Any suggestions? Export (0) Print
Expand All

New-OabVirtualDirectory

 

Applies to: Exchange Server 2016

This cmdlet is available only in on-premises Exchange Server 2016.

Use the New-OABVirtualDirectory cmdlet to create offline address book (OAB) virtual directories that are used in Internet Information Services (IIS) on Microsoft Exchange servers. The OAB virtual directory configures the server as a web distribution point for an offline address book (OAB). Typically, you create virtual directories on Exchange servers that have the Client Access server role installed.

For information about the parameter sets in the Syntax section below, see Exchange cmdlet syntax.

New-OabVirtualDirectory [-Confirm [<SwitchParameter>]] [-DomainController <Fqdn>] [-ExtendedProtectionFlags <MultiValuedProperty>] [-ExtendedProtectionSPNList <MultiValuedProperty>] [-ExtendedProtectionTokenChecking <None | Allow | Require>] [-ExternalUrl <Uri>] [-InternalUrl <Uri>] [-Path <String>] [-PollInterval <Int32>] [-Recovery <SwitchParameter>] [-RequireSSL <$true | $false>] [-Role <ClientAccess | Mailbox>] [-Server <ServerIdParameter>] [-WebSiteName <String>] [-WhatIf [<SwitchParameter>]]

This example creates an OAB virtual directory on CASServer01 and configures the distribution service to poll the generation server every two hours.

New-OABVirtualDirectory -Server CASServer01 -PollInterval 120

The New-OABVirtualDirectory cmdlet configures a web distribution point for an OAB and creates the OAB virtual directory.

noteNote:
You have to manually create the file system folder on the server that hosts the OAB files.

You need to be assigned permissions before you can run this cmdlet. Although all parameters for this cmdlet are listed in this topic, you may not have access to some parameters if they're not included in the permissions assigned to you. To see what permissions you need, see the " Offline address book connectivity " entry in the Email address and address book permissions topic.

 

Parameter Required Type Description

Confirm

Optional

System.Management.Automation.SwitchParameter

The Confirm switch specifies whether to show or hide the confirmation prompt. How this switch affects the cmdlet depends on if the cmdlet requires confirmation before proceeding.

  • Destructive cmdlets (for example, Remove-* cmdlets) have a built-in pause that forces you to acknowledge the command before proceeding. For these cmdlets, you can skip the confirmation prompt by using this exact syntax: -Confirm:$false.

  • Most other cmdlets (for example, New-* and Set-* cmdlets) don't have a built-in pause. For these cmdlets, specifying the Confirm switch without a value introduces a pause that forces you acknowledge the command before proceeding.

DomainController

Optional

Microsoft.Exchange.Data.Fqdn

The DomainController parameter specifies the domain controller that's used by this cmdlet to read data from or write data to Active Directory. You identify the domain controller by its fully qualified domain name (FQDN). For example, dc01.contoso.com.

ExtendedProtectionFlags

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The ExtendedProtectionFlags parameter specifies custom settings for Extended Protection for Authentication on the virtual directory. Valid values are:

  • None   This is the default setting.

  • AllowDotlessSPN   Required if you want to use Service Principal Name (SPN) values that don't contain FQDNs (for example, HTTP/ContosoMail instead of HTTP/mail.contoso.com). You specify SPNs with the ExtendedProtectionSPNList parameter. This setting makes Extended Protection for Authentication less secure because dotless certificates aren't unique, so it isn't possible to ensure that the client-to-proxy connection was established over a secure channel.

  • NoServiceNameCheck   The SPN list isn't checked to validate a channel binding token. This setting makes Extended Protection for Authentication less secure. We generally don't recommend this setting.

  • Proxy   A proxy server is responsible for terminating the SSL channel. To use this setting, you need to register an SPN by using the ExtendedProtectionSPNList parameter.

  • ProxyCoHosting   HTTP and HTTPS traffic may be accessing the virtual directory, and a proxy server is located between at least some of the clients and the Client Access services on the Exchange server.

ExtendedProtectionSPNList

Optional

Microsoft.Exchange.Data.MultiValuedProperty

The ExtendedProtectionSPNList parameter specifies a list of valid Service Principal Names (SPNs) if you're using Extended Protection for Authentication on the virtual directory. Valid values are:

  • $null   This is the default value.

  • Single SPN or comma delimited list of valid SPNs   The SPN value format is <protocol>/<FQDN>. For example, HTTP/mail.contoso.com. To add an SPN that's not an FQDN (for example, HTTP/ContosoMail), you also need to use the AllowDotlessSPN value for the ExtendedProtectionFlags parameter.

ExtendedProtectionTokenChecking

Optional

Microsoft.Exchange.Data.Directory.SystemConfiguration.ExtendedProtectionTokenCheckingMode

The ExtendedProtectionTokenChecking parameter defines how you want to use Extended Protection for Authentication on the virtual directory. Extended Protection for Authentication isn't enabled by default. Valid values are:

  • None   Extended Protection for Authentication isn't be used on the virtual directory. This is the default value.

  • Allow   Extended Protection for Authentication is used for connections between clients and the virtual directory if both the client and server support it. Connections that don't support Extended Protection for Authentication will work, but may not be as secure as connections that use Extended Protection for Authentication.

noteNote:
If you have a proxy server between the client and the client access services on the Mailbox server that's configured to terminate the client-to-proxy SSL channel, you also need to configure one or more Service Principal Names (SPNs) by using the ExtendedProtectionSPNList parameter.
  • Require   Extended Protection for Authentication is used for all connections between clients and the virtual directory. If either the client or server doesn't support Extended Protection for Authentication, the connection will fail. If you use this value, you also need to set an SPN value for the ExtendedProtectionSPNList parameter.

noteNote:
If you have a proxy server between the client and the Client Access services on the Exchange server that's configured to terminate the client-to-proxy SSL channel, you also need to configure one or more SPNs using the ExtendedProtectionSPNList parameter .

ExternalUrl

Optional

System.Uri

The ExternalURL parameter specifies the URL that's used to connect to the virtual directory from outside the firewall.

InternalUrl

Optional

System.Uri

The InternalURL parameter specifies the URL that's used to connect to the virtual directory from inside the firewall.

Path

Optional

System.String

The Path parameter specifies the file system path of the virtual directory. We recommend using this parameter only when you need to use a custom location for the virtual directory files. The default value is blank ($null), which indicates the default location is used.

PollInterval

Optional

System.Int32

The PollInterval parameter specifies the time interval in minutes that the distribution service polls the offline address book generation server for updates. The default value is 480 minutes (8 hours).

Recovery

Optional

System.Management.Automation.SwitchParameter

This parameter is reserved for internal Microsoft use.

RequireSSL

Optional

System.Boolean

The RequireSSL parameter specifies whether the client connection to the virtual directory requires Secure Sockets Layer (SSL) encryption. Valid values are:

  • $true   SSL encryption is required to connect to the virtual directory. This is the default value.

  • $false   SSL encryption isn't required to connect to the virtual directory.

Role

Optional

Microsoft.Exchange.Management.SystemConfigurationTasks.VirtualDirectoryRole

The Role parameter species the configuration for the virtual directory. Valid values are:

  • ClientAccess   Configure the virtual directory for the Client Access (frontend) services on the Mailbox server.

  • Mailbox   Configure the virtual directory for the backend services on the Mailbox server.

Client connections are proxied from the Client Access services to the backend services on local or remote Mailbox servers. Clients don't connect directly to the backend services.

Server

Optional

Microsoft.Exchange.Configuration.Tasks.ServerIdParameter

The Server parameter specifies the Exchange server that hosts the virtual directory. You can use any value that uniquely identifies the server. For example:

  • Name

  • FQDN

  • Distinguished name (DN)

  • ExchangeLegacyDN

WebSiteName

Optional

System.String

The WebSiteName parameter specifies the name of the IIS website under which the virtual directory is created. You don't need to use this parameter to create the virtual directory under the default website.

WhatIf

Optional

System.Management.Automation.SwitchParameter

The WhatIf switch simulates the actions of the command. You can use this switch to view the changes that would occur without actually applying those changes. You don't need to specify a value with this switch.

To see the input types that this cmdlet accepts, see Cmdlet Input and Output Types. If the Input Type field for a cmdlet is blank, the cmdlet doesn’t accept input data.

To see the return types, which are also known as output types, that this cmdlet accepts, see Cmdlet Input and Output Types. If the Output Type field is blank, the cmdlet doesn’t return data.

 
Show:
© 2016 Microsoft