From 1979f66318711b3760631bae83dd2b06cdcc74da Mon Sep 17 00:00:00 2001 From: Reshmee Auckloo Date: Fri, 29 May 2026 12:27:03 +0100 Subject: [PATCH 1/3] Add properties --- documentation/Set-PnPTenant.md | 161 ++++++++++++++++++++++++++++++++ src/Commands/Admin/SetTenant.cs | 57 ++++++++++- src/Commands/Model/SPOTenant.cs | 9 ++ 3 files changed, 226 insertions(+), 1 deletion(-) diff --git a/documentation/Set-PnPTenant.md b/documentation/Set-PnPTenant.md index 89f70a936..8e8260846 100644 --- a/documentation/Set-PnPTenant.md +++ b/documentation/Set-PnPTenant.md @@ -174,6 +174,14 @@ Set-PnPTenant [-SpecialCharactersStateInFileFolderNames [-EnableMediaReactions ] [-ContentSecurityPolicyEnforcement ] [-DisableSpacesActivation ] + [-CoreOrganizationSharingLinkRecommendedExpirationInDays ] + [-CoreOrganizationSharingLinkMaxExpirationInDays ] + [-RestrictResourceAccountAccess ] + [-EnforceRequestDigest ] + [-RestrictExternalSharingForAgents ] + [-AllowFileArchive ] + [-AllowFileArchiveByDefault ] + [-EnableNotificationsSubscriptions ] [-Force] [-Connection ] ``` @@ -3116,6 +3124,159 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -CoreOrganizationSharingLinkRecommendedExpirationInDays +This parameter specifies the recommended number of days before organization sharing links expire in SharePoint sites (not including OneDrive sites). Users can still choose a different expiration period if permitted by policy, but this value is presented as the recommended default. This is a tenant wide setting, and all geos will inherit the policy. + +The valid values : + +- Can be from 7 to 720 days and must be less than or equal to the maximum expiration value set by CoreOrganizationSharingLinkMaxExpirationInDays. +- When set to 0, the default value will be CoreOrganizationSharingLinkMaxExpirationInDays. + +```yaml +Type: Int32 +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -CoreOrganizationSharingLinkMaxExpirationInDays +This parameter specifies the maximum number of days that organization sharing links can remain active before they expire for all SharePoint sites (not including OneDrive sites). This is a tenant wide setting, and all geos will inherit the policy. + +The valid values : + +- can be from 7 to 720 days. +- `0` - No maximum expiration limit is enforced. + +```yaml +Type: Int32 +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RestrictResourceAccountAccess +Controls whether resource accounts used by Teams Rooms and Devices can retain access to files after the meeting/collaboration is complete. + +The valid values are: + +- False (default) - Allows devices from accessing files and other Microsoft 365 assets when not actively in-use. +- True - Prevents devices from accessing files and other Microsoft 365 assets when not actively in-use. + +```yaml +Type: Boolean +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -EnforceRequestDigest +This parameter controls whether SharePoint enforces request digest validation for client requests. + +The valid values are: + +- False (default) - a valid request digest is not required on SOAP API calls that perform a state-changing operation. +- True - A valid request digest is required on SOAP API calls that perform a state-changing operation. + +```yaml +Type: Boolean +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -RestrictExternalSharingForAgents +This parameter controls whether external sharing is restricted for agents. + +The valid values are: + +- False (default) - Agents can share content externally according to existing sharing policies. +- True - External sharing for agents is restricted. + +```yaml +Type: Boolean +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AllowFileArchive +Controls whether file-level archiving is allowed at the tenant level. This setting can be overridden for specific sites by the site-level flag of the same name and has no effect unless Microsoft 365 Archive is enabled for your organization. + +The valid values are: + +- False (default) - Blocks manual archiving for all files, regardless of the site-level setting. Admin-defined policies can still archive files automatically. +- True - Allows users to manually archive files on sites where file-level archiving is also enabled. Manual archiving is limited to internal users with write access to the file. + +```yaml +Type: Boolean +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -AllowFileArchiveByDefault +This parameter controls whether file archiving is enabled by default. + +The valid values are: + +- False (default) - File archiving is not enabled by default. +- True - File archiving is enabled by default where supported. + +```yaml +Type: Boolean +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + +### -EnableNotificationsSubscriptions +This is an opt-in setting that enables or disables writing SharePoint News and Announcement notification data to a list (NewsNotificationList) in the My Site of every user. When enabled, SharePoint Online emits notification events to this list. Third-party solutions must create and manage webhook solutions to receive change notifications and then read the list to process new entries for triggering their own notifications for the user. + +The valid values are: + +- False (default) - Disables writing SharePoint News and Announcement notification data to a list (NewsNotificationList) in the My Site of every user. +- True - Enables or disables writing SharePoint News and Announcement notification data to a list (NewsNotificationList) in the My Site of every user. + +```yaml +Type: Boolean +Parameter Sets: (All) + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + + ### -Force If provided, no confirmation will be requested and the action will be performed diff --git a/src/Commands/Admin/SetTenant.cs b/src/Commands/Admin/SetTenant.cs index 2f8b2ebbb..88b3eb765 100644 --- a/src/Commands/Admin/SetTenant.cs +++ b/src/Commands/Admin/SetTenant.cs @@ -537,7 +537,22 @@ public class SetTenant : PnPSharePointOnlineAdminCmdlet [Parameter(Mandatory = false)] public KnowledgeAgentScopeMode? KnowledgeAgentScope { set; get; } - + [Parameter(Mandatory = false)] + public int? CoreOrganizationSharingLinkRecommendedExpirationInDays { set; get; } + [Parameter(Mandatory = false)] + public int? CoreOrganizationSharingLinkMaxExpirationInDays { set; get; } + [Parameter(Mandatory = false)] + public bool? RestrictResourceAccountAccess { set; get; } + [Parameter(Mandatory = false)] + public bool? EnforceRequestDigest { set; get; } + [Parameter(Mandatory = false)] + public bool? RestrictExternalSharingForAgents { set; get; } + [Parameter(Mandatory = false)] + public bool? AllowFileArchive { set; get; } + [Parameter(Mandatory = false)] + public bool? AllowFileArchiveByDefault { set; get; } + [Parameter(Mandatory = false)] + public bool? EnableNotificationsSubscriptions { set; get; } protected override void ExecuteCmdlet() { AdminContext.Load(Tenant); @@ -1735,6 +1750,46 @@ protected override void ExecuteCmdlet() modified = true; } } + if (CoreOrganizationSharingLinkMaxExpirationInDays.HasValue) + { + Tenant.CoreOrganizationSharingLinkMaxExpirationInDays = CoreOrganizationSharingLinkMaxExpirationInDays.Value; + modified = true; + } + if(CoreOrganizationSharingLinkRecommendedExpirationInDays.HasValue) + { + Tenant.CoreOrganizationSharingLinkRecommendedExpirationInDays = CoreOrganizationSharingLinkRecommendedExpirationInDays.Value; + modified = true; + } + if (EnforceRequestDigest.HasValue) + { + Tenant.EnforceRequestDigest = EnforceRequestDigest.Value; + modified = true; + } + if (RestrictResourceAccountAccess.HasValue) + { + Tenant.RestrictResourceAccountAccess = RestrictResourceAccountAccess.Value; + modified = true; + } + if (RestrictExternalSharingForAgents.HasValue) + { + Tenant.RestrictExternalSharingForAgents = RestrictExternalSharingForAgents.Value; + modified = true; + } + if (AllowFileArchive.HasValue) + { + Tenant.AllowFileArchive = AllowFileArchive.Value; + modified = true; + } + if (AllowFileArchiveByDefault.HasValue) + { + Tenant.AllowFileArchiveOnNewSitesByDefault = AllowFileArchiveByDefault.Value; + modified = true; + } + if (EnableNotificationsSubscriptions.HasValue) + { + Tenant.EnableNotificationsSubscriptions = EnableNotificationsSubscriptions.Value; + modified = true; + } if (GuestSharingGroupAllowListInTenantByPrincipalIdentity != null) { if (GuestSharingGroupAllowListInTenantByPrincipalIdentity.Length > 0) diff --git a/src/Commands/Model/SPOTenant.cs b/src/Commands/Model/SPOTenant.cs index 8dbd24b64..3c0d982d0 100644 --- a/src/Commands/Model/SPOTenant.cs +++ b/src/Commands/Model/SPOTenant.cs @@ -9,6 +9,7 @@ using System; using System.Collections.Generic; using System.Linq; +using System.Management.Automation; using System.Reflection; namespace PnP.PowerShell.Commands.Model @@ -507,6 +508,14 @@ public class SPOTenant public bool? TaxonomyTaggingEnabled { private set; get; } public bool? TranslationEnabled { private set; get; } + + public bool? EnforceRequestDigest { private set; get; } + + public bool? AllowFileArchive { private set; get; } + + public bool? AllowFileArchiveByDefault { private set; get; } + + public bool? EnableNotificationsSubscriptions { set; get; } #endregion public SPOTenant(Tenant tenant, ClientContext clientContext, BasePSCmdlet cmdlet) From 5fab84679e3ab46fee19ce2132e1b1f6cae96b84 Mon Sep 17 00:00:00 2001 From: Reshmee Auckloo Date: Fri, 29 May 2026 12:59:04 +0100 Subject: [PATCH 2/3] Update AllowFileArchiveOnNewSitesByDefault --- documentation/Set-PnPTenant.md | 15 +++++++-------- src/Commands/Admin/SetTenant.cs | 6 +++--- src/Commands/Model/SPOTenant.cs | 2 +- 3 files changed, 11 insertions(+), 12 deletions(-) diff --git a/documentation/Set-PnPTenant.md b/documentation/Set-PnPTenant.md index 8e8260846..c91019b11 100644 --- a/documentation/Set-PnPTenant.md +++ b/documentation/Set-PnPTenant.md @@ -180,7 +180,7 @@ Set-PnPTenant [-SpecialCharactersStateInFileFolderNames [-EnforceRequestDigest ] [-RestrictExternalSharingForAgents ] [-AllowFileArchive ] - [-AllowFileArchiveByDefault ] + [-AllowFileArchiveOnNewSitesByDefault ] [-EnableNotificationsSubscriptions ] [-Force] [-Connection ] ``` @@ -3129,8 +3129,8 @@ This parameter specifies the recommended number of days before organization shar The valid values : -- Can be from 7 to 720 days and must be less than or equal to the maximum expiration value set by CoreOrganizationSharingLinkMaxExpirationInDays. -- When set to 0, the default value will be CoreOrganizationSharingLinkMaxExpirationInDays. +- Can be from 7 to 730 days and must be less than or equal to the maximum expiration value set by CoreOrganizationSharingLinkMaxExpirationInDays. +- When set to 0 (default), the default value will be CoreOrganizationSharingLinkMaxExpirationInDays. ```yaml Type: Int32 @@ -3148,8 +3148,8 @@ This parameter specifies the maximum number of days that organization sharing li The valid values : -- can be from 7 to 720 days. -- `0` - No maximum expiration limit is enforced. +- can be from 7 to 730 days. +- `0` (default) - No maximum expiration limit is enforced. ```yaml Type: Int32 @@ -3186,7 +3186,7 @@ This parameter controls whether SharePoint enforces request digest validation fo The valid values are: -- False (default) - a valid request digest is not required on SOAP API calls that perform a state-changing operation. +- False - a valid request digest is not required on SOAP API calls that perform a state-changing operation. - True - A valid request digest is required on SOAP API calls that perform a state-changing operation. ```yaml @@ -3238,7 +3238,7 @@ Accept pipeline input: False Accept wildcard characters: False ``` -### -AllowFileArchiveByDefault +### -AllowFileArchiveOnNewSitesByDefault This parameter controls whether file archiving is enabled by default. The valid values are: @@ -3276,7 +3276,6 @@ Accept pipeline input: False Accept wildcard characters: False ``` - ### -Force If provided, no confirmation will be requested and the action will be performed diff --git a/src/Commands/Admin/SetTenant.cs b/src/Commands/Admin/SetTenant.cs index 88b3eb765..19301dd61 100644 --- a/src/Commands/Admin/SetTenant.cs +++ b/src/Commands/Admin/SetTenant.cs @@ -550,7 +550,7 @@ public class SetTenant : PnPSharePointOnlineAdminCmdlet [Parameter(Mandatory = false)] public bool? AllowFileArchive { set; get; } [Parameter(Mandatory = false)] - public bool? AllowFileArchiveByDefault { set; get; } + public bool? AllowFileArchiveOnNewSitesByDefault { set; get; } [Parameter(Mandatory = false)] public bool? EnableNotificationsSubscriptions { set; get; } protected override void ExecuteCmdlet() @@ -1780,9 +1780,9 @@ protected override void ExecuteCmdlet() Tenant.AllowFileArchive = AllowFileArchive.Value; modified = true; } - if (AllowFileArchiveByDefault.HasValue) + if (AllowFileArchiveOnNewSitesByDefault.HasValue) { - Tenant.AllowFileArchiveOnNewSitesByDefault = AllowFileArchiveByDefault.Value; + Tenant.AllowFileArchiveOnNewSitesByDefault = AllowFileArchiveOnNewSitesByDefault.Value; modified = true; } if (EnableNotificationsSubscriptions.HasValue) diff --git a/src/Commands/Model/SPOTenant.cs b/src/Commands/Model/SPOTenant.cs index 3c0d982d0..ff9cfb641 100644 --- a/src/Commands/Model/SPOTenant.cs +++ b/src/Commands/Model/SPOTenant.cs @@ -513,7 +513,7 @@ public class SPOTenant public bool? AllowFileArchive { private set; get; } - public bool? AllowFileArchiveByDefault { private set; get; } + public bool? AllowFileArchiveOnNewSitesByDefault { private set; get; } public bool? EnableNotificationsSubscriptions { set; get; } #endregion From 628ee69d3821acaa2839a127a040ad78adee1fec Mon Sep 17 00:00:00 2001 From: Reshmee Auckloo Date: Fri, 29 May 2026 13:24:43 +0100 Subject: [PATCH 3/3] Update with changes after merge --- documentation/Set-PnPTenant.md | 4 +-- src/Commands/Admin/SetTenant.cs | 54 ++++++++++++--------------------- src/Commands/Model/SPOTenant.cs | 10 +----- 3 files changed, 23 insertions(+), 45 deletions(-) diff --git a/documentation/Set-PnPTenant.md b/documentation/Set-PnPTenant.md index 815d245d6..d014a7831 100644 --- a/documentation/Set-PnPTenant.md +++ b/documentation/Set-PnPTenant.md @@ -1124,7 +1124,7 @@ Accept wildcard characters: False ### -OneDriveOrganizationSharingLinkMaxExpirationInDays Specifies the maximum number of days before organization sharing links expire for all OneDrive sites. This is a tenant wide setting, and all geos will inherit the policy. -The value can be from 7 to 720 days. +The value can be from 7 to 730 days. To remove the expiration requirement, set the value to zero (0). @@ -1142,7 +1142,7 @@ Accept wildcard characters: False ### -OneDriveOrganizationSharingLinkRecommendedExpirationInDays Specifies the recommended number of days before organization sharing links expire for all OneDrive sites. This setting provides a suggested expiration period to users when they create sharing links. This is a tenant wide setting, and all geos will inherit the policy. -The value can be from 7 to 720 days and must be less than or equal to the maximum expiration value set by `OneDriveOrganizationSharingLinkMaxExpirationInDays`. +The value can be from 7 to 730 days and must be less than or equal to the maximum expiration value set by `OneDriveOrganizationSharingLinkMaxExpirationInDays`. When set to 0, the default value will be `OneDriveOrganizationSharingLinkMaxExpirationInDays`. diff --git a/src/Commands/Admin/SetTenant.cs b/src/Commands/Admin/SetTenant.cs index 7c02b8d56..be73b0c87 100644 --- a/src/Commands/Admin/SetTenant.cs +++ b/src/Commands/Admin/SetTenant.cs @@ -589,19 +589,9 @@ public class SetTenant : PnPSharePointOnlineAdminCmdlet [Parameter(Mandatory = false)] public bool? RestrictResourceAccountAccess { set; get; } [Parameter(Mandatory = false)] - public bool? EnforceRequestDigest { set; get; } - [Parameter(Mandatory = false)] public bool? RestrictExternalSharingForAgents { set; get; } - [Parameter(Mandatory = false)] - public bool? AllowFileArchive { set; get; } - [Parameter(Mandatory = false)] - public bool? AllowFileArchiveOnNewSitesByDefault { set; get; } - [Parameter(Mandatory = false)] - public bool? EnableNotificationsSubscriptions { set; get; } - [Parameter(Mandatory = false)] public string[] FileTypesForVersionExpiration { set; get; } - [Parameter(Mandatory = false)] public bool? DelayContentSecurityPolicyEnforcement { set; get; } @@ -888,7 +878,7 @@ protected override void ExecuteCmdlet() { if (!IsValidOrganizationSharingLinkExpirationInDays(OneDriveOrganizationSharingLinkMaxExpirationInDays.Value)) { - throw new PSArgumentException("OneDriveOrganizationSharingLinkMaxExpirationInDays must have a value of 0 or between 7 and 720", nameof(OneDriveOrganizationSharingLinkMaxExpirationInDays)); + throw new PSArgumentException("OneDriveOrganizationSharingLinkMaxExpirationInDays must have a value of 0 or between 7 and 730", nameof(OneDriveOrganizationSharingLinkMaxExpirationInDays)); } Tenant.OneDriveOrganizationSharingLinkMaxExpirationInDays = OneDriveOrganizationSharingLinkMaxExpirationInDays.Value; @@ -898,7 +888,7 @@ protected override void ExecuteCmdlet() { if (!IsValidOrganizationSharingLinkExpirationInDays(OneDriveOrganizationSharingLinkRecommendedExpirationInDays.Value)) { - throw new PSArgumentException("OneDriveOrganizationSharingLinkRecommendedExpirationInDays must have a value of 0 or between 7 and 720", nameof(OneDriveOrganizationSharingLinkRecommendedExpirationInDays)); + throw new PSArgumentException("OneDriveOrganizationSharingLinkRecommendedExpirationInDays must have a value of 0 or between 7 and 730", nameof(OneDriveOrganizationSharingLinkRecommendedExpirationInDays)); } var oneDriveOrganizationSharingLinkMaxExpirationInDays = OneDriveOrganizationSharingLinkMaxExpirationInDays ?? Tenant.EnsureProperty(t => t.OneDriveOrganizationSharingLinkMaxExpirationInDays); @@ -1883,19 +1873,30 @@ protected override void ExecuteCmdlet() } if (CoreOrganizationSharingLinkMaxExpirationInDays.HasValue) { + if (!IsValidOrganizationSharingLinkExpirationInDays(CoreOrganizationSharingLinkMaxExpirationInDays.Value)) + { + throw new PSArgumentException("CoreOrganizationSharingLinkMaxExpirationInDays must have a value of 0 or between 7 and 730", nameof(CoreOrganizationSharingLinkMaxExpirationInDays)); + } + Tenant.CoreOrganizationSharingLinkMaxExpirationInDays = CoreOrganizationSharingLinkMaxExpirationInDays.Value; modified = true; } - if(CoreOrganizationSharingLinkRecommendedExpirationInDays.HasValue) + if (CoreOrganizationSharingLinkRecommendedExpirationInDays.HasValue) { + if (!IsValidOrganizationSharingLinkExpirationInDays(CoreOrganizationSharingLinkRecommendedExpirationInDays.Value)) + { + throw new PSArgumentException("CoreOrganizationSharingLinkMaxExpirationInDays must have a value of 0 or between 7 and 730", nameof(CoreOrganizationSharingLinkRecommendedExpirationInDays)); + } + + var coreOrganizationSharingLinkMaxExpirationInDays = CoreOrganizationSharingLinkMaxExpirationInDays ?? Tenant.EnsureProperty(t => t.CoreOrganizationSharingLinkMaxExpirationInDays); + if (CoreOrganizationSharingLinkRecommendedExpirationInDays.Value > coreOrganizationSharingLinkMaxExpirationInDays) + { + throw new PSArgumentException("CoreOrganizationSharingLinkRecommendedExpirationInDays must be less than or equal to CoreOrganizationSharingLinkMaxExpirationInDays", nameof(CoreOrganizationSharingLinkRecommendedExpirationInDays)); + } + Tenant.CoreOrganizationSharingLinkRecommendedExpirationInDays = CoreOrganizationSharingLinkRecommendedExpirationInDays.Value; modified = true; } - if (EnforceRequestDigest.HasValue) - { - Tenant.EnforceRequestDigest = EnforceRequestDigest.Value; - modified = true; - } if (RestrictResourceAccountAccess.HasValue) { Tenant.RestrictResourceAccountAccess = RestrictResourceAccountAccess.Value; @@ -1906,21 +1907,6 @@ protected override void ExecuteCmdlet() Tenant.RestrictExternalSharingForAgents = RestrictExternalSharingForAgents.Value; modified = true; } - if (AllowFileArchive.HasValue) - { - Tenant.AllowFileArchive = AllowFileArchive.Value; - modified = true; - } - if (AllowFileArchiveOnNewSitesByDefault.HasValue) - { - Tenant.AllowFileArchiveOnNewSitesByDefault = AllowFileArchiveOnNewSitesByDefault.Value; - modified = true; - } - if (EnableNotificationsSubscriptions.HasValue) - { - Tenant.EnableNotificationsSubscriptions = EnableNotificationsSubscriptions.Value; - modified = true; - } if (GuestSharingGroupAllowListInTenantByPrincipalIdentity != null) { if (GuestSharingGroupAllowListInTenantByPrincipalIdentity.Length > 0) @@ -2120,7 +2106,7 @@ protected override void ExecuteCmdlet() private static bool IsValidOrganizationSharingLinkExpirationInDays(int value) { - return value == 0 || value >= 7 && value <= 720; + return value == 0 || value >= 7 && value <= 730; } } } \ No newline at end of file diff --git a/src/Commands/Model/SPOTenant.cs b/src/Commands/Model/SPOTenant.cs index effb273b2..5581f2818 100644 --- a/src/Commands/Model/SPOTenant.cs +++ b/src/Commands/Model/SPOTenant.cs @@ -525,11 +525,7 @@ public class SPOTenant public bool? TranslationEnabled { private set; get; } public bool? EnforceRequestDigest { private set; get; } - - public bool? AllowFileArchive { private set; get; } - - public bool? AllowFileArchiveOnNewSitesByDefault { private set; get; } - + public bool? EnableNotificationsSubscriptions { set; get; } public long? ArchivedFileStorageUsageMB { get; private set; } @@ -548,10 +544,6 @@ public class SPOTenant public Guid[] DisabledAdaptiveCardExtensionIds { get; private set; } - public bool? EnableNotificationsSubscriptions { get; private set; } - - public bool? EnforceRequestDigest { get; private set; } - public bool? M365AdditionalStorageSPOEnabled { get; private set; } public bool? M365SharePointStorageEnabled { get; private set; }