|
| 1 | +### YamlMime:PowershellCmdlet |
| 2 | +summary: |- |
| 3 | + Adds central access rules to a central access policy in Active Directory. |
| 4 | +module: ActiveDirectory |
| 5 | +notes: |- |
| 6 | + * This cmdlet does not work with a read-only domain controller. |
| 7 | +
|
| 8 | + This cmdlet does not work with an Active Directory Snapshot. |
| 9 | +inputs: |
| 10 | +- name: <xref href="None or Microsoft.ActiveDirectory.Management.ADCentralAccessPolicy" data-throw-if-not-resolved="False" /> |
| 11 | + description: |- |
| 12 | + A ADCentralAccessPolicy object is received by the Identity parameter. |
| 13 | +outputs: |
| 14 | +- name: <xref href="None or Microsoft.ActiveDirectory.ADCentralAccessPolicy" data-throw-if-not-resolved="False" /> |
| 15 | + description: |- |
| 16 | + Returns the modified ADCentralAccessPolicy object when the PassThru parameter is specified. |
| 17 | + By default, this cmdlet does not generate any output. |
| 18 | +syntaxes: |
| 19 | +- >- |
| 20 | + Add-ADCentralAccessPolicyMember [-WhatIf] [-Confirm] [-AuthType <ADAuthType>] [-Credential <PSCredential>] |
| 21 | +
|
| 22 | + [-Identity] <ADCentralAccessPolicy> [-Members] <ADCentralAccessRule[]> [-PassThru] [-Server <String>] |
| 23 | +
|
| 24 | + [<CommonParameters>] |
| 25 | +examples: |
| 26 | +- title: '-------------------------- EXAMPLE 1 --------------------------' |
| 27 | + code: |- |
| 28 | + C:\PS>Add-ADCentralAccessPolicyMember "Finance Policy" -Member "Finance Documents Rule","Corporate Documents Rule" |
| 29 | + description: |- |
| 30 | + Description |
| 31 | +
|
| 32 | + ----------- |
| 33 | +
|
| 34 | + Adds the central access rules 'Finance Documents Rule' and 'Corporate Documents Rule' to the central access policy 'Finance Policy'. |
| 35 | + summary: "" |
| 36 | +- title: '-------------------------- EXAMPLE 2 --------------------------' |
| 37 | + code: |- |
| 38 | + C:\PS>Add-ADCentralAccessPolicyMember |
| 39 | +
|
| 40 | + cmdlet Add-ADCentralAccessPolicyMember at command pipeline position 1 |
| 41 | + Supply values for the following parameters: |
| 42 | + Identity: Finance Policy |
| 43 | + Members[0]: Finance Documents Rule |
| 44 | + Members[1]: Corporate Documents Rule |
| 45 | + Members[2]: |
| 46 | + description: |- |
| 47 | + Description |
| 48 | +
|
| 49 | + ----------- |
| 50 | +
|
| 51 | + Demonstrates default behavior for this cmdlet (no parameters specified). |
| 52 | + Adds central access rules 'Finance Documents Rule' and 'Corporate Documents Rule' to the central access policy 'Finance Policy'. |
| 53 | + summary: "" |
| 54 | +- title: '-------------------------- EXAMPLE 3 --------------------------' |
| 55 | + code: |- |
| 56 | + C:\PS>Get-ADCentralAccessPolicy -Filter "Name -like 'Corporate*'" | Add-ADCentralAccessPolicyMember -Members "Corporate Documents Rule" |
| 57 | + description: |- |
| 58 | + Description |
| 59 | +
|
| 60 | + ----------- |
| 61 | +
|
| 62 | + Gets all central access policies that have a name that starts with "Corporate" and then pipes it to Add-ADCentralAccessPolicyMember, which then adds the central access rule with the name 'Corporate Documents Rule' to it. |
| 63 | + summary: "" |
| 64 | +parameters: |
| 65 | +- type: <xref href="ADAuthType" data-throw-if-not-resolved="False" /> |
| 66 | + name: AuthType |
| 67 | + description: |+ |
| 68 | + Specifies the authentication method to use. |
| 69 | + Possible values for this parameter include: |
| 70 | +
|
| 71 | + Negotiate or 0 |
| 72 | +
|
| 73 | + Basic or 1 |
| 74 | +
|
| 75 | + The default authentication method is Negotiate. |
| 76 | +
|
| 77 | + A Secure Sockets Layer (SSL) connection is required for the Basic authentication method. |
| 78 | +
|
| 79 | + The following example shows how to set this parameter to Basic. |
| 80 | +
|
| 81 | + -AuthType Basic |
| 82 | +
|
| 83 | + defaultValue: Microsoft.ActiveDirectory.Management.AuthType.Negotiate |
| 84 | + position: Named |
| 85 | + aliases: "" |
| 86 | + parameterValueGroup: Negotiate, Basic |
| 87 | +- type: <xref href="SwitchParameter" data-throw-if-not-resolved="False" /> |
| 88 | + name: Confirm |
| 89 | + description: |+ |
| 90 | + Prompts you for confirmation before running the cmdlet. |
| 91 | +
|
| 92 | + defaultValue: "False" |
| 93 | + position: Named |
| 94 | + aliases: cf |
| 95 | + parameterValueGroup: "" |
| 96 | +- type: <xref href="PSCredential" data-throw-if-not-resolved="False" /> |
| 97 | + name: Credential |
| 98 | + description: |+ |
| 99 | + Specifies the user account credentials to use to perform this task. |
| 100 | + The default credentials are the credentials of the currently logged on user unless the cmdlet is run from an Active Directory PowerShell provider drive. |
| 101 | + If the cmdlet is run from such a provider drive, the account associated with the drive is the default. |
| 102 | +
|
| 103 | + To specify this parameter, you can type a user name, such as "User1" or "Domain01\User01" or you can specify a PSCredential object. |
| 104 | + If you specify a user name for this parameter, the cmdlet prompts for a password. |
| 105 | +
|
| 106 | + You can also create a PSCredential object by using a script or by using the Get-Credential cmdlet. |
| 107 | + You can then set the Credential parameter to the PSCredential object The following example shows how to create credentials. |
| 108 | +
|
| 109 | + $AdminCredentials = Get-Credential "Domain01\User01" |
| 110 | +
|
| 111 | + The following shows how to set the Credential parameter to these credentials. |
| 112 | +
|
| 113 | + -Credential $AdminCredentials |
| 114 | +
|
| 115 | + If the acting credentials do not have directory-level permission to perform the task, Active Directory PowerShell returns a terminating error. |
| 116 | +
|
| 117 | + defaultValue: None |
| 118 | + position: Named |
| 119 | + aliases: "" |
| 120 | + parameterValueGroup: "" |
| 121 | +- type: <xref href="ADCentralAccessPolicy" data-throw-if-not-resolved="False" /> |
| 122 | + name: Identity |
| 123 | + isRequired: true |
| 124 | + description: |+ |
| 125 | + Specifies an Active Directory object by providing one of the following property values. |
| 126 | + The identifier in parentheses is the LDAP display name for the attribute. |
| 127 | +
|
| 128 | + Distinguished Name |
| 129 | +
|
| 130 | + Example: CN=Finance Documents Policy,CN=Central Access Policies,CN=Claims Configuration,CN=Services,CN=Configuration,DC=corp,DC=contoso,DC=com |
| 131 | +
|
| 132 | + Example: 599c3d2e-f72d-4d20-8a88-030d99495f20 |
| 133 | +
|
| 134 | + This parameter can also get this object through the pipeline or you can set this parameter to an object instance. |
| 135 | +
|
| 136 | + This example shows how to set this parameter to an ADObject object instance named "ADObjectInstance". |
| 137 | +
|
| 138 | + -Identity $ADObjectInstance |
| 139 | +
|
| 140 | + defaultValue: None |
| 141 | + pipelineInput: true |
| 142 | + position: "0" |
| 143 | + aliases: "" |
| 144 | + parameterValueGroup: "" |
| 145 | +- type: <xref href="ADCentralAccessRule" data-throw-if-not-resolved="False" /><span>[</span><span>]</span> |
| 146 | + name: Members |
| 147 | + isRequired: true |
| 148 | + description: |+ |
| 149 | + Specifies a set of central access rule (CAR) objects in a comma-separated list to add to a central access policy (CAP). |
| 150 | + To identify each object, use one of the following property values. |
| 151 | + Note: The identifier in parentheses is the LDAP display name. |
| 152 | +
|
| 153 | + Name |
| 154 | +
|
| 155 | + Example: Finance Documents Rule |
| 156 | +
|
| 157 | + Distinguished Name |
| 158 | +
|
| 159 | + Example: CN=Finance Documents Rule,CN=Central Access Rules,CN=Claims Configuration,CN=Services,CN=Configuration,DC=corp,DC=contoso,DC=com |
| 160 | +
|
| 161 | + Example: 599c3d2e-f72d-4d20-8a88-030d99495f20 |
| 162 | +
|
| 163 | + You can also provide objects to this parameter directly. |
| 164 | +
|
| 165 | + The following examples show how to specify this parameter. |
| 166 | +
|
| 167 | + This example specifies two CARs to add by specifying the distinguished name and the name properties. |
| 168 | +
|
| 169 | + -Members "CN=Finance Documents Rule,CN=Central Access Rules,CN=Claims Configuration,CN=Services,CN=Configuration,DC=corp,DC=contoso,DC=com", "Corporate Documents Rule" |
| 170 | +
|
| 171 | + This example specifies two CARs that are defined in the current Windows PowerShell session as input for the parameter. |
| 172 | +
|
| 173 | + -Members $carObject, $carObject2 |
| 174 | +
|
| 175 | + You cannot pass objects through the pipeline to this parameter. |
| 176 | +
|
| 177 | + defaultValue: None |
| 178 | + position: "1" |
| 179 | + aliases: "" |
| 180 | + parameterValueGroup: "" |
| 181 | +- type: <xref href="SwitchParameter" data-throw-if-not-resolved="False" /> |
| 182 | + name: PassThru |
| 183 | + description: |+ |
| 184 | + Returns the new or modified object. |
| 185 | + By default (i.e. |
| 186 | + if -PassThru is not specified), this cmdlet does not generate any output. |
| 187 | +
|
| 188 | + defaultValue: None |
| 189 | + position: Named |
| 190 | + aliases: "" |
| 191 | + parameterValueGroup: "" |
| 192 | +- type: <xref href="String" data-throw-if-not-resolved="False" /> |
| 193 | + name: Server |
| 194 | + description: |+ |
| 195 | + Specifies the Active Directory Domain Services instance to connect to, by providing one of the following values for a corresponding domain name or directory server. |
| 196 | + The service may be any of the following: Active Directory Lightweight Domain Services, Active Directory Domain Services or Active Directory Snapshot instance. |
| 197 | +
|
| 198 | + Domain name values: |
| 199 | +
|
| 200 | + Fully qualified domain name |
| 201 | +
|
| 202 | + Examples: corp.contoso.com |
| 203 | +
|
| 204 | + NetBIOS name |
| 205 | +
|
| 206 | + Example: CORP |
| 207 | +
|
| 208 | + Directory server values: |
| 209 | +
|
| 210 | + Fully qualified directory server name |
| 211 | +
|
| 212 | + Example: corp-DC12.corp.contoso.com |
| 213 | +
|
| 214 | + NetBIOS name |
| 215 | +
|
| 216 | + Example: corp-DC12 |
| 217 | +
|
| 218 | + Fully qualified directory server name and port |
| 219 | +
|
| 220 | + Example: corp-DC12.corp.contoso.com:3268 |
| 221 | +
|
| 222 | + The default value for the Server parameter is determined by one of the following methods in the order that they are listed: |
| 223 | +
|
| 224 | + -By using Server value from objects passed through the pipeline. |
| 225 | +
|
| 226 | + -By using the server information associated with the Active Directory PowerShell provider drive, when running under that drive. |
| 227 | +
|
| 228 | + -By using the domain of the computer running Powershell. |
| 229 | +
|
| 230 | + The following example shows how to specify a full qualified domain name as the parameter value. |
| 231 | +
|
| 232 | + -Server "corp.contoso.com" |
| 233 | +
|
| 234 | + defaultValue: None |
| 235 | + position: Named |
| 236 | + aliases: "" |
| 237 | + parameterValueGroup: "" |
| 238 | +- type: <xref href="SwitchParameter" data-throw-if-not-resolved="False" /> |
| 239 | + name: WhatIf |
| 240 | + description: |+ |
| 241 | + Shows what would happen if the cmdlet runs. |
| 242 | + The cmdlet is not run. |
| 243 | +
|
| 244 | + defaultValue: "False" |
| 245 | + position: Named |
| 246 | + aliases: wi |
| 247 | + parameterValueGroup: "" |
| 248 | +uid: ActiveDirectory.Add-ADCentralAccessPolicyMember |
| 249 | +name: Add-ADCentralAccessPolicyMember |
| 250 | +description: |- |
| 251 | + The Add-ADCentralAccessPolicyMember cmdlet adds central access rules to a central access policy in Active Directory. |
| 252 | +metadata: |
| 253 | + external help file: Microsoft.ActiveDirectory.Management.dll-Help.xml |
| 254 | + Module Name: ActiveDirectory |
| 255 | + online version: https://docs.microsoft.com/powershell/module/activedirectory/add-adcentralaccesspolicymember?view=windowsserver2012-ps&wt.mc_id=ps-gethelp |
| 256 | + schema: 2.0.0 |
0 commit comments