An asterisk * in the title indicates the field is mandatory.
If a field has a default value, it is shown in the Description column.
If the field type is an array, the Field Name has a .[n] suffix, where n is the array index placeholder.
Object and array field names are listed to provide context. If a field belongs to an object or an array, the full field name is shown in dot separated notation.

Title

Description

Details

WebSite

Field Name: WebSite
Type: String

DisplayName

Field Name: DisplayName
Type: String

LiveIdAuthentication

The LiveIdAuthentication parameter specifies whether Microsoft account (formerly known as Windows Live ID) authentication is enabled for the ECP virtual directory.

Field Name: LiveIdAuthentication
Type: Boolean

GzipLevel

The GzipLevel parameter sets Gzip configuration information for the ECP virtual directory.

Field Name: GzipLevel
Type: String

OrganizationId

Field Name: OrganizationId
Type: String

OriginatingServer

Field Name: OriginatingServer
Type: String

Role

The Role parameter specifies the configuration that should be used when the virtual directory is created. The following are the values that can be used with this parameter: ClientAccess Configure the virtual directory for use on a Client Access server. Mailbox Configure the virtual directory for use on a Mailbox server.

Field Name: Role
Type: String

WebSiteName

The WebSiteName parameter specifies the name of the IIS website under which the Exchange Control Panel virtual directory is created.

Field Name: WebSiteName
Type: String

AdminDisplayName

Field Name: AdminDisplayName
Type: String

PSShowComputerName

Field Name: PSShowComputerName
Type: Boolean

Name

Field Name: Name
Type: String

DigestAuthentication

The DigestAuthentication parameter specifies whether Digest authentication is enabled on the ECP virtual directory.

Field Name: DigestAuthentication
Type: Boolean

ExternalAuthenticationMethods

The ExternalAuthenticationMethods parameter specifies the authentication methods supported on the Exchange server from outside the firewall.

Field Name: ExternalAuthenticationMethods.[n]
Type: Array

ObjectClass

Field Name: ObjectClass.[n]
Type: Array

PSComputerName

Field Name: PSComputerName
Type: String

BasicAuthentication

The BasicAuthentication parameter specifies whether Basic authentication is enabled on the ECP virtual directory. This parameter can be used with the FormsAuthentication parameter or with the DigestAuthentication and WindowsAuthentication parameters.

Field Name: BasicAuthentication
Type: Boolean

AdfsAuthentication

The AdfsAuthentication parameter specifies that the ECP virtual directory allows users to authenticate through Active Directory Federation Services (AD FS) authentication. This parameter accepts $true or $false. The default value is $false. The ADFS authentication settings for Set-OwaVirtualDirectory and Set-EcpVirtualDirectory are related. You need to set the AdfsAuthentication parameter on Set-EcpVirtualDirectory to $true before you can set the AdfsAuthentication parameter on Set-OwaVirtualDirectory to $true. Likewise, you need to set the AdfsAuthentication parameter on Set-OwaVirtualDirectory to $false before you can set the AdfsAuthentication parameter on Set-EcpVirtualDirectory to $false.

Field Name: AdfsAuthentication
Type: Boolean

ExtendedProtectionTokenChecking

The ExtendedProtectionTokenChecking parameter defines how you want to use Extended Protection for Authentication on the specified Exchange virtual directory. Extended Protection for Authentication isn't enabled by default. The available settings are: None Extended Protection for Authentication won't be used. Connections between the client and Exchange won't use Extended Protection for Authentication on this virtual directory. This is the default setting. Allow Extended Protection for Authentication will be used for connections between the client and Exchange on this virtual directory if both the client and server support Extended Protection for Authentication. Connections that don't support Extended Protection for Authentication on the client and server will work, but may not be as secure as a connection using Extended Protection for Authentication. If you have a proxy server between the client and the Client Access server that's configured to terminate the client-to-proxy SSL channel, you must also configure one or more Service Principal Names (SPNs) by using the ExtendedProtectionSPNList parameter. Require Extended Protection for Authentication will be used for all connections between clients and Exchange servers for this virtual directory. If either the client or server doesn't support Extended Protection for Authentication, the connection between the client and server will fail. If you set this option, you must also set a value for the ExtendedProtectionSPNList parameter. If you have a proxy server between the client and the Client Access server that's configured to terminate the client-to-proxy SSL channel, you must also configure one or more SPNs using the parameter ExtendedProtectionSPNList.

Field Name: ExtendedProtectionTokenChecking
Type: String

Path

The Path parameter sets the file system path of the Exchange Control Panel virtual directory. This parameter should be used with care and only when you must use a different file system path than the default.

Field Name: Path
Type: String

OAuthAuthentication

Field Name: OAuthAuthentication
Type: Boolean

ExtendedProtectionSPNList

The ExtendedProtectionSPNList parameter specifies a list of valid Service Principal Names (SPNs) if you're using Extended Protection for Authentication on the specified virtual directory. The possible values are: Null This is the default value. Single SPN or comma delimited list of valid SPNs By default, you must specify the fully qualified domain name (FQDN) (for example mail.contoso.com) for each SPN. If you want to add an SPN that's not an FQDN (for example, ContosoMail), you must also use the ExtendedProtectionTokenChecking parameter with the AllowDotlessSPN value. You specify the domain in SPN format. The SPN format is <protocol>/<FQDN>. For example, a valid entry could be HTTP/mail.contoso.com.

Field Name: ExtendedProtectionSPNList.[n]
Type: Array

DistinguishedName

Field Name: DistinguishedName
Type: String

OwaOptionsEnabled

The OwaOptionsEnabled parameter specifies that Outlook Web Access Options is enabled for end users. If this parameter is set to $false, users aren't able to access Outlook Web Access Options. You may want to disable access if your organization uses third-party provider tools. This parameter accepts $true or $false.

Field Name: OwaOptionsEnabled
Type: Boolean

WindowsAuthentication

The WindowsAuthentication parameter specifies whether Integrated Windows authentication is permitted on the ECP virtual directory.

Field Name: WindowsAuthentication
Type: Boolean

WhenCreatedUTC

Field Name: WhenCreatedUTC
Type: String
Format: date-time

Server

The Server parameter specifies the name or GUID of the server that hosts the Exchange Control Panel virtual directories that you want to create. You can't create an Exchange Control Panel virtual directory remotely. You can only create an Exchange Control Panel virtual directory on the local computer.

Field Name: Server
Type: String

WhenCreated

Field Name: WhenCreated
Type: String
Format: date-time

InternalAuthenticationMethods

Field Name: InternalAuthenticationMethods
Type: String

AdminDisplayVersion

Field Name: AdminDisplayVersion
Type: String

MetabasePath

Field Name: MetabasePath
Type: String

ExchangeVersion

Field Name: ExchangeVersion
Type: String

ExternalUrl

The ExternalUrl parameter specifies the host name used to connect to the server running Exchange from outside the firewall. This setting is important when Secure Sockets Layer (SSL) is used. This parameter must be set to allow the Autodiscover service to return the URL for the Exchange Control Panel virtual directory.

Field Name: ExternalUrl
Type: String

InternalUrl

The InternalUrl parameter specifies the host name used to connect to the server running Exchange from inside the firewall. This setting is important when SSL is used. This parameter must be set to allow the Autodiscover service to return the URL for the Exchange Control Panel virtual directory.

Field Name: InternalUrl
Type: String

DomainController

The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.

Field Name: DomainController
Type: String

ObjectCategory

Field Name: ObjectCategory
Type: String

AdminEnabled

The AdminEnabled parameter specifies that the EAC isn't able to be accessed through the Internet. For more information, see Turn off access to the Exchange admin center. This parameter accepts $true or $false.

Field Name: AdminEnabled
Type: Boolean

IsValid

Field Name: IsValid
Type: Boolean

ExtendedProtectionFlags

The ExtendedProtectionFlags parameter is used to customize the options you use if you're using Extended Protection for Authentication. The possible values are: None Default setting. Proxy Specifies that a proxy is terminating the SSL channel. A Service Principal Name (SPN) must be registered in the ExtendedProtectionSPNList parameter if proxy mode is configured. ProxyCoHosting Specifies that both HTTP and HTTPS traffic may be accessing the Client Access server and that a proxy is located between at least some of the clients and the Client Access server. AllowDotlessSPN Specifies whether you want to support valid SPNs that aren't in the fully qualified domain name (FQDN) format, for example ContosoMail. You specify valid SPNs with the ExtendedProtectionSPNList parameter. This option makes extended protection less secure because dotless certificates aren't unique, so it isn't possible to ensure that the client-to-proxy connection was established over a secure channel. NoServiceNameCheck Specifies that the SPN list won't be checked to validate a channel binding token. This option makes Extended Protection for Authentication less secure. We generally don't recommend this setting.

Field Name: ExtendedProtectionFlags.[n]
Type: Array

AppPoolId

The AppPoolId parameter sets the Internet Information Services (IIS) application pool in which the Exchange Control Panel virtual directory runs. We recommend that you leave this parameter at its default setting.

Field Name: AppPoolId
Type: String

WhenChanged

Field Name: WhenChanged
Type: String
Format: date-time

WhenChangedUTC

Field Name: WhenChangedUTC
Type: String
Format: date-time

FormsAuthentication

The FormsAuthentication parameter specifies whether forms-based authentication is enabled on the ECP virtual directory. If the FormsAuthentication parameter is set to $true, the BasicAuthentication parameter is set to $true, and the DigestAuthentication and WindowsAuthentication parameters are set to $false.

Field Name: FormsAuthentication
Type: Boolean

ObjectState

Field Name: ObjectState
Type: String

Identity

The Identity parameter specifies the name or GUID of an ECP virtual directory. The Identity parameter is represented as: ServerName\ECP (WebsiteName). If you don't specify a server name, the command returns the ECP virtual directory on the local server.

Field Name: Identity
Type: String

RunspaceId

Field Name: RunspaceId
Type: String

Guid

Field Name: Guid
Type: String

Field Name: Id
Type: String

DefaultDomain

Field Name: DefaultDomain
Type: String

Model: device/exchangehybrid/EcpVirtualDirectory

Model Details