New-EntraBetaFeatureRolloutPolicy
Allows an admin to create the policy for cloud authentication roll-out in Microsoft Entra ID.
Syntax
Default (Default)
New-EntraBetaFeatureRolloutPolicy
-Feature <FeatureEnum>
-IsEnabled <Boolean>
[-Description <String>]
[-IsAppliedToOrganization <Boolean>]
[-AppliesTo <System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject]>]
-DisplayName <String>
[<CommonParameters>]
Description
The New-EntraBetaFeatureRolloutPolicy cmdlet allows an admin to create the policy for cloud authentication roll-out (users moving from federation to cloud auth) in Microsoft Entra ID.
The policy admin can identify whether the users authenticate using password hashes in Microsoft Entra ID (Password hash-sync) or Microsoft Entra ID on-premises directly (Pass-through authentication).
Examples
Example 1: Creates the policy for cloud authentication roll-out in Microsoft Entra ID
Connect-Entra -Scopes 'Directory.ReadWrite.All'
New-EntraBetaFeatureRolloutPolicy -Feature 'PassthroughAuthentication' -DisplayName 'Passthrough Authentication Rollout Policy' -IsEnabled $false
Id Description DisplayName Feature IsAppliedToOrganization IsEnabled
-- ----------- ----------- ------- ----------------------- ---------
00aa00aa-bb11-cc22-dd33-44ee44ee44ee Passthrough Authentication Rollout Policy passthroughAuthentication False False
This example creates the policy for cloud authentication roll-out in Microsoft Entra ID.
-Featurespecifies a feature assigned to the cloud authentication roll-out policy. Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId.-DisplayNamespecifies the display name of the cloud authentication roll-out policy.-IsEnabledspecifies the status of cloud authentication roll-out policy.
Example 2: Creates the policy for cloud authentication roll-out in Microsoft Entra ID
Connect-Entra -Scopes 'Directory.ReadWrite.All'
New-EntraBetaFeatureRolloutPolicy -Feature 'PassthroughAuthentication' -DisplayName 'FeatureRolloutPolicy' -IsEnabled $false -IsAppliedToOrganization $false
Id Description DisplayName Feature IsAppliedToOrganization IsEnabled
-- ----------- ----------- ------- ----------------------- ---------
00aa00aa-bb11-cc22-dd33-44ee44ee44ee FeatureRolloutPolicy passthroughAuthentication False False
This command creates the policy for cloud authentication roll-out in Microsoft Entra ID.
-Featurespecifies a feature assigned to the cloud authentication roll-out policy. Currently, you can assign PassthroughAuthentication | SeamlessSso | PasswordHashSync | EmailAsAlternateId.-DisplayNamespecifies the display name of the cloud authentication roll-out policy.-IsEnabledspecifies the status of cloud authentication roll-out policy.-IsAppliedToOrganizationspecifies if the cloud authentication roll-out policy applied to the entire organization.
Parameters
-AppliesTo
Specifies a list of Microsoft Entra ID objects that is assigned to the feature.
Parameter properties
| Type: | System.Collections.Generic.List`1[Microsoft.Open.MSGraph.Model.MsDirectoryObject] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Description
Specifies the description of the cloud authentication roll-out policy.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-DisplayName
Specifies the display name of the cloud authentication roll-out policy.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-Feature
Specifies a feature assigned to the cloud authentication roll-out policy.
Possible values are:
- passthroughAuthentication
- seamlessSso
- passwordHashSync
- emailAsAlternateId
- unknownFutureValue
- certificateBasedAuthentication
- multiFactorAuthentication
Parameter properties
| Type: | FeatureEnum |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-IsAppliedToOrganization
Specifies if the cloud authentication roll-out policy applied to the entire organization.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | False |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
-IsEnabled
Specifies the status of cloud authentication roll-out policy.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
(All)
| Position: | Named |
| Mandatory: | True |
| Value from pipeline: | False |
| Value from pipeline by property name: | False |
| Value from remaining arguments: | False |
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Outputs
Microsoft.Online.Administration.MsFeatureRolloutPolicy
Notes
See more details - Feature rollout policy