Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
Set-MDIConfiguration
- Module:
- DefenderForIdentity Module
Sets the configuration for various Defender for Identity post-deployment required settings.
Syntax
Default (Default)
Set-MDIConfiguration
[-Mode] <String>
[-Configuration] <String[]>
[-GpoNamePrefix <String>]
[-Server <String>]
[-CreateGpoDisabled]
[-SkipGpoLink]
[-Force]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The Set-MDIConfiguration function sets the configuration for various Defender for Identity
post-deployment required settings.
Examples
EXAMPLE 1
Set-MDIConfiguration -Mode LocalMachine -Configuration NTLMAuditing
This example sets the NTLMAuditing configuration for the local machine.
EXAMPLE 2
Set-MDIConfiguration -Mode Domain -Configuration All -Identity mdisvc01
This example sets all configurations for the domain, creating the GPOs and linking them.
EXAMPLE 3
Set-MDIConfiguration -Mode Domain -Configuration All -GpoNamePrefix 'CONTOSO' -SkipGpoLink
-Identity mdisvc01
This example sets all configurations for the domain, creating the GPOs with a CONTOSO prefix
in their name, without linking the GPOs
Parameters
-Configuration
Specifies the configuration to set. You can specify one or more of the following values:
All(all configurations)AdfsAuditingAdRecycleBinAdvancedAuditPolicyCAsAdvancedAuditPolicyDCsCAAuditingConfigurationContainerAuditingEntraConnectAuditingRemoteSAMDomainObjectAuditingNTLMAuditingProcessorPerformance
Parameter properties
| Type: | System.String[] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Confirm
Prompts you for confirmation before running the cmdlet.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | cf |
Parameter sets
-CreateGpoDisabled
If specified, the GPOs are created and kept as disabled. This parameter is valid only in Domain
mode.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Domain
Specifies the name of the domain to run the command against. This parameter is optional and defaults to the user's DNS domain.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Force
If specified, set the configuration or create GPOs without validating the current state.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-GpoNamePrefix
Specifies a prefix for the Group Policy Objects (GPO) names to be created. Use this parameter for GPO naming convention. Note: Because the GPO's display name may not be unique, an error is returned if another GPO in the domain has the same display name.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Identity
Specifies the name of the service account to use for the EntraConnectAuditing or RemoteSAM configuration. This parameter is mandatory.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Mode
Specifies the mode to use. You must specify one of the following values:
Domain: Collect settings from the Group Policy objectsLocalMachine: Collect settings from the local machine
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-Server
Specifies the name of the server to run the command against. This parameter is optional and defaults to the PDC Emulator in the domain.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-SkipGpoLink
If specified, don't create GPO links. This parameter is valid only in Domain mode.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet isn't run.
Parameter properties
| Type: | System.Management.Automation.SwitchParameter |
| Default value: | False |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | wi |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Related Links
Feedback
Was this page helpful?