Topic Last Modified: 2014-02-19

Modifies the Open Authorization (OAuth) configuration settings currently in use in the organization. OAuth is a standard protocol used for server-to-server authentication and authorization. This cmdlet was introduced in Lync Server 2013.

Syntax

Set-CsOAuthConfiguration [-ClientAuthorizationOAuthServerIdentity <String>] [-ExchangeAutodiscoverAllowedDomains <String>] [-ExchangeAutodiscoverUrl <String>] [-Identity <XdsIdentity>] [-Realm <String>] [-ServiceName <String>] <COMMON PARAMETERS>
Set-CsOAuthConfiguration [-Instance <PSObject>] <COMMON PARAMETERS>
COMMON PARAMETERS: [-Confirm [<SwitchParameter>]] [-Force <SwitchParameter>] [-Tenant <Guid>] [-WhatIf [<SwitchParameter>]]

Examples

Example 1

The command shown in Example 1 modifies the global collection of OAuth configuration settings. In this example, the Realm property is set to "contoso.com".

Copy Code
Set-CsOAuthConfiguration -Identity global -Realm "contoso.com"

Detailed Description

In Lync Server 2013, server-to-server authentication (for example, the authentication that enables Lync Server and Microsoft Exchange Server 2013 to share information) is carried out using the OAuth security protocol. OAuth is always on in Lync Server 2013; there is no need (or even any way) to enable or disable the protocol. However, if Lync Server needs to communicate with other server products (such as Exchange 2013 or Microsoft SharePoint 2013) you might need to modify your OAuth configuration settings; for example, you might need to specify the autodiscover URL for the Office 365 version of Exchange, and you might need to specify your Realm name. These settings can only be managed by using the CsOAuthConfiguration cmdlets; options for managing OAuth settings are not available in the Lync Server 2013 Control Panel.

Note that, for the on-premises version of Lync Server 2013, you can have only a single, global collection of OAuth settings: you cannot not create additional collections of OAuth settings nor can you delete the global collection. Each Lync Online tenant is also limited to a single collection of OAuth configuration settings.

To return a list of all the role-based access control (RBAC) roles this cmdlet has been assigned to (including any custom RBAC roles you have created yourself), run the following command from the Windows PowerShell command-line interface prompt:

Get-CsAdminRole | Where-Object {$_.Cmdlets –match "Set-CsOAuthConfiguration"}

Lync Server Control Panel: The functions carried out by the Set-CsOAuthConfiguration cmdlet are not available in the Lync Server Control Panel.

Parameters

Parameter Required Type Description

ClientAuthorizationOAuthServerIdentity

Optional

System.String

PARAMVALUE: String

Confirm

Optional

System.Management.Automation.SwitchParameter

Prompts you for confirmation before executing the command.

ExchangeAutodiscoverAllowedDomains

Optional

System.String

Collection of domains that autodiscover requests can be redirected to. For example:

-ExchangeAutodiscoverAllowedDomains "*.contoso.com","*.fabrikam.com"

ExchangeAutodiscoverUrl

Optional

System.String

URL for the autodiscovery service used by the Office 365 version of Microsoft Exchange Server.

Force

Optional

System.Management.Automation.SwitchParameter

Suppresses the display of any non-fatal error message that might occur when running the command.

Identity

Optional

Microsoft.Rtc.Management.Xds.XdsIdentity

Unique Identity of the OAuth configuration settings. Because you can only have a single, global instance of these settings, you do not need to specify an Identity when calling the Set-CsOAuthConfiguration cmdlet. You can, however, use the following syntax to reference the global settings:

-Identity global

Instance

Optional

System.Management.Automation.PSObject

Allows you to pass a reference to an object to the cmdlet rather than set individual parameter values.

Realm

Optional

System.String

Server-to-server security container. By default, Lync Server 2013 uses your default SIP domain as its OAuth realm.

ServiceName

Optional

System.String

Globally unique identifier (GUID) assigned to the OAuth service.

Tenant

Optional

System.Guid

Globally unique identifier (GUID) of the Lync Online tenant account for which the OAuth configuration settings are being modified. For example:

–Tenant "38aad667-af54-4397-aaa7-e94c79ec2308"

You can return the tenant ID for each of your tenants by running this command:

Get-CsTenant | Select-Object DisplayName, TenantID

WhatIf

Optional

System.Management.Automation.SwitchParameter

Describes what would happen if you executed the command without actually executing the command.

Input Types

The Set-CsOAuthConfiguration cmdlet accepts pipelined instances of the Microsoft.Rtc.Management.WritableConfig.Settings.SSAuth.OAuthSettings object.

Return Types

None. Instead, the Set-CsOAuthConfiguration cmdlet modifies existing instances of the Microsoft.Rtc.Management.WritableConfig.Settings.SSAuth.OAuthSettings object.

See Also