Merge pull request #13397 from MicrosoftDocs/main

m365-skilling-repo-management[bot] · web-flow · commit 822cd157a3ba · 2026-02-26T04:14:44.000Z
[AutoPublish] main to live - 02/25 20:11 PST | 02/26 09:41 IST
diff --git a/exchange/exchange-ps/ExchangePowerShell/Get-PerimeterConfig.md b/exchange/exchange-ps/ExchangePowerShell/Get-PerimeterConfig.md
@@ -27,7 +27,7 @@ Get-PerimeterConfig [[-Identity] <OrganizationIdParameter>]
 ```
 
 ## DESCRIPTION
-If you have an on-premises email system, you can use the Set-PerimeterConfig cmdlet to add the IP addresses of your gateway servers to cloud-based safelists (also known as whitelists) to make sure that messages sent from your on-premises email system aren't treated as spam.
+If you have an on-premises email system, you can use the Set-PerimeterConfig cmdlet to add the IP addresses of your gateway servers to cloud-based safelists to make sure that messages sent from your on-premises email system aren't treated as spam.
 
 ## EXAMPLES
 
diff --git a/exchange/exchange-ps/ExchangePowerShell/Set-PerimeterConfig.md b/exchange/exchange-ps/ExchangePowerShell/Set-PerimeterConfig.md
@@ -30,7 +30,7 @@ Set-PerimeterConfig [[-Identity] <OrganizationIdParameter>]
 ```
 
 ## DESCRIPTION
-If you have an on-premises email system, you can use the Set-PerimeterConfig cmdlet to add the IP addresses of your gateway servers to cloud-based safelists (also known as whitelists) to make sure that messages sent from your on-premises email system aren't treated as spam.
+If you have an on-premises email system, you can use the Set-PerimeterConfig cmdlet to add the IP addresses of your gateway servers to cloud-based safelists to make sure that messages sent from your on-premises email system aren't treated as spam.
 
 ## EXAMPLES
 
diff --git a/teams/teams-ps/MicrosoftTeams/New-CsOnlineLisCivicAddress.md b/teams/teams-ps/MicrosoftTeams/New-CsOnlineLisCivicAddress.md
@@ -312,7 +312,7 @@ Accept wildcard characters: False
 
 > Applicable: Microsoft Teams
 
-Specifies the angular distance of a place north or south of the earth's equator using the decimal degrees format. Required for all countries except Australia and Japan where it's optional.
+Specifies the angular distance of a place north or south of the earth's equator using the decimal degrees format. Required for all countries/regions except Australia and Japan where it's optional.
 
 ```yaml
 Type: String
@@ -330,7 +330,7 @@ Accept wildcard characters: False
 
 > Applicable: Microsoft Teams
 
-Specifies the angular distance of a place east or west of the meridian at Greenwich, England, using the decimal degrees format. Required for all countries except Australia and Japan where it's optional.
+Specifies the angular distance of a place east or west of the meridian at Greenwich, England, using the decimal degrees format. Required for all countries/regions except Australia and Japan where it's optional.
 
 ```yaml
 Type: String
diff --git a/teams/teams-ps/MicrosoftTeams/New-CsTenantNetworkSubnet.md b/teams/teams-ps/MicrosoftTeams/New-CsTenantNetworkSubnet.md
@@ -33,7 +33,7 @@ New-CsTenantNetworkSubnet -MaskBits <int> -SubnetID <string> [-Description <stri
 ## DESCRIPTION
 Each internal subnet may only be associated with one site. Tenant network subnet is used for Location Based Routing. IP subnets at the location where Teams endpoints can connect to the network must be defined and associated to a defined network in order to enforce toll bypass. Multiple subnets may be associated with the same network site, but multiple sites may not be associated with a same subnet. This association of subnets enables Location-Based routing to locate the endpoints geographically to determine if a given PSTN call should be allowed. Both IPv4 and IPv6 subnets are supported. When determining if a Teams endpoint is located at a site an IPv6 address will be checked for a match first.
 
-When the client is sending the network subnet, please make sure we have already whitelisted the IP address by running this command-let, otherwise the request will be rejected. If you are only adding the IPv4 address by running this command-let, but your client are only sending and IPv6 address, it will be rejected.
+When the client is sending the network subnet, please make sure we have already safelisted the IP address by running this command-let, otherwise the request will be rejected. If you are only adding the IPv4 address by running this command-let, but your client are only sending and IPv6 address, it will be rejected.
 
 ## EXAMPLES
 
diff --git a/teams/teams-ps/MicrosoftTeams/Set-CsOnlineLisCivicAddress.md b/teams/teams-ps/MicrosoftTeams/Set-CsOnlineLisCivicAddress.md
@@ -33,12 +33,12 @@ Set-CsOnlineLisCivicAddress -CivicAddressId <Guid> [-CompanyName <String>] [-Com
 Use the `Set-CsOnlineLisCivicAddress` cmdlet to modify limited fields of an existing civic address.
 
 Editing address using this cmdlet is restricted to the following countries/regions:
-Australia, Brazil, Canada, Croatia, Czech Republic, Estonia, Hong Kong, Hungary, Israel, Japan, Latvia, Lithuania, Mexico, New Zealand, Poland, Puerto Rico, Romania, Singapore, South Korea, Slovenia, South Africa, United States.
+Australia, Brazil, Canada, Croatia, Czech Republic, Estonia, Hong Kong SAR, Hungary, Israel, Japan, Latvia, Lithuania, Mexico, New Zealand, Poland, Puerto Rico, Romania, Singapore, South Korea, Slovenia, South Africa, United States.
 
-If the user runs this cmdlet on one of the unsupported countries, it may interfere with number assignment and potentially is against regulatory requirements, so public use of the API is limited to the above countries/regions.
+If the user runs this cmdlet on one of the unsupported countries/regions, it may interfere with number assignment and potentially is against regulatory requirements, so public use of the API is limited to the above countries/regions.
 
 > [!NOTE]
-> This cmdlet is only available for public use with limited countries and certain fields. The remaining countries and fields are for Microsoft internal use only.
+> This cmdlet is only available for public use with limited countries/regions and certain fields. The remaining countries/regions and fields are for Microsoft internal use only.
 
 ## EXAMPLES
 
@@ -188,7 +188,7 @@ Accept wildcard characters: False
 > Applicable: Microsoft Teams
 
 Specifies a new country or region for the civic address.
-For public use, restricted to the following countries:
+For public use, restricted to the following countries/regions:
 
 **AU, BR, CA, HR, CZ, EE, HK, HU, IL, JP, LV, LT, MX, NZ, PL, PR, RO, SG, KR, SI, ZA, US**
 
diff --git a/teams/teams-ps/MicrosoftTeams/Set-CsOnlineVoicemailUserSettings.md b/teams/teams-ps/MicrosoftTeams/Set-CsOnlineVoicemailUserSettings.md
@@ -260,7 +260,7 @@ The following languages are supported:
 - "sl-SI" (Slovenian - Slovenia)
 - "sv-SE" (Swedish - Sweden)
 - "th-TH" (Thai - Thailand)
-- "tr-TR" (Turkish - Turkey)
+- "tr-TR" (Turkish - Türkiye)
 - "vi-VN" (Vietnamese - Viet Nam)
 - "zh-CN" (Chinese - Simplified, PRC)
 - "zh-TW" (Chinese - Traditional, Taiwan)
diff --git a/teams/teams-ps/MicrosoftTeams/Set-CsTenantFederationConfiguration.md b/teams/teams-ps/MicrosoftTeams/Set-CsTenantFederationConfiguration.md
@@ -30,6 +30,8 @@ Set-CsTenantFederationConfiguration [-Tenant <Guid>]
  [-AllowedDomainsAsAList <List>] [-ExternalAccessWithTrialTenants <ExternalAccessWithTrialTenantsType>]
  [-SecurityTeamAllowBlockListDelegation <SecurityTeamAllowBlockListDelegationType>]
  [-AllowedTrialTenantDomains <List>]
+ [-ApplyExternalAccessRestrictionsToChatMembership <Boolean>]
+ [-ExtendMutualFederationForChatMembership <Boolean>]
  [[-Identity] <XdsIdentity>] [-Force] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
@@ -38,7 +40,10 @@ Set-CsTenantFederationConfiguration [-Tenant <Guid>]
 Set-CsTenantFederationConfiguration [-Tenant <Guid>] [-AllowedDomains <IAllowedDomainsChoice>]
  [-BlockedDomains <List>] [-BlockAllSubdomains <Boolean>] [-AllowFederatedUsers <Boolean>]
  [-TreatDiscoveredPartnersAsUnverified <Boolean>] [-SharedSipAddressSpace <Boolean>] [-RestrictTeamsConsumerToExternalUserProfiles <Boolean>]
- [-AllowedDomainsAsAList <List>] [-Instance <PSObject>] [-Force] [-WhatIf] [-Confirm] [<CommonParameters>]
+ [-AllowedDomainsAsAList <List>]
+ [-ApplyExternalAccessRestrictionsToChatMembership <Boolean>]
+ [-ExtendMutualFederationForChatMembership <Boolean>]
+ [-Instance <PSObject>] [-Force] [-WhatIf] [-Confirm] [<CommonParameters>]
 ```
 
 ## DESCRIPTION
@@ -189,7 +194,7 @@ $list.add("fabrikam.com")
 Set-CsTenantFederationConfiguration -AllowedTrialTenantDomains $list
 ```
 
-Using the `AllowedTrialTenantDomains` parameter, you can whitelist specific "trial-only" tenant domains, while keeping the `ExternalAccessWithTrialTenants` set to `Blocked`. Example 13 shows how you can set or replace domains in the Allowed Trial Tenant Domains using a List collection object.
+Using the `AllowedTrialTenantDomains` parameter, you can safelist specific "trial-only" tenant domains, while keeping the `ExternalAccessWithTrialTenants` set to `Blocked`. Example 13 shows how you can set or replace domains in the Allowed Trial Tenant Domains using a List collection object.
 First, a List collection is created and domains are added to it, then, simply include the `AllowedTrialTenantDomains` parameter and set the parameter value to the List object.
 When this command completes, the Allowed Trial Tenant Domains list will be replaced with those domains.
 
@@ -284,9 +289,10 @@ Accept wildcard characters: False
 
 > Applicable: Microsoft Teams
 
-You can whitelist specific "trial-only" tenant domains, while keeping the `ExternalAccessWithTrialTenants` set to `Blocked`. This will allow you to protect your organization against majority of tenants that don't have any paid subscriptions, while still being able to collaborate externally with those trusted trial-tenants in the list.
+You can safelist specific "trial-only" tenant domains, while keeping the `ExternalAccessWithTrialTenants` set to `Blocked`. This will allow you to protect your organization against majority of tenants that don't have any paid subscriptions, while still being able to collaborate externally with those trusted trial-tenants in the list.
 
 Note:
+
 - The list supports up to maximum 4k domains.
 - If `ExternalAccessWithTrialTenants` is set to `Allowed`, then the `AllowedTrialTenantDomains` list will not be checked.
 - Any domain in this list that belongs to a tenant with paid subscriptions will be ignored.
@@ -308,7 +314,7 @@ Accept wildcard characters: False
 > Applicable: Microsoft Teams
 
 When set to True (the default value) users will be potentially allowed to communicate with users from other domains.
-If this property is set to False then users cannot communicate with users from other domains, regardless of the values assigned to the `AllowedDomains` and `BlockedDomains` properties or any `ExternalAccessPolicy` instances. In effect, the `AllowFederatedUsers` property serves as a master switch that globally enables or disables federation across the Tenant, overridding all other policy settings. 
+If this property is set to False then users cannot communicate with users from other domains, regardless of the values assigned to the `AllowedDomains` and `BlockedDomains` properties or any `ExternalAccessPolicy` instances. In effect, the `AllowFederatedUsers` property serves as a master switch that globally enables or disables federation across the Tenant, overriding all other policy settings. 
 
 To block all domains while selectively allowing specific users to communicate externally via explicit `ExternalAccessPolicy` instances, set `AllowFederatedUsers` to `True` and leave the `AllowedDomains` property empty.
 
@@ -458,6 +464,63 @@ Default value: None
 Accept pipeline input: False
 Accept wildcard characters: False
 ```
+### -ApplyExternalAccessRestrictionsToChatMembership
+
+> Applicable: Microsoft Teams
+
+> This parameter is reserved for future use and has no effect at this time.
+
+When set to False (the default value), users in the tenant who have `EnableFederationAccess` set to False in their assigned `ExternalAccessPolicy` can be added to group chats that include external users only when the chat is initiated by a user in the same tenant who has `EnableFederationAccess` set to True. 
+
+When set to True, users in the tenant who have `EnableFederationAccess` set to False are blocked from being added to any group chat that includes external users and are removed from existing active group chats that include external users. 
+
+The `ApplyExternalAccessRestrictionsToChatMembership` parameter does not affect the behavior set by `CommunicationWithExternalOrgs` parameter of the `ExternalAccessPolicy`.
+> [!NOTE]
+> This setting only applies to group chats and does not affect a user's ability to join meetings with external users or participate in meeting chats with external users. Refer to [Set-CsExternalAccessPolicy](/powershell/module/microsoftteams/set-csexternalaccesspolicy) for information about `EnableFederationAccess` parameter.
+>
+> Removal of users only applies to active group chats. An active group chat is defined as a chat in which a message has been sent within the past two hours. Users are removed from inactive group chats only when a new message is sent and the chat becomes active
+
+```yaml
+Type: ApplyExternalAccessRestrictionsToChatMembership
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
+### -ExtendMutualFederationForChatMembership
+
+> Applicable: Microsoft Teams
+
+> This parameter is reserved for future use and has no effect at this time.
+
+This parameter specifies whether additional mutual federation requirements are extended across all participants in a group chat. Mutual federation relationships are determined by each user’s effective external access configuration (`AllowedDomains`, `BlockedDomains`, and `ExternalAccessPolicy`). When enabled, this parameter adds participant‑level mutual federation enforcement to group chat.
+
+When set to False (the default value), **only the initiator of the group chat and the user joining or being added are required to have a mutual federation relationship**. Users in the tenant can join or be added to group chats that may include other external participants who are not permitted by the user’s own external access configuration, based on the initiating user’s settings. This behavior applies to group chats initiated by users within the tenant or by external users.
+
+When set to True, **all participants in the group chat must have mutual federation relationships with every other participant in the chat**. Users are blocked from joining or being added to group chats if they do not have mutual federation relationships with all existing participants. These relationships are evaluated continuously for all active chats and participants are automatically removed from existing active group chats when required relationships are no longer valid. 
+
+> [!NOTE]
+> This setting only applies to group chats and does not affect a user's ability to join meetings with external users or participate in meeting chats with external users. Refer to [Set-CsExternalAccessPolicy](/powershell/module/microsoftteams/set-csexternalaccesspolicy) for information about `EnableFederationAccess` parameter.
+>
+> Removal of users only applies to active group chats. An active group chat is defined as a chat in which a message has been sent within the past two hours. Users are removed from inactive group chats only when a new message is sent and the chat becomes active.
+>
+> The user who initiated the chat is never removed from the group chat as a result of this setting.
+
+```yaml
+Type: ExtendMutualFederationForChatMembership
+Parameter Sets: (All)
+Aliases:
+
+Required: False
+Position: Named
+Default value: False
+Accept pipeline input: False
+Accept wildcard characters: False
+```
 
 ### -Force
 
@@ -482,7 +545,7 @@ Accept wildcard characters: False
 > Applicable: Microsoft Teams
 
 Specifies the collection of tenant federation configuration settings to be modified.
-Because each tenant is limited to a single, global collection of federation settings there is no need include this parameter when calling the `Set-CsTenantFederationConfiguration` cmdlet.
+Because each tenant is limited to a single, global collection of federation settings there is no need to include this parameter when calling the `Set-CsTenantFederationConfiguration` cmdlet.
 If you do choose to use the Identity parameter you must also include the Tenant parameter.
 For example:
 
diff --git a/teams/teams-ps/MicrosoftTeams/Set-CsTenantTrustedIPAddress.md b/teams/teams-ps/MicrosoftTeams/Set-CsTenantTrustedIPAddress.md
@@ -36,7 +36,7 @@ External trusted IPs are the Internet external IPs of the enterprise network and
 
 Both IPv4 and IPv6 trusted IP addresses are supported.
 
-When the client is sending the trusted IP address, please make sure we have already whitelisted the IP address by running this command-let, otherwise the request will be rejected. If you are only adding the IPv4 address by running this command-let, but your client are only sending and IPv6 address, it will be rejected.
+When the client is sending the trusted IP address, please make sure we have already safelisted the IP address by running this command-let, otherwise the request will be rejected. If you are only adding the IPv4 address by running this command-let, but your client are only sending and IPv6 address, it will be rejected.
 
 ## EXAMPLES
 
