Public/generated/Get-KriticalUtcmEXOInboundConnector.ps1

# Kritical.PS.UTCM | Microsoft Graph UTCM REST API toolkit
# (c) 2026 Kritical Pty Ltd | https://kritical.net
# Kritical brand banner is rendered at module load via Write-KriticalUtcmBanner.

function Get-KriticalUtcmEXOInboundConnector {
<#
.SYNOPSIS
    Kritical.UTCM shim for M365DSC resource EXOInboundConnector.

.DESCRIPTION

    Search-replace safe: callers that today invoke
        Get-M365DSCEXOInboundConnector -Credential $cred -TenantId $tid
    can rename to
        Get-KriticalUtcmEXOInboundConnector -Credential $cred -TenantId $tid
    with ZERO other edits. Parameter shape matches the M365DSC .schema.mof
    exactly. By default -PreferM365DscBehavior is true.

    Actual Graph dispatch is delegated to Invoke-KriticalUtcmM365DscSchemaBridge.
    Bridge maps resource → Graph endpoint per per-resource wave; where mapping
    is not yet shipped, bridge returns an object with Verdict='UNMAPPED'.

.NOTES
    Workload: Exchange
    Param count: 20
#>

[CmdletBinding()]
param(
        # The Identity parameter specifies the outbound connector that you want to modify.
[Parameter(Mandatory)] [string]$Identity,
        # The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY!
[bool]$CloudServicesMailEnabled,
        # The Comment parameter specifies an optional comment.
[string]$Comment,
        # The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS!
[ValidateSet('Default','Migrated','HybridWizard')] [string]$ConnectorSource,
        # The ConnectorType parameter specifies a category for the domains that are serviced by the connector. Valid values are Partner and OnPremises
[ValidateSet('Partner','OnPremises')] [string]$ConnectorType,
        # The EFSkipLastIP parameter specifies the behavior of Enhanced Filtering for Connectors.
[bool]$EFSkipLastIP,
        # Specifies whether connector is enabled.
[bool]$Enabled,
        # The RequireTLS parameter specifies that all messages received by this connector require TLS transmission. Valid values for this parameter are $true or $false. The default value is $false. When the RequireTLS parameter is set to $true, all messages received by this connector require TLS transmission.
[bool]$RequireTls,
        # The RestrictDomainsToCertificate parameter specifies that Office 365 should identify incoming messages that are eligible for this connector by verifying that the remote server authenticates using a TLS certificate that has the TlsSenderCertificateName in the Subject.
[bool]$RestrictDomainsToCertificate,
        # The RestrictDomainsToIPAddresses parameter, when set to $true, automatically rejects mail from the domains specified by the SenderDomains parameter if the mail originates from an IP address that isn't specified by the SenderIPAddresses parameter.
[bool]$RestrictDomainsToIPAddresses,
        # The TlsSenderCertificateName parameter specifies the certificate used by the sender's domain when the RequireTls parameter is set to $true. Valid input for the TlsSenderCertificateName parameter is an SMTP domain.
[string]$TlsSenderCertificateName,
        # The TreatMessagesAsInternal parameter specifies an alternative method to identify messages sent from an on-premises organization as internal messages. You should only consider using this parameter when your on-premises organization doesn't use Exchange.
[bool]$TreatMessagesAsInternal,
        # Specifies if this Outbound connector should exist.
[ValidateSet('Present','Absent')] [string]$Ensure,
        # Credentials of the Exchange Global Admin
[string]$Credential,
        # Id of the Azure Active Directory application to authenticate with.
[string]$ApplicationId,
        # Id of the Azure Active Directory tenant used for authentication.
[string]$TenantId,
        # Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.
[string]$CertificateThumbprint,
        # Username can be made up to anything but password will be used for CertificatePassword
[string]$CertificatePassword,
        # Path to certificate used in service principal usually a PFX file.
[string]$CertificatePath,
        # Managed ID being used for authentication.
[bool]$ManagedIdentity
)
    Invoke-KriticalUtcmM365DscSchemaBridge -ResourceName 'EXOInboundConnector' -Workload 'Exchange' -Verb 'Get' -CallerParams $PSBoundParameters
}