DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.schema.mof
|
[ClassVersion("1.0.0.0")]
class MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments { [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType; [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType; [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId; [Write, Description("The group Id that is the target of the assignment.")] String groupId; [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName; [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId; }; [ClassVersion("1.0.0.0"), FriendlyName("IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy")] class MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy : OMI_BaseResource { [Write, Description("Identity of the account protection local administrator password solution policy.")] String Identity; [Key, Description("Display name of the account protection local administrator password solution policy.")] String DisplayName; [Write, Description("Description of the account protection local administrator password solution policy.")] String Description; [Write, Description("Assignments of the account protection local administrator password solution policy."), EmbeddedInstance("MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments")] String Assignments[]; [Write, Description("Configures which directory the local admin account password is backed up to. 0 - Disabled, 1 - Azure AD, 2 - AD"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] UInt32 BackupDirectory; [Write, Description("Configures the maximum password age of the managed local administrator account for Azure AD. Minimum - 7, Maximum - 365")] UInt32 passwordagedays_aad; [Write, Description("Configures the maximum password age of the managed local administrator account for Active Directory. Minimum - 1, Maximum - 365")] UInt32 PasswordAgeDays; [Write, Description("Configures additional enforcement of maximum password age for the managed local administrator account.")] Boolean PasswordExpirationProtectionEnabled; [Write, Description("Configures how many previous encrypted passwords will be remembered in Active Directory. Minimum - 0, Maximum - 12")] UInt32 AdEncryptedPasswordHistorySize; [Write, Description("Configures whether the password is encrypted before being stored in Active Directory.")] Boolean AdPasswordEncryptionEnabled; [Write, Description("Configures the name or SID of a user or group that can decrypt the password stored in Active Directory.")] String AdPasswordEncryptionPrincipal; [Write, Description("Configures the name of the managed local administrator account.")] String AdministratorAccountName; [Write, Description("Configures the password complexity of the managed local administrator account. (1: Large letters, 2: Large letters + small letters, 3: Large letters + small letters + numbers, 4: Large letters + small letters + numbers + special characters, 5: Large letters + small letters + numbers + special characters (improved readability), 6: Passphrase (long words), 7: Passphrase (short words), 8: Passphrase (short words with unique prefixes))"), ValueMap{"1", "2", "3", "4", "5", "6", "7", "8"}, Values{"1", "2", "3", "4", "5", "6", "7", "8"}] UInt32 PasswordComplexity; [Write, Description("Passphrase Length (Minimum 3, Maximum 10 characters) - Depends on PasswordComplexity")] SInt32 PassphraseLength; [Write, Description("Configures the length of the password of the managed local administrator account. Minimum - 8, Maximum - 64")] UInt32 PasswordLength; [Write, Description("Specifies the actions to take upon expiration of the configured grace period. (1: Reset password, 3: Reset the password and logoff the managed account, 5: Reset the password and reboot, 11: Reset the password, logoff the managed account, and terminate any remaining processes.)"), ValueMap{"1", "3", "5", "11"}, Values{"1", "3", "5", "11"}] UInt32 PostAuthenticationActions; [Write, Description("Specifies the amount of time (in hours) to wait after an authentication before executing the specified post-authentication actions. Minimum - 0, Maximum - 24")] UInt32 PostAuthenticationResetDelay; [Write, Description("Automatic Account Management Enabled (false: The target account will not be automatically managed, true: The target account will be automatically managed)"), Values{"true", "false"}, ValueMap{"true", "false"}] String AutomaticAccountManagementEnabled; [Write, Description("Automatic Account Management Target - Depends on AutomaticAccountManagementEnabled (0: Manage the built-in administrator account, 1: Manage a new custom administrator account)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AutomaticAccountManagementTarget; [Write, Description("Automatic Account Management Randomize Name - Depends on AutomaticAccountManagementEnabled (false: The name of the target account will not use a random numeric suffix., true: The name of the target account will use a random numeric suffix.)"), Values{"true", "false"}, ValueMap{"true", "false"}] String AutomaticAccountManagementRandomizeName; [Write, Description("Automatic Account Management Name Or Prefix - Depends on AutomaticAccountManagementEnabled")] String AutomaticAccountManagementNameOrPrefix; [Write, Description("Automatic Account Management Enable Account - Depends on AutomaticAccountManagementEnabled (false: The target account will be disabled, true: The target account will be enabled)"), Values{"true", "false"}, ValueMap{"true", "false"}] String AutomaticAccountManagementEnableAccount; [Write, Description("Present ensures the policy exists, absent ensures it is removed"), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Intune Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com")] String TenantId; [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; [Write, Description("Access token used for authentication.")] String AccessTokens[]; }; |