The Set-EnrollmentConfigcmdlet updates the current configuration of the Enrollment service by using the provided values.
Set-EnrollmentConfig [-Instance] <EnrollmentConfig> [-WhatIf] [-Confirm] [<CommonParameters>] Set-EnrollmentConfig [-GatewayUri <String>] [-CertificationAuthority <String>] [-SetPasswordLength <Int32>] [-PasswordCharacters <Int32>] [-ExpirePasswordAfter <TimeSpan>] [-Enabled] [-ForceEnroll] [-ActivateVPNbyDefault] [-SmtpServer <String>] [-EmailSender <String>] [-EmailSubject <String>] [-EmailBodyTemplate <String>] [-WhatIf] [-Confirm] [<CommonParameters>]
The following describes the Set-EnrollmentConfigcmdlet parameters.
- Instance <EnrollmentConfig>
Accepts an instance of the EnrollmentConfigobject as input.
- GatewayUri <String>
Specifies the name, IP address, or Domain Name System (DNS) name of the virtual private network (VPN) gateway. This must be an address available from the public Internet. Specify an empty string if managed devices will be connecting to Mobile Device Manager (MDM) Device Management Server directly by using the LAN or WLAN, instead of connecting through MDM Gateway Server.
- CertificationAuthority <String>
Specifies the name of the server and the instance of the enrollment Certification Authority. The server name and instance name are specified, separated by a backslash (\). For example, server\instance.
- SetPasswordLength <Int32>
Specifies the length of the auto-generated enrollment password.
- PasswordCharacters <Int32>
Specifies the character set used to generate the enrollment password. Values:
2: Both letters and numbers (alphanumeric)
- ExpirePasswordAfter <TimeSpan>
Specifies the time during which an auto-generated enrollment password will be valid.
Specifies whether the Enrollment service should allow existing pending requests to be processed.
Specifies whether a device will prompt the user when it connects to MDM Enrollment Server. If set to true, -ForceEnrollor -ForceEnroll:$true, then, when the device discovers or connects to MDM Enrollment Server, the user is prompted for the enrollment password. If set to false, -ForceEnroll:$false, the user is prompted only if a pre-enrollment record exists for the e-mail address specified by the user in the domain enrollment client on the device. The default setting is false.
Specifies whether enrolled devices will connect to the company network by default through the VPN connection to MDM Gateway Server. May be set to true, -ActivateVPNbyDefaultor -ActivateVPNbyDefault:$true; or false, -ActivateVPNbyDefault:$false. The default value is true.
- SmtpServer <String>
Specifies the simple mail transfer protocol (SMTP) server that is used to send a new enrollment e-mail message to a device owner. This message is sent when a device is newly enrolled. The server may be specified as hostname, or hostname:port.
- EmailSender <String>
Specifies the e-mail account from which the new enrollment e-mail message is sent.
- EmailSubject <String>
Specifies the subject text of the new enrollment e-mail message.
- EmailBodyTemplate <String>
Specifies the text to use in the body of the new enrollment e-mail message. The enrollment ID, enrollment password, and enrollment password expiration time will be added automatically to the end of the message. The device owner needs this information to complete the enrollment of the device. The following is an example e-mail message:
Your Windows Mobile device has been enabled for enrollment to System Center Mobile Device Manager (MDM). Enter the following details when prompted by the device enrollment client:
Informs you of what changes would be made if the action were to be performed (the cmdlet is not executed).
Prompts you for confirmation before the cmdlet executes.
This cmdlet supports the common parameters: -Verbose, -Debug, -ErrorAction, -ErrorVariable, and -OutVariable. For more information, at the MDM Shell prompt, type, get-help about_commonparameters.
The Set-EnrollmentConfigcmdlet accepts an EnrollmentConfigobject. To see all the properties for this object, at the MDM Shell prompt, type Get-EnrollmentConfig | Get-Member.
The Set-EnrollmentConfigcmdlet returns an EnrollmentConfigobject. To see all the properties for this object, at the MDM Shell prompt, type Get-EnrollmentConfig | Get-Member.
This Set-EnrollmentConfigcommand example prevents new enrollment requests from creating, and stops pending requests from processing.
This Set-EnrollmentConfigcommand example specifies that auto-generated enrollment passwords are to be alphanumeric, 12 characters long, and expire after 20 minutes.
C:\PS>Set-EnrollmentConfig -passwordCharacters 2 -setPasswordLength 12 -expirePasswordAfter 00:20:00
This Set-EnrollmentConfigcommand example configures the settings for the new enrollment e-mail message, specifies the SMTP server to use, the e-mail address of the sender, the subject line, and the message body text.
C:\PS>Set-EnrollmentConfig -smtpServer "hostserver:888" -emailSender "firstname.lastname@example.org" -emailSubject "New device enrollment" -emailBodyTemplate "Your Windows Mobile powered device has been enabled for enrollment to Mobile Device Manager. Enter the following details when prompted by the device enrollment client:"
To view this information online, at the MDM Shell prompt, type:
get-help Set-EnrollmentConfig -detailed, or get-help Set-EnrollmentConfig -full