PowerShell Logo Small

Copy-NetIPsecMainModeCryptoSet



This is the built-in help made by Microsoft for the command 'Copy-NetIPsecMainModeCryptoSet', in PowerShell version 3 - as retrieved from Windows version 'Microsoft Windows Server 2012 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Copies an entire main mode cryptographic set to the same or to a different policy store.

SYNTAX


Copy-NetIPsecMainModeCryptoSet [-All [<SwitchParameter>]] [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>]
[-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru [<SwitchParameter>]] [-PolicyStore <String>]
[-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] [-Confirm [<SwitchParameter>]] [-WhatIf [<SwitchParameter>]]
[<CommonParameters>]
Copy-NetIPsecMainModeCryptoSet [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>]
[-NewName <String>] [-NewPolicyStore <String>] [-PassThru [<SwitchParameter>]] [-PolicyStore <String>] [-ThrottleLimit <Int32>]
[-TracePolicyStore [<SwitchParameter>]] -DisplayName <String[]> [-Confirm [<SwitchParameter>]] [-WhatIf [<SwitchParameter>]]
[<CommonParameters>]
Copy-NetIPsecMainModeCryptoSet [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>]
[-NewName <String>] [-NewPolicyStore <String>] [-PassThru [<SwitchParameter>]] [-PolicyStore <String>] [-ThrottleLimit <Int32>]
[-TracePolicyStore [<SwitchParameter>]] -AssociatedNetIPsecMainModeRule <CimInstance> [-Confirm [<SwitchParameter>]] [-WhatIf
[<SwitchParameter>]] [<CommonParameters>]
Copy-NetIPsecMainModeCryptoSet [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-NewGPOSession <String>] [-NewName <String>]
[-NewPolicyStore <String>] [-PassThru [<SwitchParameter>]] [-ThrottleLimit <Int32>] -InputObject <CimInstance[]> [-Confirm
[<SwitchParameter>]] [-WhatIf [<SwitchParameter>]] [<CommonParameters>]
Copy-NetIPsecMainModeCryptoSet [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-Description <String[]>] [-DisplayGroup <String[]>]
[-ForceDiffieHellman <Boolean[]>] [-GPOSession <String>] [-Group <String[]>] [-MaxMinutes <UInt32[]>] [-MaxSessions <UInt32[]>]
[-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru [<SwitchParameter>]] [-PolicyStore <String>]
[-PolicyStoreSource <String[]>] [-PolicyStoreSourceType <PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>] [-Status <String[]>]
[-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] [-Confirm [<SwitchParameter>]] [-WhatIf [<SwitchParameter>]]
[<CommonParameters>]
Copy-NetIPsecMainModeCryptoSet [-Name] <String[]> [-AsJob [<SwitchParameter>]] [-CimSession <CimSession[]>] [-GPOSession <String>]
[-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru [<SwitchParameter>]] [-PolicyStore <String>]
[-ThrottleLimit <Int32>] [-TracePolicyStore [<SwitchParameter>]] [-Confirm [<SwitchParameter>]] [-WhatIf [<SwitchParameter>]]
[<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Copy-NetIPsecMainModeCryptoSet cmdlet copies a main mode cryptographic set to a policy store, making a complete clone. When a new policy
store is not specified, it is copied to the same policy store with a new name specified by the user.


This cmdlet gets one or more cryptographic sets to be duplicated with the Name parameter (default), the DisplayName parameter, set properties,
or by the associated filters and objects. The resulting queried set is copied to a new policy store using the NewPolicyStore parameter, a new
GPO session using the NewGPOSession parameter, or to the same policy store using the NewName parameter. Note: Only one main mode cryptographic
set can be copied at a time when copying to the same policy store. This is because only a single cryptographic set can use the unique
identifier, or name, specified by the NewName parameter.


When copying a set to a new policy store, the unique name of the set is preserved. This means that if the same set is attempted to be copied
twice, then an error is displayed for the second attempt that the object already exists. To overwrite the target set, run the
Remove-NetIPsecMainModeCryptoSet cmdlet first. If it is possible that the object may already exist, then specify the ErrorAction parameter to
silently ignore these errors instead of running the Remove-NetIPsecMainModeCryptoSet cmdlet.



<

RELATED LINKS

Copy-NetIPsecMainModeRule
Copy-NetIPsecPhase1AuthSet
Get-NetIPsecMainModeRule
Open-NetGPO
Remove-NetIPsecMainModeCryptoSet
Save-NetGPO
Set-NetIPsecMainModeRule
New-GPO

REMARKS

<

Examples


EXAMPLE 1

PS C:\> Copy-NetIPsecMainModeCryptoSet –DisplayName "Main Mode Crypto Set" -NewName "Alternate Main Mode Crypto Set"



This example copies a main mode cryptographic set, found using the localized name, to the current policy store under a new unique identifier.
The localized DisplayName parameter value remains the same.




EXAMPLE 2

PS C:\> $mMrule = Get-NetIPsecMainModeRule –DisplayName "Main Mode Rule: P1Auth + Crypto" –PolicyStore domain.contoso.com\GPO_name


PS C:\> Copy-NetIPsecPhase1AuthSet –InputObject $mMrule -NewPolicyStore domain.contoso.com\new_GPO


PS C:\> Copy-NetIPsecMainModeCryptoSet –InputObject $mMrule -NewPolicyStore domain.contoso.com\new_GPO


PS C:\> Set-NetIPsecMainModeRule –InputObject $mMrule –Phase1AuthSet $CopiedCryptoSet.Name

The following cmdlets accomplish the same task but take advantage of caching the GPO to apply the changes locally.
PS C:\> $mMrule = Get-NetIPsecMainModeRule –DisplayName "Main Mode Rule: P1Auth + Crypto" –PolicyStore domain.contoso.com\GPO_name


PS C:\> $newGPO = Open-NetGPO –PolicyStore domain.contoso.com\new_GPO


PS C:\> Copy-NetIPsecPhase1AuthSet –InputObject $mMrule –GPOSession $newGPO


PS C:\> Copy-NetIPsecMainModeCryptoSet –InputObject $mMrule –GPOSession $newGPO


PS C:\> Copy-NetIPsecMainModeRule –InputObject $mMrule –GPOSession $newGPO


PS C:\> Save-NetGPO –GPOSession $newGPO



This example copies an entire IPsec main mode rule and the associated authentication and cryptographic sets to a new policy store. There is no
need to link the newly copied sets to the newly copied rule since the set fields of the rule maintain the Name parameter value of the source.