PowerShell Logo Small


This is the built-in help made by Microsoft for the command 'Copy-NetIPsecPhase2AuthSet', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.


Copies an entire phase 2 authentication set to the same or to a different policy store.


Copy-NetIPsecPhase2AuthSet [-All] [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>]
[-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecPhase2AuthSet [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -AssociatedNetIPsecRule <CimInstance> [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecPhase2AuthSet [-AsJob] [-CimSession <CimSession[]>] [-Description <String[]>] [-DisplayGroup <String[]>] [-GPOSession <String>] [-Group <String[]>]
[-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru] [-PolicyStore <String>] [-PolicyStoreSource <String[]>] [-PolicyStoreSourceType
<PolicyStoreType[]>] [-PrimaryStatus <PrimaryStatus[]>] [-Status <String[]>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecPhase2AuthSet [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru]
[-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] -DisplayName <String[]> [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecPhase2AuthSet [-Name] <String[]> [-AsJob] [-CimSession <CimSession[]>] [-GPOSession <String>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore
<String>] [-PassThru] [-PolicyStore <String>] [-ThrottleLimit <Int32>] [-TracePolicyStore] [-Confirm] [-WhatIf] [<CommonParameters>]
Copy-NetIPsecPhase2AuthSet [-AsJob] [-CimSession <CimSession[]>] [-NewGPOSession <String>] [-NewName <String>] [-NewPolicyStore <String>] [-PassThru] [-ThrottleLimit
<Int32>] -InputObject <CimInstance[]> [-Confirm] [-WhatIf] [<CommonParameters>]

Search powershellhelp.space


The Copy-NetIPsecPhase2AuthSet cmdlet copies a phase 2 authentication set to a policy store, making a complete clone. When a new policy store is not specified, it is copied
to the same policy store with a new name specified by the user.

This cmdlet gets one or more phase 2 authentication sets to be duplicated with the Name parameter (default), the DisplayName parameter, set properties, or by the associated
filters or objects. The resulting queried set is copied to a new policy store using the NewPolicyStore parameter, a new GPO session using the NewGPOSession parameter, or to
the same policy store using the NewName parameter. Note: Only one phase 2 authentication set can be copied at a time when copying to the same policy store. This is because
only a single authentication set can use the unique identifier, or name, specified by the NewName parameter.

When copying a set to a new policy store, the unique name of the set is preserved. This means that if the same set is attempted to be copied twice, then an error is
displayed for the second attempt indicating that the object already exists. To overwrite the target set, run the Remove-NetIPsecPhase2AuthSet cmdlet first. If it is possible
that the object may already exist, then specify the ErrorAction parameter to silently ignore these errors, instead of running the Remove-NetIPsecPhase2AuthSet cmdlet.



Online Version: http://go.microsoft.com/fwlink/?LinkId=216653





PS C:\>Copy-NetIPsecPhase2AuthSet –DisplayName "Phase 2 Auth Set" -NewName "Alternate Phase 2 Auth Set"

This example copies a phase 2 authentication set, found by specifying the localized name, to the current policy store under a new unique identifier. The localized
DisplayName parameter value remains the same.


PS C:\>$MMrule = Get-NetIPsecMainModeRule –DisplayName "Main Mode Rule: P2Auth + Crypto" –PolicyStore domain.contoso.com\GPO_name

PS C:\>$MMrule | Copy-NetIPsecPhase2AuthSet -NewPolicyStore domain.contoso.com\new_GPO)

PS C:\>$MMrule | Copy-NetIPsecMainModeCryptoSet -NewPolicyStore domain.contoso.com\new_GPO)

PS C:\>$MMrule | Set-NetIPsecMainModeRule –Phase1AuthSet $CopiedCryptoSet.Name

The following cmdlets accomplish the same task but take advantage of caching the GPO to apply the changes locally.
PS C:\>$MMrule = Get-NetIPsecMainModeRule –DisplayName "Main Mode Rule: P2Auth + Crypto" –PolicyStore domain.contoso.com\GPO_name

PS C:\>$NewGPO = Open-NetGPO –PolicyStore domain.contoso.com\new_GPO

PS C:\>$MMrule | Copy-NetIPsecPhase2AuthSet –GPOSession $NewGPO

PS C:\>$MMrule | Copy-NetIPsecMainModeCryptoSet –GPOSession $NewGPO

PS C:\>$MMrule | Copy-NetIPsecMainModeRule –GPOSession $NewGPO

PS C:\>Save-NetGPO –GPOSession $NewGPO

This example copies an entire IPsec main mode rule and the associated authentication and cryptographic sets to a new policy store. There is no need to link the newly copied
sets to the newly copied rule since the set fields of the rule maintain the Name parameter value of the source.