See Also
Topic Last Modified: 2014-02-19
Modifies the Open Authorization (OAuth) configuration settings currently in use in the organization. OAuth is a standard protocol used for server-to-server authentication and authorization. This cmdlet was introduced in Lync Server 2013.
Syntax
Set-CsOAuthConfiguration
[-ClientAuthorizationOAuthServerIdentity <String>]
[-ExchangeAutodiscoverAllowedDomains <String>]
[-ExchangeAutodiscoverUrl <String>] [-Identity
<XdsIdentity>] [-Realm <String>] [-ServiceName
<String>] <COMMON PARAMETERS>
|
Set-CsOAuthConfiguration [-Instance <PSObject>]
<COMMON PARAMETERS>
|
COMMON PARAMETERS: [-Confirm [<SwitchParameter>]]
[-Force <SwitchParameter>] [-Tenant <Guid>] [-WhatIf
[<SwitchParameter>]]
|
Examples
Example 1
The command shown in Example 1 modifies the global collection of OAuth configuration settings. In this example, the Realm property is set to "contoso.com".
 Copy Code |
|
|---|---|
Set-CsOAuthConfiguration -Identity global -Realm "contoso.com" |
|
Detailed Description
In Lync Server 2013, server-to-server authentication (for example, the authentication that enables Lync Server and Microsoft Exchange Server 2013 to share information) is carried out using the OAuth security protocol. OAuth is always on in Lync Server 2013; there is no need (or even any way) to enable or disable the protocol. However, if Lync Server needs to communicate with other server products (such as Exchange 2013 or Microsoft SharePoint 2013) you might need to modify your OAuth configuration settings; for example, you might need to specify the autodiscover URL for the Office 365 version of Exchange, and you might need to specify your Realm name. These settings can only be managed by using the CsOAuthConfiguration cmdlets; options for managing OAuth settings are not available in the Lync Server 2013 Control Panel.
Note that, for the on-premises version of Lync Server 2013, you can have only a single, global collection of OAuth settings: you cannot not create additional collections of OAuth settings nor can you delete the global collection. Each Lync Online tenant is also limited to a single collection of OAuth configuration settings.
To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell command-line interface prompt:
Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Set-CsOAuthConfiguration"}
Lync Server Control Panel: The functions carried out by the Set-CsOAuthConfiguration cmdlet are not available in the Lync Server Control Panel.
Parameters
| Parameter | Required | Type | Description |
|---|---|---|---|
|
ClientAuthorizationOAuthServerIdentity |
Optional |
System.String |
PARAMVALUE: String |
|
Confirm |
Optional |
System.Management.Automation.SwitchParameter |
Prompts you for confirmation before executing the command. |
|
ExchangeAutodiscoverAllowedDomains |
Optional |
System.String |
Collection of domains that autodiscover requests can be redirected to. For example: -ExchangeAutodiscoverAllowedDomains "*.contoso.com","*.fabrikam.com" |
|
ExchangeAutodiscoverUrl |
Optional |
System.String |
URL for the autodiscovery service used by the Office 365 version of Microsoft Exchange Server. |
|
Force |
Optional |
System.Management.Automation.SwitchParameter |
Suppresses the display of any non-fatal error message that might occur when running the command. |
|
Identity |
Optional |
Microsoft.Rtc.Management.Xds.XdsIdentity |
Unique Identity of the OAuth configuration settings. Because you can only have a single, global instance of these settings, you do not need to specify an Identity when calling the Set-CsOAuthConfiguration cmdlet. You can, however, use the following syntax to reference the global settings: -Identity global |
|
Instance |
Optional |
System.Management.Automation.PSObject |
Allows you to pass a reference to an object to the cmdlet rather than set individual parameter values. |
|
Realm |
Optional |
System.String |
Server-to-server security container. By default, Lync Server 2013 uses your default SIP domain as its OAuth realm. |
|
ServiceName |
Optional |
System.String |
Globally unique identifier (GUID) assigned to the OAuth service. |
|
Tenant |
Optional |
System.Guid |
Globally unique identifier (GUID) of the Lync Online tenant account for which the OAuth configuration settings are being modified. For example: –Tenant "38aad667-af54-4397-aaa7-e94c79ec2308" You can return the tenant ID for each of your tenants by running this command: Get-CsTenant | Select-Object DisplayName, TenantID |
|
WhatIf |
Optional |
System.Management.Automation.SwitchParameter |
Describes what would happen if you executed the command without actually executing the command. |
Input Types
The Set-CsOAuthConfiguration cmdlet accepts pipelined instances of the Microsoft.Rtc.Management.WritableConfig.Settings.SSAuth.OAuthSettings object.
Return Types
None. Instead, the Set-CsOAuthConfiguration cmdlet modifies existing instances of the Microsoft.Rtc.Management.WritableConfig.Settings.SSAuth.OAuthSettings object.
