Share via

Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration

Module:
Microsoft.Graph.Beta.Applications Module

Update the properties of a remoteDesktopSecurityConfiguration object on the servicePrincipal. Use this configuration to enable or disable the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices.

Note

To view the v1.0 release of this cmdlet, view Update-MgServicePrincipalRemoteDesktopSecurityConfiguration

Syntax

UpdateExpanded (Default) 

Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration
    -ServicePrincipalId <string>
    [-ResponseHeadersVariable <string>]
    [-AdditionalProperties <hashtable>]
    [-ApprovedClientApps <IMicrosoftGraphApprovedClientApp[]>]
    [-Id <string>]
    [-IsRemoteDesktopProtocolEnabled]
    [-TargetDeviceGroups <IMicrosoftGraphTargetDeviceGroup[]>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Update 

Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration
    -ServicePrincipalId <string>
    -BodyParameter <IMicrosoftGraphRemoteDesktopSecurityConfiguration>
    [-ResponseHeadersVariable <string>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

UpdateViaIdentityExpanded 

Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration
    -InputObject <IApplicationsIdentity>
    [-ResponseHeadersVariable <string>]
    [-AdditionalProperties <hashtable>]
    [-ApprovedClientApps <IMicrosoftGraphApprovedClientApp[]>]
    [-Id <string>]
    [-IsRemoteDesktopProtocolEnabled]
    [-TargetDeviceGroups <IMicrosoftGraphTargetDeviceGroup[]>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

UpdateViaIdentity 

Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration
    -InputObject <IApplicationsIdentity>
    -BodyParameter <IMicrosoftGraphRemoteDesktopSecurityConfiguration>
    [-ResponseHeadersVariable <string>]
    [-Break]
    [-Headers <IDictionary>]
    [-HttpPipelineAppend <SendAsyncStep[]>]
    [-HttpPipelinePrepend <SendAsyncStep[]>]
    [-Proxy <uri>]
    [-ProxyCredential <pscredential>]
    [-ProxyUseDefaultCredentials]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

Update the properties of a remoteDesktopSecurityConfiguration object on the servicePrincipal. Use this configuration to enable or disable the Microsoft Entra ID Remote Desktop Services (RDS) authentication protocol to authenticate a user to Microsoft Entra joined or Microsoft Entra hybrid joined devices.

Permissions

Permission type Permissions (from least to most privileged)
Delegated (work or school account) Application-RemoteDesktopConfig.ReadWrite.All, Directory.ReadWrite.All, Application.ReadWrite.All,
Delegated (personal Microsoft account) Not supported
Application Application-RemoteDesktopConfig.ReadWrite.All, Directory.ReadWrite.All, Application.ReadWrite.All,

Examples

Example 1: Code snippet


Import-Module Microsoft.Graph.Beta.Applications

$params = @{
	"@odata.type" = "#microsoft.graph.remoteDesktopSecurityConfiguration"
	isRemoteDesktopProtocolEnabled = $true
}

Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration -ServicePrincipalId $servicePrincipalId -BodyParameter $params

This example shows how to use the Update-MgBetaServicePrincipalRemoteDesktopSecurityConfiguration Cmdlet.

Parameters

-AdditionalProperties

Additional Parameters

Parameter properties

Type:System.Collections.Hashtable
Supports wildcards:False
DontShow:False

Parameter sets

UpdateViaIdentityExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
UpdateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ApprovedClientApps

To construct, see NOTES section for APPROVEDCLIENTAPPS properties and create a hash table.

Parameter properties

Type:

Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphApprovedClientApp[]

Supports wildcards:False
DontShow:False

Parameter sets

UpdateViaIdentityExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
UpdateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-BodyParameter

remoteDesktopSecurityConfiguration To construct, see NOTES section for BODYPARAMETER properties and create a hash table.

Parameter properties

Type:Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphRemoteDesktopSecurityConfiguration
Supports wildcards:False
DontShow:False

Parameter sets

UpdateViaIdentity
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False
Update
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-Break

Wait for .NET debugger to attach

Parameter properties

Type:System.Management.Automation.SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:System.Management.Automation.SwitchParameter
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Headers

Optional headers that will be added to the request.

Parameter properties

Type:System.Collections.IDictionary
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-HttpPipelineAppend

SendAsync Pipeline Steps to be appended to the front of the pipeline

Parameter properties

Type:

Microsoft.Graph.Beta.PowerShell.Runtime.SendAsyncStep[]

Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-HttpPipelinePrepend

SendAsync Pipeline Steps to be prepended to the front of the pipeline

Parameter properties

Type:

Microsoft.Graph.Beta.PowerShell.Runtime.SendAsyncStep[]

Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Id

The unique identifier for an entity. Read-only.

Parameter properties

Type:System.String
Supports wildcards:False
DontShow:False

Parameter sets

UpdateViaIdentityExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
UpdateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-InputObject

Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.

Parameter properties

Type:Microsoft.Graph.Beta.PowerShell.Models.IApplicationsIdentity
Supports wildcards:False
DontShow:False

Parameter sets

UpdateViaIdentityExpanded
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False
UpdateViaIdentity
Position:Named
Mandatory:True
Value from pipeline:True
Value from pipeline by property name:False
Value from remaining arguments:False

-IsRemoteDesktopProtocolEnabled

Determines if Microsoft Entra ID RDS authentication protocol for RDP is enabled.

Parameter properties

Type:System.Management.Automation.SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False

Parameter sets

UpdateViaIdentityExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
UpdateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-Proxy

The URI for the proxy server to use

Parameter properties

Type:System.Uri
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ProxyCredential

Credentials for a proxy server to use for the remote call

Parameter properties

Type:System.Management.Automation.PSCredential
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ProxyUseDefaultCredentials

Use the default credentials for the proxy

Parameter properties

Type:System.Management.Automation.SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ResponseHeadersVariable

Optional Response Headers Variable.

Parameter properties

Type:System.String
Supports wildcards:False
DontShow:False
Aliases:RHV

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-ServicePrincipalId

The unique identifier of servicePrincipal

Parameter properties

Type:System.String
Supports wildcards:False
DontShow:False

Parameter sets

UpdateExpanded
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
Update
Position:Named
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-TargetDeviceGroups

The collection of target device groups that are associated with the RDS security configuration that will be enabled for SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol. To construct, see NOTES section for TARGETDEVICEGROUPS properties and create a hash table.

Parameter properties

Type:

Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphTargetDeviceGroup[]

Supports wildcards:False
DontShow:False

Parameter sets

UpdateViaIdentityExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False
UpdateExpanded
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-WhatIf

Runs the command in a mode that only reports what would happen without performing the actions.

Parameter properties

Type:System.Management.Automation.SwitchParameter
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

Microsoft.Graph.Beta.PowerShell.Models.IApplicationsIdentity

{{ Fill in the Description }}

Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphRemoteDesktopSecurityConfiguration

{{ Fill in the Description }}

System.Collections.IDictionary

{{ Fill in the Description }}

Outputs

Microsoft.Graph.Beta.PowerShell.Models.IMicrosoftGraphRemoteDesktopSecurityConfiguration

{{ Fill in the Description }}

Notes

COMPLEX PARAMETER PROPERTIES

To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.

APPROVEDCLIENTAPPS <IMicrosoftGraphApprovedClientApp[]>: . [Id <String>]: The unique identifier for an entity. Read-only. [DisplayName <String>]:

BODYPARAMETER <IMicrosoftGraphRemoteDesktopSecurityConfiguration>: remoteDesktopSecurityConfiguration [(Any) <Object>]: This indicates any property can be added to this object. [Id <String>]: The unique identifier for an entity. Read-only. [ApprovedClientApps <IMicrosoftGraphApprovedClientApp[]>]: [Id <String>]: The unique identifier for an entity. Read-only. [DisplayName <String>]: [IsRemoteDesktopProtocolEnabled <Boolean?>]: Determines if Microsoft Entra ID RDS authentication protocol for RDP is enabled. [TargetDeviceGroups <IMicrosoftGraphTargetDeviceGroup[]>]: The collection of target device groups that are associated with the RDS security configuration that will be enabled for SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol. [Id <String>]: The unique identifier for an entity. Read-only. [DisplayName <String>]: Display name for the target device group.

INPUTOBJECT <IApplicationsIdentity>: Identity Parameter [AppId <String>]: Alternate key of application [AppManagementPolicyId <String>]: The unique identifier of appManagementPolicy [AppRoleAssignmentId <String>]: The unique identifier of appRoleAssignment [ApplicationId <String>]: The unique identifier of application [ApplicationTemplateId <String>]: The unique identifier of applicationTemplate [ApprovedClientAppId <String>]: The unique identifier of approvedClientApp [ClaimsMappingPolicyId <String>]: The unique identifier of claimsMappingPolicy [ConnectorGroupId <String>]: The unique identifier of connectorGroup [ConnectorId <String>]: The unique identifier of connector [DelegatedPermissionClassificationId <String>]: The unique identifier of delegatedPermissionClassification [DirectoryDefinitionId <String>]: The unique identifier of directoryDefinition [DirectoryObjectId <String>]: The unique identifier of directoryObject [EndpointId <String>]: The unique identifier of endpoint [ExtensionPropertyId <String>]: The unique identifier of extensionProperty [FederatedIdentityCredentialId <String>]: The unique identifier of federatedIdentityCredential [GroupId <String>]: The unique identifier of group [HomeRealmDiscoveryPolicyId <String>]: The unique identifier of homeRealmDiscoveryPolicy [IPApplicationSegmentId <String>]: The unique identifier of ipApplicationSegment [LicenseDetailsId <String>]: The unique identifier of licenseDetails [Name <String>]: Alternate key of federatedIdentityCredential [OAuth2PermissionGrantId <String>]: The unique identifier of oAuth2PermissionGrant [OnPremisesAgentGroupId <String>]: The unique identifier of onPremisesAgentGroup [OnPremisesAgentGroupId1 <String>]: The unique identifier of onPremisesAgentGroup [OnPremisesAgentId <String>]: The unique identifier of onPremisesAgent [OnPremisesPublishingProfileId <String>]: The unique identifier of onPremisesPublishingProfile [PermissionGrantPreApprovalPolicyId <String>]: The unique identifier of permissionGrantPreApprovalPolicy [PublishedResourceId <String>]: The unique identifier of publishedResource [ServicePrincipalId <String>]: The unique identifier of servicePrincipal [SynchronizationJobId <String>]: The unique identifier of synchronizationJob [SynchronizationTemplateId <String>]: The unique identifier of synchronizationTemplate [TargetDeviceGroupId <String>]: The unique identifier of targetDeviceGroup [TokenIssuancePolicyId <String>]: The unique identifier of tokenIssuancePolicy [TokenLifetimePolicyId <String>]: The unique identifier of tokenLifetimePolicy [UniqueName <String>]: Alternate key of application [UserId <String>]: The unique identifier of user

TARGETDEVICEGROUPS <IMicrosoftGraphTargetDeviceGroup[]>: The collection of target device groups that are associated with the RDS security configuration that will be enabled for SSO when a client connects to the target device over RDP using the new Microsoft Entra ID RDS authentication protocol. [Id <String>]: The unique identifier for an entity. Read-only. [DisplayName <String>]: Display name for the target device group.