get-itips
diff --git a/‎README.md
Lines changed: 2 additions & 2 deletions b/‎README.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎exchange/docs-conceptual/app-only-auth-powershell-v2.md
Lines changed: 35 additions & 30 deletions b/‎exchange/docs-conceptual/app-only-auth-powershell-v2.md
Lines changed: 35 additions & 30 deletions
diff --git a/‎exchange/docs-conceptual/basic-auth-connect-to-eop-powershell.md
Lines changed: 1 addition & 1 deletion b/‎exchange/docs-conceptual/basic-auth-connect-to-eop-powershell.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎exchange/docs-conceptual/basic-auth-connect-to-exo-powershell.md
Lines changed: 1 addition & 2 deletions b/‎exchange/docs-conceptual/basic-auth-connect-to-exo-powershell.md
Lines changed: 1 addition & 2 deletions
diff --git a/‎exchange/docs-conceptual/basic-auth-connect-to-scc-powershell.md
Lines changed: 2 additions & 2 deletions b/‎exchange/docs-conceptual/basic-auth-connect-to-scc-powershell.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎exchange/docs-conceptual/cmdlet-property-sets.md
Lines changed: 8 additions & 5 deletions b/‎exchange/docs-conceptual/cmdlet-property-sets.md
Lines changed: 8 additions & 5 deletions
@@ -24,10 +24,10 @@ This brief video also covers how to contribute:
 ### Quickly update an article using GitHub.com
 
 1. Make sure you're signed in to GitHub.com with your GitHub account.
-2. Go to the page you want to edit on docs.microsoft.com.
+2. Go to the page you want to edit on learn.microsoft.com.
 3. On the right-hand side of the page, click **Edit** (pencil icon).
 
-   ![Edit button on docs.microsoft.com.](images/quick-update-edit.png)
+   ![Edit button on learn.microsoft.com.](images/quick-update-edit.png)
 
 4. The corresponding topic file on GitHub opens, where you need to click the **Edit this file** pencil icon.
 
 
@@ -1,5 +1,5 @@
 ---
-title: App-only authentication
+title: App-only authentication in Exchange Online PowerShell and Security & Compliance PowerShell
 ms.author: chrisda
 author: chrisda
 manager: dansimp
@@ -14,18 +14,20 @@ ms.collection: Strat_EX_Admin
 ms.custom:
 ms.assetid:
 search.appverid: MET150
-description: "Learn about using the Exchange Online V2 module in scripts and other long-running tasks with modern authentication and app-only authentication."
+description: "Learn about using the Exchange Online PowerShell V2 module and V3 module in scripts and other long-running tasks with modern authentication and app-only authentication (also known a certificate based authentication or CBA)."
 ---
 
-# App-only authentication for unattended scripts in the EXO V2 module
+# App-only authentication for unattended scripts in Exchange Online PowerShell and Security & Compliance PowerShell
 
 > [!NOTE]
 >
-> - The features and procedures described in this article require the following versions of the EXO V2 module:
+> - The features and procedures described in this article require the following versions of the Exchange Online PowerShell module:
 >   - **Exchange Online PowerShell (Connect-ExchangeOnline)**: Version 2.0.3 or later.
->   - **Security & Compliance PowerShell (Connect-IPPSSession)**: Version 2.0.6 Preview5 or later.
+>   - **Security & Compliance PowerShell (Connect-IPPSSession)**: Version 2.0.6-Preview5 or later.
 >
->   For instructions on how to install or update the module on clients or servers, see [Install and maintain the EXO V2 module](exchange-online-powershell-v2.md#install-and-maintain-the-exo-v2-module). For instructions on how to use the module in Azure automation, see [Manage modules in Azure Automation](/azure/automation/shared-resources/modules).
+>   For instructions on how to install or update the module, see [Install and maintain the Exchange Online PowerShell module](exchange-online-powershell-v2.md#install-and-maintain-the-exchange-online-powershell-module). For instructions on how to use the module in Azure automation, see [Manage modules in Azure Automation](/azure/automation/shared-resources/modules).
+>
+> - Version 2.0.5 and earlier is known as the Exchange Online PowerShell V2 module (abbreviated as the EXO V2 module). Version 3.0.0 and later is known as the Exchange Online PowerShell V3 module (abbreviated as the EXO V3 module).
 >
 > - In Exchange Online PowerShell, you can't use the procedures in this article with the following Microsoft 365 Group cmdlets:
 >   - [New-UnifiedGroup](/powershell/module/exchange/new-unifiedgroup)
@@ -44,63 +46,66 @@ Auditing and reporting scenarios in Microsoft 365 often involve unattended scrip
 
 Certificate based authentication (CBA) or app-only authentication as described in this article supports unattended script and automation scenarios by using Azure AD apps and self-signed certificates.
 
-The following examples show how to use the Exchange Online PowerShell V2 module with app-only authentication:
+The following examples show how to use the Exchange Online PowerShell module with app-only authentication:
 
 > [!IMPORTANT]
-> In the **Connect-** commands, be sure to use an `.onmicrosoft.com` domain for the _Organization_ parameter value. Otherwise, you might encounter cryptic permission issues when you run commands in the app context.
+> In the following **Connect-** commands, be sure to use an `.onmicrosoft.com` domain for the _Organization_ parameter value. Otherwise, you might encounter cryptic permission issues when you run commands in the app context.
+
+- **Connect using a certificate thumbprint**:
 
-- Connect using a local certificate:
+  The certificate needs to be installed on the computer where you're running the command. The certificate should be installed in the user certificate store.
 
-  - **Exchange Online PowerShell**:
+  - <u>Exchange Online PowerShell</u>:
 
     ```powershell
-    Connect-ExchangeOnline -CertificateFilePath "C:\Users\johndoe\Desktop\automation-cert.pfx" -CertificatePassword (ConvertTo-SecureString -String "<MyPassword>" -AsPlainText -Force) -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
+    Connect-ExchangeOnline -CertificateThumbPrint "012THISISADEMOTHUMBPRINT" -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
     ```
 
-  - **Security & Compliance PowerShell**:
+  - <u>Security & Compliance PowerShell</u>:
 
-     ```powershell
-    Connect-IPPSSession -CertificateFilePath "C:\Users\johndoe\Desktop\automation-cert.pfx" -CertificatePassword (ConvertTo-SecureString -String "<MyPassword>" -AsPlainText -Force) -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
+    ```powershell
+    Connect-IPPSSession -CertificateThumbPrint "012THISISADEMOTHUMBPRINT" -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
     ```
 
-- Connect using a certificate thumbprint:
+- **Connect using a certificate object**:
 
-  - **Exchange Online PowerShell**:
+  The certificate does not need to be installed on the computer where you're running the command. You can store the certificate object remotely. The certificate is fetched when the script is run.
+
+  - <u>Exchange Online PowerShell</u>:
 
     ```powershell
-    Connect-ExchangeOnline -CertificateThumbPrint "012THISISADEMOTHUMBPRINT" -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
+    Connect-ExchangeOnline -Certificate <%X509Certificate2 Object%> -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
     ```
 
-  - **Security & Compliance PowerShell**:
+  - <u>Security & Compliance PowerShell</u>:
 
     ```powershell
-    Connect-IPPSSession -CertificateThumbPrint "012THISISADEMOTHUMBPRINT" -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
+    Connect-IPPSSession -Certificate <%X509Certificate2 Object%> -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
     ```
 
-  When you use the _CertificateThumbPrint_ parameter, the certificate needs to be installed on the computer where you are running the command. The certificate should be installed in the user certificate store.
+- **Connect using a local certificate**:
 
-- Connect using a certificate object:
+  > [!NOTE]
+  > Using a **ConvertTo-SecureString** command to store the password of the certificate locally defeats the purpose of a secure connection method for automation scenarios. Using a **Get-Credential** command to prompt you for the password of the certificate securely isn't ideal for automation scenarios. In other words, there's really no automated _and_ secure way to connect using a local certificate.
 
-  - **Exchange Online PowerShell**:
+  - <u>Exchange Online PowerShell</u>:
 
     ```powershell
-    Connect-ExchangeOnline -Certificate <%X509Certificate2 Object%> -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
+    Connect-ExchangeOnline -CertificateFilePath "C:\Users\navin\Desktop\automation-cert.pfx" -CertificatePassword (Get-Credential).password -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
     ```
 
-  - **Security & Compliance PowerShell**:
+  - <u>Security & Compliance PowerShell</u>:
 
-    ```powershell
-    Connect-IPPSSession -Certificate <%X509Certificate2 Object%> -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
+     ```powershell
+    Connect-IPPSSession -CertificateFilePath "C:\Users\navin\Desktop\automation-cert.pfx" -CertificatePassword (Get-Credential).password -AppID "36ee4c6c-0812-40a2-b820-b22ebd02bce3" -Organization "contosoelectronics.onmicrosoft.com"
     ```
 
-  When you use the _Certificate_ parameter, the certificate does not need to be installed on the computer where you are running the command. This parameter is applicable for scenarios where the certificate object is stored remotely and fetched at runtime during script execution.
-
 > [!TIP]
 > App-only authentication does not support delegation. Unattended scripting in delegation scenarios is supported with the Secure App Model. For more information, go [here](/powershell/partnercenter/multi-factor-auth#exchange).
 
 ## How does it work?
 
-The EXO V2 module uses the Active Directory Authentication Library to fetch an app-only token using the application Id, tenant Id (organization), and certificate thumbprint. The application object provisioned inside Azure AD has a Directory Role assigned to it, which is returned in the access token. The session's role based access control (RBAC) is configured using the directory role information that's available in the token.
+The Exchange Online PowerShell module uses the Active Directory Authentication Library to fetch an app-only token using the application Id, tenant Id (organization), and certificate thumbprint. The application object provisioned inside Azure AD has a Directory Role assigned to it, which is returned in the access token. The session's role based access control (RBAC) is configured using the directory role information that's available in the token.
 
 ## Set up app-only authentication
 
@@ -231,7 +236,7 @@ Create a self-signed x.509 certificate using one of the following methods:
   $mycert = New-SelfSignedCertificate -DnsName "contoso.org" -CertStoreLocation "cert:\CurrentUser\My" -NotAfter (Get-Date).AddYears(1) -KeySpec KeyExchange
 
   # Export certificate to .pfx file
-  $mycert | Export-PfxCertificate -FilePath mycert.pfx -Password $(ConvertTo-SecureString -String "P@ssw0Rd1234" -AsPlainText -Force)
+  $mycert | Export-PfxCertificate -FilePath mycert.pfx -Password (Get-Credential).password
 
   # Export certificate to .cer file
   $mycert | Export-Certificate -FilePath mycert.cer
 
@@ -17,7 +17,7 @@ description: "Use remote PowerShell to connect to a standalone Exchange Online P
 # Bssic auth - Connect to Exchange Online Protection PowerShell
 
 > [!NOTE]
-> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the Exchange Online PowerShell V2 module (the EXO V2 module) to connect to Exchange Online Protection PowerShell. For instructions, see [Connect to Exchange Online Protection PowerShell](connect-to-exchange-online-protection-powershell.md).
+> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the [Exchange Online PowerShell module](exchange-online-powershell-v2.md) to connect to Exchange Online Protection PowerShell. For instructions, see [Connect to Exchange Online Protection PowerShell](connect-to-exchange-online-protection-powershell.md).
 
 In standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, standalone EOP PowerShell allows you to manage your EOP organization from the command line. You use Windows PowerShell on your local computer to create a remote PowerShell session to EOP. It's a simple three-step process where you enter your Microsoft 365 credentials, provide the required connection settings, and then import the EOP cmdlets into your local Windows PowerShell session so that you can use them.
 
 
@@ -20,8 +20,7 @@ description: "Learn how to use remote PowerShell to connect to Exchange Online w
 # Basic auth - Connect to Exchange Online PowerShell
 
 > [!NOTE]
-> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the Exchange Online PowerShell V2 module (the EXO V2 module) to connect to Exchange Online PowerShell.
-If you're using PowerShell for administration, see [Connect to Exchange Online PowerShell](connect-to-exchange-online-powershell.md). If you're using PowerShell for automation, see [App-only authentication for unattended scripts](app-only-auth-powershell-v2.md).
+> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the [Exchange Online PowerShell module](exchange-online-powershell-v2.md) to connect to Exchange Online PowerShell. If you're using PowerShell for administration, see [Connect to Exchange Online PowerShell](connect-to-exchange-online-powershell.md). If you're using PowerShell for automation, see [App-only authentication for unattended scripts](app-only-auth-powershell-v2.md).
 
 Exchange Online PowerShell allows you to manage your Exchange Online settings from the command line. You use Windows PowerShell on your local computer to create a remote PowerShell session to Exchange Online. It's a simple three-step process where you enter your Microsoft 365 credentials, provide the required connection settings, and then import the Exchange Online cmdlets into your local Windows PowerShell session so that you can use them.
 
 
@@ -18,7 +18,7 @@ description: "Learn how to connect to Security & Compliance PowerShell."
 # Basic auth - Connect to Security & Compliance PowerShell
 
 > [!NOTE]
-> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the Exchange Online PowerShell V2 module (the EXO V2 module) to connect to Security & Compliance PowerShell. If you're using PowerShell for administration, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md). If you're using PowerShell for automation, see [App-only authentication for unattended scripts](app-only-auth-powershell-v2.md).
+> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the [Exchange Online PowerShell module](exchange-online-powershell-v2.md) to connect to Security & Compliance PowerShell. If you're using PowerShell for administration, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md). If you're using PowerShell for automation, see [App-only authentication for unattended scripts](app-only-auth-powershell-v2.md).
 
 Security & Compliance PowerShell allows you to manage your Microsoft 365 Defender portal and Microsoft Purview compliance portal settings from the command line. You use Windows PowerShell on your local computer to create a remote PowerShell session to Security & Compliance PowerShell. It's a simple three-step process where you enter your Microsoft 365 credentials, provide the required connection settings, and then import the Security & Compliance PowerShell cmdlets into your local Windows PowerShell session so that you can use them.
 
@@ -29,7 +29,7 @@ Security & Compliance PowerShell allows you to manage your Microsoft 365 Defende
 > - Your organization uses federated authentication.
 > - A location condition in an Azure Active Directory conditional access policy restricts your access to trusted IPs.
 >
-> In these scenarios, you need to download and use the Exchange Online PowerShell V2 module (EXO V2 module) to connect to Security & Compliance PowerShell. For instructions, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md).
+> In these scenarios, you need to download and use the Exchange Online PowerShell module to connect to Security & Compliance PowerShell. For instructions, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md).
 >
 > Some features in the Microsoft 365 Defender portal and Microsoft Purview compliance portal (for example, mailbox archiving) link to existing functionality in Exchange Online. To use PowerShell with these features, you need to connect to Exchange Online PowerShell instead of Security & Compliance PowerShell. For instructions, see [Connect to Exchange Online PowerShell](connect-to-exchange-online-powershell.md).
 
 
@@ -1,5 +1,5 @@
 ---
-title: Property sets in Exchange Online PowerShell V2 cmdlets
+title: Property sets in Exchange Online PowerShell module cmdlets
 ms.author: chrisda
 author: chrisda
 manager: dansimp
@@ -14,14 +14,17 @@ ms.collection: Strat_EX_Admin
 ms.custom:
 ms.assetid:
 search.appverid: MET150
-description: "Admins can lear about the property sets that are available in the Get-EXO* cmdlets in the Exchange Online PowerShell V2 module."
+description: "Admins can lear about the property sets that are available in the nine exclusive Get-EXO cmdlets in the Exchange Online PowerShell V2 module and V3 module."
 ---
 
-# Property sets in Exchange Online PowerShell V2 cmdlets
+# Property sets in Exchange Online PowerShell module cmdlets
 
-This article describes the property sets that are available in the **Get-EXO\*** cmdlets in the [Exchange Online PowerShell V2 module](exchange-online-powershell-v2.md). For more information about property sets, see [Properties and property sets in the EXO V2 module](exchange-online-powershell-v2.md#properties-and-property-sets-in-the-exo-v2-module).
+This article describes the property sets that are available in the nine exclusive **Get-EXO\*** [cmdlets in the Exchange Online PowerShell module](exchange-online-powershell-v2.md#cmdlets-in-the-exchange-online-powershell-module). For more information about property sets, see [Properties and property sets in the Exchange Online PowerShell module](exchange-online-powershell-v2.md#properties-and-property-sets-in-the-exchange-online-powershell-module).
 
-For more information about filtering in the EXO V2 module, see [Filters in the EXO V2 module](filters-v2.md).
+For more information about filtering with cmdlets in the module, see [Filters in the Exchange Online PowerShell module](filters-v2.md).
+
+> [!NOTE]
+> Version 2.0.5 and earlier is known as the Exchange Online PowerShell V2 module (abbreviated as the EXO V2 module). Version 3.0.0 and later is known as the Exchange Online PowerShell V3 module (abbreviated as the EXO V3 module).
 
 ## Get-EXOCasMailbox property sets
Original file line number	Diff line number	Diff line change
`@@ -18,7 +18,7 @@ description: "Learn how to connect to Security & Compliance PowerShell."`
`18`	`18`	`# Basic auth - Connect to Security & Compliance PowerShell`
`19`	`19`
`20`	`20`	`> [!NOTE]`
`21`		-> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the Exchange Online PowerShell V2 module (the EXO V2 module) to connect to Security & Compliance PowerShell. If you're using PowerShell for administration, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md). If you're using PowerShell for automation, see [App-only authentication for unattended scripts](app-only-auth-powershell-v2.md).
	`21`	+> The connection instructions in this article [will be deprecated starting on October 1, 2022](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437) due to the security concerns around Basic authentication. Instead, you should use the [Exchange Online PowerShell module](exchange-online-powershell-v2.md) to connect to Security & Compliance PowerShell. If you're using PowerShell for administration, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md). If you're using PowerShell for automation, see [App-only authentication for unattended scripts](app-only-auth-powershell-v2.md).
`22`	`22`
`23`	`23`	Security & Compliance PowerShell allows you to manage your Microsoft 365 Defender portal and Microsoft Purview compliance portal settings from the command line. You use Windows PowerShell on your local computer to create a remote PowerShell session to Security & Compliance PowerShell. It's a simple three-step process where you enter your Microsoft 365 credentials, provide the required connection settings, and then import the Security & Compliance PowerShell cmdlets into your local Windows PowerShell session so that you can use them.
`24`	`24`
`@@ -29,7 +29,7 @@ Security & Compliance PowerShell allows you to manage your Microsoft 365 Defende`
`29`	`29`	`> - Your organization uses federated authentication.`
`30`	`30`	`> - A location condition in an Azure Active Directory conditional access policy restricts your access to trusted IPs.`
`31`	`31`	`>`
`32`		`-> In these scenarios, you need to download and use the Exchange Online PowerShell V2 module (EXO V2 module) to connect to Security & Compliance PowerShell. For instructions, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md).`
	`32`	`+> In these scenarios, you need to download and use the Exchange Online PowerShell module to connect to Security & Compliance PowerShell. For instructions, see [Connect to Security & Compliance PowerShell](connect-to-scc-powershell.md).`
`33`	`33`	`>`
`34`	`34`	`> Some features in the Microsoft 365 Defender portal and Microsoft Purview compliance portal (for example, mailbox archiving) link to existing functionality in Exchange Online. To use PowerShell with these features, you need to connect to Exchange Online PowerShell instead of Security & Compliance PowerShell. For instructions, see [Connect to Exchange Online PowerShell](connect-to-exchange-online-powershell.md).`
`35`	`35`