DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.schema.mof
|
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphMember { [Write, Description("Identity of member. For users, specify a UserPrincipalName. For groups, devices and serviceprincipals, specify DisplayName")] String Identity; [Write, Description("Specify User, Group or Device to interpret the identity for Members. Specify User, Group or ServicePrincipal for ScopedRoleMembers."), ValueMap{"User", "Group", "Device", "ServicePrincipal"}, Values{"User", "Group", "Device", "ServicePrincipal"}] String Type; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphScopedRoleMembership { [Write, Description("Name of the Azure AD Role that is assigned. See https://learn.microsoft.com/en-us/azure/active-directory/roles/admin-units-assign-roles#roles-that-can-be-assigned-with-administrative-unit-scope")] String RoleName; [Write, Description("Member that is assigned the scoped role. Note: Any groups must be role-enabled"), EmbeddedInstance("MSFT_MicrosoftGraphMember")] String RoleMemberInfo; }; [ClassVersion("1.0.0.0"), FriendlyName("AADAdministrativeUnit")] class MSFT_AADAdministrativeUnit : OMI_BaseResource { [Key, Description("Object-Id of the Administrative Unit")] String Id; [Required, Description("DisplayName of the Administrative Unit")] String DisplayName; [Write, Description("Description of the Administrative Unit")] String Description; [Write, Description("Visibility of the Administrative Unit. Specify HiddenMembership if members of the AU are hidden")] String Visibility; [Write, Description("Specify membership type. Possible values are Assigned and Dynamic. Note that the functionality is currently in preview.")] String MembershipType; [Write, Description("Specify membership rule. Requires that MembershipType is set to Dynamic. Note that the functionality is currently in preview.")] String MembershipRule; [Write, Description("Specify dynamic membership-rule processing-state. Valid values are 'On' and 'Paused'. Requires that MembershipType is set to Dynamic. Note that the functionality is currently in preview.")] String MembershipRuleProcessingState; [Write, Description("Specify members. Only specify if MembershipType is NOT set to Dynamic"), EmbeddedInstance("MSFT_MicrosoftGraphMember")] String Members[]; [Write, Description("Specify Scoped Role Membership. Note: Any groups must be role-enabled"), EmbeddedInstance("MSFT_MicrosoftGraphScopedRoleMembership")] String ScopedRoleMembers[]; [Write, Description("Present ensures the Administrative Unit exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Intune Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory application to authenticate with."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; }; |