Set-Adfs
Device
Registration
Configures the administrative policies for the Device Registration Service.
Syntax
Set-AdfsDeviceRegistration
-MaximumInactiveDays <UInt32>
[-AccessControlPolicyName <String>]
[-AccessControlPolicyParameters <Object>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Set-AdfsDeviceRegistration
-DevicesPerUser <UInt32>
[-AccessControlPolicyName <String>]
[-AccessControlPolicyParameters <Object>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Set-AdfsDeviceRegistration
-ServiceAccountIdentifier <String>
-Credential <PSCredential>
[-AccessControlPolicyName <String>]
[-AccessControlPolicyParameters <Object>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Set-AdfsDeviceRegistration
[-IssuanceCertificate]
[-AccessControlPolicyName <String>]
[-AccessControlPolicyParameters <Object>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Set-AdfsDeviceRegistration
[-AccessControlPolicyName <String>]
[-AccessControlPolicyParameters <Object>]
[-AllowedAuthenticationClassReferences <String[]>]
[-IssuanceAuthorizationRules <String>]
[-IssuanceAuthorizationRulesFile <String>]
[-IssuanceTransformRules <String>]
[-IssuanceTransformRulesFile <String>]
[-AdditionalAuthenticationRules <String>]
[-AdditionalAuthenticationRulesFile <String>]
[-WhatIf]
[-Confirm]
[<CommonParameters>]
Description
The
Set-AdfsDeviceRegistration
cmdlet configures the administrative policies for the Device Registration Service.
Use this cmdlet to change the default policies of the Device Registration Service in Active Directory Federation Services (AD FS), such as the maximum number of devices that a user can register.
Examples
Example 1: Set the number of devices that a user can register
PS C:\> Set-AdfsDeviceRegistration -DevicesPerUser 10
This command sets the number of devices that a user can register to 10.
Example 2: Configure the maximum inactive days for a device
PS C:\> Set-AdfsDeviceRegistration -MaximumInactiveDays 90
This command configures the number of days before the Device Registration Service removes an inactive device object.
Example 3: Set the service account for the Device Registration Service
PS C:\> $Cred = Get-Credential
PS C:\> Set-AdfsDeviceRegistration -ServiceAccountIdentifier "CONTOSO\Svc_adfs" -Credential $Cred
The first command uses the
Get-Credential
cmdlet to create a credential object for the Active Directory account under which the AD FS service runs.
The command stores the credential object in the $Cred variable.
The second command sets the service account that has the ID Svc_adfs.
The command specifies the credentials stored in $Cred for the Active Directory account under which the AD FS service runs.
Required Parameters
-Credential
Type:
|
PSCredential
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
False
|
Accept wildcard characters:
|
False
|
-DevicesPerUser
Specifies the maximum number of devices that a user can register.
Type:
|
UInt32
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByValue)
|
Accept wildcard characters:
|
False
|
-IssuanceCertificate
Indicates that the cmdlet generates and uses a new signing certificate for the Device Registration Service.
Type:
|
SwitchParameter
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByValue)
|
Accept wildcard characters:
|
False
|
-MaximumInactiveDays
Specifies the number of days before a device object is removed because of inactivity.
Type:
|
UInt32
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByValue)
|
Accept wildcard characters:
|
False
|
-ServiceAccountIdentifier
Specifies the ID of the service account.
The cmdlet grants this account read and write access to the Device Registration Service configuration and containers in Active Directory® Domain Services.
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByValue)
|
Accept wildcard characters:
|
False
|
Optional Parameters
-AccessControlPolicyName
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByPropertyName)
|
Accept wildcard characters:
|
False
|
-AccessControlPolicyParameters
Type:
|
Object
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByPropertyName)
|
Accept wildcard characters:
|
False
|
-AdditionalAuthenticationRules
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByValue)
|
Accept wildcard characters:
|
False
|
-AdditionalAuthenticationRulesFile
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
False
|
Accept wildcard characters:
|
False
|
-AllowedAuthenticationClassReferences
Type:
|
String[]
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
False
|
Accept wildcard characters:
|
False
|
-Confirm
Prompts you for confirmation before running the cmdlet.
Type:
|
SwitchParameter
|
Aliases:
|
cf
|
Position:
|
Named
|
Default value:
|
False
|
Accept pipeline input:
|
False
|
Accept wildcard characters:
|
False
|
-IssuanceAuthorizationRules
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByValue)
|
Accept wildcard characters:
|
False
|
-IssuanceAuthorizationRulesFile
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
False
|
Accept wildcard characters:
|
False
|
-IssuanceTransformRules
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
True (ByValue)
|
Accept wildcard characters:
|
False
|
-IssuanceTransformRulesFile
Type:
|
String
|
Position:
|
Named
|
Default value:
|
None
|
Accept pipeline input:
|
False
|
Accept wildcard characters:
|
False
|
-WhatIf
Shows what would happen if the cmdlet runs.
The cmdlet is not run.
Type:
|
SwitchParameter
|
Aliases:
|
wi
|
Position:
|
Named
|
Default value:
|
False
|
Accept pipeline input:
|
False
|
Accept wildcard characters:
|
False
|
uint, string, switch