DSCResources/MSFT_IntuneSecurityBaselineHoloLens2Standard/MSFT_IntuneSecurityBaselineHoloLens2Standard.schema.mof
|
[ClassVersion("1.0.0.0")]
class MSFT_DeviceManagementConfigurationPolicyAssignments { [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType; [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType; [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId; [Write, Description("The group Id that is the target of the assignment.")] String groupId; [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName; [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId; }; [ClassVersion("1.0.0.0"), FriendlyName("IntuneSecurityBaselineHoloLens2Standard")] class MSFT_IntuneSecurityBaselineHoloLens2Standard : OMI_BaseResource { [Write, Description("Policy description")] String Description; [Key, Description("Policy name")] String DisplayName; [Write, Description("List of Scope Tags for this Entity instance.")] String RoleScopeTagIds[]; [Write, Description("The unique identifier for an entity. Read-only.")] String Id; [Write, Description("Allow Microsoft Account Connection (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowMicrosoftAccountConnection; [Write, Description("Turn off the display (plugged in) (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String VideoPowerDownTimeOutAC_2; [Write, Description("When plugged in, turn display off after (seconds) - Depends on VideoPowerDownTimeOutAC_2")] SInt32 EnterVideoACPowerDownTimeOut; [Write, Description("Allow Cookies (0: Block all cookies from all sites, 1: Block only cookies from third party websites, 2: Allow all cookies from all sites)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String AllowCookies; [Write, Description("Allow Password Manager (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowPasswordManager; [Write, Description("Allow Smart Screen (0: Turned off. Do not protect users from potential threats and prevent users from turning it on., 1: Turned on. Protect users from potential threats and prevent users from turning it off.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowSmartScreen; [Write, Description("Allow USB Connection (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowUSBConnection; [Write, Description("Device Password Enabled (0: Enabled, 1: Disabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String DevicePasswordEnabled; [Write, Description("Device Password Expiration - Depends on DevicePasswordEnabled")] SInt32 DevicePasswordExpiration; [Write, Description("Min Device Password Length - Depends on DevicePasswordEnabled")] SInt32 MinDevicePasswordLength; [Write, Description("Alphanumeric Device Password Required - Depends on DevicePasswordEnabled (0: Password or Alphanumeric PIN required., 1: Password or Numeric PIN required., 2: Password, Numeric PIN, or Alphanumeric PIN required.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String AlphanumericDevicePasswordRequired; [Write, Description("Max Device Password Failed Attempts - Depends on DevicePasswordEnabled")] SInt32 MaxDevicePasswordFailedAttempts; [Write, Description("Min Device Password Complex Characters - Depends on DevicePasswordEnabled (1: Digits only, 2: Digits and lowercase letters are required, 3: Digits lowercase letters and uppercase letters are required. Not supported in desktop Microsoft accounts and domain accounts, 4: Digits lowercase letters uppercase letters and special characters are required. Not supported in desktop)"), ValueMap{"1", "2", "3", "4"}, Values{"1", "2", "3", "4"}] String MinDevicePasswordComplexCharacters; [Write, Description("Max Inactivity Time Device Lock - Depends on DevicePasswordEnabled")] SInt32 MaxInactivityTimeDeviceLock; [Write, Description("Device Password History - Depends on DevicePasswordEnabled")] SInt32 DevicePasswordHistory; [Write, Description("Allow Simple Device Password - Depends on DevicePasswordEnabled (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowSimpleDevicePassword; [Write, Description("Allow Manual MDM Unenrollment (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowManualMDMUnenrollment; [Write, Description("Allow All Trusted Apps (0: Explicit deny., 1: Explicit allow unlock., 65535: Not configured.)"), ValueMap{"0", "1", "65535"}, Values{"0", "1", "65535"}] String AllowAllTrustedApps; [Write, Description("Allow apps from the Microsoft app store to auto update (0: Not allowed., 1: Allowed., 2: Not configured.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String AllowAppStoreAutoUpdate; [Write, Description("Allow Developer Unlock (0: Explicit deny., 1: Explicit allow unlock., 65535: Not configured.)"), ValueMap{"0", "1", "65535"}, Values{"0", "1", "65535"}] String AllowDeveloperUnlock; [Write, Description("Block third party cookies (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String BlockThirdPartyCookies; [Write, Description("Control which extensions cannot be installed (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String ExtensionInstallBlocklist; [Write, Description("Extension IDs the user should be prevented from installing (or * for all) (Device) - Depends on ExtensionInstallBlocklist")] String ExtensionInstallBlocklistDesc[]; [Write, Description("Enable saving passwords to the password manager (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String PasswordManagerEnabled; [Write, Description("Configure Microsoft Defender SmartScreen (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String SmartScreenEnabled; [Write, Description("AAD Group Membership Cache Validity In Days")] SInt32 AADGroupMembershipCacheValidityInDays; [Write, Description("Allow VPN (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowVPN; [Write, Description("Page Visibility List")] String PageVisibilityList; [Write, Description("Allow Storage Card (0: SD card use is not allowed and USB drives are disabled. This setting does not prevent programmatic access to the storage card., 1: Allow a storage card.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowStorageCard; [Write, Description("Enable Pin Recovery - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String EnablePinRecovery; [Write, Description("Restrict use of TPM 1.2 - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String TPM12; [Write, Description("Digits - Depends on TenantId (0: Allows the use of digits in PIN., 1: Requires the use of at least one digits in PIN., 2: Does not allow the use of digits in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String Digits; [Write, Description("Expiration - Depends on TenantId")] SInt32 Expiration; [Write, Description("PIN History - Depends on TenantId")] SInt32 History; [Write, Description("Lowercase Letters - Depends on TenantId (0: Allows the use of lowercase letters in PIN., 1: Requires the use of at least one lowercase letters in PIN., 2: Does not allow the use of lowercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LowercaseLetters; [Write, Description("Maximum PIN Length - Depends on TenantId")] SInt32 MaximumPINLength; [Write, Description("Minimum PIN Length - Depends on TenantId")] SInt32 MinimumPINLength; [Write, Description("Special Characters - Depends on TenantId (0: Allows the use of special characters in PIN., 1: Requires the use of at least one special characters in PIN., 2: Does not allow the use of special characters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String SpecialCharacters; [Write, Description("Uppercase Letters - Depends on TenantId (0: Allows the use of uppercase letters in PIN., 1: Requires the use of at least one uppercase letters in PIN., 2: Does not allow the use of uppercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String UppercaseLetters; [Write, Description("Require Security Device - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String RequireSecurityDevice; [Write, Description("Use Certificate For On Prem Auth - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UseCertificateForOnPremAuth; [Write, Description("Use Hello Certificates As Smart Card Certificates - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UseHelloCertificatesAsSmartCardCertificates; [Write, Description("Use Windows Hello For Business (Device) - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UsePassportForWork; [Write, Description("Allow Update Service (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowUpdateService; [Write, Description("Manage Preview Builds (0: Disable Preview builds, 1: Disable Preview builds once the next release is public, 2: Enable Preview builds, 3: Preview builds is left to user selection)"), ValueMap{"0", "1", "2", "3"}, Values{"0", "1", "2", "3"}] String ManagePreviewBuilds; [Write, Description("Require Network In OOBE (Device) (true: true, false: false)"), ValueMap{"true", "false"}, Values{"true", "false"}] String RequireNetworkInOOBE; [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[]; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |