New-SqlHADREndpoint

Module:

SQLServer

Creates a database mirroring endpoint on a SQL Server instance.

Syntax

New-SqlHADREndpoint
   [-Port <Int32>]
   [-Owner <String>]
   [-Certificate <String>]
   [-IpAddress <IPAddress>]
   [-AuthenticationOrder <EndpointAuthenticationOrder>]
   [-Encryption <EndpointEncryption>]
   [-EncryptionAlgorithm <EndpointEncryptionAlgorithm>]
   [-Name] <String>
   [[-Path] <String>]
   [-Script]
   [-AccessToken <PSObject>]
   [-TrustServerCertificate]
   [-HostNameInCertificate <String>]
   [-Encrypt <String>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

New-SqlHADREndpoint
   [-Port <Int32>]
   [-Owner <String>]
   [-Certificate <String>]
   [-IpAddress <IPAddress>]
   [-AuthenticationOrder <EndpointAuthenticationOrder>]
   [-Encryption <EndpointEncryption>]
   [-EncryptionAlgorithm <EndpointEncryptionAlgorithm>]
   [-Name] <String>
   [-InputObject] <Server>
   [-Script]
   [-AccessToken <PSObject>]
   [-TrustServerCertificate]
   [-HostNameInCertificate <String>]
   [-Encrypt <String>]
   [-ProgressAction <ActionPreference>]
   [-WhatIf]
   [-Confirm]
   [<CommonParameters>]

Description

The New-SqlHADREndpoint cmdlet creates a database mirroring endpoint on a SQL Server instance. This endpoint is required on every server instance that hosts an availability replica for any availability group. Each server instance can only have one database mirroring endpoint. If a server instance possesses a database mirroring endpoint, use the existing endpoint.

Examples

Example 1: Create a database mirroring endpoint

PS C:\> New-SqlHADREndpoint -Path "SQLSERVER:\Sql\Computer\Instance" -Name "MainEndpoint"

This command creates a database mirroring endpoint named MainEndpoint on the server instance located at the specified path. This endpoint uses the default port, 5022.

Example 2: Create a database mirroring endpoint that requires encryption

PS C:\> New-SqlHADREndpoint -Path "SQLSERVER:\Sql\Computer\Instance" -Name "MainEndpoint" -Port 4022 -EncryptionAlgorithm Aes -Encryption Required

This command creates a database mirroring endpoint named MainEndpoint on the server instance located at the specified path. This endpoint listens on port 4022. The endpoint uses the AES algorithm for encryption and requires that connections use encryption.

Example 3: Create a database mirroring endpoint that is encrypted with a certificate

PS C:\> New-SqlHADREndpoint -Path "SQLSERVER:\Sql\Computer\Instance" -Name "MainEndpoint" -AuthenticationOrder Certificate -Certificate "EncryptionCertificate"

This command creates a database mirroring endpoint named MainEndpoint on the server instance located at the specified path. This endpoint uses the certificate named EncryptionCertificate to authenticate connections.

Example 4: Create a database mirroring endpoint script

PS C:\> New-SqlHADREndpoint -Path "SQLSERVER:\Sql\Computer\Instance" -Name "MainEndpoint" -Script

This command outputs the Transact-SQL script that creates a database mirroring endpoint named MainEndpoint on the server instance located at the specified path. The endpoint is not actually created by this command.

Parameters

-AccessToken

The access token used to authenticate to SQL Server, as an alternative to user/password or Windows Authentication.

This can be used, for example, to connect to SQL Azure DB and SQL Azure Managed Instance using a Service Principal or a Managed Identity.

The parameter to use can be either a string representing the token or a PSAccessToken object as returned by running Get-AzAccessToken -ResourceUrl https://database.windows.net.

This parameter is new in v22 of the module.

Type:	PSObject
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-AuthenticationOrder

Specifies the order and type of authentication that is used by the endpoint.

If the specified option calls for a certificate, the Certificate parameter must be set.

Type:	EndpointAuthenticationOrder
Accepted values:	Ntlm, Kerberos, Negotiate, Certificate, NtlmCertificate, KerberosCertificate, NegotiateCertificate, CertificateNtlm, CertificateKerberos, CertificateNegotiate
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Certificate

Specifies the name of the certificate that the endpoint will use to authenticate connections. The far endpoint must have a certificate with the public key matching the private key of the certificate.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Confirm

Prompts you for confirmation before running the cmdlet.

Type:	SwitchParameter
Aliases:	cf
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Encrypt

The encryption type to use when connecting to SQL Server.

This value maps to the Encrypt property SqlConnectionEncryptOption on the SqlConnection object of the Microsoft.Data.SqlClient driver.

In v22 of the module, the default is Optional (for compatibility with v21). In v23+ of the module, the default value will be 'Mandatory', which may create a breaking change for existing scripts.

This parameter is new in v22 of the module.

Type:	String
Accepted values:	Mandatory, Optional, Strict
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Encryption

Specifies the encryption option for the endpoint.

The default value is Required.

Type:	EndpointEncryption
Accepted values:	Disabled, Supported, Required
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-EncryptionAlgorithm

Specifies the form of encryption used by the endpoint.

By default the endpoint will use Aes encryption.

NOTE: The RC4 algorithm is only supported for backward compatibility. New material can only be encrypted using RC4 or RC4_128 when the database is in compatibility level 90 or 100, but this is not recommended. For increased security, use a newer algorithm such as one of the AES algorithms instead.

Type:	EndpointEncryptionAlgorithm
Accepted values:	None, RC4, Aes, AesRC4, RC4Aes
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-HostNameInCertificate

The host name to be used in validating the SQL Server TLS/SSL certificate. You must pass this parameter if your SQL Server instance is enabled for Force Encryption and you want to connect to an instance using hostname/shortname. If this parameter is omitted then passing the Fully Qualified Domain Name (FQDN) to -ServerInstance is necessary to connect to a SQL Server instance enabled for Force Encryption.

This parameter is new in v22 of the module.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-InputObject

Specifies the server object of the SQL Server instance where the endpoint is created.

Type:	Server
Position:	2
Default value:	None
Required:	True
Accept pipeline input:	True
Accept wildcard characters:	False

-IpAddress

Specifies the IP address of the endpoint. The default is ALL, which indicates that the listener accepts a connection on any valid IP address.

Type:	IPAddress
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Name

Specifies the endpoint name.

Type:	String
Position:	1
Default value:	None
Required:	True
Accept pipeline input:	False
Accept wildcard characters:	False

-Owner

Specifies the login of the owner of the endpoint. By default, this is the current login.

Type:	String
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Path

Specifies the path to the SQL Server instance of the endpoint. If not specified, the current working location is used.

Type:	String
Position:	2
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Port

Specifies the TCP port on which the endpoint will listen for connections. The default is 5022.

Type:	Int32
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-ProgressAction

Determines how PowerShell responds to progress updates generated by a script, cmdlet, or provider, such as the progress bars generated by the Write-Progress cmdlet. The Write-Progress cmdlet creates progress bars that show a command's status.

Type:	ActionPreference
Aliases:	proga
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-Script

Indicates that this cmdlet returns a Transact-SQL script that performs the task.

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-TrustServerCertificate

Indicates whether the channel will be encrypted while bypassing walking the certificate chain to validate trust.

In v22 of the module, the default is $true (for compatibility with v21). In v23+ of the module, the default value will be '$false', which may create a breaking change for existing scripts.

This parameter is new in v22 of the module.

Type:	SwitchParameter
Position:	Named
Default value:	None
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Type:	SwitchParameter
Aliases:	wi
Position:	Named
Default value:	False
Required:	False
Accept pipeline input:	False
Accept wildcard characters:	False

Inputs

Microsoft.SqlServer.Management.Smo.Server

Outputs

SMO.Endpoint

Related Links

• Set-SqlHADREndpoint