diff --git a/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md b/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md index 957f463b80..2e07527624 100644 --- a/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md +++ b/teams/teams-ps/teams/Set-CsTenantFederationConfiguration.md @@ -29,6 +29,7 @@ Set-CsTenantFederationConfiguration [-Tenant ] [-AllowFederatedUsers ] [-AllowTeamsConsumer ] [-AllowTeamsConsumerInbound ] [-TreatDiscoveredPartnersAsUnverified ] [-SharedSipAddressSpace ] [-RestrictTeamsConsumerToExternalUserProfiles ] [-AllowedDomainsAsAList ] [-ExternalAccessWithTrialTenants ] + [-DomainBlockingForMDOAdminsInTeams ] [-AllowedTrialTenantDomains ] [[-Identity] ] [-Force] [-WhatIf] [-Confirm] [] ``` @@ -214,6 +215,11 @@ Example 15 shows how you can remove domains from the existing Allowed Trial Tena First, a List is created and domains are added to it, then use the Remove method in the `AllowedTrialTenantDomains` parameter to remove the domains from the existing allowed domains list. When this command completes, the domains in the list will be removed from the Allowed Trial Tenant Domains list. +### -------------------------- Example 16 ------------------------- +``` +Set-CsTenantFederationConfiguration -DomainBlockingForMDOAdminsInTeams "Enabled" +``` + ## PARAMETERS ### -AllowedDomains @@ -490,6 +496,23 @@ Accept pipeline input: False Accept wildcard characters: False ``` +### -DomainBlockingForMDOAdminsInTeams +When set to 'Enabled', security operations team will be able to add domains to the blocklist on security portal. +When set to 'Disabled', security operations team will not have permissions to update the domains blocklist. + +```yaml +Type: DomainBlockingForMDOAdminsInTeamsType +Parameter Sets: (All) +Aliases: +Applicable: Microsoft Teams + +Required: False +Position: Named +Default value: None +Accept pipeline input: False +Accept wildcard characters: False +``` + ### -AllowedTrialTenantDomains You can whitelist specific "trial-only" tenant domains, while keeping the `ExternalAccessWithTrialTenants` set to `Blocked`. This will allow you to protect your organization against majority of tenants that don't have any paid subscriptions, while still being able to collaborate externally with those trusted trial-tenants in the list.