New-ActiveSyncVirtualDirectory

Syntax

Default (Default)

New-ActiveSyncVirtualDirectory
    [-ApplicationRoot <String>]
    [-AppPoolId <String>]
    [-Confirm]
    [-DomainController <Fqdn>]
    [-ExtendedProtectionFlags <MultiValuedProperty>]
    [-ExtendedProtectionSPNList <MultiValuedProperty>]
    [-ExtendedProtectionTokenChecking <ExtendedProtectionTokenCheckingMode>]
    [-ExternalAuthenticationMethods <MultiValuedProperty>]
    [-ExternalUrl <Uri>]
    [-InstallProxySubDirectory <Boolean>]
    [-InternalAuthenticationMethods <MultiValuedProperty>]
    [-InternalUrl <Uri>]
    [-Path <String>]
    [-Role <VirtualDirectoryRole>]
    [-Server <ServerIdParameter>]
    [-WebSiteName <String>]
    [-WhatIf]
    [<CommonParameters>]

Description

Examples

Example 1

New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site" -ExternalUrl https://www.contoso.com/Microsoft-Server-ActiveSync

Example 2

New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site" -ExternalUrl https://www.contoso.com/mail -InternalUrl https://contoso/mail

Example 3

New-ActiveSyncVirtualDirectory -WebSiteName "Default Web Site" -ExternalUrl "https://www.fourthcoffee.com/Microsoft-Server-ActiveSync"

Parameters

-ApplicationRoot

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The ApplicationRoot parameter specifies the metabase path of the virtual directory. By default, this path is the same as the website in which the virtual directory is created.

Parameter properties

Parameter sets

-AppPoolId

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The AppPoolId parameter specifies the IIS application pool in which the virtual directory runs. We recommend that you leave this parameter at its default setting.

Parameter properties

Parameter sets

-Confirm

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

• Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.
• Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.

Parameter properties

Parameter sets

-DomainController

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.

Parameter properties

Parameter sets

-ExtendedProtectionFlags

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The ExtendedProtectionFlags parameter specifies custom settings for Extended Protection for Authentication on the virtual directory. Valid values are:

• None: This is the default setting.
• AllowDotlessSPN: Required if you want to use Service Principal Name (SPN) values that don't contain FQDNs (for example, HTTP/ContosoMail instead of HTTP/mail.contoso.com). You specify SPNs with the ExtendedProtectionSPNList parameter. This setting makes Extended Protection for Authentication less secure because dotless certificates aren't unique, so it isn't possible to ensure that the client-to-proxy connection was established over a secure channel.
• NoServiceNameCheck: The SPN list isn't checked to validate a channel binding token. This setting makes Extended Protection for Authentication less secure. We generally don't recommend this setting.
• Proxy: A proxy server is responsible for terminating the SSL channel. To use this setting, you need to register an SPN by using the ExtendedProtectionSPNList parameter.
• ProxyCoHosting: HTTP and HTTPS traffic might be accessing the virtual directory, and a proxy server is located between at least some of the clients and the Client Access services on the Exchange server.

Parameter properties

Parameter sets

-ExtendedProtectionSPNList

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The ExtendedProtectionSPNList parameter specifies a list of valid Service Principal Names (SPNs) if you're using Extended Protection for Authentication on the virtual directory. Valid values are:

• $null: This value is the default.
• Single SPN or comma delimited list of valid SPNs: The SPN value format is Protocol\FQDN. For example, HTTP/mail.contoso.com. To add an SPN that's not an FQDN (for example, HTTP/ContosoMail), you also need to use the AllowDotlessSPN value for the ExtendedProtectionFlags parameter.

Parameter properties

Parameter sets

-ExtendedProtectionTokenChecking

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The ExtendedProtectionTokenChecking parameter defines how you want to use Extended Protection for Authentication on the virtual directory. Extended Protection for Authentication isn't enabled by default. Valid values are:

• None: Extended Protection for Authentication isn't be used on the virtual directory. This value is the default.
• Allow: Extended Protection for Authentication is used for connections between clients and the virtual directory if both the client and server support it. Connections that don't support Extended Protection for Authentication work, but might not be as secure as connections that use Extended Protection for Authentication.
• Require: Extended Protection for Authentication is used for all connections between clients and the virtual directory. If either the client or server doesn't support it, the connection will fail. If you use this value, you also need to set an SPN value for the ExtendedProtectionSPNList parameter.

Note: If you use the value Allow or Require, and you have a proxy server between the client and the Client Access services on the Mailbox server that's configured to terminate the client-to-proxy SSL channel, you also need to configure one or more Service Principal Names (SPNs) by using the ExtendedProtectionSPNList parameter.

Parameter properties

Parameter sets

-ExternalAuthenticationMethods

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The ExternalAuthenticationMethods parameter restricts the authentication methods that can be used to connect to the virtual directory from outside the firewall. Valid values are:

• Adfs
• Basic
• Certificate
• Digest
• Fba
• Kerberos
• LiveIdBasic
• LiveIdFba
• LiveIdNegotiate
• NegoEx
• Negotiate
• Ntlm
• OAuth
• WindowsIntegrated
• WSSecurity

You can specify multiple values separated by commas.

Although you can specify any of these values, whether or not the authentication method actually works for external connections depends on other factors. For example:

• Is the authentication method available on the virtual directory?
• Is the authentication method available, but disabled on the virtual directory?

The default value is blank ($null), which means all available authentication methods are accepted.

Parameter properties

Parameter sets

-ExternalUrl

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The ExternalURL parameter specifies the URL that's used to connect to the virtual directory from outside the firewall.

Parameter properties

Parameter sets

-InstallProxySubDirectory

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The InstallProxySubDirectory parameter was used to create an subdirectory that was required for proxying ActiveSync connections with Exchange 2007.

Parameter properties

Parameter sets

-InternalAuthenticationMethods

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The InternalAuthenticationMethods parameter restricts the authentication methods that can be used to connect to the virtual directory from inside the firewall. Valid values are:

• Adfs
• Basic
• Certificate
• Digest
• Fba
• Kerberos
• LiveIdBasic
• LiveIdFba
• LiveIdNegotiate
• NegoEx
• Negotiate
• Ntlm
• OAuth
• WindowsIntegrated
• WSSecurity

You can specify multiple values separated by commas.

Although you can specify any of these values, whether or not the authentication method actually works for internal connections depends on other factors. For example:

• Is the authentication method available on the virtual directory?
• Is the authentication method available, but disabled on the virtual directory?

The default value is blank ($null), which means all available authentication methods are accepted.

Parameter properties

Parameter sets

-InternalUrl

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The InternalURL parameter specifies the URL that's used to connect to the virtual directory from inside the firewall.

Parameter properties

Parameter sets

-Path

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The Path parameter specifies the file system path of the virtual directory. We recommend using this parameter only when you need to use a custom location for the virtual directory files. The default value is blank ($null), which indicates the default location is used.

Parameter properties

Parameter sets

-Role

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The Role parameter species the configuration for the virtual directory. Valid values are:

• ClientAccess: Configure the virtual directory for the Client Access (frontend) services on the Mailbox server.
• Mailbox: Configure the virtual directory for the backend services on the Mailbox server.

Client connections are proxied from the Client Access services to the backend services on local or remote Mailbox servers. Clients don't connect directly to the backend services.

Parameter properties

Parameter sets

-Server

Applicable: Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The Server parameter specifies the Exchange server that hosts the virtual directory. You can use any value that uniquely identifies the server. For example:

• Name
• FQDN
• Distinguished name (DN)
• ExchangeLegacyDN

Parameter properties

Parameter sets

-WebSiteName

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The WebSiteName parameter specifies the name of the IIS website under which the virtual directory is created. You don't need to use this parameter to create the virtual directory under the default website.

Parameter properties

Parameter sets

-WhatIf

Applicable: Exchange Server 2010, Exchange Server 2013, Exchange Server 2016, Exchange Server 2019, Exchange Server SE

The WhatIf switch simulates the actions of the command. You can use this switch to view the changes that would occur without actually applying those changes. You don't need to specify a value with this switch.

Parameter properties

Parameter sets

CommonParameters

Inputs

Input types

Outputs

Output types