PowerShell Logo Small

Show-ADAuthenticationPolicyExpression



This is the built-in help made by Microsoft for the command 'Show-ADAuthenticationPolicyExpression', in PowerShell version 5 - as retrieved from Windows version 'Microsoft Windows Server 2012 R2 Standard' PowerShell help files on 2016-06-23.

For PowerShell version 3 and up, where you have Update-Help, this command was run just before creating the web pages from the help files.

SYNOPSIS

Displays the Edit Access Control Conditions window update or create security descriptor definition language (SDDL) security descriptors.

SYNTAX


Show-ADAuthenticationPolicyExpression [[-SDDL] <String>] [[-Title] <String>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Server <String>]
-AllowedToAuthenticateFrom [-Confirm] [-WhatIf] [<CommonParameters>]
Show-ADAuthenticationPolicyExpression [[-SDDL] <String>] [[-Title] <String>] [-AuthType {Negotiate | Basic}] [-Credential <PSCredential>] [-Server <String>]
-AllowedToAuthenticateTo [-Confirm] [-WhatIf] [<CommonParameters>]



Search powershellhelp.space

DESCRIPTION


The Show-ADAuthenticationPolicyExpression cmdlet creates or modifies an SDDL security descriptor using the Edit Access Control Conditions window.



<

RELATED LINKS


Online Version: http://go.microsoft.com/fwlink/p/?linkid=298321

REMARKS

<

Examples


Example 1: Retrieve the AllowedToAuthenticateFrom settings and store in a file

PS C:\>Show-ADAuthenticationPolicyExpression -AllowedToAuthenticateFrom > someFile.txt
PS C:\> New-ADAuthenticationPolicy -Name "testAuthenticationPolicy" -UserAllowedToAuthenticateFrom (Get-Acl .\AuthSettings.txt).sddl



This command retrieves the AllowedToAuthenticateFrom access control list (ACL) by opening the Edit Access Control Conditions window and stores the ACL in a file named
AuthSettings.txt. The file is then used to apply a new authentication policy to the retrieved ACL.




Example 2: Set the UserAllowedToAuthenticateFrom property

PS C:\>New-ADAuthenticationPolicy -Name "testAuthenticationPolicy" -UserAllowedToAuthenticateFrom (Show-ADAuthenticationPolicyExpression -AllowedToAuthenticateFrom)



This example uses the New-ADAuthenticationPolicy cmdlet to create an authentication policy, and then sets the UserAllowedToAuthenticateFrom property by specifying the
Show-ADAuthenticationPolicyExpression cmdlet as the value for the parameter.