New-CMBMSUserExemptionPolicy
Create a policy to configure instructions for users to request exemption from BitLocker protection.
Syntax
Default (Default)
New-CMBMSUserExemptionPolicy
[-PolicyState <State>]
[-MaxDays <UInt32>]
[-ContactMethod <ContactMethod>]
[-ContactDetail <String>]
[-DisableWildcardHandling]
[-ForceWildcardHandling]
[<CommonParameters>]
Description
Use this cmdlet to create a policy to configure instructions for users to request exemption from BitLocker protection. These instructions include a URL, email address, or phone number.
Examples
Example 1: Create a policy with URL as contact method
This example creates a policy that's enabled with the following attributes:
- An exemption deadline of six days
- A custom URL for the user to submit the request
New-CMBMSUserExemptionPolicy -PolicyState Enabled -MaxDays 6 -ContactMethod Url -ContactDetail "https://contoso.com/bitlockerexemption"
Example 2: Create a policy with email as contact method
This example creates a policy that's enabled with the following attributes:
- An exemption deadline of four days
- A custom email address for the user to submit the request
New-CMBMSUserExemptionPolicy -PolicyState Enabled -MaxDays 4 -ContactMethod Email -ContactDetail "bitlockerexemption@contoso.com"
Example 3: Create a policy with phone as contact method
This example creates a policy that's enabled with the following attributes:
- An exemption deadline of 16 days
- A custom phone number for the user to submit the request
New-CMBMSUserExemptionPolicy -PolicyState Enabled -MaxDays 16 -ContactMethod Phone -ContactDetail "515-555-8127"
Parameters
-ContactDetail
Based on the -ContactMethod parameter, use this parameter to specify the specific string to include. For example, if -ContactMethod is Phone, specify a value phone number as the value of this parameter. The URL and email address display as links.
The URL format is
"https://YourExemptionWebSite"The email address format is
"alias@___domain.tld"BitLocker automatically creates a link with the following format:
mailto: xyz@abc.com?subject=Request exemption from BitLocker protection"The phone number format is as necessary for your local standard. For example, in the United States:
"123-456-7890"BitLocker displays the following message: Please call 123-456-7890 for applying exemption
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ContactMethod
Select how users submit an exemption request. Use the -ContactDetail parameter to specify the custom string for this method.
Parameter properties
| Type: | ContactMethod |
| Default value: | None |
| Accepted values: | Url, Email, Phone |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DisableWildcardHandling
This parameter treats wildcard characters as literal character values. You can't combine it with ForceWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-ForceWildcardHandling
This parameter processes wildcard characters and may lead to unexpected behavior (not recommended). You can't combine it with DisableWildcardHandling.
Parameter properties
| Type: | SwitchParameter |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-MaxDays
Use this parameter to specify how many days the user can postpone an enforced policy. By default, this value is 7 days (one week).
Parameter properties
| Type: | UInt32 |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-PolicyState
Use this parameter to configure the policy.
Enabled: If you enable this policy, and provide a URL, email address, or phone number, the user can apply for exemption. BitLocker displays instructions on how to apply for exemption from BitLocker protection. Use the -ContactMethod and ContactDetail parameters to configure the specific method.DisabledorNotConfigured: If you disable or don't configure this policy, Windows doesn't display the exemption request instructions to users.
Parameter properties
| Type: | State |
| Default value: | None |
| Accepted values: | Enabled, Disabled, NotConfigured |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.