Update 5/24/2022: We have now enabled all of the cmdlets to be REST-backed if you are using the 2.0.6-Preview6 module.
We’re excited to let you know that we are working on a new version of the Exchange Online PowerShell v2 module, built to provide a more secure experience for Exchange Online management. This module (available now in preview as Module 2.0.6-Preview3) enables IT admins to use their Windows client machines for day-to-day management of Exchange Online in their organization without enabling WinRM basic auth!
What’s new in this Preview?
The new module allows admins to connect to Exchange Online using Connect-ExchangeOnline, which now invokes a REST API in the background, making the cmdlets more reliable. Because a Remote PowerShell connection is not established in new version, this version doesn’t require WinRM basic auth to be enabled. You can disable WinRM basic auth by running the command below:
winrm set winrm/config/client/auth '@{Basic="false"}'
Read more about WinRM basic auth here.
A few things to note:
- This is important to understand: not all cmdlets have been converted to use REST at this time. This is a preview module that supports only a portion of all cmdlets.
- This version allows you to use all cmdlets via a Remote PowerShell connection as well. For that, you need to pass the -UseRPSSession parameter while running Connect-ExchangeOnline.
- If you disable WinRM basic auth, the only cmdlets that will work with this module are the ones in the attached list; other RPS cmdlets will not work without WinRM basic auth at this time.
- Please note that the work to enable cmdlets to run without WinRM basic auth is not the same as what we did to release specific REST-based cmdlets (see Get-ExchangeOnline* cmdlets listed here). This new work (enabling cmdlets to run without WinRM basic auth on a local client machine) is simply enabling regular cmdlets to run without WinRM basic auth. Therefore, you should not expect significant performance increases based on this work, as the goal is to not change any cmdlet names or change parameters, but to begin enabling all cmdlets to run without WinRM basic auth.
Installing the Preview Module
You can use the following command to install the preview module in PowerShell Core:
Install-Module -Name ExchangeOnlineManagement -RequiredVersion 2.0.6-Preview6 -AllowPrerelease
To Install on native PowerShell you will need to install the latest Package Manager and the latest version of PowerShellGet. To do this, close all PowerShell Windows and from an elevated PowerShell session, run the following command.
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Install-PackageProvider -Name NuGet -Force
Install-Module -Name PowerShellGet -Force -AllowClobber
Restart PowerShell and then you can install the module.
If you still have issues, you can download the latest version manually and copy it into the module folder by running:
[Net.ServicePointManager]::SecurityProtocol = [Net.ServicePointManager]::SecurityProtocol -bor [Net.SecurityProtocolType]::Tls12
Save-Module -Name PowerShellGet -Path C:\LocalFolder -Repository PSGallery
Then copy all contents from under C:\LocalFolder into C:\Program Files\WindowsPowerShell\Modules. Restart PowerShell and then you can install the module.
Viewing the list of updated cmdlets
To generate the list of cmdlets that we have updated, please do the following:
Connect-ExchangeOnline
Get-Command -Module tmpEXO*
This will create a list of all currently available updated cmdlets. Please note that due to preview status of this module (and related cmdlets) there might be situations that a specific cmdlet might be available one day and then becomes unavailable (if an issue is found, we would make it unavailable until the issue is resolved). That is why we suggest generating the cmdlet list by yourself when needed.
Let us know what you think! Send your product improvement suggestions and feedback to exocmdletpreview(AT)service.microsoft.com. Remember this is a preview and we plan to continue adding more cmdlets to the list of those able to run without WinRM basic auth. As we make progress, we will make more announcements!
