From 9dae9de9ae900090aac253faca9b4878ac15b822 Mon Sep 17 00:00:00 2001 From: vgudur-dev Date: Thu, 10 Jul 2025 11:48:50 -0700 Subject: [PATCH 1/2] Update Set-CsTenantFederationConfiguration.md --- .../Set-CsTenantFederationConfiguration.md | 23 +++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md b/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md index 957f463b80..2e07527624 100644 --- a/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md +++ b/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md @@ -29,6 +29,7 @@ Set-CsTenantFederationConfiguration [-Tenant ] [-AllowFederatedUsers ] [-AllowTeamsConsumer ] [-AllowTeamsConsumerInbound ] [-TreatDiscoveredPartnersAsUnverified ] [-SharedSipAddressSpace ] [-RestrictTeamsConsumerToExternalUserProfiles ] [-AllowedDomainsAsAList ] [-ExternalAccessWithTrialTenants ] + [-DomainBlockingForMDOAdminsInTeams ] [-AllowedTrialTenantDomains ] [[-Identity] ] [-Force] [-WhatIf] [-Confirm] [] ``` @@ -214,6 +215,11 @@ Example 15 shows how you can remove domains from the existing Allowed Trial Tena First, a List is created and domains are added to it, then use the Remove method in the `AllowedTrialTenantDomains` parameter to remove the domains from the existing allowed domains list. When this command completes, the domains in the list will be removed from the Allowed Trial Tenant Domains list. +### -------------------------- Example 16 ------------------------- +``` +Set-CsTenantFederationConfiguration -DomainBlockingForMDOAdminsInTeams "Enabled" +``` + ## PARAMETERS ### -AllowedDomains @@ -490,6 +496,23 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -DomainBlockingForMDOAdminsInTeams +When set to 'Enabled', security operations team will be able to add domains to the blocklist on security portal. +When set to 'Disabled', security operations team will not have permissions to update the domains blocklist. + +```yaml +Type: DomainBlockingForMDOAdminsInTeamsType +Parameter Sets: (All) +Aliases: +Applicable: Microsoft Teams + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -AllowedTrialTenantDomains You can whitelist specific "trial-only" tenant domains, while keeping the `ExternalAccessWithTrialTenants` set to `Blocked`. This will allow you to protect your organization against majority of tenants that don't have any paid subscriptions, while still being able to collaborate externally with those trusted trial-tenants in the list. From 3e6584d4a52596a6b2c664594095f74acc8e6b66 Mon Sep 17 00:00:00 2001 From: Ruchika Mittal Date: Fri, 11 Jul 2025 22:20:12 +0530 Subject: [PATCH 2/2] typo fix --- teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md b/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md index 2e07527624..c881b93707 100644 --- a/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md +++ b/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md @@ -63,7 +63,7 @@ $x = New-CsEdgeDomainPattern -Domain "fabrikam.com" Set-CsTenantFederationConfiguration -BlockedDomains @{Replace=$x} ``` -In Example 2, the domain fabrikam.com is assigned as the only domain on the blocked domains list for current tenant. +In Example 1, the domain fabrikam.com is assigned as the only domain on the blocked domains list for current tenant. To do this, the first command in the example uses the `New-CsEdgeDomainPattern` cmdlet to create a new domain object for fabrikam.com. This domain object is stored in a variable named $x.