https://gioxx.github.io/Nebula.KB-dev/news Nebula: A family of PowerShell modules that go beyond your workstation Blog 2026-03-11T00:08:00.000Z https://github.com/jpmonette/feed Nebula: A family of PowerShell modules that go beyond your workstation Blog https://gioxx.github.io/Nebula.KB-dev/img/Nebula_Icon_Header.svg <![CDATA[Retirement of -Credential parameter when connecting to Exchange Online PowerShell]]> https://gioxx.github.io/Nebula.KB-dev/news/MC1248389 2026-03-11T00:08:00.000Z Introduction

Microsoft is retiring the -Credential parameter used when connecting to Exchange Online PowerShell. Starting with module versions released in July 2026 and later, the -Credential parameter will be removed from both Connect-ExchangeOnline and Connect-IppsSession cmdlets. Organizations using this parameter in automation scripts must migrate to a supported authentication method before that date. This change improves security by moving away from legacy authentication methods that do not support modern protections such as multifactor authentication (MFA).

When this will happen

  • The -Credential parameter will be removed from Connect-ExchangeOnline and Connect-IppsSession cmdlets in Exchange Online PowerShell module versions released beginning July 2026.
  • A separate server-side retirement of the underlying authentication flow is planned for a later date and will be communicated in advance.

How this affects your organization

Who is affected

  • Microsoft 365 administrators using Exchange Online or Security & Compliance PowerShell
  • Organizations with automation scripts that use the -Credential parameter

What will happen

  • If your organization uses the -Credential parameter in PowerShell scripts or automation workflows connecting to Exchange Online or Security & Compliance PowerShell, those scripts will break when you update to an Exchange Online PowerShell module version released beginning July 2026.
  • No impact if your organization does not use the -Credential parameter
warning

Impact on Nebula modules (starting July 2026)

For the Nebula ecosystem, the direct impact is concentrated on Exchange Online / Purview connection flows.

  • Nebula.Core (high impact): any function path that relies on Connect-ExchangeOnline and/or Connect-IPPSSession may fail starting July 2026 if it still uses -Credential and the ExchangeOnlineManagement module is upgraded to a version released from that date onward. This includes EXO-dependent commands and Compliance/Purview scenarios.
  • Nebula.Automations (low to no direct impact): current Graph-based and SMTP credential usage is not part of this retirement. It would only be impacted if EXO/Purview wrappers using -Credential are introduced or still exist outside current docs.
  • Nebula.Tools / Nebula.Log (no known direct impact): these modules do not currently expose EXO/Purview connection entry points documented with Connect-ExchangeOnline/Connect-IPPSSession -Credential.
  • Risk timeline: the first breaking point is client-side (triggered when upgrading the Exchange Online PowerShell module in/after July 2026). A later server-side retirement is also planned by Microsoft; at that point, old module versions will no longer be a workaround.

What we will do

  • Run a targeted audit across all Nebula.* repositories to identify any usage of Connect-ExchangeOnline / Connect-IPPSSession with -Credential.
  • Migrate affected flows to supported methods: modern interactive auth (MFA), app-only auth (certificate or client secret), or managed identity where applicable.
  • Update docs, examples, and operational runbooks so unattended automations do not regress.
  • Add regression tests for EXO/Purview connection paths before promoting ExchangeOnlineManagement module updates to production baselines.
  • Keep module update policies conservative until migration is complete, to avoid accidental breakage in production environments.

What you can do to prepare

Additional information

This change iscurrently client-side only and will not take effect automatically. Your existing scripts will continue to work if you continue using an Exchange Online PowerShell module version released before July 2026. The -Credential parameter will only be removed when you upgrade to a module version released in July 2026 and later.

A separate server-side retirement of the Credential parameter authentication flow is planned for a later date.When that occurs, the -Credential parameter will stop functioning even on older module versions. Microsoft will communicate that timeline separately and provide advance notice before any service-side changes take effect.

We strongly recommend migrating proactively rather than waiting, to avoid disruption when either change occurs. If you have questions or concerns, contact Microsoft Support or leave a comment on the Exchange Team Blog post.

Compliance considerations

Compliance areaImpact
Conditional Access policiesRetiring the -Credential parameter removes use of the ROPC authentication flow and enables enforcement of Conditional Access and multifactor authentication for Exchange Online PowerShell connections.
]]> Giovanni Solone https://gioxx.org <![CDATA[Welcome, News Section]]> https://gioxx.github.io/Nebula.KB-dev/news/HelloWorld 2026-03-10T23:00:00.000Z I have re-enabled the internal Docusaurus blog and, starting today, this space will be one of the reference points for Nebula project updates (the main one is and will remain my personal blog, but this is where English translations of those same articles can live, along with micro-updates that may have an impact on end users).

Hello World

Credits

Original photograph: https://www.flickr.com/photos/oskay/472097903

Here I will publish quick updates about:

  • changes and improvements across the Nebula module family (or scripts);
  • technical updates that affect scripts and automation workflows;
  • Microsoft 365 announcements that can directly impact module development.

The goal is simple: keep a clear history of decisions, changes, and recommended actions so development, maintenance, and daily usage stay aligned.

]]> Giovanni Solone https://gioxx.org