Introduction
In this article we will explore a find that was first pointed out by fellow MVP Vasil Michev, and it relates to cmdlets that are exposed for the Security and Compliance Center PowerShell module with different connection types. Different connection types? Yes. There are two ways to connect to your tenant’s Security and Compliance Center connection point, one with Certificate Based Authentication (CBA) and the other without CBA.
CBA Connection Review
For a how to on connecting to the Security and Compliance Center via CBA, see this previous Quick PowerShell Post of the week ( HERE ).
Connections
Basic connection with PowerShell to the Security and Compliance Center PowerShell module
Connect-IPPSSession
Certificate Based Auth connection:
Connect-IPPSSession -CertificateThumbPrint <GUID for certificate> -AppID <GUID for registered Azure App> -Organization powershellgeek.onmicrosoft.com
Note: Make sure to have the latest version of the Exchange Online Management PowerShell module as the CertificateThumbprint parameter is not available in earlier versions of the module.
PowerShell Cmdlet Differences
How can we tell what commands are in each connection type? Easy, list them, and then drop the lists into Excel for comparison:
Get-Module
Get-Command | Where Source -eq 'tmp_tdujlt1f.td1'
Repeat this for both connection methods and drop in Excel.
Next, highlight both columns, then click on Conditional Formatting > Highlight Cells Rules > Duplicate Values:
Change the dropdown to ‘Unique’ instead of the default ‘Duplicate’ value:
Then sort each of the columns by color:
Which yields these results:
All in all there are 61 cmdlets that are in the CBA set list that are not present with a non-CBA connection and there are 5 cmdlets listed in the non-CBA list that are not present with a CBA connection. At this point it may not be apparent why these are missing from one or the other connection type, but they are. Here is the complete list of cmdlets exposed with CBA:
Cancel-DlpEdmSession / New-TeamsRetentionCompliancePolicy
Create-FilePlanFirstRunLabels / New-TeamsRetentionComplianceRule
Enable-ComplianceFeature / New-ThreatResponsePolicy
Get-ComplianceBoundary / New-ThreatResponseRule
Get-ComplianceCaseMemberCandidate / Remove-ComplianceBoundary
Get-ComplianceCustodian / Remove-ComplianceCustodian
Get-ComplianceEmailSetting / Remove-ComplianceEmailSetting
Get-ComplianceNotice / Remove-ComplianceNotice
Get-CompliancePolicyHoldInfo / Remove-FeatureConfiguration
Get-DlpEdmSession / Remove-LabelExplorerConfig
Get-FeatureConfiguration / Remove-MachineAssistedTagResource
Get-LabelExplorerConfig / Remove-SensitiveInformationScan
Get-MachineAssistedTagResource / Remove-SensitiveInformationScanRule
Get-ScopeAdmins / Remove-TeamsRetentionCompliancePolicy
Get-SensitiveInformationScan / Remove-TeamsRetentionComplianceRule
Get-SensitiveInformationScanRule / Remove-ThreatResponsePolicy
Get-TeamsRetentionCompliancePolicy / Remove-ThreatResponseRule
Get-TeamsRetentionComplianceRule / Set-ComplianceBoundary
Get-ThreatResponsePolicy / Set-ComplianceCustodian
Get-ThreatResponseRule / Set-ComplianceNotice
Import-ExchangeDlpPolicy / Set-FeatureConfiguration
Invoke-MachineAssistedTagAction / Set-LabelExplorerConfig
New-ComplianceBoundary / Set-MachineAssistedTagResource
New-ComplianceCustodian / Set-SensitiveInformationScan
New-ComplianceNotice / Set-SensitiveInformationScanRule
New-FeatureConfiguration / Set-TeamsRetentionCompliancePolicy
New-LabelExplorerConfig / Set-TeamsRetentionComplianceRule
New-MachineAssistedTagResource / Set-ThreatResponsePolicy
New-SensitiveInformationScan / Set-ThreatResponseRule
New-SensitiveInformationScanRule / Start-DlpSensitiveInformationScan
New-SupervisoryReviewPolicyMailboxFolders
Conclusion
So while the cmdlets are truly not hidden, it does come as a surprise that these cmdlets sit behind a CBA connection and not your standard connection with Connect-IPPSSession. It just goes to show you that no matter how much you have worked with PowerShell, there is always something new around the corner for you to learn and explore.
—————————————————————————————————-
Comments? Questions?
Feel free to leave your Comments below! Learn to more efficiently utilize PowerShell to manage Exchange Server, Exchange Online, Microsoft Defender for Office or Microsoft Purview Compliance portals by picking up frequently updated eBooks: