colors by using PowerShell](https://learn.microsoft.com/purview/sensitivity-labels-office-apps#configuring-custom-colors-by-using-powershell).
 
 - **DefaultSharingScope**: Specifies the default sharing link type for a site when the label scope includes **Groups & sites**, and the default sharing link type for a document when the label scope includes **Files & emails**. Available values are SpecificPeople, Organization, and Anyone. Example: `New-Label DisplayName "General" -Name "General" -Tooltip "Business data that is not intended for public consumption." -AdvancedSettings @{DefaultSharingScope="SpecificPeople"}`. For more information, see [Use sensitivity labels to configure the default sharing link type for sites and documents in SharePoint and OneDrive](https://learn.microsoft.com/purview/sensitivity-labels-default-sharing-link).

exchange/exchange-ps/exchange/Remove-VivaModuleFeaturePolicy.md

@@ -50,7 +50,7 @@ You need to use the Connect-ExchangeOnline cmdlet to authenticate.
 
 This cmdlet requires the .NET Framework 4.7.2 or later.
 
-Currently, you need to be a member of the Global administrators role or the roles that have been assigned at the feature level to run this cmdlet.
+Currently, you need to be a member of the Global Administrators role or the roles that have been assigned at the feature level to run this cmdlet.
 
 To learn more about assigned roles at the feature level, see [Features Available for Feature Access Management](https://learn.microsoft.com/viva/feature-access-management#features-available-for-feature-access-management).
 

exchange/exchange-ps/exchange/Set-Label.md

@@ -151,6 +151,8 @@ Some of the settings that you configure with this parameter are supported only b
 
 Supported settings for built-in labeling:
 
+- **BlockContentAnalysisServices**: Specifies a privacy setting to allow or prevent content in Word, Excel, PowerPoint, and Outlook from being sent to Microsoft for content analysis. Available values are True, and False (the default). This setting impacts services such as data loss prevention policy tips, automatic and recommended labeling, and Microsoft Copilot for Microsoft 365. Example: `Set-Label -Identity Confidential -AdvancedSettings @{BlockContentAnalysisServices="True"}`. For more information, see [Prevent some connected experiences that analyze content](https://learn.microsoft.com/purview/sensitivity-labels-office-apps#prevent-some-connected-experiences-that-analyze-content).
+
 - **Color**: Specifies a label color as a hex triplet code for the red, green, and blue (RGB) components of the color. Example: `Set-Label -Identity 8faca7b8-8d20-48a3-8ea2-0f96310a848e -AdvancedSettings @{color="#40e0d0"}`. For more information, see [Configuring custom colors by using PowerShell](https://learn.microsoft.com/purview/sensitivity-labels-office-apps#configuring-custom-colors-by-using-powershell).
 
 - **DefaultSharingScope**: Specifies the default sharing link type for a site when the label scope includes **Groups & sites**, and the default sharing link type for a document when the label scope includes **Files & emails**. Available values are SpecificPeople, Organization, and Anyone. Example: `Set-Label -Identity General -AdvancedSettings @{DefaultSharingScope="SpecificPeople"}`. For more information, see [Use sensitivity labels to configure the default sharing link type for sites and documents in SharePoint and OneDrive](https://learn.microsoft.com/purview/sensitivity-labels-default-sharing-link).