DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.schema.mof
|
[ClassVersion("1.0.0.0")]
class MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments { [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType; [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType; [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId; [Write, Description("The group Id that is the target of the assignment.")] String groupId; [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName; [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId; }; [ClassVersion("1.0.0.0"), FriendlyName("IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy")] class MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy : OMI_BaseResource { [Write, Description("Identity of the account protection local administrator password solution policy.")] String Identity; [Key, Description("Display name of the account protection local administrator password solution policy.")] String DisplayName; [Write, Description("Description of the account protection local administrator password solution policy.")] String Description; [Write, Description("Assignments of the account protection local administrator password solution policy."), EmbeddedInstance("MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments")] String Assignments[]; [Write, Description("Configures which directory the local admin account password is backed up to. 0 - Disabled, 1 - Azure AD, 2 - AD"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] UInt32 BackupDirectory; [Write, Description("Configures the maximum password age of the managed local administrator account for Azure AD. Minimum - 7, Maximum - 365")] UInt32 PasswordAgeDays_AAD; [Write, Description("Configures the maximum password age of the managed local administrator account for Active Directory. Minimum - 1, Maximum - 365")] UInt32 PasswordAgeDays; [Write, Description("Configures additional enforcement of maximum password age for the managed local administrator account.")] Boolean PasswordExpirationProtectionEnabled; [Write, Description("Configures how many previous encrypted passwords will be remembered in Active Directory. Minimum - 0, Maximum - 12")] UInt32 AdEncryptedPasswordHistorySize; [Write, Description("Configures whether the password is encrypted before being stored in Active Directory.")] Boolean AdPasswordEncryptionEnabled; [Write, Description("Configures the name or SID of a user or group that can decrypt the password stored in Active Directory.")] String AdPasswordEncryptionPrincipal; [Write, Description("Configures the name of the managed local administrator account.")] String AdministratorAccountName; [Write, Description("Configures the password complexity of the managed local administrator account. 1 - Large letters, 2 - Large + small letters, 3 - Large + small letters + numbers, 4 - Large + small letters + numbers + special characters, 5 - Large letters + small letters + numbers + special characters (improved readability)"), ValueMap{"1", "2", "3", "4", "5"}, Values{"1", "2", "3", "4", "5"}] UInt32 PasswordComplexity; [Write, Description("Configures the length of the password of the managed local administrator account. Minimum - 8, Maximum - 64")] UInt32 PasswordLength; [Write, Description("Specifies the actions to take upon expiration of the configured grace period. 1 - Reset password, 3 - Reset password and log off, 5 - Reset password and restart"), ValueMap{"1", "3", "5"}, Values{"1", "3", "5"}] UInt32 PostAuthenticationActions; [Write, Description("Specifies the amount of time (in hours) to wait after an authentication before executing the specified post-authentication actions. Minimum - 0, Maximum - 24")] UInt32 PostAuthenticationResetDelay; [Write, Description("Present ensures the policy exists, absent ensures it is removed"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Intune Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com")] String TenantId; [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |