Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
Update-MgServicePrincipalRemoteDesktopSecurityConfiguration
Update the properties of a remoteDesktopSecurityConfiguration object on the servicePrincipal. Use this configuration to enable or disable the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices.
Note
To view the beta release of this cmdlet, view Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration
Syntax
UpdateExpanded (Default)
Update-MgServicePrincipalRemoteDesktopSecurityConfiguration
-ServicePrincipalId <string>
[-ResponseHeadersVariable <string>]
[-AdditionalProperties <hashtable>]
[-Id <string>]
[-IsRemoteDesktopProtocolEnabled]
[-TargetDeviceGroups <IMicrosoftGraphTargetDeviceGroup[]>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Update
Update-MgServicePrincipalRemoteDesktopSecurityConfiguration
-ServicePrincipalId <string>
-BodyParameter <IMicrosoftGraphRemoteDesktopSecurityConfiguration>
[-ResponseHeadersVariable <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
UpdateViaIdentityExpanded
Update-MgServicePrincipalRemoteDesktopSecurityConfiguration
-InputObject <IApplicationsIdentity>
[-ResponseHeadersVariable <string>]
[-AdditionalProperties <hashtable>]
[-Id <string>]
[-IsRemoteDesktopProtocolEnabled]
[-TargetDeviceGroups <IMicrosoftGraphTargetDeviceGroup[]>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
UpdateViaIdentity
Update-MgServicePrincipalRemoteDesktopSecurityConfiguration
-InputObject <IApplicationsIdentity>
-BodyParameter <IMicrosoftGraphRemoteDesktopSecurityConfiguration>
[-ResponseHeadersVariable <string>]
[-Break]
[-Headers <IDictionary>]
[-HttpPipelineAppend <SendAsyncStep[]>]
[-HttpPipelinePrepend <SendAsyncStep[]>]
[-Proxy <uri>]
[-ProxyCredential <pscredential>]
[-ProxyUseDefaultCredentials]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
Update the properties of a remoteDesktopSecurityConfiguration object on the servicePrincipal. Use this configuration to enable or disable the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices.
Permissions
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | Application-RemoteDesktopConfig.ReadWrite.All, Directory.ReadWrite.All, Application.ReadWrite.All, |
| Delegated (personal Microsoft account) | Not supported |
| Application | Application-RemoteDesktopConfig.ReadWrite.All, Directory.ReadWrite.All, Application.ReadWrite.All, |
Examples
Example 1: Code snippet
Import-Module Microsoft.Graph.Applications
$params = @{
"@odata.type" = "#microsoft.graph.remoteDesktopSecurityConfiguration"
isRemoteDesktopProtocolEnabled = $true
}
Update-MgServicePrincipalRemoteDesktopSecurityConfiguration -ServicePrincipalId $servicePrincipalId -BodyParameter $params
This example shows how to use the Update-MgServicePrincipalRemoteDesktopSecurityConfiguration Cmdlet.
Parameters
-AdditionalProperties
Additional Parameters
Parameter properties
| Type: | System.Collections.Hashtable |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-BodyParameter
remoteDesktopSecurityConfiguration To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRemoteDesktopSecurityConfiguration |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Break
Wait for .NET debugger to attach
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-Headers
Optional headers that will be added to the request.
Parameter properties
| Type: | System.Collections.IDictionary |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-HttpPipelineAppend
SendAsync Pipeline Steps to be appended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-HttpPipelinePrepend
SendAsync Pipeline Steps to be prepended to the front of the pipeline
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Runtime.SendAsyncStep[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Id
The unique identifier for an entity. Read-only.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Models.IApplicationsIdentity |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-IsRemoteDesktopProtocolEnabled
Determines if Microsoft Entra ID RDS authentication protocol for RDP is enabled.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Proxy
The URI for the proxy server to use
Parameter properties
| Type: | System.Uri |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ProxyCredential
Credentials for a proxy server to use for the remote call
Parameter properties
| Type: | System.Management.Automation.PSCredential |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ProxyUseDefaultCredentials
Use the default credentials for the proxy
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ResponseHeadersVariable
Optional Response Headers Variable.
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | RHV |
Parameter sets
-ServicePrincipalId
The unique identifier of servicePrincipal
Parameter properties
| Type: | System.String |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-TargetDeviceGroups
The collection of target device groups that are associated with the RDS security configuration that will be enabled for SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol. <br/<Supports $expand. To construct, see NOTES section for TARGETDEVICEGROUPS properties and create a hash table.
Parameter properties
| Type: | Microsoft.Graph.PowerShell.Models.IMicrosoftGraphTargetDeviceGroup[] |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Runs the command in a mode that only reports what would happen without performing the actions.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Inputs
Microsoft.Graph.PowerShell.Models.IApplicationsIdentity
{{ Fill in the Description }}
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRemoteDesktopSecurityConfiguration
{{ Fill in the Description }}
System.Collections.IDictionary
{{ Fill in the Description }}
Outputs
Microsoft.Graph.PowerShell.Models.IMicrosoftGraphRemoteDesktopSecurityConfiguration
{{ Fill in the Description }}
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IMicrosoftGraphRemoteDesktopSecurityConfiguration>: remoteDesktopSecurityConfiguration
[(Any) <Object>]: This indicates any property can be added to this object.
[Id <String>]: The unique identifier for an entity.
Read-only.
[IsRemoteDesktopProtocolEnabled <Boolean?>]: Determines if Microsoft Entra ID RDS authentication protocol for RDP is enabled.
[TargetDeviceGroups <IMicrosoftGraphTargetDeviceGroup[]>]: The collection of target device groups that are associated with the RDS security configuration that will be enabled for SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol.
<br/<Supports $expand.
[Id <String>]: The unique identifier for an entity.
Read-only.
[DisplayName <String>]: Display name for the target device group.
INPUTOBJECT <IApplicationsIdentity>: Identity Parameter
[AppId <String>]: Alternate key of application
[AppManagementPolicyId <String>]: The unique identifier of appManagementPolicy
[AppRoleAssignmentId <String>]: The unique identifier of appRoleAssignment
[ApplicationId <String>]: The unique identifier of application
[ApplicationTemplateId <String>]: The unique identifier of applicationTemplate
[ClaimsMappingPolicyId <String>]: The unique identifier of claimsMappingPolicy
[DelegatedPermissionClassificationId <String>]: The unique identifier of delegatedPermissionClassification
[DirectoryDefinitionId <String>]: The unique identifier of directoryDefinition
[DirectoryObjectId <String>]: The unique identifier of directoryObject
[EndpointId <String>]: The unique identifier of endpoint
[ExtensionPropertyId <String>]: The unique identifier of extensionProperty
[FederatedIdentityCredentialId <String>]: The unique identifier of federatedIdentityCredential
[GroupId <String>]: The unique identifier of group
[HomeRealmDiscoveryPolicyId <String>]: The unique identifier of homeRealmDiscoveryPolicy
[Name <String>]: Alternate key of federatedIdentityCredential
[OAuth2PermissionGrantId <String>]: The unique identifier of oAuth2PermissionGrant
[ServicePrincipalId <String>]: The unique identifier of servicePrincipal
[SynchronizationJobId <String>]: The unique identifier of synchronizationJob
[SynchronizationTemplateId <String>]: The unique identifier of synchronizationTemplate
[TargetDeviceGroupId <String>]: The unique identifier of targetDeviceGroup
[TokenIssuancePolicyId <String>]: The unique identifier of tokenIssuancePolicy
[TokenLifetimePolicyId <String>]: The unique identifier of tokenLifetimePolicy
[UniqueName <String>]: Alternate key of application
[UserId <String>]: The unique identifier of user
TARGETDEVICEGROUPS <IMicrosoftGraphTargetDeviceGroup[]>: The collection of target device groups that are associated with the RDS security configuration that will be enabled for SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol. <br/<Supports $expand. [Id <String>]: The unique identifier for an entity. Read-only. [DisplayName <String>]: Display name for the target device group.