Public/TenantConfiguration/Baseline/ConfigurationPolicies/JyskIT-Baseline-SEC-EnableWHFB.json
|
{
"displayName": "JyskIT-Baseline-SEC-EnableWHFB", "description": "Enables Windows Hello for Business for all users (Excluding Shared Users)", "roleScopeTagIds": [ "0" ], "@odata.type": "#microsoft.graph.windowsIdentityProtectionConfiguration", "deviceManagementApplicabilityRuleOsVersion": null, "useCertificatesForOnPremisesAuthEnabled": false, "windowsHelloForBusinessBlocked": "false", "pinLowercaseCharactersUsage": "allowed", "pinUppercaseCharactersUsage": "allowed", "pinSpecialCharactersUsage": "allowed", "pinMinimumLength": 4, "pinMaximumLength": 127, "pinExpirationInDays": 0, "pinPreviousBlockCount": 0, "pinRecoveryEnabled": true, "securityDeviceRequired": true, "unlockWithBiometricsEnabled": true, "enhancedAntiSpoofingForFacialFeaturesEnabled": true, "useSecurityKeyForSignin": true, "assignments": [ { "target": { "@odata.type": "#microsoft.graph.allLicensedUsersAssignmentTarget" } }, { "target": { "@odata.type": "#microsoft.graph.exclusionGroupAssignmentTarget", "groupId": "#ReplaceGroup#_JyskIT-Baseline-SEC-SharedUsers" } } ] } |