An asterisk * in the title indicates the field is mandatory.
If a field has a default value, it is shown in the Description column.
If the field type is an array, the Field Name has a .[n] suffix, where n is the array index placeholder.
Object and array field names are listed to provide context. If a field belongs to an object or an array, the full field name is shown in dot separated notation.

Title

Description

Details

CertificateAuthentication

The CertificateAuthentication parameter specifies whether certificate authentication is enabled. This parameter affects the <Servername>/ews/management/ virtual directory. It doesn't affect the <Servername>/ews/ virtual directory.

Field Name: CertificateAuthentication
Type: Boolean

AdminDisplayName

Field Name: AdminDisplayName
Type: String

GzipLevel

The GzipLevel parameter sets Gzip configuration information for the Exchange Web Services virtual directory. This parameter can be set to the following values: Off This value results in no compression. Low This value results in static compression only. Don't use this setting for Exchange Web Services because Exchange Web Services content is dynamic. You'll get a warning if you set the GzipLevel parameter to this value. If you use this setting, it behaves the same as the Off setting. High This value results in static and dynamic compression. Content from Exchange Web Services is compressed if clients have indicated support for Gzip compression in their requests. Error This value identifies errors in the Gzip compression configuration.

Field Name: GzipLevel
Type: String

OrganizationId

Field Name: OrganizationId
Type: String

ExtendedProtectionFlags

The ExtendedProtectionFlags parameter is used to customize the options you use if you're using Extended Protection for Authentication. The possible values are: None Default setting. Proxy Specifies that a proxy is terminating the SSL channel. A Service Principal Name (SPN) must be registered in the ExtendedProtectionSPNList parameter if proxy mode is configured. ProxyCoHosting Specifies that both HTTP and HTTPS traffic may be accessing the Client Access server and that a proxy is located between at least some of the clients and the Client Access server. AllowDotlessSPN Specifies whether you want to support valid SPNs that aren't in the fully qualified domain name (FQDN) format, for example ContosoMail. You specify valid SPNs with the ExtendedProtectionSPNList parameter. This option makes extended protection less secure because dotless certificates aren't unique, so it isn't possible to ensure that the client-to-proxy connection was established over a secure channel. NoServiceNameCheck Specifies that the SPN list won't be checked to validate a channel binding token. This option makes Extended Protection for Authentication less secure. We generally don't recommend this setting.

Field Name: ExtendedProtectionFlags.[n]
Type: Array

LiveIdBasicAuthentication

This parameter is reserved for internal Microsoft use.

Field Name: LiveIdBasicAuthentication
Type: Boolean

Role

The Role parameter specifies the configuration that should be used when the virtual directory is created. The following are the values that can be used with this parameter: FrontEnd Configures the virtual directory for use on a Client Access server. BackEnd Configures the virtual directory for use on a Mailbox server.

Field Name: Role
Type: String

WebSiteName

The WebSiteName parameter specifies the name of the website under which to create the virtual directory. This parameter shouldn't be used when you're creating a virtual directory under the default website.

Field Name: WebSiteName
Type: String

PSShowComputerName

Field Name: PSShowComputerName
Type: Boolean

Name

Field Name: Name
Type: String

DigestAuthentication

The DigestAuthentication parameter specifies whether Digest authentication is enabled on the virtual directory.

Field Name: DigestAuthentication
Type: Boolean

ApplicationRoot

The ApplicationRoot parameter sets the metabase path of the virtual directory. By default, this path is the same as the website in which the virtual directory is created.

Field Name: ApplicationRoot
Type: String

ExternalAuthenticationMethods

Field Name: ExternalAuthenticationMethods
Type: String

MRSProxyEnabled

The MRSProxyEnabled parameter specifies whether to enable MRSProxy for the Client Access server. MRSProxy is a service that runs on Client Access servers in a remote forest and helps to proxy a mailbox move. For more information, see Mailbox moves in Exchange 2013.

Field Name: MRSProxyEnabled
Type: Boolean

PSComputerName

Field Name: PSComputerName
Type: String

BasicAuthentication

The BasicAuthentication parameter specifies whether Basic authentication is enabled on the Exchange Web Services virtual directory.

Field Name: BasicAuthentication
Type: Boolean

Identity

The Identity parameter specifies the GUID of the server, the name of the website, or the name of the virtual directory that you want to display.

Field Name: Identity
Type: String

AdfsAuthentication

Field Name: AdfsAuthentication
Type: Boolean

WindowsAuthentication

The WindowsAuthentication parameter specifies whether Integrated Windows authentication is permitted on the new Exchange Web Services virtual directory.

Field Name: WindowsAuthentication
Type: Boolean

Path

The Path parameter sets the path of the virtual directory in the metabase.

Field Name: Path
Type: String

OAuthAuthentication

The OAuthAuthentication parameter specifies whether OAuth authentication is enabled.

Field Name: OAuthAuthentication
Type: Boolean

ExtendedProtectionSPNList

The ExtendedProtectionSPNList parameter specifies a list of valid Service Principal Names (SPNs) if you're using Extended Protection for Authentication on the specified virtual directory. The possible values are: Null This is the default value. Single SPN or comma delimited list of valid SPNs By default, you must specify the fully qualified domain name (FQDN) (for example mail.contoso.com) for each SPN. If you want to add an SPN that's not an FQDN (for example, ContosoMail), you must also use the ExtendedProtectionTokenChecking parameter with the AllowDotlessSPN value. You specify the domain in SPN format. The SPN format is <protocol>/<FQDN>. For example, a valid entry could be HTTP/mail.contoso.com.

Field Name: ExtendedProtectionSPNList.[n]
Type: Array

DistinguishedName

Field Name: DistinguishedName
Type: String

OriginatingServer

Field Name: OriginatingServer
Type: String

ExtendedProtectionTokenChecking

The ExtendedProtectionTokenChecking parameter defines how you want to use Extended Protection for Authentication on the specified Exchange virtual directory. Extended Protection for Authentication isn't enabled by default. The available settings are: None Extended Protection for Authentication won't be used. Connections between the client and Exchange won't use Extended Protection for Authentication on this virtual directory. This is the default setting. Allow Extended Protection for Authentication will be used for connections between the client and Exchange on this virtual directory if both the client and server support Extended Protection for Authentication. Connections that don't support Extended Protection for Authentication on the client and server will work, but may not be as secure as a connection using Extended Protection for Authentication. If you have a proxy server between the client and the Client Access server that's configured to terminate the client-to-proxy SSL channel, you must also configure one or more Service Principal Names (SPNs) by using the ExtendedProtectionSPNList parameter. Require Extended Protection for Authentication will be used for all connections between clients and Exchange servers for this virtual directory. If either the client or server doesn't support Extended Protection for Authentication, the connection between the client and server will fail. If you set this option, you must also set a value for the ExtendedProtectionSPNList parameter. If you have a proxy server between the client and the Client Access server that's configured to terminate the client-to-proxy SSL channel, you must also configure one or more SPNs using the parameter ExtendedProtectionSPNList.

Field Name: ExtendedProtectionTokenChecking
Type: String

WSSecurityAuthentication

The WSSecurityAuthentication parameter specifies whether Web Services Security authentication is enabled on the Exchange Web Services virtual directory. This parameter can be used with the BasicAuthentication, DigestAuthentication, and WindowsAuthentication parameters.

Field Name: WSSecurityAuthentication
Type: Boolean

WhenCreatedUTC

Field Name: WhenCreatedUTC
Type: String
Format: date-time

LiveIdNegotiateAuthentication

This parameter is reserved for internal Microsoft use.

Field Name: LiveIdNegotiateAuthentication
Type: Boolean

Server

The Server parameter specifies the Exchange server on which you want to create the virtual directory. You can use any value that uniquely identifies the server, for example: Name FQDN Distinguished name (DN) Exchange Legacy DN If you don't use the Server parameter, the virtual directory is created on the server where the Remote PowerShell session is established This will always be a Mailbox server. If you want to create the virtual directory on a Client Access server or another Mailbox server, you must use the Server parameter.

Field Name: Server
Type: String

WhenCreated

Field Name: WhenCreated
Type: String
Format: date-time

InternalAuthenticationMethods

Field Name: InternalAuthenticationMethods
Type: String

AdminDisplayVersion

Field Name: AdminDisplayVersion
Type: String

MetabasePath

Field Name: MetabasePath
Type: String

ExchangeVersion

Field Name: ExchangeVersion
Type: String

ExternalUrl

The ExternalUrl parameter specifies the host name used to connect to the Exchange server from outside the firewall. This setting is also important when Secure Sockets Layer (SSL) is used.

Field Name: ExternalUrl
Type: String

InternalUrl

The InternalUrl parameter specifies the host name of the Exchange server for a connection from inside the firewall. This setting is also important when SSL is used.

Field Name: InternalUrl
Type: String

DomainController

The DomainController parameter specifies the fully qualified domain name (FQDN) of the domain controller that writes this configuration change to Active Directory.

Field Name: DomainController
Type: String

ObjectCategory

Field Name: ObjectCategory
Type: String

IsValid

Field Name: IsValid
Type: Boolean

InternalNLBBypassUrl

The InternalNLBBypassUrl parameter specifies the URL of the Client Access server, regardless of whether it's behind a Network Load Balancing (NLB) array. Although the InternalUrl parameter is set to the URL of the NLB array, the InternalNLBBypassUrl parameter should always be set to the URL of the Client Access server.

Field Name: InternalNLBBypassUrl
Type: String

AppPoolId

The AppPoolId parameter sets the pool of programs that can be used with the virtual directory.

Field Name: AppPoolId
Type: String

WhenChanged

Field Name: WhenChanged
Type: String
Format: date-time

WhenChangedUTC

Field Name: WhenChangedUTC
Type: String
Format: date-time

ObjectClass

Field Name: ObjectClass.[n]
Type: Array

ObjectState

Field Name: ObjectState
Type: String

AppPoolIdForManagement

The AppPoolIdForManagement parameter specifies the pool of programs that manages the virtual directory.

Field Name: AppPoolIdForManagement
Type: String

RunspaceId

Field Name: RunspaceId
Type: String

Guid

Field Name: Guid
Type: String

Field Name: Id
Type: String

Model: device/exchangehybrid/WebServicesVirtualDirectory

Model Details