DSCResources/MSFT_IntuneAccountProtectionPolicyWindows10/MSFT_IntuneAccountProtectionPolicyWindows10.schema.mof
|
[ClassVersion("1.0.0.0")]
class MSFT_DeviceManagementConfigurationPolicyAssignments { [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType; [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType; [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId; [Write, Description("The group Id that is the target of the assignment.")] String groupId; [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName; [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId; }; [ClassVersion("1.0.0.0")] class MSFT_MicrosoftGraphIntuneSettingsCatalogDeviceSettings_IntuneAccountProtectionPolicyWindows10 { [Write, Description("Credential Guard (0: (Disabled) Turns off Credential Guard remotely if configured previously without UEFI Lock., 1: (Enabled with UEFI lock) Turns on Credential Guard with UEFI lock., 2: (Enabled without lock) Turns on Credential Guard without UEFI lock.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LsaCfgFlags; [Write, Description("Facial Features Use Enhanced Anti Spoofing (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String FacialFeaturesUseEnhancedAntiSpoofing; [Write, Description("Enable Pin Recovery (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String EnablePinRecovery; [Write, Description("Expiration")] SInt32 Expiration; [Write, Description("PIN History")] SInt32 History; [Write, Description("Lowercase Letters (0: Allows the use of lowercase letters in PIN., 1: Requires the use of at least one lowercase letters in PIN., 2: Does not allow the use of lowercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LowercaseLetters; [Write, Description("Maximum PIN Length")] SInt32 MaximumPINLength; [Write, Description("Minimum PIN Length")] SInt32 MinimumPINLength; [Write, Description("Special Characters (0: Allows the use of special characters in PIN., 1: Requires the use of at least one special characters in PIN., 2: Does not allow the use of special characters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String SpecialCharacters; [Write, Description("Uppercase Letters (0: Allows the use of uppercase letters in PIN., 1: Requires the use of at least one uppercase letters in PIN., 2: Does not allow the use of uppercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String UppercaseLetters; [Write, Description("Require Security Device (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String RequireSecurityDevice; [Write, Description("Use Certificate For On Prem Auth (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UseCertificateForOnPremAuth; [Write, Description("Use Windows Hello For Business (Device) (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UsePassportForWork; }; [ClassVersion("1.0.0.0")] class MSFT_MicrosoftGraphIntuneSettingsCatalogUserSettings_IntuneAccountProtectionPolicyWindows10 { [Write, Description("Enable Pin Recovery (User) (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String EnablePinRecovery; [Write, Description("Expiration (User)")] SInt32 Expiration; [Write, Description("PIN History (User)")] SInt32 History; [Write, Description("Lowercase Letters (User) (0: Allows the use of lowercase letters in PIN., 1: Requires the use of at least one lowercase letters in PIN., 2: Does not allow the use of lowercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LowercaseLetters; [Write, Description("Maximum PIN Length (User)")] SInt32 MaximumPINLength; [Write, Description("Minimum PIN Length (User)")] SInt32 MinimumPINLength; [Write, Description("Special Characters (User) (0: Allows the use of special characters in PIN., 1: Requires the use of at least one special characters in PIN., 2: Does not allow the use of special characters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String SpecialCharacters; [Write, Description("Uppercase Letters (User) (0: Allows the use of uppercase letters in PIN., 1: Requires the use of at least one uppercase letters in PIN., 2: Does not allow the use of uppercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String UppercaseLetters; [Write, Description("Require Security Device (User) (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String RequireSecurityDevice; [Write, Description("Use Windows Hello For Business (User) (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UsePassportForWork; }; [ClassVersion("1.0.0.0"), FriendlyName("IntuneAccountProtectionPolicyWindows10")] class MSFT_IntuneAccountProtectionPolicyWindows10 : OMI_BaseResource { [Write, Description("Policy description")] String Description; [Key, Description("Policy name")] String DisplayName; [Write, Description("List of Scope Tags for this Entity instance.")] String RoleScopeTagIds[]; [Write, Description("The unique identifier for an entity. Read-only.")] String Id; [Write, Description("The policy settings for the device scope."), EmbeddedInstance("MSFT_MicrosoftGraphIntuneSettingsCatalogDeviceSettings_IntuneAccountProtectionPolicyWindows10")] String DeviceSettings; [Write, Description("The policy settings for the user scope"), EmbeddedInstance("MSFT_MicrosoftGraphIntuneSettingsCatalogUserSettings_IntuneAccountProtectionPolicyWindows10")] String UserSettings; [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[]; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |