Merge branch 'master' into master

Author: kenwith

.openpublishing.redirection.json

@@ -0,0 +1,9 @@
+  { 
+  "redirections": [ 
+    {
+       "source_path": "exchange/exchange-ps/exchange/policy-and-compliance-dlp/new-dlpedmsschema.md",
+       "redirect_url": "exchange/exchange-ps/exchange/policy-and-compliance-dlp/new-dlpedmschema.md",
+       "redirect_document_id": true
+    }
+  ] 
+  }

exchange/docs-conceptual/exchange-online/connect-to-exchange-online-powershell/mfa-connect-to-exchange-online-powershell.md

@@ -16,7 +16,7 @@ description: "Learn how to connect to Exchange Online PowerShell by using multi-
 If you want to use multi-factor authentication (MFA) to connect to Exchange Online PowerShell, you can't use the instructions at [Connect to Exchange Online PowerShell](connect-to-exchange-online-powershell.md) to use remote PowerShell to connect to Exchange Online. MFA requires you to install the Exchange Online Remote PowerShell Module, and use the **Connect-EXOPSSession** cmdlet to connect.
 
 > [!NOTE]
-> • You can't use the Exchange Online Remote PowerShell Module to connect to Exchange Online PowerShell and Security & Compliance Center PowerShell in the same session (window). You need to use separate sessions of the Exchange Online Remote PowerShell Module. <br/>• Delegated Access Permission (DAP) partners can't use the procedures in this topic to connect to their customer tenant organizations in Exchange Online PowerShell. MFA and the Exchange Online Remote PowerShell Module don't work with delegated authentication. <br/>• The Exchange Online Remote PowerShell Module is not supported in PowerShell Core (macOS, Linux, or Windows Nano Server). As a workaround, you can install the module on a computer that's running a supported version of Windows (physical or virtual), and use remote desktop software to connect.
+> • Delegated Access Permission (DAP) partners can't use the procedures in this topic to connect to their customer tenant organizations in Exchange Online PowerShell. MFA and the Exchange Online Remote PowerShell Module don't work with delegated authentication. <br/>• The Exchange Online Remote PowerShell Module is not supported in PowerShell Core (macOS, Linux, or Windows Nano Server). As a workaround, you can install the module on a computer that's running a supported version of Windows (physical or virtual), and use remote desktop software to connect.
 
 ## What do you need to know before you begin?
 

exchange/docs-conceptual/exchange-online/exchange-online-powershell.md

@@ -27,4 +27,6 @@ Exchange Online PowerShell is the administrative interface that enables you to m
 
   [Use Remote PowerShell in EOP](https://videoplayercdn.osi.office.net/hub/?csid=ux-cms-en-us-msoffice&uuid=9cb28006-c2cb-45b6-b72e-eeed8767dee7&AutoPlayVideo=false)
 
+- To find the permissions you need to run a specific cmdlet, or one or more parameters on the cmdlet, see [Find the permissions required to run any Exchange cmdlet](../exchange-server/find-exchange-cmdlet-permissions.md).
 
+- To learn about recipient filters in Exchange Online PowerShell, see [Recipient filters in Exchange Management Shell and Exchange Online PowerShell commands](../exchange-server/recipient-filters/recipient-filters.md).

exchange/docs-conceptual/exchange-server/recipient-filters/filter-properties.md

@@ -1,5 +1,5 @@
 ---
-title: "Recipient filters in Exchange Management Shell commands"
+title: "Recipient filters in Exchange PowerShell commands"
 ms.author: chrisda
 author: chrisda
 manager: serdars
@@ -9,11 +9,11 @@ ms.topic: reference
 ms.prod: exchange-server-itpro
 localization_priority: Normal
 ms.assetid: fb4b1396-9aae-4037-be1a-b09e336b890e
-description: "Learn about creating different kinds of recipient filters in the Exchange Management Shell."
+description: "Learn about creating different kinds of recipient filters in the Exchange Management Shell and Exchange Online PowerShell."
 ---
 
-# Recipient filters in Exchange Management Shell commands
-You can use several Exchange Management Shell commands to filter a set of recipients. You can create the following types of filters in an Exchange command:
+# Recipient filters in Exchange PowerShell commands
+You can use several Exchange Management Shell and Exchange Online PowerShell commands to filter a set of recipients. You can create the following types of filters in an Exchange command:
 
 - Precanned filters
 
@@ -26,7 +26,7 @@ You can use several Exchange Management Shell commands to filter a set of recipi
 Older versions of Exchange used LDAP filtering syntax to create custom address lists, global address lists (GALs), email address policies, and distribution groups. In Exchange Server 2007 and later versions, OPATH filtering syntax replaced LDAP filtering syntax. 
 
 ## Precanned filters
-A precanned filter is a commonly used Exchange filter that you can use to meet a variety of recipient-filtering criteria for creating dynamic distribution groups, email address policies, address lists, or GALs. With precanned filters, you can use either the Exchange Management Shell or the Exchange admin center (EAC). Using precanned filters, you can do the following:
+A precanned filter is a commonly used Exchange filter that you can use to meet a variety of recipient-filtering criteria for creating dynamic distribution groups, email address policies, address lists, or GALs. With precanned filters, you can use either the Exchange PowerShell or the Exchange admin center (EAC). Using precanned filters, you can do the following:
 
 - Determine the scope of recipients.
 
@@ -125,7 +125,7 @@ New-DynamicDistributionGroup -Name AllContosoNorth -OrganizationalUnit contoso.c
 ## Custom filters using the Filter parameter
 You can use the _Filter_ parameter to filter the results of a command to specify which objects to retrieve. For example, instead of retrieving all users or groups, you can specify a set of users or groups by using a filter string. This type of filter doesn't modify any configuration or attributes of objects. It only modifies the set of objects that the command returns.
 
-Using the _Filter_ parameter to modify command results is known as server-side filtering. Server-side filtering submits the command and the filter to the server for processing. The Exchange Management Shell also supports client-side filtering, in which the command retrieves all objects from the server and then applies the filter in the local console window. To perform client-side filtering, use the **Where-Object** cmdlet. For more information about server-side and client-side filtering, see "How to Filter Data" in [Working with Command Output](https://technet.microsoft.com/library/8320e1a5-d3f5-4615-878d-b23e2aaa6b1e.aspx).
+Using the _Filter_ parameter to modify command results is known as server-side filtering. Server-side filtering submits the command and the filter to the server for processing. We also support client-side filtering, in which the command retrieves all objects from the server and then applies the filter in the local console window. To perform client-side filtering, use the **Where-Object** cmdlet. For more information about server-side and client-side filtering, see "How to Filter Data" in [Working with Command Output](https://technet.microsoft.com/library/8320e1a5-d3f5-4615-878d-b23e2aaa6b1e.aspx).
 
 To find the filterable properties for cmdlets that have the _Filter_ parameter, you can run the **Get** command against an object and format the output by pipelining the **Format-List** parameter. Most of the returned values will be available for use in the _Filter_ parameter. The following example returns a detailed list for the mailbox Ayla.
 
@@ -163,6 +163,8 @@ The _Filter_ parameter is available for the following recipient cmdlets:
 
 - [Get-User](../../../exchange-ps/exchange/users-and-groups/get-user.md)
 
+- [Get-UnifiedGroup](../../../exchange-ps/exchange/users-and-groups/Get-UnifiedGroup.md)
+
 For more information about the filterable properties you can use with the _Filter_ parameter, see [Filterable properties for the Filter parameter](filter-properties.md).
 
 ### Example
@@ -224,4 +226,4 @@ The following table contains links to topics that will help you learn more about
 |**Topic**|**Description**|
 |:-----|:-----|
 |[Filterable properties for the RecipientFilter parameter](recipientfilter-properties.md) |Learn more about the filterable properties for the _RecipientFilter_ parameter. |
-|[Filterable properties for the Filter parameter](filter-properties.md) |Learn more about the filterable properties for the _Filter_ parameter. |
+|[Filterable properties for the Filter parameter](filter-properties.md) |Learn more about the filterable properties for the _Filter_ parameter. |

exchange/docs-conceptual/exchange-server/recipient-filters/recipient-filters.md

@@ -14,9 +14,9 @@ description: "Learn about the recipient properties that you can use with the Rec
 
 # Filterable properties for the -RecipientFilter parameter
 
-Learn about the recipient properties that you can use with the _RecipientFilter_ parameter in Exchange 2016 cmdlets.
+Learn about the recipient properties that you can use with the _RecipientFilter_ parameter in Exchange Server 2016 or later, and Exchange Online cmdlets.
 
-You use the _RecipientFilter_ parameter to create OPATH filters based on the properties of recipient objects in Exchange Server 2016. The _RecipientFilter_ parameter is available in the following cmdlets:
+You use the _RecipientFilter_ parameter to create OPATH filters based on the properties of recipient objects in Exchange Server 2016 or later, and Exchange Online. The _RecipientFilter_ parameter is available in the following cmdlets:
 
 - [New-AddressList](../../../exchange-ps/exchange/email-addresses-and-address-books/new-addresslist.md) and [Set-AddressList](../../../exchange-ps/exchange/email-addresses-and-address-books/set-addresslist.md)
 
@@ -314,6 +314,6 @@ The recipient properties that have been  *confirmed*  to work with the _Recipien
 
 ## For more information
 
-Exchange 2007 was the first version of Exchange that required OPATH filters instead of LDAP filters. For more information about converting LDAP filters to OPATH filters, see the Microsoft Exchange Team Blog article, [Need help converting your LDAP filters to OPATH?](https://go.microsoft.com/fwlink/p/?LinkId=88854).
+Exchange 2007 was the first version of Exchange that required OPATH filters instead of LDAP filters. For more information about converting LDAP filters to OPATH filters, see the Microsoft Exchange Team Blog article, [Need help converting your LDAP filters to OPATH?](https://techcommunity.microsoft.com/t5/Exchange-Team-Blog/Need-help-converting-your-LDAP-filters-to-OPATH/ba-p/595108).
 
 For more information about the syntax that can be used within OPATH filters, see [Exchange cmdlet syntax](../exchange-cmdlet-syntax.md).

exchange/docs-conceptual/exchange-server/recipient-filters/recipientfilter-properties.md

@@ -16,7 +16,7 @@ description: "Learn how to connect to Security & Compliance Center PowerShell by
 If your account uses multi-factor authentication (MFA) or federated authentication, you can't use the instructions at [Connect to Office 365 Security & Compliance Center PowerShell](connect-to-scc-powershell.md) to use remote PowerShell to connect to the Office 365 Security & Compliance Center. Instead, you need to install the Exchange Online Remote PowerShell Module, and use the **Connect-IPPSSession** cmdlet to connect to Security & Compliance Center PowerShell.
 
 > [!NOTE]
-> • You can't use the Exchange Online Remote PowerShell Module to connect to Exchange Online PowerShell and Security & Compliance Center PowerShell in the same session (window). You need to use separate sessions of the Exchange Online Remote PowerShell Module. <br/>• Delegated Access Permission (DAP) partners can't use the procedures in this topic to connect to their customer tenant organizations in Security & Compliance Center PowerShell. MFA and the Exchange Online Remote PowerShell Module don't work with delegated authentication. <br/>• The Exchange Online Remote PowerShell Module is not supported in PowerShell Core (macOS, Linux, or Windows Nano Server). As a workaround, you can install the module on a computer that's running a supported version of Windows (physical or virtual), and use remote desktop software to connect.
+> • Delegated Access Permission (DAP) partners can't use the procedures in this topic to connect to their customer tenant organizations in Security & Compliance Center PowerShell. MFA and the Exchange Online Remote PowerShell Module don't work with delegated authentication. <br/>• The Exchange Online Remote PowerShell Module is not supported in PowerShell Core (macOS, Linux, or Windows Nano Server). As a workaround, you can install the module on a computer that's running a supported version of Windows (physical or virtual), and use remote desktop software to connect.
 
 ## What do you need to know before you begin?
 
@@ -111,6 +111,19 @@ If your account uses multi-factor authentication (MFA) or federated authenticati
 4. **(MFA only)**: In the verification window that opens, enter the verification code, and then click **Sign in**.
 
     ![Enter your verification code in the Exchange Online Remote PowerShell window](../../media/d3a405ce-5364-4732-a7bb-2cc9c678da2d.png)
+    
+5. **(Optional)**: If you want to connect to an Exchange Online PowerShell module session in the same window, you need to run
+
+    ```
+    $EXOSession=New-ExoPSSSession -UserPrincipalName <UPN> [-ConnectionUri <ConnectionUri> -AzureADAuthorizationEndPointUri <AzureADUri>]
+    ```
+    
+    and then import the Exchange Online session into the current one using an specific prefix
+    
+    ```
+    Import-PSSession $EXOSession -Prefix EXO
+    ```
+    
 
 ## How do you know this worked?
 

exchange/docs-conceptual/office-365-scc/connect-to-scc-powershell/mfa-connect-to-scc-powershell.md

@@ -36,6 +36,13 @@
       href: exchange-server/find-exchange-cmdlet-permissions.md
     - name: Enable or disable access to Exchange Online PowerShell
       href: exchange-online/disable-access-to-exchange-online-powershell.md
+    - name: Recipient filters in Exchange Management Shell commands
+      href: exchange-server/recipient-filters/recipient-filters.md
+      items:
+      - name: Filterable properties for the Filter parameter
+        href: exchange-server/recipient-filters/filter-properties.md
+      - name: Filterable properties for the RecipientFilter parameter
+        href: exchange-server/recipient-filters/recipientfilter-properties.md 
   - name: Office 365 Security & Compliance Center PowerShell
     href: office-365-scc/office-365-scc-powershell.md
     items:

exchange/docs-conceptual/toc.yml

@@ -52,7 +52,7 @@ You need to be assigned permissions before you can run this cmdlet. Although thi
 
 ### -------------------------- Example 1 --------------------------
 ```
-Get-AdvancedThreatProtectionTrafficDetail -Organization contoso.com -StartDate "4/26/2016" -EndDate "4/28/2016" | Format-Table
+Get-AdvancedThreatProtectionDocumentDetail -Organization contoso.com -StartDate "4/26/2016" -EndDate "4/28/2016" | Format-Table
 ```
 
 This example returns the detailed report of ATP detections during the specified date range.

exchange/exchange-ps/exchange/advanced-threat-protection/Get-AdvancedThreatProtectionDocumentDetail.md

@@ -29,6 +29,16 @@ Get-UrlTrace [-ClickId <Guid>] [-EndDate <DateTime>] [-Expression <Expression>]
 ## DESCRIPTION
 Safe Links is a feature in Advanced Threat Protection that checks links in email messages to see if they lead to malicious web sites. When a user clicks a link in a message, the URL is temporarily rewritten and checked against a list of known, malicious web sites. Safe Links includes the URL trace reporting feature to help determine who has clicked through to a malicious web site. For more information about Advanced Threat Protection Safe Links, see [Office 365 ATP Safe Links](https://docs.microsoft.com/office365/securitycompliance/atp-safe-links).
 
+The following list described the values that are returned in the output of this cmdlet:
+
+- ClickId: A GUID for each URL that was analyzed in a message.
+
+- Clicked: The date/time when the URL in the message body was clicked. Every analyzed URL click is recorded, even when a user clicks a URL in an existing message that's already been scanned.
+
+- UrlBlocked: The URL was detected as malicious by Safe Links (only the initial block, not subsequent clicks), or the user clicked the URL while the scan in progress (users are taken to a notification page that asks them to try again after the scan is complete).
+
+- UrlClicked: The URL is blocked, but the applicable Safe Links policy has the DoNotAllowClickThrough parameter value $false (click through is allowed). Updated policies aren't applied to existing messages that have already been scanned. New or updated policies are applied to new messages that were received after the policy is applied to the mailbox.
+
 You need to be assigned permissions before you can run this cmdlet. Although this topic lists all parameters for the cmdlet, you may not have access to some parameters if they're not included in the permissions assigned to you. To find the permissions required to run any cmdlet or parameter in your organization, see Find the permissions required to run any Exchange cmdlet (https://technet.microsoft.com/library/mt432940.aspx).
 
 ## EXAMPLES
@@ -43,7 +53,7 @@ This example returns the results of Safe Links actions during the specified time
 ## PARAMETERS
 
 ### -ClickId
-The ClickId parameter filters the results by the ClickId GUID value.
+The ClickId parameter filters the results by the URL that was scanned in the message. Each URL is represented as a GUID value.
 
 ```yaml
 Type: Guid

exchange/exchange-ps/exchange/advanced-threat-protection/Get-UrlTrace.md

@@ -45,7 +45,7 @@ This example creates a new Safe Links policy named Marketing Block URL with the
 
 - The policy is enabled.
 
-- Users aren't allowed to click through to the original URL. This is the default value of the AllowClickThrough parameter, so you don't need to specify it.
+- Users aren't allowed to click through to the original URL. This is the default value of the DoNotAllowClickThrough parameter, so you don't need to specify it.
 
 - User clicks on URLs are tracked in URL trace.
 

exchange/exchange-ps/exchange/advanced-threat-protection/New-SafeLinksPolicy.md

@@ -22,9 +22,13 @@ For information about the parameter sets in the Syntax section below, see Exchan
 
 ```
 Set-HostedOutboundSpamFilterPolicy [-Identity] <HostedOutboundSpamFilterPolicyIdParameter>
- [-AdminDisplayName <String>] [-BccSuspiciousOutboundAdditionalRecipients <MultiValuedProperty>]
- [-BccSuspiciousOutboundMail <$true | $false>] [-Confirm] [-NotifyOutboundSpam <$true | $false>]
- [-NotifyOutboundSpamRecipients <MultiValuedProperty>] [-WhatIf] [<CommonParameters>]
+ [-AdminDisplayName <String>]
+ [-BccSuspiciousOutboundAdditionalRecipients <MultiValuedProperty>]
+ [-BccSuspiciousOutboundMail <$true | $false>]
+ [-Confirm]
+ [-NotifyOutboundSpam <$true | $false>]
+ [-NotifyOutboundSpamRecipients <MultiValuedProperty>]
+ [-WhatIf] [<CommonParameters>]
 ```
 
 ## DESCRIPTION