[Index]
| Title | Description | Details | |||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| SMIMEExpiredCertificateThumbprint * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| AdminDisplayName * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OrganizationId * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWASignedEmailCertificateInclusion * | The OWASignedEmailCertificateInclusion parameter specifies whether the sender's encryption certificate is excluded from a signed email message in Outlook on the web. Valid input for this parameter is $true or $false. The default is $true. By default, Outlook on the web and the S/MIME control include both signing and encrypting certificates with signed email messages. When this parameter is set to $false, the size of encrypted messages is reduced. However, recipients don't have access to the sender's encryption certificate in the message. Recipients need to retrieve the certificate from a directory, or from the sender. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWACRLRetrievalTimeout * | The OWACRLRetrievalTimeout parameter specifies the time in milliseconds that Outlook on the web waits to retrieve all CRLs when validating a certificate. Valid input for this parameter is an integer between 0 and 4294967295 (UInt32). The default value is 10000 (10 seconds). If all the required CRLs are not retrieved before the time limit expires, the operation fails. Suppose the retrieval of three CRLs is required, the OWACRLConnectionTimeout value is set to 60000 (60 seconds), and the OWACRLRetrievalTimeout is set to 120000 (2 minutes). In this example, if any individual CRL retrieval takes more than 60 seconds, the operation fails. Also, if all the CRL retrievals together take more than 120 seconds, the operation fails. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWABCCEncryptedEmailForking * | The OWABCCEncryptedEmailForking parameter specifies how Bcc messages are encrypted in Outlook on the web. This parameter uses the following values: 0 = One encrypted message per Bcc recipient. 1 = One single encrypted message for all Bcc recipients. 2 = One encrypted message without Bcc forking. The default value is 0. This setting affects the security and privacy of Outlook on the web. Consult your organization's security policy before you change this setting. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAClearSign * | The OWAClearSign parameter specifies how email messages are signed in Outlook on the web. Valid input for this parameter is $true or $false. The default is $true. When this parameter is set to $true, digitally signed messages are clear-signed. When this parameter is set to $false, digitally signed messages are opaque-signed. Clear-signed messages are larger than opaque-signed messages, but clear-signed messages can be read in most email clients, including clients that don't support S/MIME. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAAlwaysSign * | The OWAAlwaysSign parameter specifies whether all outgoing messages are automatically signed in Outlook on the web. Valid input for this parameter is $true or $false. The default value is $false. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWACheckCRLOnSend * | The OWACheckCRLOnSend parameter specifies how the certificate revocation list (CRL) check is enforced when an email message is sent in Outlook on the web. Valid input for this parameter is $true or $false. The default value is $false. When this parameter is set to $false and the CRL distribution point is inaccessible, Outlook on the web allows signed or encrypted messages to be sent. When this parameter is set to $true, Outlook on the web displays a warning dialog box and prevents signed or encrypted messages from being sent. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| WhenCreatedUTC * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWACRLConnectionTimeout * | The OWACRLConnectionTimeout parameter specifies the time in milliseconds that Outlook on the web waits while connecting to retrieve a single CRL as part of a certificate validation operation. Valid input for this parameter is an integer between 0 and 4294967295 (UInt32). The default value is 60000 (60 seconds). When multiple CRLs in a certificate chain must be retrieved, the time limit that's specified by this parameter applies to each connection. For example, if a certificate requires the retrieval of three CRLs, and this parameter is set to 60000 (60 seconds), each individual CRL retrieval operation has a time limit of 60 seconds. If any one of the CRLs isn't retrieved before the time limit expires, the entire operation fails. The total time limit for all the retrievals is controlled by the OWACRLRetrievalTimeout parameter. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| PSShowComputerName |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| SMIMECertificatesExpiryDate * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| WhenChangedUTC * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWAEncryptionAlgorithms * | The OWAEncryptionAlgorithms parameter specifies a list of algorithms that are used by Outlook on the web to encrypt messages. Valid input for this parameter is a semicolon-separated list of symmetric encryption algorithm identifiers. When you use an algorithm that supports multiple key lengths, you need to specify the key length. Note that RC2 is the only supported algorithm that that offers multiple key lengths. You can specify the object identifier (OID) of the cryptographic service provider (CSP) when using third-party CSPs. An OID must be specified together with an algorithm ID. Outlook on the web needs an algorithm ID so that it can infer how the algorithm should be used. For example, to provide a custom replacement for the 3DES algorithm, you would specify the algorithm ID of 3DES (6603) and the custom OID of the replacement algorithm by using the value 6603,<OID>. The encryption algorithms, key length values, and algorithm IDs that you can use with this parameter are described in the following list: RC2 algorithm ID 6602 (supported key lengths are 40, 56, 64, and 128) DES (56-bit) algorithm ID 6601 3DES (168-bit) algorithm ID 6603 AES128 algorithm ID 660E AES192 algorithm ID 660F AES256 algorithm ID 6610 This parameter uses the following syntax: {Algorithm ID} |; [Algorithm ID] | [,Custom replacement algorithm OID] |; [Algorithm ID[:key length]] .... For example, to set the encryption algorithms to 3DES, RC2-128, RC2-64, DES, and RC2-56, use the following value: 6603;6602:128;6602:64;6601;6602:56. The algorithm specified by OWAEncryptionAlgorithms is always used. If the parameter is not specified or is not formatted correctly, Outlook on the web uses the default value 6610 (AES256). If the encryption algorithm or minimum key length is not available on a client, Outlook on the web does not allow encryption. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| ObjectClass |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWATripleWrapSignedEncryptedMail * | The OWATripleWrapSignedEncryptedMail parameter specifies whether signed and encrypted email messages in Outlook on the web are triple-wrapped. Valid input for this parameter is $true or $false. The default is $false. A triple-wrapped message is a signed message that is encrypted, and then the encrypted message is signed (signed-encrypted-signed). When this parameter is set to $false, the signed message is encrypted only (there is no additional signing of the encrypted message). Triple-wrapped messages offer the highest level of security for messages under the S/MIME standard, but are larger in size. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| PSComputerName |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWAIncludeCertificateChainWithoutRootCertificate * | The OWAIncludeCertificateChainWithoutRootCertificate parameter specifies whether the certificate chains of the signing or encryption certificates are included in messages in Outlook on the web. Valid input for this parameter is $true or $false. The default is $false. By default, Outlook on the web includes only the signing and encrypting certificates, not their corresponding certificate chains. When this parameter is set to $true, signed or encrypted messages include the full certificate chain, but not the root certificate. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWADLExpansionTimeout * | The OWADLExpansionTimeout parameter specifies the time in milliseconds that Outlook on the web waits when sending encrypted messages to members of a distribution group that requires expansion. Valid input for this parameter is an integer between 0 and 4294967295 (UInt32). The default value is 60000 (60 seconds). If the operation doesn't complete in the time specified by this parameter, the operation fails and the message is not sent. When sending an encrypted message to a distribution group, Exchange expands the distribution group to retrieve the encryption certificate of each recipient. While the distribution group is being expanded, the sender receives no response from Outlook on the web. The timeout value that's specified by this parameter is applied to the expansion of each distribution group. For example, if an encrypted message is sent to three distribution group, and the value of this parameter is 60000 (60 seconds), the entire operation can take no more than 180 seconds. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWASenderCertificateAttributesToDisplay * | The OWASenderCertificateAttributesToDisplay parameter controls which certificate attributes are displayed when signature verification proceeds despite a mismatch between the sender's email address and the email address in sender's certificate. The parameter accepts a comma-separated list of object identifiers (OIDs). This setting is blank ($null) by default. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAAlwaysEncrypt * | The OWAAlwaysEncrypt parameter specifies whether all outgoing messages are automatically encrypted in Outlook on the web. Valid input for this parameter is $true or $false. The default value is $false. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| Identity * | This parameter is reserved for internal Microsoft use. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| DistinguishedName * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| SMIMECertificateIssuingCA * | The SMIMECertificateIssuingCA parameter specifies the serialized certificate store (SST) that contains the Certificate Authority (CA) signing and intermediate certificate information. You need to read the file to a byte-encoded object using the Get-Content cmdlet. For example: -SMIMECertificateIssuingCA $([byte[]](Get-Content -Encoding byte -Path "C:\Temp\CACertificateSerializedStore.sst" -ReadCount 0) Each certificate is checked, and if any certificates are expired, the operation will fail. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OriginatingServer * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Name * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWAUseSecondaryProxiesWhenFindingCertificates * | The OWAUseSecondaryProxiesWhenFindingCertificates parameter specifies whether alternative proxies are used during the certificate search in Outlook on the web. Valid input for this parameter is $true or $false. The default is $true. Outlook on the web attempts to find the correct certificate for a recipient when sending encrypted messages. The certificate subject or subject alternative name values can each contain an email address. Because a recipient can have multiple proxy addresses, the certificate's subject or subject alternative name values may not match the recipient's primary SMTP address. When this parameter is set to $true, and the certificate subject or subject alternative name values do not match the recipient's primary SMTP address, Outlook on the web tries to match the certificate's subject to one of the recipient's proxy addresses. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAIncludeCertificateChainAndRootCertificate * | The OWAIncludeCertificateChainAndRootCertificate parameter specifies whether the certificate chains and root certificates of the signing or encryption certificates are included in the message in Outlook on the web. Valid input for this parameter is $true or $false. The default value is $false. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAUseKeyIdentifier * | The OWAUseKeyIdentifier parameter specifies whether a certificate's key identifier is used to encode the asymmetrically encrypted token in Outlook on the web. Valid input for this parameter is $true or $false. The default is $false. By default, Outlook on the web encodes the asymmetrically encrypted token (sometimes called a lockbox) that's required to decrypt the rest of the message by indicating the issuer and serial number of each recipient's certificate. The issuer and serial number can then be used to locate the certificate and private key for decrypting the message. This parameter causes the use of a certificate's key identifier when encoding the asymmetrically encrypted token. Because a key pair can be reused in new certificates, using the key identifier for encrypted email messages means that users need to keep only the most recent certificate and associated private key, rather than all old certificates. Because some email clients do not support finding certificates with a key identifier, Outlook on the web uses the issuer and serial number of each recipient's certificate by default. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWACopyRecipientHeaders * | This parameter is reserved for internal Microsoft use. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| ExchangeVersion * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWAAllowUserChoiceOfSigningCertificate * | The OWAAllowUserChoiceOfSigningCertificate parameter specifies whether to allow users to select the certificate to use when they digitally sign email messages in Outlook on the web. Valid input for this parameter is $true or $false. The default value is $false. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAForceSMIMEClientUpgrade * | The OWAForceSMIMEClientUpgrade parameter specifies whether or not users are forced to upgrade an S/MIME control that's older than their current version in Outlook on the web. Valid input for this parameter is $true or $false. The default is $true. If the parameter is set to $true, users need to download and install the new control before they can use S/MIME. If this parameter is set to $false, users receive a warning if the S/MIME control on their computer is not current, but they can still use S/MIME without updating the control. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAOnlyUseSmartCard * | The OWAOnlyUseSmartCard parameter specifies whether smartcard-based certificates are required for Outlook on the web message signing and decryption. Valid input for this parameter is $true or $false. The default is $false When this parameter is set to $true, the use of smartcard-based certificates for signing and decryption is required when you use Outlook on the web and the S/MIME control. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| WhenCreated * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| ObjectCategory * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| IsValid * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| WhenChanged * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWADisableCRLCheck * | The OWADisableCRLCheck parameter enables or disables CRL checking in Outlook on the web. Valid input for this parameter is $true or $false. The default value is $false. When set to $true, this parameter disables CRL checks when validating certificates. Disabling CRL checking can decrease the time that's required to validate the signatures of signed email messages, but it also validates email messages signed with revoked certificates. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| ObjectState * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWASigningAlgorithms * | The OWASigningAlgorithms parameter specifies the list of signing algorithms that are used by Outlook on the web to sign messages with the S/MIME control. Valid input for this parameter is a semicolon-separated list of symmetric encryption algorithm identifiers. You can specify the object identifier (OID) of the cryptographic service provider (CSP) when using third-party CSPs. An OID must be specified together with an algorithm ID. Outlook on the web needs an algorithm ID so that it can infer how the algorithm should be used. For example, to provide a custom replacement for the SHA1 algorithm, you would specify the algorithm ID of SHA1 (8804) and the custom OID of the replacement algorithm by using the value 8804,<OID>. This parameter supports the following algorithms. CALG_SHA_512 Type: 512 bit secure hashing algorithm (SHA). Algorithm ID: 800E. CALG_SHA_384 Type: 384 bit SHA. Algorithm ID: 800D. CALG_SHA_256 Type: 256 bit SHA. Algorithm ID: 800C. SHA1 Type: SHA. Algorithm ID: 8004. CALG_MD5 Type: MD5 hashing algorithm. Algorithm ID: 8003. This parameter uses the following syntax: {Algorithm ID} |; [Algorithm ID] | [,Custom replacement algorithm OID] |; [Algorithm ID[:key length]] ... For example, to set the signing algorithms to CALG_SHA_512, SHA1, and CALG_MD5, use the value 800E;8004;8003. The algorithm specified by OWASigningAlgorithms is always used. If this parameter is not specified or is not formatted correctly, Outlook on the web defaults to 8004 (SHA1). |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| OWAIncludeSMIMECapabilitiesInMessage * | The OWAIncludeSMIMECapabilitiesInMessage parameter specifies whether signed and encrypted messages in Outlook on the web include attributes that describe the supported encryption and signing algorithms. Valid input for this parameter is $true or $false. The default is $false. Enabling this option increases the size of messages, but may make it easier for some email clients to interact with encrypted messages in Outlook on the web. |
|
|||||||||||||||||||||||||||||||||||||||||||||||
| RunspaceId |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Guid * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| Id * |
|
||||||||||||||||||||||||||||||||||||||||||||||||
| OWAEncryptTemporaryBuffers * | The OWAEncryptTemporaryBuffers parameter specifies whether the Outlook on the web client-side temporary message storage buffers are encrypted. Valid input for this parameter is $true or $false. The default value is $true. By default, all client-side temporary buffers that store message data are encrypted using an ephemeral key and the 3DES algorithm. Setting this parameter to $false disables temporary buffer encryption. Disabling encryption of the buffers can increase performance of the Outlook on the web client but also leaves information unencrypted in the client's buffer. Consult your organization's security policy before you disable this feature. |
|
|||||||||||||||||||||||||||||||||||||||||||||||