Unified Tenant Configuration Management (UTCM) Monitor (SchemaStore) JSON Schema

Type	object
File match	`*.utcm-monitor.json`
Schema URL	https://catalog.lintel.tools/schemas/schemastore/unified-tenant-configuration-management-utcm-monitor/latest.json
Source	https://www.schemastore.org/utcm-monitor.json

Validate with Lintel

npx @lintel/lintel check

Type: object

Schema for entity configurationMonitor

Properties

id string

displayName string

description string

parameters object

Schema for entity openComplexDictionaryType

baseline object

Schema for entity configurationBaseline

5 nested properties

id string

displayName string

description string

parameters object[]

resources object[]

Definitions

microsoft.exchange.accepteddomain object

This resource configures the Accepted Email Domains in Exchange Online.

Identity string required

Specify the Fully Qualified Domain Name for the AcceptedDomain.

Ensure

Specify if the AcceptedDomain should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

DomainType

The type of AcceptedDomain. Currently the EXOAcceptedDomain DSC Resource accepts a value of 'Authoritative' and 'InternalRelay'.

Examples: "Authoritative", "InternalRelay"

pattern=^([Aa][Uu][Tt][Hh][Oo][Rr][Ii][Tt][Aa][Tt][Ii][Vv][Ee]|[Ii][Nn][Tt][Ee][Rr][Nn][Aa][Ll][Rr][Ee][Ll][Aa][Yy])$

MatchSubDomains boolean

The MatchSubDomains parameter must be false on Authoritative domains. The default value is false.

OutboundOnly boolean

OutboundOnly can only be enabled if the DomainType parameter is set to Authoritative or InternalRelay. The default value is false.

microsoft.exchange.activesyncdeviceaccessrule object

This resource configures Active Sync Device Access Rules in Exchange Online.

Identity string required

The Identity parameter specifies the identity of the device access rule.

AccessLevel

The AccessLevel parameter specifies whether the devices are allowed, blocked or quarantined.

Examples: "Allow", "Block", "Quarantine"

pattern=^([Aa][Ll][Ll][Oo][Ww]|[Bb][Ll][Oo][Cc][Kk]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee])$

Characteristic

The Characteristic parameter specifies the device characteristic or category that's used by the rule.

Examples: "DeviceModel", "DeviceOS", "DeviceType", "UserAgent", "XMSWLHeader"

pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Mm][Oo][Dd][Ee][Ll]|[Dd][Ee][Vv][Ii][Cc][Ee][Tt][Yy][Pp][Ee]|[Dd][Ee][Vv][Ii][Cc][Ee][Oo][Ss]|[Uu][Ss][Ee][Rr][Aa][Gg][Ee][Nn][Tt]|[Xx][Mm][Ss][Ww][Ll][Hh][Ee][Aa][Dd][Ee][Rr])$

QueryString string

The QueryString parameter specifies the device identifier that's used by the rule. This parameter uses a text value that's used with Characteristic parameter value to define the device.

Ensure

Specify if the Active Sync Device Access Rule should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.addressbookpolicy object

This resource configures Address Book Policies in Exchange Online.

Name string required

The Name parameter specifies the name that you want this address book policy to be called.

AddressLists string[]

The AddressLists parameter specifies the address lists that will be used by mailbox users who are assigned this address book policy. This parameter accepts multiple values.

GlobalAddressList string

The GlobalAddressList parameter specifies the identity of the global address list (GAL) that will be used by mailbox users who are assigned this address book policy. You can specify only one GAL for each address book policy.

OfflineAddressBook string

The OfflineAddressBook parameter specifies the identity of the offline address book (OAB) that will be used by mailbox users who are assigned this address book policy. You can specify only one OAB for each address book policy.

RoomList string

The RoomList parameter specifies the name of the room address list.

Ensure

Specify if the Address Book Policy should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.addresslist object

This resource configures Exchange Online address lists.

Name string required

The Name parameter specifies a unique name for the address list.

ConditionalCompany string[]

The ConditionalCompany parameter specifies a precanned filter that's based on the value of the recipient's Company property.

ConditionalCustomAttribute1 string[]

The ConditionalCustomAttribute1 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute1 property.

ConditionalCustomAttribute10 string[]

The ConditionalCustomAttribute10 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute10 property.

ConditionalCustomAttribute11 string[]

The ConditionalCustomAttribute11 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute11 property.

ConditionalCustomAttribute12 string[]

The ConditionalCustomAttribute12 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute12 property.

ConditionalCustomAttribute13 string[]

The ConditionalCustomAttribute13 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute13 property.

ConditionalCustomAttribute14 string[]

The ConditionalCustomAttribute14 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute14 property.

ConditionalCustomAttribute15 string[]

The ConditionalCustomAttribute15 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute15 property.

ConditionalCustomAttribute2 string[]

The ConditionalCustomAttribute2 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute2 property.

ConditionalCustomAttribute3 string[]

The ConditionalCustomAttribute3 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute3 property.

ConditionalCustomAttribute4 string[]

The ConditionalCustomAttribute4 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute4 property.

ConditionalCustomAttribute5 string[]

The ConditionalCustomAttribute5 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute5 property.

ConditionalCustomAttribute6 string[]

The ConditionalCustomAttribute6 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute6 property.

ConditionalCustomAttribute7 string[]

The ConditionalCustomAttribute7 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute7 property.

ConditionalCustomAttribute8 string[]

The ConditionalCustomAttribute8 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute8 property.

ConditionalCustomAttribute9 string[]

The ConditionalCustomAttribute9 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute9 property.

ConditionalDepartment string[]

The ConditionalDepartment parameter specifies a precanned filter that's based on the value of the recipient's Department property.

ConditionalStateOrProvince string[]

The ConditionalStateOrProvince parameter specifies a precanned filter that's based on the value of the recipient's StateOrProvince property.

DisplayName string

The DisplayName parameter specifies the display name of the address list.

IncludedRecipients array

The IncludedRecipients parameter specifies a precanned filter that's based on the recipient type.

RecipientFilter string

The RecipientFilter parameter specifies a custom OPath filter that's based on the value of any available recipient property.

Ensure

Specifies if this AddressList should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.antiphishpolicy object

This resource configures an Anti-Phish Policy in Exchange Online. Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/advanced-threat-protection/new-antiphishpolicy?view=exchange-ps

Identity string required

The Identity parameter specifies the name of the antiphishing policy that you want to modify.

Ensure

Specify if this policy should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

AdminDisplayName string

The AdminDisplayName parameter specifies a description for the policy.

PhishThresholdLevel

The PhishThresholdLevel parameter specifies the tolerance level that's used by machine learning in the handling of phishing messages.

Examples: "1", "2", "3", "4"

pattern=^(1|2|3|4)$

AuthenticationFailAction

The AuthenticationFailAction parameter specifies the action to take when the message fails composite authentication.

Examples: "MoveToJmf", "Quarantine"

pattern=^([Mm][Oo][Vv][Ee][Tt][Oo][Jj][Mm][Ff]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee])$

TargetedUserProtectionAction

The TargetedUserProtectionAction parameter specifies the action to take on detected user impersonation messages for the users specified by the TargetedUsersToProtect parameter.

Examples: "BccMessage", "Delete", "MoveToJmf", "NoAction", "Quarantine", "Redirect"

Enabled boolean

Specify if this policy should be enabled. Default is $true.

EnableFirstContactSafetyTips boolean

The EnableFirstContactSafetyTips parameter specifies whether to enable or disable the safety tip that's shown when recipients first receive an email from a sender or do not often receive email from a sender.

EnableMailboxIntelligence boolean

The EnableMailboxIntelligence parameter specifies whether to enable or disable mailbox intelligence (the first contact graph) in domain and user impersonation protection.

EnableMailboxIntelligenceProtection boolean

The EnableMailboxIntelligenceProtection specifies whether to enable or disable enhanced impersonation results based on each user's individual sender map. This intelligence allows Microsoft 365 to customize user impersonation detection and better handle false positives.

EnableOrganizationDomainsProtection boolean

The EnableOrganizationDomainsProtection parameter specifies whether to enable domain impersonation protection for all registered domains in the Office 365 organization.

EnableSimilarDomainsSafetyTips boolean

The EnableSimilarDomainsSafetyTips parameter specifies whether to enable safety tips that are shown to recipients in messages for domain impersonation detections.

EnableSimilarUsersSafetyTips boolean

The EnableSimilarUsersSafetyTips parameter specifies whether to enable safety tips that are shown to recipients in messages for user impersonation detections.

EnableSpoofIntelligence boolean

The EnableSpoofIntelligence parameter specifies whether to enable or disable antispoofing protection for the policy.

EnableTargetedDomainsProtection boolean

The EnableTargetedDomainsProtection parameter specifies whether to enable domain impersonation protection for a list of specified domains.

EnableTargetedUserProtection boolean

The EnableTargetedUserProtection parameter specifies whether to enable user impersonation protection for the users specified by the TargetedUsersToProtect parameter

EnableUnauthenticatedSender boolean

The EnableUnauthenticatedSender parameter enables or disables unauthenticated sender identification in Outlook.

EnableUnusualCharactersSafetyTips boolean

The EnableUnusualCharactersSafetyTips parameter specifies whether to enable safety tips that are shown to recipients in messages for unusual characters in domain and user impersonation detections.

EnableViaTag boolean

This setting is part of spoof protection. The EnableViaTag parameter enables or disables adding the via tag to the From address in Outlook.

MakeDefault boolean

Make this the default antiphishing policy

ExcludedDomains string[]

The ExcludedDomains parameter specifies trusted domains that are excluded from scanning by antiphishing protection. You can specify multiple domains separated by commas.

ExcludedSenders string[]

The ExcludedSenders parameter specifies a list of trusted sender email addresses that are excluded from scanning by antiphishing protection. You can specify multiple email addresses separated by commas.

HonorDmarcPolicy boolean

The HonorDmarcPolicy enables or disables using the sender's DMARC policy to determine what to do to messages that fail DMARC checks.

ImpersonationProtectionState string

The ImpersonationProtectionState parameter specifies the configuration of impersonation protection.

MailboxIntelligenceProtectionAction string

The MailboxIntelligenceProtectionAction parameter specifies what to do with messages that fail mailbox intelligence protection.

MailboxIntelligenceProtectionActionRecipients string[]

The MailboxIntelligenceProtectionActionRecipients parameter specifies the recipients to add to detected messages when the MailboxIntelligenceProtectionAction parameter is set to the value Redirect or BccMessage.

MailboxIntelligenceQuarantineTag string

The MailboxIntelligenceQuarantineTag specifies the quarantine policy that's used on messages that are quarantined by mailbox intelligence.

SpoofQuarantineTag string

The SpoofQuarantineTag specifies the quarantine policy that's used on messages that are quarantined by spoof intelligence.

TargetedDomainActionRecipients string[]

The TargetedDomainActionRecipients parameter specifies the recipients to add to detected domain impersonation messages when the TargetedDomainProtectionAction parameter is set to the value Redirect or BccMessage. A valid value for this parameter is an email address. You can specify multiple email addresses separated by commas.

TargetedDomainProtectionAction

The TargetedDomainProtectionAction parameter specifies the action to take on detected domain impersonation messages.

Examples: "BccMessage", "Delete", "MoveToJmf", "NoAction", "Quarantine", "Redirect"

TargetedDomainsToProtect string[]

The TargetedDomainsToProtect parameter specifies the domains that are included in domain impersonation protection when the EnableTargetedDomainsProtection parameter is set to $true.

TargetedDomainQuarantineTag string

The TargetedDomainQuarantineTag specifies the quarantine policy that's used on messages that are quarantined by domain impersonation protection.

TargetedUserActionRecipients string[]

The TargetedUserActionRecipients parameter specifies the replacement or additional recipients for detected user impersonation messages when the TargetedUserProtectionAction parameter is set to the value Redirect or BccMessage. A valid value for this parameter is an email address. You can specify multiple email addresses separated by commas.

TargetedUsersToProtect string[]

The TargetedUsersToProtect parameter specifies the users that are included in user impersonation protection when the EnableTargetedUserProtection parameter is set to $true.

TargetedUserQuarantineTag string

The TargetedUserQuarantineTag specifies the quarantine policy that's used on messages that are quarantined by user impersonation protection.

DmarcQuarantineAction string

DmarcRejectAction string

microsoft.exchange.antiphishrule object

This resource configures an Anti-Phish Rule in Exchange Online. Reference: https://docs.microsoft.com/en-us/powershell/module/exchange/advanced-threat-protection/new-antiphishRule?view=exchange-ps

Identity string required

The Identity parameter specifies the name of the antiphishing rule that you want to modify.

AntiPhishPolicy string required

The AntiPhishPolicy parameter specifies the name of the antiphishing policy that's associated with the antiphishing rule.

Ensure

Specify if this rule should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

Enabled boolean

Specify if this rule should be enabled. Default is $true.

Priority integer

The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.

Comments string

The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.

ExceptIfRecipientDomainIs string[]

The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.

ExceptIfSentTo string[]

The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.

ExceptIfSentToMemberOf string[]

The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.

RecipientDomainIs string[]

The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.

SentTo string[]

The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient.

SentToMemberOf string[]

The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group.

microsoft.exchange.applicationaccesspolicy object

This resource configures Applications Access Policies in Exchange Online.

Identity string required

The Identity parameter specifies the application access policy that you want to modify.

AccessRight

The AccessRight parameter specifies the permission that you want to assign in the application access policy.

Examples: "DenyAccess", "RestrictAccess"

pattern=^([Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Aa][Cc][Cc][Ee][Ss][Ss]|[Dd][Ee][Nn][Yy][Aa][Cc][Cc][Ee][Ss][Ss])$

AppID string[]

The AppID parameter specifies the GUID of the apps to include in the policy.

PolicyScopeGroupId string

The PolicyScopeGroupID parameter specifies the recipient to define in the policy. You can use any value that uniquely identifies the recipient.

Description string

The Description parameter specifies a description for the policy.

Ensure

Specify if the Application Access Policy should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.atppolicyforo365 object

This resource configures the Advanced Threat Protection (ATP) policy in Office 365. Tenant must be subscribed to ATP.

IsSingleInstance required

Specifies the resource is a single instance, the value must be 'Yes'

Examples: "Yes"

pattern=^([Yy][Ee][Ss])$

Identity string

The Identity parameter specifies the ATP policy that you want to modify. There's only one policy named Default.

Ensure

Since there is only one policy, the default policy, this must be set to 'Present'

Examples: "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$

AllowSafeDocsOpen boolean

The AllowSafeDocsOpen parameter specifies whether users can click through and bypass the Protected View container even when Safe Documents identifies a file as malicious.

EnableATPForSPOTeamsODB boolean

The EnableATPForSPOTeamsODB parameter specifies whether ATP is enabled for SharePoint Online, OneDrive for Business and Microsoft Teams. Default is $false.

EnableSafeDocs boolean

The EnableSafeDocs parameter specifies whether to enable the Safe Documents feature in the organization. Default is $false.

microsoft.exchange.authenticationpolicy object

This resource configures Authentication Policies in Exchange Online.

Identity string required

The Identity parameter specifies the authentication policy you want to view or modify.

AllowBasicAuthActiveSync boolean

The AllowBasicAuthActiveSync switch specifies whether to allow Basic authentication with Exchange Active Sync.

AllowBasicAuthAutodiscover boolean

The AllowBasicAuthAutodiscover switch specifies whether to allow Basic authentication with Autodiscover.

AllowBasicAuthImap boolean

The AllowBasicAuthImap switch specifies whether to allow Basic authentication with IMAP.

AllowBasicAuthMapi boolean

The AllowBasicAuthMapi switch specifies whether to allow Basic authentication with MAPI.

AllowBasicAuthOfflineAddressBook boolean

The AllowBasicAuthOfflineAddressBook switch specifies whether to allow Basic authentication with Offline Address Books.

AllowBasicAuthOutlookService boolean

The AllowBasicAuthOutlookService switch specifies whether to allow Basic authentication with the Outlook service.

AllowBasicAuthPop boolean

The AllowBasicAuthPop switch specifies whether to allow Basic authentication with POP.

AllowBasicAuthPowershell boolean

The AllowBasicAuthPowerShell switch specifies whether to allow Basic authentication with PowerShell.

AllowBasicAuthReportingWebServices boolean

The AllowBasicAuthReporting Web Services switch specifies whether to allow Basic authentication with reporting web services.

AllowBasicAuthRpc boolean

The AllowBasicAuthRpc switch specifies whether to allow Basic authentication with RPC.

AllowBasicAuthSmtp boolean

The AllowBasicAuthSmtp switch specifies whether to allow Basic authentication with SMTP.

AllowBasicAuthWebServices boolean

The AllowBasicAuthWebServices switch specifies whether to allow Basic authentication with Exchange Web Services (EWS).

Ensure

Specify if the authentication Policy should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.authenticationpolicyassignment object

This resource assigns Exchange Online Authentication Policies to users.

UserName string required

Name of the user assigned to the authentication policy.

AuthenticationPolicyName string

Name of the authentication policy.

Ensure

Specify if the authentication Policy should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.availabilityaddressspace object

Create a new AvailabilityAddressSpace in your cloud-based organization.

Identity string required

The Identity parameter specifies the AvailabilityAddressSpace you want to modify.

AccessMethod

The AccessMethod parameter specifies how the free/busy data is accessed. Valid values are:PerUserFB, OrgWideFB, OrgWideFBToken, OrgWideFBBasic,InternalProxy

Examples: "InternalProxy", "OrgWideFB", "OrgWideFBBasic", "OrgWideFBToken", "PerUserFB"

pattern=^([Pp][Ee][Rr][Uu][Ss][Ee][Rr][Ff][Bb]|[Oo][Rr][Gg][Ww][Ii][Dd][Ee][Ff][Bb]|[Oo][Rr][Gg][Ww][Ii][Dd][Ee][Ff][Bb][Tt][Oo][Kk][Ee][Nn]|[Oo][Rr][Gg][Ww][Ii][Dd][Ee][Ff][Bb][Bb][Aa][Ss][Ii][Cc]|[Ii][Nn][Tt][Ee][Rr][Nn][Aa][Ll][Pp][Rr][Oo][Xx][Yy])$

Credentials string

The Credentials parameter specifies the username and password that's used to access the Availability services in the target forest.

ForestName string

The ForestName parameter specifies the SMTP domain name of the target forest for users whose free/busy data must be retrieved. If your users are distributed among multiple SMTP domains in the target forest, run the Add-AvailabilityAddressSpace command once for each SMTP domain.

TargetAutodiscoverEpr string

The TargetAutodiscoverEpr parameter specifies the Autodiscover URL of Exchange Web Services for the external organization. Exchange uses Autodiscover to automatically detect the correct server endpoint for external requests.

TargetServiceEpr string

The TargetServiceEpr parameter specifies the Exchange Online Calendar Service URL of the external Microsoft 365 organization that you're trying to read free/busy information from.

TargetTenantId string

The TargetTenantID parameter specifies the tenant ID of the external Microsoft 365 organization that you're trying to read free/busy information from.

Ensure

Specifies if this AvailabilityAddressSpace should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.availabilityconfig object

This resource configures the Availability Config in Exchange Online.

OrgWideAccount string required

Specify the OrgWideAccount for the AvailabilityConfig.

Ensure

Specify if the AvailabilityConfig should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.calendarprocessing object

This resource configures the Calendar Processing settings Exchange Online.

Identity string required

The Identity parameter specifies the resource mailbox that you want to view. You can use any value that uniquely identifies the mailbox.

AddAdditionalResponse boolean

The AddAdditionalResponse parameter specifies whether additional information (the value of the AdditionalResponse parameter) is added to meeting request responses

AdditionalResponse string

The AdditionalResponse parameter specifies the additional information to be included in responses to meeting requests when the value of the AddAdditionalResponse parameter is $true. If the value contains spaces, enclose the value in quotation marks.

AddNewRequestsTentatively boolean

The AddNewRequestsTentatively parameter specifies whether new meeting requests are added to the calendar as tentative

AddOrganizerToSubject boolean

The AddOrganizerToSubject parameter specifies whether the meeting organizer's name is used as the subject of the meeting request.

AllBookInPolicy boolean

The AllBookInPolicy parameter specifies whether to automatically approve in-policy requests from all users to the resource mailbox.

AllowConflicts boolean

The AllowConflicts parameter specifies whether to allow conflicting meeting requests.

AllowRecurringMeetings boolean

The AllowRecurringMeetings parameter specifies whether to allow recurring meetings in meeting requests.

AllRequestInPolicy boolean

The AllRequestInPolicy parameter specifies whether to allow all users to submit in-policy requests to the resource mailbox.

AllRequestOutOfPolicy boolean

The AllRequestOutOfPolicy parameter specifies whether to allow all users to submit out-of-policy requests to the resource mailbox.

AutomateProcessing

The AutomateProcessing parameter enables or disables calendar processing on the mailbox.

Examples: "AutoAccept", "AutoUpdate", "None"

pattern=^([Nn][Oo][Nn][Ee]|[Aa][Uu][Tt][Oo][Uu][Pp][Dd][Aa][Tt][Ee]|[Aa][Uu][Tt][Oo][Aa][Cc][Cc][Ee][Pp][Tt])$

BookingType

The BookingType parameter specifies how reservations work on the resource mailbox.

Examples: "Reserved", "Standard"

pattern=^([Ss][Tt][Aa][Nn][Dd][Aa][Rr][Dd]|[Rr][Ee][Ss][Ee][Rr][Vv][Ee][Dd])$

BookingWindowInDays integer

The BookingWindowInDays parameter specifies the maximum number of days in advance that the resource can be reserved. A valid value is an integer from 0 through 1080. The default value is 180 days. The value 0 means today.

BookInPolicy string[]

The BookInPolicy parameter specifies users or groups who are allowed to submit in-policy meeting requests to the resource mailbox that are automatically approved. You can use any value that uniquely identifies the user or group.

ConflictPercentageAllowed integer

The ConflictPercentageAllowed parameter specifies the maximum percentage of meeting conflicts for new recurring meeting requests. A valid value is an integer from 0 through 100. The default value is 0.

DeleteAttachments boolean

The DeleteAttachments parameter specifies whether to remove attachments from all incoming messages.

DeleteComments boolean

The DeleteComments parameter specifies whether to remove or keep any text in the message body of incoming meeting requests.

DeleteNonCalendarItems boolean

The DeleteNonCalendarItems parameter specifies whether to remove or keep all non-calendar-related messages that are received by the resource mailbox.

DeleteSubject boolean

The DeleteSubject parameter specifies whether to remove or keep the subject of incoming meeting requests.

EnableAutoRelease boolean

N/A

EnableResponseDetails boolean

The EnableResponseDetails parameter specifies whether to include the reasons for accepting or declining a meeting in the response email message.

EnforceCapacity boolean

The EnforceCapacity parameter specifies whether to restrict the number of attendees to the capacity of the workspace. For example, if capacity is set to 10, then only 10 people can book the workspace.

EnforceSchedulingHorizon boolean

The EnforceSchedulingHorizon parameter controls the behavior of recurring meetings that extend beyond the date specified by the BookingWindowInDays parameter.

ForwardRequestsToDelegates boolean

The ForwardRequestsToDelegates parameter specifies whether to forward incoming meeting requests to the delegates that are configured for the resource mailbox.

MaximumConflictInstances integer

The MaximumConflictInstances parameter specifies the maximum number of conflicts for new recurring meeting requests when the AllowRecurringMeetings parameter is set to $true. A valid value is an integer from 0 through INT32 (2147483647). The default value is 0.

MaximumDurationInMinutes integer

The MaximumDurationInMinutes parameter specifies the maximum duration in minutes for meeting requests. A valid value is an integer from 0 through INT32 (2147483647). The default value is 1440 (24 hours).

MinimumDurationInMinutes integer

The MinimumDurationInMinutes parameter specifies the minimum duration in minutes for meeting requests in workspace mailboxes. A valid value is an integer from 0 through INT32 (2147483647). The default value is 0, which means there is no minimum duration.

OrganizerInfo boolean

The OrganizerInfo parameter specifies whether the resource mailbox sends organizer information when a meeting request is declined because of conflicts.

PostReservationMaxClaimTimeInMinutes integer

N/A

ProcessExternalMeetingMessages boolean

The ProcessExternalMeetingMessages parameter specifies whether to process meeting requests that originate outside the Exchange organization.

RemoveCanceledMeetings boolean

The RemoveCanceledMeetings parameter specifies whether to automatically delete meetings that were cancelled by the organizer from the resource mailbox's calendar.

RemoveForwardedMeetingNotifications boolean

The RemoveForwardedMeetingNotifications parameter specifies whether forwarded meeting notifications are moved to the Deleted Items folder after they're processed by the Calendar Attendant.

RemoveOldMeetingMessages boolean

The RemoveOldMeetingMessages parameter specifies whether the Calendar Attendant removes old and redundant updates and responses.

RemovePrivateProperty boolean

The RemovePrivateProperty parameter specifies whether to clear the private flag for incoming meetings that were sent by the organizer in the original requests.

RequestInPolicy string[]

The RemovePrivateProperty parameter specifies whether to clear the private flag for incoming meetings that were sent by the organizer in the original requests.

RequestOutOfPolicy string[]

The RequestOutOfPolicy parameter specifies users who are allowed to submit out-of-policy requests that require approval by a resource mailbox delegate. You can use any value that uniquely identifies the user.

ResourceDelegates string[]

The ResourceDelegates parameter specifies users can approve or reject requests that are sent to the resource mailbox. You can use any value that uniquely identifies the user.

ScheduleOnlyDuringWorkHours boolean

The ScheduleOnlyDuringWorkHours parameter specifies whether to allow meetings to be scheduled outside of the working hours that are defined for the resource mailbox.

TentativePendingApproval boolean

The TentativePendingApproval parameter specifies whether to mark pending requests as tentative on the calendar.

Ensure

Determines whether or not the instance exist.

Examples: "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$

microsoft.exchange.casmailboxplan object

This resource configures Client Access services (CAS) mailbox plans in cloud-based organizations.

Identity string required

The Identity parameter specifies the CAS Mailbox Plan that you want to modify.

DisplayName string

The display name of the CAS Mailbox Plan.

Ensure

CASMailboxPlans cannot be created/removed in O365. This must be set to 'Present'

Examples: "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$

ActiveSyncEnabled boolean

The ActiveSyncEnabled parameter enables or disables access to the mailbox by using Exchange Active Sync. Default is $true.

ImapEnabled boolean

The ImapEnabled parameter enables or disables access to the mailbox by using IMAP4 clients. The default value is $true for all CAS mailbox plans except ExchangeOnlineDeskless which is $false by default.

OwaMailboxPolicy string

The OwaMailboxPolicy parameter specifies the Outlook on the web (formerly known as Outlook Web App) mailbox policy for the mailbox plan. The default value is OwaMailboxPolicy-Default. You can use the Get-OwaMailboxPolicy cmdlet to view the available Outlook on the web mailbox policies.

PopEnabled boolean

The PopEnabled parameter enables or disables access to the mailbox by using POP3 clients. Default is $true.

microsoft.exchange.casmailboxsettings object

This resource configures CAS mailbox settings.

Identity string required

The Identity parameter specifies the mailbox that you want to configure.

ActiveSyncAllowedDeviceIDs string[]

TheActiveSyncAllowedDeviceIDs parameter specifies one or more Exchange ActiveSync device IDs that are allowed to synchronize with the mailbox.

ActiveSyncBlockedDeviceIDs string[]

The ActiveSyncBlockedDeviceIDs parameter specifies one or more Exchange ActiveSync device IDs that aren't allowed to synchronize with the mailbox.

ActiveSyncDebugLogging boolean

The ActiveSyncDebugLogging parameter enables or disables Exchange ActiveSync debug logging for the mailbox.

ActiveSyncEnabled boolean

The ActiveSyncEnabled parameter enables or disables access to the mailbox using Exchange ActiveSync.

ActiveSyncMailboxPolicy string

The ActiveSyncMailboxPolicy parameter specifies the Exchange ActiveSync mailbox policy for the mailbox.

ActiveSyncSuppressReadReceipt boolean

The ActiveSyncSuppressReadReceipt parameter controls the behavior of read receipts for Exchange ActiveSync clients that access the mailbox.

EwsAllowEntourage boolean

The EwsAllowEntourage parameter enables or disables access to the mailbox by Microsoft Entourage clients that use Exchange Web Services.

EwsAllowList string[]

The EwsAllowList parameter specifies the Exchange Web Services applications (user agent strings) that are allowed to access the mailbox.

EwsAllowMacOutlook boolean

The EwsAllowMacOutlook parameter enables or disables access to the mailbox by Outlook for Mac clients that use Exchange Web Services.

EwsAllowOutlook boolean

The EwsAllowOutlook parameter enables or disables access to the mailbox by Outlook clients that use Exchange Web Services.

EwsApplicationAccessPolicy string

The EwsApplicationAccessPolicy parameter controls access to the mailbox using Exchange Web Services applications.

EwsBlockList string[]

The EwsBlockList parameter specifies the Exchange Web Services applications (user agent strings) that aren't allowed to access the mailbox using Exchange Web Services.

EwsEnabled boolean

The EwsEnabled parameter enables or disables access to the mailbox using Exchange Web Services clients.

ImapEnabled boolean

The ImapEnabled parameter enables or disables access to the mailbox using IMAP4 clients.

ImapMessagesRetrievalMimeFormat string

The ImapMessagesRetrievalMimeFormat parameter specifies the message format for IMAP4 clients that access the mailbox.

ImapForceICalForCalendarRetrievalOption boolean

The ImapForceICalForCalendarRetrievalOption parameter specifies how meeting requests are presented to IMAP4 clients that access the mailbox.

ImapSuppressReadReceipt boolean

The ImapSuppressReadReceipt parameter controls the behavior of read receipts for IMAP4 clients that access the mailbox.

ImapUseProtocolDefaults boolean

The ImapUseProtocolDefaults parameter specifies whether to use the IMAP4 protocol defaults for the mailbox.

MacOutlookEnabled boolean

The MacOutlookEnabled parameter enables or disables access to the mailbox using Outlook for Mac clients that use Microsoft Sync technology.

MAPIEnabled boolean

The MAPIEnabled parameter enables or disables access to the mailbox using MAPI clients (for example, Outlook).

OneWinNativeOutlookEnabled boolean

The OneWinNativeOutlookEnabled parameter enables or disables access to the mailbox using the new Outlook for Windows.

OutlookMobileEnabled boolean

The OutlookMobileEnabled parameter enables or disables access to the mailbox using Outlook for iOS and Android.

OWAEnabled boolean

The OWAEnabled parameter enables or disables access to the mailbox using Outlook on the web (formerly known as Outlook Web App or OWA).

OWAforDevicesEnabled boolean

The OWAforDevicesEnabled parameter enables or disables access to the mailbox using the older Outlook Web App (OWA) app on iOS and Android devices.

OwaMailboxPolicy string

The OwaMailboxPolicy parameter specifies the Outlook on the web mailbox policy for the mailbox.

PopEnabled boolean

The PopEnabled parameter enables or disables access to the mailbox using POP3 clients.

PopForceICalForCalendarRetrievalOption boolean

The PopForceICalForCalendarRetrievalOption parameter specifies how meeting requests are presented to POP3 clients that access the mailbox.

PopMessagesRetrievalMimeFormat string

The PopMessagesRetrievalMimeFormat parameter specifies the message format for POP3 clients that access the mailbox.

PopSuppressReadReceipt boolean

The PopSuppressReadReceipt parameter controls the behavior of read receipts for POP3 clients that access the mailbox.

PopUseProtocolDefaults boolean

The PopUseProtocolDefaults parameter specifies whether to use the POP3 protocol defaults for the mailbox.

PublicFolderClientAccess boolean

The PublicFolderClientAccess parameter enables or disables access to public folders in Microsoft Outlook.

ShowGalAsDefaultView boolean

The ShowGalAsDefaultView parameter specifies whether the global address list (GAL) is the default recipient picker for messages.

SmtpClientAuthenticationDisabled boolean

The SmtpClientAuthenticationDisabled parameter specifies whether to disable authenticated SMTP (SMTP AUTH) for the mailbox.

UniversalOutlookEnabled boolean

The UniversalOutlookEnabled parameter enables or disables access to the mailbox using Windows 10 Mail and Calendar.

Ensure

Present ensures the Mailbox CAS settings are applied.

Examples: "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$

microsoft.exchange.clientaccessrule object

This resource configures Client Access sRules. Client Access Rules help you control access to your organization based on the properties of the connection.

Note: Not all authentication types are supported for all protocols.

The supported authentication types per protocol can be found here: https://docs.microsoft.com/en-us/exchange/clients-and-mobile-in-exchange-online/client-access-rules/client-access-rules

Identity string required

The Identity parameter specifies the client access rule that you want to modify.

Action required

The Action parameter specifies the action for the client access rule. Valid values for this parameter are AllowAccess and DenyAccess.

Examples: "AllowAccess", "DenyAccess"

pattern=^([Aa][Ll][Ll][Oo][Ww][Aa][Cc][Cc][Ee][Ss][Ss]|[Dd][Ee][Nn][Yy][Aa][Cc][Cc][Ee][Ss][Ss])$

AnyOfAuthenticationTypes array

The AnyOfAuthenticationTypes parameter specifies a condition for the client access rule that is based on the client's authentication type. Valid values for this parameter are AdfsAuthentication, BasicAuthentication, CertificateBasedAuthentication, NonBasicAuthentication, OAuthAuthentication.

AnyOfClientIPAddressesOrRanges string[]

The AnyOfClientIPAddressesOrRanges parameter specifies a condition for the client access rule that is based on the client's IP address. Valid values for this parameter are: A single IP address, an IP address range, a CIDR IP.

AnyOfProtocols array

The AnyOfProtocols parameter specifies a condition for the client access rule that is based on the client's protocol. Valid values for this parameter are ExchangeActiveSync,ExchangeAdminCenter,ExchangeWebServices,IMAP4,OfflineAddressBook,OutlookAnywhere,OutlookWebApp,POP3,PowerShellWebServices,RemotePowerShell,REST,UniversalOutlook.

Enabled boolean

The Enabled parameter specifies whether the client access rule is enabled or disabled. Default is $true.

ExceptAnyOfAuthenticationTypes array

The ExceptAnyOfAuthenticationTypes parameter specifies an exception for the client access rule that is based on the client's authentication type. Valid values for this parameter are AdfsAuthentication, BasicAuthentication, CertificateBasedAuthentication, NonBasicAuthentication, OAuthAuthentication.

ExceptAnyOfClientIPAddressesOrRanges string[]

The ExceptAnyOfClientIPAddressesOrRanges parameter specifies an exception for the client access rule that is based on the client's IP address. Valid values for this parameter are: A single IP address, an IP address range, a CIDR IP.

ExceptAnyOfProtocols array

The ExceptAnyOfProtocols parameter specifies an exception for the client access rule that is based on the client's protocol. Valid values for this parameter are ExchangeActiveSync,ExchangeAdminCenter,ExchangeWebServices,IMAP4,OfflineAddressBook,OutlookAnywhere,OutlookWebApp,POP3,PowerShellWebServices,RemotePowerShell,REST,UniversalOutlook.

ExceptUsernameMatchesAnyOfPatterns string[]

The ExceptUsernameMatchesAnyOfPatterns parameter specifies an exception for the client access rule that is based on the user's account name.

Priority integer

The Priority parameter specifies a priority value for the client access rule. A lower integer value indicates a higher priority, and a higher priority rule is evaluated before a lower priority rule. The default value is 1.

RuleScope

The RuleScope parameter specifies the scope of the client access rule. Valid values are All and Users

Examples: "All", "Users"

pattern=^([Aa][Ll][Ll]|[Uu][Ss][Ee][Rr][Ss])$

UserRecipientFilter string

The UserRecipientFilter parameter specifies a condition for the client access rule that uses OPath filter syntax to identify the user.

UsernameMatchesAnyOfPatterns string[]

The UsernameMatchesAnyOfPatterns parameter specifies a condition for the client access rule that is based on the user's account name.

Ensure

Specifies if this Client Access Rule should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.dataclassification object

Create a new data classification policy in your cloud-based organization.

Identity string required

The Identity parameter specifies the data classification rule that you want to modify.

Description string

The Description parameter specifies a description for the data classification rule. You use the Description parameter with the Locale and Name parameters to specify descriptions for the data classification rule in different languages.

Fingerprints string[]

The Fingerprints parameter specifies the byte-encoded document files that are used as fingerprints by the data classification rule.

IsDefault boolean

IsDefault is used with the Locale parameter to specify the default language for the data classification rule.

Locale string

The Locale parameter adds or removes languages that are associated with the data classification rule.

Name string

The Name parameter specifies a name for the data classification rule. The value must be less than 256 characters.

Ensure

Specifies if this policy should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.dataencryptionpolicy object

Create a new Data Encryption policy in your cloud-based organization.

Identity string required

The Identity parameter specifies the data encryption policy that you want to modify.

AzureKeyIDs string[]

The AzureKeyIDs parameter specifies the URI values of the Azure Key Vault keys to associate with the data encryption policy.

Description string

The Description parameter specifies an optional description for the data encryption policy

Enabled boolean

The Enabled parameter enables or disable the data encryption policy.

Name string

The Name parameter specifies the unique name for the data encryption policy.

PermanentDataPurgeContact string

The PermanentDataPurgeContact parameter specifies a contact for the purge of all data that's encrypted by the data encryption policy.

PermanentDataPurgeReason string

The PermanentDataPurgeReason parameter specifies a descriptive reason for the purge of all data that's encrypted by the data encryption policy

Ensure

Specifies if this policy should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.distributiongroup object

This resource configures Exchange Online distribution groups.

Identity string required

The Identity parameter specifies the distribution group or mail-enabled security group that you want to modify. You can use any value that uniquely identifies the group.

Name string required

The Name parameter specifies a unique name for the address list.

Alias string

Exchange alias (also known as the mail nickname) for the recipient

BccBlocked boolean

Is Bcc blocked for the distribution group.

BypassNestedModerationEnabled boolean

The ByPassNestedModerationEnabled parameter specifies how to handle message approval when a moderated group contains other moderated groups as members.

Description string

Description of the distribution group.

DisplayName string

The DisplayName parameter specifies the display name of the group. The display name is visible in the Exchange admin center and in address lists. The maximum length is 256 characters.

HiddenGroupMembershipEnabled boolean

The HiddenGroupMembershipEnabled switch specifies whether to hide the members of the distribution group from members of the group and users who aren't members of the group.

ManagedBy string[]

The ManagedBy parameter specifies an owner for the group. A group must have at least one owner.

MemberDepartRestriction

The MemberDepartRestriction parameter specifies the restrictions that you put on requests to leave the group. Valid values are: Open & Closed

Examples: "Closed", "Open"

pattern=^([Oo][Pp][Ee][Nn]|[Cc][Ll][Oo][Ss][Ee][Dd])$

MemberJoinRestriction

The MemberJoinRestriction parameter specifies the restrictions that you put on requests to join the group. Valid values are: Open, Closed & ApprovalRequired

Examples: "ApprovalRequired", "Closed", "Open"

pattern=^([Oo][Pp][Ee][Nn]|[Cc][Ll][Oo][Ss][Ee][Dd]|[Aa][Pp][Pp][Rr][Oo][Vv][Aa][Ll][Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd])$

Members string[]

The Members parameter specifies the recipients (mail-enabled objects) that are members of the group. You can use any value that uniquely identifies the recipient.

ModeratedBy string[]

The ModeratedBy parameter specifies one or more moderators for this group. A moderator approves messages sent to the group before the messages are delivered. A moderator must be a mailbox, mail user, or mail contact in your organization. You can use any value that uniquely identifies the moderator.

ModerationEnabled boolean

The ModerationEnabled parameter specifies whether moderation is enabled for this recipient.

Notes string

The Notes parameters specifies additional information about the object.

OrganizationalUnit string

The OrganizationalUnit parameter specifies the location in Active Directory where the group is created.

PrimarySmtpAddress string

The PrimarySmtpAddress parameter specifies the primary return email address that's used for the recipient.

RequireSenderAuthenticationEnabled boolean

The RequireSenderAuthenticationEnabled parameter specifies whether to accept messages only from authenticated (internal) senders.

RoomList boolean

The RoomList switch specifies that all members of this distribution group are room mailboxes. You don't need to specify a value with this switch.

AcceptMessagesOnlyFrom string[]

The AcceptMessagesOnlyFrom parameter specifies who is allowed to send messages to this recipient. Messages from other senders are rejected.

AcceptMessagesOnlyFromDLMembers string[]

The AcceptMessagesOnlyFromDLMembers parameter specifies who is allowed to send messages to this recipient. Messages from other senders are rejected.

AcceptMessagesOnlyFromSendersOrMembers string[]

The AcceptMessagesOnlyFromSendersOrMembers parameter specifies who is allowed to send messages to this recipient. Messages from other senders are rejected.

CustomAttribute1 string

This parameter specifies a value for the CustomAttribute1 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute2 string

This parameter specifies a value for the CustomAttribute2 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute3 string

This parameter specifies a value for the CustomAttribute3 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute4 string

This parameter specifies a value for the CustomAttribute4 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute5 string

This parameter specifies a value for the CustomAttribute5 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute6 string

This parameter specifies a value for the CustomAttribute6 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute7 string

This parameter specifies a value for the CustomAttribute7 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute8 string

This parameter specifies a value for the CustomAttribute8 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute9 string

This parameter specifies a value for the CustomAttribute9 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute10 string

This parameter specifies a value for the CustomAttribute10 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute11 string

This parameter specifies a value for the CustomAttribute11 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute12 string

This parameter specifies a value for the CustomAttribute12 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute13 string

This parameter specifies a value for the CustomAttribute13 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute14 string

This parameter specifies a value for the CustomAttribute14 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

CustomAttribute15 string

This parameter specifies a value for the CustomAttribute15 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. The maximum length is 1024 characters. If the value contains spaces, enclose the value in quotation marks.

EmailAddresses string[]

The EmailAddresses parameter specifies all email addresses (proxy addresses) for the recipient, including the primary SMTP address. In on-premises Exchange organizations, the primary SMTP address and other proxy addresses are typically set by email address policies. However, you can use this parameter to configure other proxy addresses for the recipient.

GrantSendOnBehalfTo string[]

The GrantSendOnBehalfTo parameter specifies who can send on behalf of this group. Although messages send on behalf of the group clearly show the sender in the From field ( on behalf of ), replies to these messages are delivered to the group, not the sender.

HiddenFromAddressListsEnabled boolean

The HiddenFromAddressListsEnabled parameter specifies whether this recipient is visible in address lists.

SendOofMessageToOriginatorEnabled boolean

The SendOofMessageToOriginatorEnabled parameter specifies how to handle out of office (OOF) messages for members of the group.

SendModerationNotifications

The SendModerationNotifications parameter specifies when moderation notification messages are sent. Valid values are: Always, Internal, Never.

Examples: "Always", "Internal", "Never"

pattern=^([Aa][Ll][Ww][Aa][Yy][Ss]|[Ii][Nn][Tt][Ee][Rr][Nn][Aa][Ll]|[Nn][Ee][Vv][Ee][Rr])$

Type

The Type parameter specifies the type of group that you want to create. Valid values are: Distribution, Security

Examples: "Distribution", "Security"

pattern=^([Dd][Ii][Ss][Tt][Rr][Ii][Bb][Uu][Tt][Ii][Oo][Nn]|[Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy])$

Ensure

Specifies if this AddressList should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.dkimsigningconfig object

This resource configures the DomainKeys Identified Mail (DKIM) signing policy settings for domains in a cloud-based organization.

Identity string required

The Identity parameter specifies the DKIM signing policy that you want to modify. This should be the FQDN.

AdminDisplayName string

The AdminDisplayName parameter specifies a description for the policy.

BodyCanonicalization

The BodyCanonicalization parameter specifies the canonicalization algorithm that's used to create and verify the message body part of the DKIM signature. This value effectively controls the sensitivity of DKIM to changes to the message body in transit. Valid values are 'Simple' or 'Relaxed'. 'Relaxed' is the default.

Examples: "Relaxed", "Simple"

pattern=^([Ss][Ii][Mm][Pp][Ll][Ee]|[Rr][Ee][Ll][Aa][Xx][Ee][Dd])$

HeaderCanonicalization

The HeaderCanonicalization parameter specifies the canonicalization algorithm that's used to create and verify the message header part of the DKIM signature. This value effectively controls the sensitivity of DKIM to changes to the message headers in transit. Valid values are 'Simple' or 'Relaxed'. 'Relaxed' is the default.

Examples: "Relaxed", "Simple"

pattern=^([Ss][Ii][Mm][Pp][Ll][Ee]|[Rr][Ee][Ll][Aa][Xx][Ee][Dd])$

KeySize

The KeySize parameter specifies the size in bits of the public key that's used in the DKIM signing policy. Valid values are 1024 and 2048

Examples: 1024, 2048

pattern=^(1024|2048)$

Enabled boolean

The Enabled parameter specifies whether the DKIM Signing Configuration is enabled or disabled. Default is $true.

Ensure

Specifies if this Client Access Rule should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.emailaddresspolicy object

This resource configures Email address policies in Exchange Online.

Name string required

The Name parameter specifies the unique name of the email address policy. The maximum length is 64 characters.

Priority string

The Priority parameter specifies the order that the email address policies are evaluated. By default, every time that you add a new email address policy, the policy is assigned a priority of N+1, where N is the number of email address policies that you've created.

EnabledEmailAddressTemplates string[]

The EnabledEmailAddressTemplates parameter specifies the rules in the email address policy that are used to generate email addresses for recipients.

EnabledPrimarySMTPAddressTemplate string[]

The EnabledPrimarySMTPAddressTemplate parameter specifies the specifies the rule in the email address policy that's used to generate the primary SMTP email addresses for recipients. You can use this parameter instead of the EnabledEmailAddressTemplates if the policy only applies the primary email address and no additional proxy addresses.

ManagedByFilter string

The ManagedByFilter parameter specifies the email address policies to apply to Office 365 groups based on the properties of the users who create the Office 365 groups.

Ensure

Specify if the Email Address Policy should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.eopprotectionpolicyrule object

This resource configures EOP Protection Policy Rules.

Identity string required

The Identity parameter specifies the rule that you want to view. You can use any value that uniquely identifies the rule.

Comments string

The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.

ExceptIfRecipientDomainIs string[]

The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email addresses in the specified domains. You can specify multiple domains separated by commas.

ExceptIfSentTo string[]

The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.

ExceptIfSentToMemberOf string[]

The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.

State string

This parameter define if the rule is enabled or disabled

Name string

The Name parameter specifies a unique name for the rule. The maximum length is 64 characters.

Priority integer

RecipientDomainIs string[]

The RecipientDomainIs parameter specifies a condition that looks for recipients with email addresses in the specified domains. You can specify multiple domains separated by commas.

SentTo string[]

The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient.

SentToMemberOf string[]

The SentToMemberOf parameter specifies a condition that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You can use any value that uniquely identifies the group.

Ensure

Present ensures the instance exists, absent ensures it is removed.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.externalinoutlook object

This resource will use Set-ExternalInOutlook cmdlet to modify the configuration of external sender identification that's available in Outlook, Outlook for Mac, Outlook on the web, and Outlook for iOS and Android.

Identity string required

OrganisationIDParameter, not needed for cmdlet Functionality, use 'ExternalinOutlook' to use the same configuration for multiple Tenants

Enabled boolean

The Enabled parameter enables or disables external sender identification in supported versions of Outlook. Valid values are:$true: External sender identification in Outlook is enabled. An External icon is added in the area of the subject line of messages from external senders. To exempt specific senders or sender domains from this identification, use the AllowList parameter.$false: External sender identification in Outlook is disabled.

AllowList string[]

The AllowList parameter specifies exceptions to external sender identification in supported versions of Outlook. Messages received from the specified senders or senders in the specified domains don't receive native External sender identification. The allow list uses the 5322.From address (also known as the From address or P2 sender). Valid values are an individual domain (contoso.com), a domain and all subdomains (*.contoso.com) or email addresses ([email protected]).

Ensure

Present ensures the instance exists, absent ensures it is removed.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.globaladdresslist object

This resource configures Global Address Lists in Exchange Online.

Name string required

The Name parameter specifies the unique name of the GAL. The maximum length is 64 characters.

ConditionalCompany string[]

The ConditionalCompany parameter specifies a precanned filter that's based on the value of the recipient's Company property.

ConditionalCustomAttribute1 string[]

The ConditionalCustomAttribute1 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute1 property.

ConditionalCustomAttribute10 string[]

The ConditionalCustomAttribute10 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute10 property.

ConditionalCustomAttribute11 string[]

The ConditionalCustomAttribute11 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute11 property.

ConditionalCustomAttribute12 string[]

The ConditionalCustomAttribute12 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute12 property.

ConditionalCustomAttribute13 string[]

The ConditionalCustomAttribute13 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute13 property.

ConditionalCustomAttribute14 string[]

The ConditionalCustomAttribute14 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute14 property.

ConditionalCustomAttribute15 string[]

The ConditionalCustomAttribute15 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute15 property.

ConditionalCustomAttribute2 string[]

The ConditionalCustomAttribute2 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute2 property.

ConditionalCustomAttribute3 string[]

The ConditionalCustomAttribute3 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute3 property.

ConditionalCustomAttribute4 string[]

The ConditionalCustomAttribute4 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute4 property.

ConditionalCustomAttribute5 string[]

The ConditionalCustomAttribute5 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute5 property.

ConditionalCustomAttribute6 string[]

The ConditionalCustomAttribute6 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute6 property.

ConditionalCustomAttribute7 string[]

The ConditionalCustomAttribute7 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute7 property.

ConditionalCustomAttribute8 string[]

The ConditionalCustomAttribute8 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute8 property.

ConditionalCustomAttribute9 string[]

The ConditionalCustomAttribute9 parameter specifies a precanned filter that's based on the value of the recipient's CustomAttribute9 property.

ConditionalDepartment string[]

The ConditionalDepartment parameter specifies a precanned filter that's based on the value of the recipient's Department property.

ConditionalStateOrProvince string[]

The ConditionalStateOrProvince parameter specifies a precanned filter that's based on the value of the recipient's StateOrProvince property.

IncludedRecipients array

The IncludedRecipients parameter specifies a precanned filter that's based on the recipient type.

RecipientFilter string

The RecipientFilter parameter specifies an OPath filter that's based on the value of any available recipient property.

Ensure

Specify if the Global Address List should exist or not.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.groupsettings object

This resource configures settings on groups such as the custom attributes and language.

DisplayName string required

The DisplayName parameter specifies the name of the Microsoft 365 Group. The display name is visible in the Exchange admin center, address lists, and Outlook. The maximum length is 64 characters.

Id string

The unique Id of the group

AcceptMessagesOnlyFromSendersOrMembers string[]

The AcceptMessagesOnlyFromSendersOrMembers parameter specifies who is allowed to send messages to this recipient. Messages from other senders are rejected.

AccessType

Private

Examples: "Private", "Public"

pattern=^([Pp][Uu][Bb][Ll][Ii][Cc]|[Pp][Rr][Ii][Vv][Aa][Tt][Ee])$

AlwaysSubscribeMembersToCalendarEvents boolean

The AlwaysSubscribeMembersToCalendarEvents switch controls the default subscription settings of new members that are added to the Microsoft 365 Group. Changing this setting doesn't affect existing group members.

AuditLogAgeLimit string

AutoSubscribeNewMembers boolean

The AutoSubscribeNewMembers switch specifies whether to automatically subscribe new members that are added to the Microsoft 365 Group to conversations and calendar events. Only users that are added to the group after you enable this setting are automatically subscribed to the group.

CalendarMemberReadOnly boolean

The CalendarMemberReadOnly parameter specifies whether to set read-only Calendar permissions to the Microsoft 365 Group for members of the group.

Classification string

The CalendarMemberReadOnly switch specifies whether to set read-only Calendar permissions to the Microsoft 365 Group for members of the group.

ConnectorsEnabled boolean

The CalendarMemberReadOnly switch specifies whether to set read-only Calendar permissions to the Microsoft 365 Group for members of the group.

CustomAttribute1 string

CustomAttribute2 string

CustomAttribute3 string

CustomAttribute4 string

CustomAttribute5 string

CustomAttribute6 string

CustomAttribute7 string

CustomAttribute8 string

CustomAttribute9 string

CustomAttribute10 string

CustomAttribute11 string

CustomAttribute12 string

CustomAttribute13 string

CustomAttribute14 string

CustomAttribute15 string

DataEncryptionPolicy string

The DataEncryptionPolicy parameter specifies the data encryption policy that's applied to the Microsoft 365 Group.

EmailAddresses string[]

The EmailAddresses parameter specifies all the email addresses (proxy addresses) for the recipient, including the primary SMTP address.

ExtensionCustomAttribute1 string

This parameter specifies a value for the ExtensionCustomAttribute1 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. You can specify up to 1300 values separated by commas.

ExtensionCustomAttribute2 string

This parameter specifies a value for the ExtensionCustomAttribute2 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. You can specify up to 1300 values separated by commas.

ExtensionCustomAttribute3 string

This parameter specifies a value for the ExtensionCustomAttribute3 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. You can specify up to 1300 values separated by commas.

ExtensionCustomAttribute4 string

This parameter specifies a value for the ExtensionCustomAttribute4 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. You can specify up to 1300 values separated by commas.

ExtensionCustomAttribute5 string

This parameter specifies a value for the ExtensionCustomAttribute5 property on the recipient. You can use this property to store custom information about the recipient, and to identify the recipient in filters. You can specify up to 1300 values separated by commas.

GrantSendOnBehalfTo string[]

The GrantSendOnBehalfTo parameter specifies who can send on behalf of this Microsoft 365 Group.

HiddenFromAddressListsEnabled boolean

The GrantSendOnBehalfTo parameter specifies who can send on behalf of this Microsoft 365 Group.

HiddenFromExchangeClientsEnabled boolean

The HiddenFromExchangeClientsEnabled switch specifies whether the Microsoft 365 Group is hidden from Outlook clients connected to Microsoft 365.

InformationBarrierMode

The InformationBarrierMode parameter specifies the information barrier mode for the Microsoft 365 Group.

Examples: "Explicit", "Implicit", "Open", "OwnerModerated"

pattern=^([Ee][Xx][Pp][Ll][Ii][Cc][Ii][Tt]|[Ii][Mm][Pp][Ll][Ii][Cc][Ii][Tt]|[Oo][Pp][Ee][Nn]|[Oo][Ww][Nn][Ee][Rr][Mm][Oo][Dd][Ee][Rr][Aa][Tt][Ee][Dd])$

IsMemberAllowedToEditContent boolean

This parameter specifies whether or not members are allow to edit content.

Language string

The Language parameter specifies language preference for the Microsoft 365 Group.

MailboxRegion string

The MailboxRegion parameter specifies the preferred data location (PDL) for the Microsoft 365 Group in multi-geo environments.

MailTip string

The MailTip parameter specifies the custom MailTip text for this recipient. The MailTip is shown to senders when they start drafting an email message to this recipient.

MailTipTranslations string

The MailTipTranslations parameter specifies additional languages for the custom MailTip text that's defined by the MailTip parameter.

MaxReceiveSize string

The MaxReceiveSize parameter specifies the maximum size of an email message that can be sent to this group. Messages that exceed the maximum size are rejected by the group.

MaxSendSize string

The MaxSendSize parameter specifies the maximum size of an email message that can be sent by this group.

ModeratedBy string[]

The ModeratedBy parameter specifies one or more moderators for this recipient. A moderator approves messages sent to the recipient before the messages are delivered. A moderator must be a mailbox, mail user, or mail contact in your organization. You can use any value that uniquely identifies the moderator.

ModerationEnabled boolean

The ModerationEnabled parameter specifies whether moderation is enabled for this recipient.

Notes string

The Notes parameter specifies the description of the Microsoft 365 Group. If the value contains spaces, enclose the value in quotation marks.

PrimarySmtpAddress string

The PrimarySmtpAddress parameter specifies the primary return email address that's used for the recipient. You can't use the EmailAddresses and PrimarySmtpAddress parameters in the same command.

RejectMessagesFromSendersOrMembers string[]

The RejectMessagesFromSendersOrMembers parameter specifies who isn't allowed to send messages to this recipient. Messages from these senders are rejected.

RequireSenderAuthenticationEnabled boolean

The RequireSenderAuthenticationEnabled parameter specifies whether to accept messages only from authenticated (internal) senders.

SensitivityLabelId string

The SensitivityLabelId parameter specifies the GUID value of the sensitivity label that's assigned to the Microsoft 365 Group.

SubscriptionEnabled boolean

The SubscriptionEnabled switch specifies whether the group owners can enable subscription to conversations and calendar events on the groups they own.

UnifiedGroupWelcomeMessageEnabled boolean

The UnifiedGroupWelcomeMessageEnabled switch specifies whether to enable or disable sending system-generated welcome messages to users who are added as members to the Microsoft 365 Group.

microsoft.exchange.hostedconnectionfilterpolicy object

This resource configures the settings of connection filter policies in your cloud-based organization.

Identity string required

The Identity parameter specifies the Hosted Connection Filter Policy that you want to modify.

AdminDisplayName string

The AdminDisplayName parameter specifies a description for the policy.

EnableSafeList boolean

The EnableSafeList parameter enables or disables use of the safe list. The safe list is a dynamic allow list in the Microsoft datacenter that requires no customer configuration. Valid input for this parameter is $true or $false. The default value is $false.

IPAllowList string[]

The IPAllowList parameter specifies IP addresses from which messages are always allowed. Messages from the IP addresses you specify won't be identified as spam, despite any other spam characteristics of the messages. Valid values for this parameter are: A single IP address, an IP address range, a CIDR IP.

IPBlockList string[]

The IPBlockList parameter specifies IP addresses from which messages are never allowed. Messages from the IP addresses you specify are blocked without any further spam scanning. Valid values for this parameter are: A single IP address, an IP address range, a CIDR IP.

MakeDefault boolean

The MakeDefault parameter makes the specified policy the default connection filter policy. Default is $false.

Ensure

Specifies if this Hosted Connection Filter Policy should exist.

Examples: "Absent", "Present"

pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$

microsoft.exchange.hostedcontentfilterpolicy object

This resource configures the settings of connection filter policies in your cloud-based organization.

Identity string required

The Identity parameter specifies the name of the Hosted Content Filter Policy that you want to modify.

AddXHeaderValue string

The AddXHeaderValue parameter specifies the X-header value to add to spam messages when an action parameter is set to the value AddXHeader.

AdminDisplayName string

The AdminDisplayName parameter specifies a description for the policy.

AllowedSenderDomains string[]

The AllowedSenderDomains parameter specifies trusted domains that aren't processed by the spam filter.

AllowedSenders string[]

The AllowedSenders parameter specifies a list of trusted senders that aren't processed by the spam filter.

BlockedSenderDomains string[]

The BlockedSenderDomains parameter specifies domains that are always marked as spam sources.

BlockedSenders string[]

The BlockedSenders parameter specifies senders that are always marked as spam sources.

BulkQuarantineTag string

The BulkQuarantineTag parameter specifies the quarantine policy that's used on messages that are quarantined as bulk email.

BulkSpamAction

The BulkSpamAction parameter specifies the action to take on messages that are classified as bulk email.

Examples: "AddXHeader", "Delete", "ModifySubject", "MoveToJmf", "NoAction", "Quarantine", "Redirect"

BulkThreshold integer

The BulkThreshold parameter specifies the Bulk Complaint Level (BCL) threshold setting. Valid values are from 1 - 9, where 1 marks most bulk email as spam, and 9 allows the most bulk email to be delivered. The default value is 7.

DownloadLink boolean

The DownloadLink parameter shows or hides a link in end-user spam notification messages to download the Junk Email Reporting Tool plugin for Outlook. Valid input for this parameter is $true or $false. The default value is $false.

EnableEndUserSpamNotifications boolean

The EnableEndUserSpamNotification parameter enables for disables sending end-user spam quarantine notification messages. Valid input for this parameter is $true or $false. The default value is $false.

EnableLanguageBlockList boolean

The EnableLanguageBlockList parameter enables or disables blocking email messages that are written in specific languages, regardless of the message contents. Valid input for this parameter is $true or $false. The default value is $false.

EnableRegionBlockList boolean

The EnableRegionBlockList parameter enables or disables blocking email messages that are sent from specific countries or regions, regardless of the message contents. Valid input for this parameter is $true or $false. The default value is $false.

EndUserSpamNotificationCustomSubject string

The EndUserSpamNotificationCustomSubject parameter specifies a custom subject for end-user spam notification messages.

EndUserSpamNotificationFrequency integer

The EndUserSpamNotificationFrequency parameter specifies the repeat interval in days that end-user spam notification messages are sent. Valid input for this parameter is an integer between 1 and 15. The default value is 3.

EndUserSpamNotificationLanguage

The EndUserSpamNotificationLanguage parameter specifies the language of end-user spam notification messages. The default value is Default. This means the default language of end-user spam notification messages is the default language of the cloud-based organization.

Examples: "Amharic", "Arabic", "Basque", "BengaliIndia", "Bulgarian", "Catalan", "ChineseSimplified", "ChineseTraditional", "Croatian", "Cyrillic", "Czech", "Danish", "Default", "Dutch", "English", "Estonian", "Farsi", "Filipino", "Finnish", "French", "Galician", "German", "Greek", "Gujarati", "Hebrew", "Hindi", "Hungarian", "Icelandic", "Indonesian", "Italian", "Japanese", "Kannada", "Kazakh", "Korean", "Latvian", "Lithuanian", "Malay", "Malayalam", "Marathi", "Norwegian", "NorwegianNynorsk", "Oriya", "Polish", "Portuguese", "PortuguesePortugal", "Romanian", "Russian", "Serbian", "SerbianCyrillic", "Slovak", "Slovenian", "Spanish", "Swahili", "Swedish", "Tamil", "Telugu", "Thai", "Turkish", "Ukrainian", "Urdu", "Vietnamese"

HighConfidencePhishAction

The HighConfidencePhishAction parameter specifies the action to take on messages that are marked as high confidence phishing

Examples: "MoveToJmf", "Quarantine", "Redirect"

pattern=^([Mm][Oo][Vv][Ee][Tt][Oo][Jj][Mm][Ff]|[Rr][Ee][Dd][Ii][Rr][Ee][Cc][Tt]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee])$

HighConfidencePhishQuarantineTag string

The HighConfidencePhishQuarantineTag parameter specifies the quarantine policy that's used on messages that are quarantined as high confidence phishing.

HighConfidenceSpamAction

The HighConfidenceSpamAction parameter specifies the action to take on messages that are classified as high confidence spam.

Examples: "AddXHeader", "Delete", "ModifySubject", "MoveToJmf", "NoAction", "Quarantine", "Redirect"

HighConfidenceSpamQuarantineTag string

The HighConfidenceSpamQuarantineTag parameter specifies the quarantine policy that's used on messages that are quarantined as high confidence spam.

IncreaseScoreWithBizOrInfoUrls

The IncreaseScoreWithBizOrInfoUrls parameter increases the spam score of messages that contain links to .biz or .info domains. Valid values for this parameter are Off, On or Test. The default value is Off.

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

IncreaseScoreWithImageLinks

The IncreaseScoreWithImageLinks parameter increases the spam score of messages that contain image links to remote websites. Valid values for this parameter are Off, On or Test. The default value is Off.

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

IncreaseScoreWithNumericIps

The IncreaseScoreWithNumericIps parameter increases the spam score of messages that contain links to IP addresses. Valid values for this parameter are Off, On or Test. The default value is Off.

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

IncreaseScoreWithRedirectToOtherPort

The IncreaseScoreWithRedirectToOtherPort parameter increases the spam score of messages that contain links that redirect to other TCP ports. Valid values for this parameter are Off, On or Test. The default value is Off.

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

InlineSafetyTipsEnabled boolean

The InlineSafetyTipsEnabled parameter specifies whether to enable or disable safety tips that are shown to recipients in messages. The default is $true

IntraOrgFilterState

The IntraOrgFilterState parameter specifies whether to enable anti-spam filtering for messages sent between internal users (users in the same organization).

Examples: "Default", "Disabled", "HighConfidencePhish", "HighConfidenceSpam", "Phish", "Spam"

pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Hh][Ii][Gg][Hh][Cc][Oo][Nn][Ff][Ii][Dd][Ee][Nn][Cc][Ee][Pp][Hh][Ii][Ss][Hh]|[Pp][Hh][Ii][Ss][Hh]|[Hh][Ii][Gg][Hh][Cc][Oo][Nn][Ff][Ii][Dd][Ee][Nn][Cc][Ee][Ss][Pp][Aa][Mm]|[Ss][Pp][Aa][Mm]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$

LanguageBlockList string[]

The LanguageBlockList parameter specifies the languages to block when messages are blocked based on their language. Valid input for this parameter is a supported ISO 639-1 lowercase two-letter language code. You can specify multiple values separated by commas. This parameter is only use when the EnableRegionBlockList parameter is set to $true.

MakeDefault boolean

The MakeDefault parameter makes the specified content filter policy the default content filter policy. The default value is $false

MarkAsSpamBulkMail

The MarkAsSpamBulkMail parameter classifies the message as spam when the message is identified as a bulk email message. Valid values for this parameter are Off, On or Test. The default value is On.

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

MarkAsSpamEmbedTagsInHtml

The MarkAsSpamEmbedTagsInHtml parameter classifies the message as spam when the message contains HTML tags. Valid values for this parameter are Off, On or Test. The default value is Off.

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

MarkAsSpamEmptyMessages

The MarkAsSpamEmptyMessages parameter classifies the message as spam when the message is empty. Valid values for this parameter are Off, On or Test. The default value is Off.

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

MarkAsSpamFormTagsInHtml

The MarkAsSpamFormTagsInHtml parameter classifies the message as spam when the message contains HTML

Examples: "Off", "On", "Test"

pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$

MarkAsSpamFramesInHtml

The MarkAsSpamFramesInHtml parameter classifies the message as spam when the message contains HTML or tags. Valid values for this parameter are Off, On or Test. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarkAsSpamFromAddressAuthFail</span> </div> <div class="desc-html"><p>The MarkAsSpamFromAddressAuthFail parameter classifies the message as spam when Sender ID filtering encounters a hard fail. Valid values for this parameter are Off or On. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarkAsSpamJavaScriptInHtml</span> </div> <div class="desc-html"><p>The MarkAsSpamJavaScriptInHtml parameter classifies the message as spam when the message contains JavaScript or VBScript. Valid values for this parameter are Off, On or Test. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarkAsSpamNdrBackscatter</span> </div> <div class="desc-html"><p>The MarkAsSpamNdrBackscatter parameter classifies the message as spam when the message is a non-delivery report (NDR) to a forged sender. Valid values for this parameter are Off or On. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarkAsSpamObjectTagsInHtml</span> </div> <div class="desc-html"><p>The MarkAsSpamObjectTagsInHtml parameter classifies the message as spam when the message contains HTML <object> tags. Valid values for this parameter are Off, On or Test. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarkAsSpamSensitiveWordList</span> </div> <div class="desc-html"><p>The MarkAsSpamSensitiveWordList parameter classifies the message as spam when the message contains words from the sensitive words list. Valid values for this parameter are Off, On or Test. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarkAsSpamSpfRecordHardFail</span> </div> <div class="desc-html"><p>The MarkAsSpamSpfRecordHardFail parameter classifies the message as spam when Sender Policy Framework (SPF) record checking encounters a hard fail. Valid values for this parameter are Off or On. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarkAsSpamWebBugsInHtml</span> </div> <div class="desc-html"><p>The MarkAsSpamWebBugsInHtml parameter classifies the message as spam when the message contains web bugs. Valid values for this parameter are Off, On or Test. The default value is Off.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"On"</code>, <code>"Test"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Oo][Nn]|[Tt][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModifySubjectValue</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ModifySubjectValue parameter specifies the text to prepend to the existing subject of spam messages when an action parameter is set to the value ModifySubject.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PhishSpamAction</span> </div> <div class="desc-html"><p>The PhishSpamAction parameter specifies the action to take on messages that are classified as phishing</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AddXHeader"</code>, <code>"Delete"</code>, <code>"ModifySubject"</code>, <code>"MoveToJmf"</code>, <code>"NoAction"</code>, <code>"Quarantine"</code>, <code>"Redirect"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Oo][Vv][Ee][Tt][Oo][Jj][Mm][Ff]|[Aa][Dd][Dd][Xx][Hh][Ee][Aa][Dd][Ee][Rr]|[Mm][Oo][Dd][Ii][Ff][Yy][Ss][Uu][Bb][Jj][Ee][Cc][Tt]|[Rr][Ee][Dd][Ii][Rr][Ee][Cc][Tt]|[Dd][Ee][Ll][Ee][Tt][Ee]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PhishQuarantineTag</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PhishQuarantineTag parameter specifies the quarantine policy that's used on messages that are quarantined as phishing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SpamQuarantineTag</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SpamQuarantineTag parameter specifies the quarantine policy that's used on messages that are quarantined as spam.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QuarantineRetentionPeriod</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The QuarantineRetentionPeriod parameter specifies the length of time in days that spam messages remain in the quarantine. Valid input for this parameter is an integer between 1 and 30. The default value is 15.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RedirectToRecipients</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RedirectToRecipients parameter specifies the replacement recipients in spam messages when an action parameter is set to the value Redirect. The action parameters that use the value of RedirectToRecipients are BulkSpamAction, HighConfidencePhishAction, HighConfidenceSpamAction, PhishSpamAction and SpamAction.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RegionBlockList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RegionBlockList parameter specifies the region to block when messages are blocked based on their source region. Valid input for this parameter is a supported ISO 3166-1 uppercase two-letter country code. You can specify multiple values separated by commas. This parameter is only used when the EnableRegionBlockList parameter is set to $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SpamAction</span> </div> <div class="desc-html"><p>The SpamAction parameter specifies the action to take on messages that are classified as spam (not high confidence spam, bulk email, or phishing).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AddXHeader"</code>, <code>"Delete"</code>, <code>"ModifySubject"</code>, <code>"MoveToJmf"</code>, <code>"NoAction"</code>, <code>"Quarantine"</code>, <code>"Redirect"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Oo][Vv][Ee][Tt][Oo][Jj][Mm][Ff]|[Aa][Dd][Dd][Xx][Hh][Ee][Aa][Dd][Ee][Rr]|[Mm][Oo][Dd][Ii][Ff][Yy][Ss][Uu][Bb][Jj][Ee][Cc][Tt]|[Rr][Ee][Dd][Ii][Rr][Ee][Cc][Tt]|[Dd][Ee][Ll][Ee][Tt][Ee]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TestModeAction</span> </div> <div class="desc-html"><p>The TestModeAction parameter specifies the additional action to take on messages that match any of the IncreaseScoreWith or MarkAsSpam parameters that are set to the value Test.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AddXHeader"</code>, <code>"BccMessage"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Dd][Dd][Xx][Hh][Ee][Aa][Dd][Ee][Rr]|[Bb][Cc][Cc][Mm][Ee][Ss][Ss][Aa][Gg][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TestModeBccToRecipients</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The TestModeBccToRecipients parameter specifies the blind carbon copy recipients to add to spam messages when the TestModeAction action parameter is set to the value BccMessage.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PhishZapEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PhishZapEnabled parameter enables or disables zero-hour auto purge (ZAP) to detect phishing messages in delivered messages in Exchange Online mailboxes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SpamZapEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SpamZapEnabled parameter enables or disables zero-hour auto purge (ZAP) to detect spam in delivered messages in Exchange Online mailboxes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.hostedcontentfilterrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.hostedcontentfilterrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Hosted Content Filter Rule in Exchange Online. Reference: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/powershell/module/exchange/advanced-threat-protection/new-HostedContentFilterRule?view=exchange-ps">https://docs.microsoft.com/en-us/powershell/module/exchange/advanced-threat-protection/new-HostedContentFilterRule?view=exchange-ps</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the name of the HostedContentFilter rule that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HostedContentFilterPolicy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The HostedContentFilterPolicy parameter specifies the name of the HostedContentFilter policy that's associated with the HostedContentFilter rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify if this rule should be enabled. Default is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comments</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.hostedoutboundspamfilterpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.hostedoutboundspamfilterpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of the outbound spam filter policy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the name of the policy that you want to modify. There is only one policy named 'Default'</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdminDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AdminDisplayName parameter specifies a description for the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BccSuspiciousOutboundAdditionalRecipients</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The BccSuspiciousOutboundAdditionalRecipients parameter specifies the recipients to add to the Bcc field of outgoing spam messages. Valid input for this parameter is an email address. Separate multiple email addresses with commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BccSuspiciousOutboundMail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BccSuspiciousOutboundMail parameter enables or disables adding recipients to the Bcc field of outgoing spam messages. Valid input for this parameter is $true or $false. The default value is $false. You specify the additional recipients using the BccSuspiciousOutboundAdditionalRecipients parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyOutboundSpam</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The NotifyOutboundSpam parameter enables or disables sending notification messages to administrators when an outgoing message is determined to be spam. Valid input for this parameter is $true or $false. The default value is $false. You specify the administrators to notify by using the NotifyOutboundSpamRecipients parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyOutboundSpamRecipients</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The NotifyOutboundSpamRecipients parameter specifies the administrators to notify when an outgoing message is determined to be spam. Valid input for this parameter is an email address. Separate multiple email addresses with commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientLimitInternalPerHour</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The RecipientLimitInternalPerHour parameter specifies the maximum number of internal recipients that a user can send to within an hour. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientLimitPerDay</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The RecipientLimitPerDay parameter specifies the maximum number of recipients that a user can send to within a day. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientLimitExternalPerHour</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The RecipientLimitExternalPerHour parameter specifies the maximum number of external recipients that a user can send to within an hour. A valid value is 0 to 10000. The default value is 0, which means the service defaults are used.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActionWhenThresholdReached</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ActionWhenThresholdReached parameter specifies the action to take when any of the limits specified in the policy are reached. Valid values are: Alert, BlockUser, BlockUserForToday. BlockUserForToday is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoForwardingMode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AutoForwardingMode specifies how the policy controls automatic email forwarding to outbound recipients. Valid values are: Automatic, On, Off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.hostedoutboundspamfilterrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.hostedoutboundspamfilterrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Hosted Content Filter Rule in Exchange Online. Reference: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/powershell/module/exchange/new-hostedoutboundspamfilterrule?view=exchange-ps">https://docs.microsoft.com/en-us/powershell/module/exchange/new-hostedoutboundspamfilterrule?view=exchange-ps</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the name of the HostedOutboundSpamFilter rule that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HostedOutboundSpamFilterPolicy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The HostedOutboundSpamFilterPolicy parameter specifies the name of the HostedOutboundSpamFilter policy that's associated with the HostedOutboundSpamFilter rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify if this rule should be enabled. Default is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comments</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderDomainIs parameter specifies an exception that looks for senders with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFrom</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFrom parameter specifies an exception that looks for messages from specific senders. You can use any value that uniquely identifies the sender.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromMemberOf parameter specifies an exception that looks for messages sent by group members. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderDomainIs parameter specifies a condition that looks for senders with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">From</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The From parameter specifies a condition that looks for messages from specific senders. You can use any value that uniquely identifies the sender.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FromMemberOf parameter specifies a condition that looks for messages sent by group members. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.inboundconnector"> <div class="definition-header"> <span class="def-name">microsoft.exchange.inboundconnector</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Inbound connector in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the outbound connector that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AssociatedAcceptedDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AssociatedAcceptedDomains parameter specifies the accepted domains that the connector applies to, thereby limiting its scope. For example, you can apply the connector to a specific accepted domain in your organization, such as contoso.com.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CloudServicesMailEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY!</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorSource</span> </div> <div class="desc-html"><p>The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS!</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Default"</code>, <code>"HybridWizard"</code>, <code>"Migrated"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Mm][Ii][Gg][Rr][Aa][Tt][Ee][Dd]|[Hh][Yy][Bb][Rr][Ii][Dd][Ww][Ii][Zz][Aa][Rr][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorType</span> </div> <div class="desc-html"><p>The ConnectorType parameter specifies a category for the domains that are serviced by the connector. Valid values are Partner and OnPremises</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"OnPremises"</code>, <code>"Partner"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Aa][Rr][Tt][Nn][Ee][Rr]|[Oo][Nn][Pp][Rr][Ee][Mm][Ii][Ss][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EFSkipIPs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EFSkipIPs parameter specifies the source IP addresses to skip in Enhanced Filtering for Connectors when the EFSkipLastIP parameter value is $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EFSkipLastIP</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EFSkipLastIP parameter specifies the behavior of Enhanced Filtering for Connectors.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EFUsers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EFUsers parameter specifies the recipients that Enhanced Filtering for Connectors applies to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether connector is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireTls</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RequireTLS parameter specifies that all messages received by this connector require TLS transmission. Valid values for this parameter are $true or $false. The default value is $false. When the RequireTLS parameter is set to $true, all messages received by this connector require TLS transmission.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictDomainsToCertificate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RestrictDomainsToCertificate parameter specifies that Office 365 should identify incoming messages that are eligible for this connector by verifying that the remote server authenticates using a TLS certificate that has the TlsSenderCertificateName in the Subject.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictDomainsToIPAddresses</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RestrictDomainsToIPAddresses parameter, when set to $true, automatically rejects mail from the domains specified by the SenderDomains parameter if the mail originates from an IP address that isn't specified by the SenderIPAddresses parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderDomains parameter specifies the remote domains from which this connector accepts messages, thereby limiting its scope. You can use a wildcard character to specify all subdomains of a specified domain, as shown in the following example: <em>.contoso.com. However, you can't embed a wildcard character, as shown in the following example: domain.</em>.contoso.com.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderIPAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderIPAddresses parameter specifies the remote IP addresses from which this connector accepts messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TlsSenderCertificateName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TlsSenderCertificateName parameter specifies the certificate used by the sender's domain when the RequireTls parameter is set to $true. Valid input for the TlsSenderCertificateName parameter is an SMTP domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TreatMessagesAsInternal</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TreatMessagesAsInternal parameter specifies an alternative method to identify messages sent from an on-premises organization as internal messages. You should only consider using this parameter when your on-premises organization doesn't use Exchange.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.intraorganizationconnector"> <div class="definition-header"> <span class="def-name">microsoft.exchange.intraorganizationconnector</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create a new EXOIntraOrganizationConnector in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the intraorg connector that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DiscoveryEndpoint</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DiscoveryEndpoint parameter specifies the externally-accessible URL that's used for the Autodiscover service for the domain that's configured in the Intra-Organization connector.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether connector is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetAddressDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The TargetAddressDomains parameter specifies the domain namespaces that will be used in the Intra-organization connector. These domains must have valid Autodiscover endpoints defined in their organizations. The domains and their associated Autodiscover endpoints are used by the Intra-Organization connector for feature and service connectivity. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetSharingEpr</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TargetSharingEpr parameter specifies the URL of the target Exchange Web Services that will be used in the Intra-Organization connector.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Intra-Organization connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.irmconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.exchange.irmconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Modify the resource Configuration policy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticServiceUpdateEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AutomaticServiceUpdateEnabled parameter specifies whether to allow the automatic addition of new features within Azure Information Protection for your cloud-based organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AzureRMSLicensingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AzureRMSLicensingEnabled parameter specifies whether the Exchange Online organization can to connect directly to Azure Rights Management.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DecryptAttachmentForEncryptOnly</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DecryptAttachmentForEncryptOnly parameter specifies whether mail recipients have unrestricted rights on the attachment or not for Encrypt-only mails sent using Microsoft Purview Message Encryption.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EDiscoverySuperUserEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EDiscoverySuperUserEnabled parameter specifies whether members of the Discovery Management role group can access IRM-protected messages in a discovery mailbox that were returned by a discovery search.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnablePdfEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnablePdfEncryption parameter specifies whether to enable the encryption of PDF attachments using Microsoft Purview Message Encryption.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalLicensingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The InternalLicensingEnabled parameter specifies whether to enable IRM features for messages that are sent to internal and external recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">JournalReportDecryptionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The JournalReportDecryptionEnabled parameter specifies whether to enable journal report decryption.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LicensingLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The LicensingLocation parameter specifies the RMS licensing URLs. You can specify multiple URL values separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RejectIfRecipientHasNoRights</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This parameter is available only in the cloud-based service.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RMSOnlineKeySharingLocation</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RMSOnlineKeySharingLocation parameter specifies the Azure Rights Management URL that's used to get the trusted publishing domain (TPD) for the Exchange Online organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SearchEnabled parameter specifies whether to enable searching of IRM-encrypted messages in Outlook on the web (formerly known as Outlook Web App).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SimplifiedClientAccessDoNotForwardDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SimplifiedClientAccessDoNotForwardDisabled parameter specifies whether to disable Do not forward in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SimplifiedClientAccessEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SimplifiedClientAccessEnabled parameter specifies whether to enable the Protect button in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SimplifiedClientAccessEncryptOnlyDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SimplifiedClientAccessEncryptOnlyDisabled parameter specifies whether to disable Encrypt only in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TransportDecryptionSetting</span> </div> <div class="desc-html"><p>The TransportDecryptionSetting parameter specifies the transport decryption configuration.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Mandatory"</code>, <code>"Optional"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Mm][Aa][Nn][Dd][Aa][Tt][Oo][Rr][Yy]|[Oo][Pp][Tt][Ii][Oo][Nn][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.journalrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.journalrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource allows to configure Journal Rules in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the Journal Rule</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">JournalEmailAddress</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The JournalEmailAddress parameter specifies a recipient object to which journal reports are sent. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Recipient</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Recipient parameter specifies the SMTP address of a mailbox, contact, or distribution group to journal. If you specify a distribution group, all recipients in that distribution group are journaled. All messages sent to or from a recipient are journaled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether the Journal Rule is enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RuleScope</span> </div> <div class="desc-html"><p>The Scope parameter specifies the scope of email messages to which the journal rule is applied</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"External"</code>, <code>"Global"</code>, <code>"Internal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll]|[Ii][Nn][Tt][Ee][Rr][Nn][Aa][Ll]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the rule exists, Absent that it does not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mailboxautoreplyconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mailboxautoreplyconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Auto Reply settings of mailboxes.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the mailbox that you want to modify. You can use any value that uniquely identifies the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Owner</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>User Principal Name of the mailbox owner</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoDeclineFutureRequestsWhenOOF</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AutoDeclineFutureRequestsWhenOOF parameter specifies whether to automatically decline new meeting requests that are sent to the mailbox during the scheduled time period when Automatic Replies are being sent.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoReplyState</span> </div> <div class="desc-html"><p>The AutoReplyState parameter specifies whether the mailbox is enabled for Automatic Replies. Valid values are: Enabled, Disabled, Scheduled</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"Scheduled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ss][Cc][Hh][Ee][Dd][Uu][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CreateOOFEvent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The CreateOOFEvent parameter specifies whether to create a calendar event that corresponds to the scheduled time period when Automatic Replies are being sent for the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeclineAllEventsForScheduledOOF</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DeclineAllEventsForScheduledOOF parameter specifies whether to decline all existing calendar events in the mailbox during the scheduled time period when Automatic Replies are being sent.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeclineEventsForScheduledOOF</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DeclineEventsForScheduledOOF parameter specifies whether it's possible to decline existing calendar events in the mailbox during the scheduled time period when Automatic Replies are being sent.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeclineMeetingMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DeclineMeetingMessage parameter specifies the text in the message when meetings requests that are sent to the mailbox are automatically declined.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EndTime parameter specifies the end date and time that Automatic Replies are sent for the mailbox. You use this parameter only when the AutoReplyState parameter is set to Scheduled, and the value of this parameter is meaningful only when AutoReplyState is Scheduled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EventsToDeleteIDs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EventsToDeleteIDs parameter specifies the calendar events to delete from the mailbox when the DeclineEventsForScheduledOOF parameter is set to $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalAudience</span> </div> <div class="desc-html"><p>The ExternalAudience parameter specifies whether Automatic Replies are sent to external senders. Valid values are: None, Known, All</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"Known"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Kk][Nn][Oo][Ww][Nn]|[Aa][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExternalMessage parameter specifies the Automatic Replies message that's sent to external senders or senders outside the organization. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The InternalMessage parameter specifies the Automatic Replies message that's sent to internal senders or senders within the organization. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OOFEventSubject</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OOFEventSubject parameter specifies the subject for the calendar event that's automatically created when the CreateOOFEvent parameter is set to $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The StartTime parameter specifies the start date and time that Automatic Replies are sent for the specified mailbox. You use this parameter only when the AutoReplyState parameter is set to Scheduled, and the value of this parameter is meaningful only when AutoReplyState is Scheduled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Represents the existence of the instance. This must be set to 'Present'</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mailboxcalendarfolder"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mailboxcalendarfolder</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures calendar publishing or sharing settings on a mailbox for the visibility of calendar information to external users.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the calendar folder that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DetailLevel</span> </div> <div class="desc-html"><p>The DetailLevel parameter specifies the level of calendar detail that's published and available to anonymous users.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AvailabilityOnly"</code>, <code>"FullDetails"</code>, <code>"LimitedDetails"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ii][Ll][Ii][Tt][Yy][Oo][Nn][Ll][Yy]|[Ll][Ii][Mm][Ii][Tt][Ee][Dd][Dd][Ee][Tt][Aa][Ii][Ll][Ss]|[Ff][Uu][Ll][Ll][Dd][Ee][Tt][Aa][Ii][Ll][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublishDateRangeFrom</span> </div> <div class="desc-html"><p>The PublishDateRangeFrom parameter specifies the start date of calendar information to publish (past information).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"OneDay"</code>, <code>"OneMonth"</code>, <code>"OneWeek"</code>, <code>"OneYear"</code>, <code>"SixMonths"</code>, <code>"ThreeDays"</code>, <code>"ThreeMonths"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Nn][Ee][Dd][Aa][Yy]|[Tt][Hh][Rr][Ee][Ee][Dd][Aa][Yy][Ss]|[Oo][Nn][Ee][Ww][Ee][Ee][Kk]|[Oo][Nn][Ee][Mm][Oo][Nn][Tt][Hh]|[Tt][Hh][Rr][Ee][Ee][Mm][Oo][Nn][Tt][Hh][Ss]|[Ss][Ii][Xx][Mm][Oo][Nn][Tt][Hh][Ss]|[Oo][Nn][Ee][Yy][Ee][Aa][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublishDateRangeTo</span> </div> <div class="desc-html"><p>The PublishDateRangeTo parameter specifies the end date of calendar information to publish (future information).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"OneDay"</code>, <code>"OneMonth"</code>, <code>"OneWeek"</code>, <code>"OneYear"</code>, <code>"SixMonths"</code>, <code>"ThreeDays"</code>, <code>"ThreeMonths"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Nn][Ee][Dd][Aa][Yy]|[Tt][Hh][Rr][Ee][Ee][Dd][Aa][Yy][Ss]|[Oo][Nn][Ee][Ww][Ee][Ee][Kk]|[Oo][Nn][Ee][Mm][Oo][Nn][Tt][Hh]|[Tt][Hh][Rr][Ee][Ee][Mm][Oo][Nn][Tt][Hh][Ss]|[Ss][Ii][Xx][Mm][Oo][Nn][Tt][Hh][Ss]|[Oo][Nn][Ee][Yy][Ee][Aa][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublishEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PublishEnabled parameter specifies whether to publish the specified calendar information.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchableUrlEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SearchableUrlEnabled parameter specifies whether the published calendar URL is discoverable on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharedCalendarSyncStartDate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SharedCalendarSyncStartDate parameter specifies the limit for past events in the shared calendar that are visible to delegates. A copy of the shared calendar within the specified date range is stored in the delegate's mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Determines whether or not the instance exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mailboxpermission"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mailboxpermission</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Use this resource to modify the permissions of mailbox.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the mailbox where you want to assign permissions to the user. You can use any value that uniquely identifies the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessRights</span> <span class="type-badge">string[]</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The AccessRights parameter specifies the permission that you want to add for the user on the mailbox. Valid values are: ChangeOwner, ChangePermission, DeleteItem, ExternalAccount, FullAccess and ReadPermission.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">User</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The User parameter specifies who gets the permissions on the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InheritanceType</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The InheritanceType parameter specifies how permissions are inherited by folders in the mailbox. Valid values are: None, All, Children, Descendents, SelfAndChildren.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"Children"</code>, <code>"Descendents"</code>, <code>"None"</code>, <code>"SelfAndChildren"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Ll][Ll]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn]|[Dd][Ee][Ss][Cc][Ee][Nn][Dd][Ee][Nn][Tt][Ss]|[Ss][Ee][Ll][Ff][Aa][Nn][Dd][Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Owner</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Owner parameter specifies the owner of the mailbox object.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Deny</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Deny switch specifies that the permissions you're adding are Deny permissions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Determines whether or not the permission should exist on the mailbox.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mailboxplan"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mailboxplan</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Use this resource to modify the settings of mailbox plans in the cloud-based service.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the Mailbox Plan that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The display name of the mailbox plan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>MailboxPlans cannot be created/removed in O365. This must be set to 'Present'</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IssueWarningQuota</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The IssueWarningQuota parameter specifies the warning threshold for the size of the mailboxes that are created or enabled using the mailbox plan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxReceiveSize</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxReceiveSize parameter specifies the maximum size of a message that can be sent to the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxSendSize</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxSendSize parameter specifies the maximum size of a message that can be sent by the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProhibitSendQuota</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ProhibitSendQuota parameter specifies a size limit for the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProhibitSendReceiveQuota</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ProhibitSendReceiveQuota parameter specifies a size limit for the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetainDeletedItemsFor</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RetainDeletedItemsFor parameter specifies the length of time to keep soft-deleted items for the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetentionPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RetentionPolicy parameter specifies the retention policy that's applied to the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleAssignmentPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RoleAssignmentPolicy parameter specifies the role assignment policy that's applied to the mailbox.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mailboxsettings"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mailboxsettings</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures settings on Mailboxes such as the Regional settings and its timezone.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the Shared Mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeZone</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The name of the Time Zone to assign to the mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Locale</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The code of the Locale to assign to the mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Mailbox Settings are applied</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mailcontact"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mailcontact</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Exchange Online address lists.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies a unique name for the mail contact.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalEmailAddress</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The ExternalEmailAddress parameter specifies the target email address of the mail contact or mail user. By default, this value is used as the primary email address of the mail contact or mail user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Alias</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Alias parameter specifies the Exchange alias (also known as the mail nickname) for the recipient. This value identifies the recipient as a mail-enabled object, and shouldn't be confused with multiple email addresses for the same recipient (also known as proxy addresses). A recipient can have only one Alias value. The maximum length is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DisplayName parameter specifies the display name of the mail contact. The display name is visible in the Exchange admin center and in address lists.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirstName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The FirstName parameter specifies the user's first name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Initials</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Initials parameter specifies the user's middle initials.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LastName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The LastName parameter specifies the user's last name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MacAttachmentFormat</span> </div> <div class="desc-html"><p>The MacAttachmentFormat parameter specifies the Apple Macintosh operating system attachment format to use for messages sent to the mail contact or mail user. Valid values are: BinHex, UuEncode, AppleSingle, AppleDouble</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AppleDouble"</code>, <code>"AppleSingle"</code>, <code>"BinHex"</code>, <code>"UuEncode"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ii][Nn][Hh][Ee][Xx]|[Uu][Uu][Ee][Nn][Cc][Oo][Dd][Ee]|[Aa][Pp][Pp][Ll][Ee][Ss][Ii][Nn][Gg][Ll][Ee]|[Aa][Pp][Pp][Ll][Ee][Dd][Oo][Uu][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageBodyFormat</span> </div> <div class="desc-html"><p>The MessageBodyFormat parameter specifies the message body format for messages sent to the mail contact or mail user. Valid values are: Text, Html, TextAndHtml</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Html"</code>, <code>"Text"</code>, <code>"TextAndHtml"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Tt][Ee][Xx][Tt]|[Hh][Tt][Mm][Ll]|[Tt][Ee][Xx][Tt][Aa][Nn][Dd][Hh][Tt][Mm][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageFormat</span> </div> <div class="desc-html"><p>The MessageFormat parameter specifies the message format for messages sent to the mail contact or mail user. Valid values are: Mime, Text</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Mime"</code>, <code>"Text"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Ii][Mm][Ee]|[Tt][Ee][Xx][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModeratedBy</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ModeratedBy parameter specifies one or more moderators for this mail contact. A moderator approves messages sent to the mail contact before the messages are delivered. A moderator must be a mailbox, mail user, or mail contact in your organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModerationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ModerationEnabled parameter specifies whether moderation is enabled for this recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationalUnit</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OrganizationalUnit parameter specifies the location in Active Directory where the new contact is created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SendModerationNotifications</span> </div> <div class="desc-html"><p>The SendModerationNotifications parameter specifies when moderation notification messages are sent. Valid values are: ALways, Internal, Never</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Always"</code>, <code>"Internal"</code>, <code>"Never"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ww][Aa][Yy][Ss]|[Ii][Nn][Tt][Ee][Rr][Nn][Aa][Ll]|[Nn][Ee][Vv][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsePreferMessageFormat</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UsePreferMessageFormat specifies whether the message format settings configured for the mail user or mail contact override the global settings configured for the remote domain or configured by the message sender</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute1</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute1 parameter specifies the value of the CustomAttribute1</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute2</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute2 parameter specifies the value of the CustomAttribute2</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute3</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute3 parameter specifies the value of the CustomAttribute3</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute4</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute4 parameter specifies the value of the CustomAttribute4</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute5</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute5 parameter specifies the value of the CustomAttribute5</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute6</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute6 parameter specifies the value of the CustomAttribute6</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute7</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute7 parameter specifies the value of the CustomAttribute7</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute8</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute8 parameter specifies the value of the CustomAttribute8</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute9</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute9 parameter specifies the value of the CustomAttribute9</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute10</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute10 parameter specifies the value of the CustomAttribute10</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute11</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute11 parameter specifies the value of the CustomAttribute11</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute12</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute12 parameter specifies the value of the CustomAttribute12</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute13</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute13 parameter specifies the value of the CustomAttribute13</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute14</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute14 parameter specifies the value of the CustomAttribute14</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAttribute15</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomAttribute15 parameter specifies the value of the CustomAttribute15</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtensionCustomAttribute1</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExtensionCustomAttribute1 parameter specifies the value of the ExtensionCustomAttribute1</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtensionCustomAttribute2</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExtensionCustomAttribute2 parameter specifies the value of the ExtensionCustomAttribute2</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtensionCustomAttribute3</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExtensionCustomAttribute3 parameter specifies the value of the ExtensionCustomAttribute3</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtensionCustomAttribute4</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExtensionCustomAttribute4 parameter specifies the value of the ExtensionCustomAttribute4</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtensionCustomAttribute5</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExtensionCustomAttribute5 parameter specifies the value of the ExtensionCustomAttribute5</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Contact should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mailtips"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mailtips</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource allows to configure Mailtips behaviors in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsAllTipsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether MailTips are enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsGroupMetricsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether MailTips that rely on group metrics data are enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsLargeAudienceThreshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies what a large audience is.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsMailboxSourcedTipsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether MailTips that rely on mailbox data (out-of-office or full mailbox) are enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsExternalRecipientsTipsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether MailTips for external recipients are enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this MailTip should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.malwarefilterpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.malwarefilterpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create or modify a EXOMalwareFilterPolicy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the MalwareFilterPolicy you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdminDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AdminDisplayName parameter specifies a description for the policy. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomExternalBody</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomExternalBody parameter specifies the body of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomExternalSubject</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomExternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from external senders. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomFromAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomFromAddress parameter specifies the From address of the custom notification message for malware detections in messages from internal or external senders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomFromName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomFromName parameter specifies the From name of the custom notification message for malware detections in messages from internal or external senders. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomInternalBody</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomInternalBody parameter specifies the body of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomInternalSubject</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomInternalSubject parameter specifies the subject of the custom notification message for malware detections in messages from internal senders. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The CustomNotifications parameter enables or disables custom notification messages for malware detections in messages from internal or external senders. Valid values are: $true, $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableExternalSenderAdminNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableExternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from external senders. Valid values are: $true, $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableFileFilter</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableFileFilter parameter enables or disables common attachment blocking - also known as the Common Attachment Types Filter.Valid values are: $true, $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableInternalSenderAdminNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableInternalSenderAdminNotifications parameter enables or disables sending malware detection notification messages to an administrator for messages from internal senders. Valid values are: $true, $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalSenderAdminAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from external senders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FileTypeAction</span> </div> <div class="desc-html"><p>The FileTypeAction parameter specifies what's done to messages that contain one or more attachments where the file extension is included in the FileTypes parameter (common attachment blocking). Valid values are Quarantine and Reject. The default value is Reject.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Quarantine"</code>, <code>"Reject"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Jj][Ee][Cc][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FileTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FileTypes parameter specifies the file types that are automatically blocked by common attachment blocking (also known as the Common Attachment Types Filter), regardless of content.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalSenderAdminAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The InternalSenderAdminAddress parameter specifies the email address of the administrator who will receive notification messages for malware detections in messages from internal senders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MakeDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>MakeDefault makes this malware filter policy the default policy. Valid values are: $true, $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QuarantineTag</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The QuarantineTag specifies the quarantine policy that's used on messages that are quarantined as malware.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ZapEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ZapEnabled parameter enables or disables zero-hour auto purge (ZAP) for malware. ZAP detects malware in unread messages that have already been delivered to the user's Inbox. Valid values are: $true, $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this MalwareFilterPolicy should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.malwarefilterrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.malwarefilterrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create or modify a new EXOMalwareFilterRule in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the EXO resource you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comments</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter enables or disables the malware filter rule. Valid input for this parameter is $true or $false. The default value is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MalwareFilterPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MalwareFilterPolicy parameter specifies the malware filter policy to apply to messages that match the conditions defined by this malware filter rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentToMemberOf parameter specifies a condition that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if the Malware Filter Rule should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.managementrole"> <div class="definition-header"> <span class="def-name">microsoft.exchange.managementrole</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures RBAC Management Roles in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the name of the role. The maximum length of the name is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Parent</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Parent parameter specifies the identity of the role to copy. Mandatory for management role creation/update or when Ensure=Present. Non-mandatory for Ensure=Absent</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Description parameter specifies the description that's displayed when the management role is viewed using the Get-ManagementRole cmdlet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Management Role should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.managementroleassignment"> <div class="definition-header"> <span class="def-name">microsoft.exchange.managementroleassignment</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures RBAC Management Roles Assignments in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies a name for the new management role assignment. The maximum length of the name is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Role</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Role parameter specifies the existing role to assign. You can use any value that uniquely identifies the role.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">App</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The App parameter specifies the service principal to assign the management role to. Specifically, the ServiceId GUID value from the output of the Get-ServicePrincipal cmdlet (for example, 6233fba6-0198-4277-892f-9275bf728bcc).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Policy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Policy parameter specifies the name of the management role assignment policy to assign the management role to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityGroup</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SecurityGroup parameter specifies the name of the management role group or mail-enabled universal security group to assign the management role to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">User</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The User parameter specifies the name or alias of the user to assign the management role to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomRecipientWriteScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomRecipientWriteScope parameter specifies the existing recipient-based management scope to associate with this management role assignment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomResourceScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CustomResourceScope parameter specifies the custom management scope to associate with this management role assignment. You can use any value that uniquely identifies the management scope.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExclusiveRecipientWriteScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExclusiveConfigWriteScope parameter specifies the exclusive configuration-based management scope to associate with the new role assignment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientAdministrativeUnitScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RecipientAdministrativeUnitScope parameter specifies the administrative unit to scope the new role assignment to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientOrganizationalUnitScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RecipientOrganizationalUnitScope parameter specifies the OU to scope the new role assignment to. If you use the RecipientOrganizationalUnitScope parameter, you can't use the CustomRecipientWriteScope or ExclusiveRecipientWriteScope parameters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientRelativeWriteScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RecipientRelativeWriteScope parameter specifies the type of restriction to apply to a recipient scope. The available types are None, Organization, MyGAL, Self, and MyDistributionGroups. The RecipientRelativeWriteScope parameter is automatically set when the CustomRecipientWriteScope or RecipientOrganizationalUnitScope parameters are used.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Management Role Assignment should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.managementroleentry"> <div class="definition-header"> <span class="def-name">microsoft.exchange.managementroleentry</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures RBAC Management Roles Entries in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the role entry that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Parameters</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Parameters parameter specifies the parameters to be added to or removed from the role entry.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Type</span> </div> <div class="desc-html"><p>The Type parameter specifies the type of role entry to return.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ApplicationPermission"</code>, <code>"Cmdlet"</code>, <code>"Script"</code>, <code>"WebService"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Mm][Dd][Ll][Ee][Tt]|[Ss][Cc][Rr][Ii][Pp][Tt]|[Aa][Pp][Pp][Ll][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Pp][Ee][Rr][Mm][Ii][Ss][Ss][Ii][Oo][Nn]|[Ww][Ee][Bb][Ss][Ee][Rr][Vv][Ii][Cc][Ee])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.messageclassification"> <div class="definition-header"> <span class="def-name">microsoft.exchange.messageclassification</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create a new Message Classification policy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the OME Configuration policy that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassificationID</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ClassificationID parameter specifies the classification ID (GUID) of an existing message classification that you want to import and use in your Exchange organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DisplayName parameter specifies the title of the message classification that's displayed in Outlook and selected by users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayPrecedence</span> </div> <div class="desc-html"><p>The DisplayPrecedence parameter specifies the relative precedence of the message classification to other message classifications that may be applied to a specified message.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Higher"</code>, <code>"Highest"</code>, <code>"Low"</code>, <code>"Lower"</code>, <code>"Lowest"</code>, <code>"Medium"</code>, <code>"MediumHigh"</code>, <code>"MediumLow"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Hh][Ii][Gg][Hh][Ee][Ss][Tt]|[Hh][Ii][Gg][Hh][Ee][Rr]|[Hh][Ii][Gg][Hh]|[Mm][Ee][Dd][Ii][Uu][Mm][Hh][Ii][Gg][Hh]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Mm][Ee][Dd][Ii][Uu][Mm][Ll][Oo][Ww]|[Ll][Oo][Ww]|[Ll][Oo][Ww][Ee][Rr]|[Ll][Oo][Ww][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Name parameter specifies the unique name for the message classification.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PermissionMenuVisible</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PermissionMenuVisible parameter specifies whether the values that you entered for the DisplayName and RecipientDescription parameters are displayed in Outlook as the user composes a message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDescription</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RecipientDescription parameter specifies the detailed text that's shown to Outlook recipient when they receive a message that has the message classification applied.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetainClassificationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RetainClassificationEnabled parameter specifies whether the message classification should persist with the message if the message is forwarded or replied to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderDescription</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SenderDescription parameter specifies the detailed text that's shown to Outlook senders when they select a message classification to apply to a message before they send the message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.mobiledevicemailboxpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.mobiledevicemailboxpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Mobile Device Mailbox Policies in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the friendly name of the mobile device mailbox policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowApplePushNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowApplePushNotifications parameter specifies whether push notifications are allowed to Apple mobile devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowBluetooth</span> </div> <div class="desc-html"><p>The AllowBluetooth parameter specifies whether the Bluetooth capabilities are allowed on the mobile phone. The available options are Disable, HandsfreeOnly, and Allow. The default value is Allow.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Allow"</code>, <code>"Disable"</code>, <code>"HandsfreeOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee]|[Hh][Aa][Nn][Dd][Ss][Ff][Rr][Ee][Ee][Oo][Nn][Ll][Yy]|[Aa][Ll][Ll][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowBrowser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowBrowser parameter indicates whether Microsoft Pocket Internet Explorer is allowed on the mobile phone. This parameter doesn't affect third-party browsers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCamera</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowCamera parameter specifies whether the mobile phone's camera is allowed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowConsumerEmail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowConsumerEmail parameter specifies whether the mobile phone user can configure a personal email account on the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDesktopSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowDesktopSync parameter specifies whether the mobile phone can synchronize with a desktop computer through a cable.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowExternalDeviceManagement</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowExternalDeviceManagement parameter specifies whether an external device management program is allowed to manage the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGooglePushNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowGooglePushNotifications parameter controls whether the user can receive push notifications from Google for Outlook on the web for devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowHTMLEmail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowHTMLEmail parameter specifies whether HTML email is enabled on the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowInternetSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowInternetSharing parameter specifies whether the mobile phone can be used as a modem to connect a computer to the Internet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowIrDA</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowIrDA parameter specifies whether infrared connections are allowed to the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMobileOTAUpdate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowMobileOTAUpdate parameter specifies whether the Exchange ActiveSync mailbox policy can be sent to the mobile phone over a cellular data connection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMicrosoftPushNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowMicrosoftPushNotifications parameter specifies whether push notifications are enabled on the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowNonProvisionableDevices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowNonProvisionableDevices parameter specifies whether all mobile phones can synchronize with the server running Exchange.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPOPIMAPEmail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowPOPIMAPEmail parameter specifies whether the user can configure a POP3 or IMAP4 email account on the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowRemoteDesktop</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowRemoteDesktop parameter specifies whether the mobile phone can initiate a remote desktop connection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSimplePassword</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowSimplePassword parameter specifies whether a simple device password is allowed. A simple device password is a password that has a specific pattern, such as 1111 or 1234.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSMIMEEncryptionAlgorithmNegotiation</span> </div> <div class="desc-html"><p>The AllowSMIMEEncryptionAlgorithmNegotiation parameter specifies whether the messaging application on the mobile device can negotiate the encryption algorithm if a recipient's certificate doesn't support the specified encryption algorithm.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AllowAnyAlgorithmNegotiation"</code>, <code>"BlockNegotiation"</code>, <code>"OnlyStrongAlgorithmNegotiation"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Aa][Nn][Yy][Aa][Ll][Gg][Oo][Rr][Ii][Tt][Hh][Mm][Nn][Ee][Gg][Oo][Tt][Ii][Aa][Tt][Ii][Oo][Nn]|[Bb][Ll][Oo][Cc][Kk][Nn][Ee][Gg][Oo][Tt][Ii][Aa][Tt][Ii][Oo][Nn]|[Oo][Nn][Ll][Yy][Ss][Tt][Rr][Oo][Nn][Gg][Aa][Ll][Gg][Oo][Rr][Ii][Tt][Hh][Mm][Nn][Ee][Gg][Oo][Tt][Ii][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSMIMESoftCerts</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowSMIMESoftCerts parameter specifies whether S/MIME software certificates are allowed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowStorageCard</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowStorageCard parameter specifies whether the mobile phone can access information stored on a storage card.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTextMessaging</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowTextMessaging parameter specifies whether text messaging is allowed from the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUnsignedApplications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowUnsignedApplications parameter specifies whether unsigned applications can be installed on the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUnsignedInstallationPackages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowUnsignedInstallationPackages parameter specifies whether unsigned installation packages can be executed on the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowWiFi</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowWiFi parameter specifies whether wireless Internet access is allowed on the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AlphanumericPasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AlphanumericPasswordRequired parameter specifies whether the password for the mobile phone must be alphanumeric.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApprovedApplicationList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ApprovedApplicationList parameter specifies a list of approved applications for the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AttachmentsEnabled parameter specifies whether attachments can be downloaded.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceEncryptionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DeviceEncryptionEnabled parameter specifies whether encryption is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DevicePolicyRefreshInterval</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DevicePolicyRefreshInterval parameter specifies how often the policy is sent from the server to the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IrmEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IrmEnabled parameter specifies whether Information Rights Management (IRM) is enabled for the mailbox policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsDefault parameter specifies whether this policy is the default Mobile Device mailbox policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxAttachmentSize</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxAttachmentSize parameter specifies the maximum size of attachments that can be downloaded to the mobile phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxCalendarAgeFilter</span> </div> <div class="desc-html"><p>The MaxCalendarAgeFilter parameter specifies the maximum range of calendar days that can be synchronized to the device.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"OneMonth"</code>, <code>"SixMonths"</code>, <code>"ThreeMonths"</code>, <code>"TwoWeeks"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll]|[Tt][Ww][Oo][Ww][Ee][Ee][Kk][Ss]|[Oo][Nn][Ee][Mm][Oo][Nn][Tt][Hh]|[Tt][Hh][Rr][Ee][Ee][Mm][Oo][Nn][Tt][Hh][Ss]|[Ss][Ii][Xx][Mm][Oo][Nn][Tt][Hh][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxEmailAgeFilter</span> </div> <div class="desc-html"><p>The MaxEmailAgeFilter parameter specifies the maximum number of days of email items to synchronize to the mobile phone.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"OneDay"</code>, <code>"OneMonth"</code>, <code>"OneWeek"</code>, <code>"ThreeDays"</code>, <code>"TwoWeeks"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll]|[Oo][Nn][Ee][Dd][Aa][Yy]|[Tt][Hh][Rr][Ee][Ee][Dd][Aa][Yy][Ss]|[Oo][Nn][Ee][Ww][Ee][Ee][Kk]|[Tt][Ww][Oo][Ww][Ee][Ee][Kk][Ss]|[Oo][Nn][Ee][Mm][Oo][Nn][Tt][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxEmailBodyTruncationSize</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxEmailBodyTruncationSize parameter specifies the maximum size at which email messages are truncated when synchronized to the mobile phone. The value is specified in kilobytes (KB).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxEmailHTMLBodyTruncationSize</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxEmailHTMLBodyTruncationSize parameter specifies the maximum size at which HTML-formatted email messages are synchronized to the mobile phone. The value is specified in KB.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxInactivityTimeLock</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxInactivityTimeDeviceLock parameter specifies the length of time that the mobile phone can be inactive before the password is required to reactivate it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxPasswordFailedAttempts</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxPasswordFailedAttempts parameter specifies the number of attempts a user can make to enter the correct password for the mobile phone. You can enter any number from 4 through 16 or the value Unlimited.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinPasswordComplexCharacters</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MinPasswordComplexCharacters parameter specifies the character sets that are required in the password of the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinPasswordLength</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MinPasswordLength parameter specifies the minimum number of characters in the mobile device password.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PasswordEnabled parameter specifies whether a password is required on the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpiration</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PasswordExpiration parameter specifies how long a password can be used on a mobile device before the user is forced to change the password.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordHistory</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PasswordHistory parameter specifies the number of unique new passwords that need to be created on the mobile device before an old password can be reused.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRecoveryEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PasswordRecoveryEnabled parameter specifies whether the recovery password for the mobile device is stored in Exchange.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireDeviceEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RequireDeviceEncryption parameter specifies whether encryption is required on the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireEncryptedSMIMEMessages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RequireEncryptedSMIMEMessages parameter specifies whether the mobile device must send encrypted S/MIME messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireEncryptionSMIMEAlgorithm</span> </div> <div class="desc-html"><p>The RequireEncryptionSMIMEAlgorithm parameter specifies the algorithm that's required to encrypt S/MIME messages on a mobile device.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"DES"</code>, <code>"RC2128bit"</code>, <code>"RC240bit"</code>, <code>"RC264bit"</code>, <code>"TripleDES"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ss]|[Tt][Rr][Ii][Pp][Ll][Ee][Dd][Ee][Ss]|[Rr][Cc]240[Bb][Ii][Tt]|[Rr][Cc]264[Bb][Ii][Tt]|[Rr][Cc]2128[Bb][Ii][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireManualSyncWhenRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RequireSignedSMIMEAlgorithm parameter specifies the algorithm that's used to sign S/MIME messages on the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireSignedSMIMEAlgorithm</span> </div> <div class="desc-html"><p>The RequireSignedSMIMEAlgorithm parameter specifies the algorithm that's used to sign S/MIME messages on the mobile device.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"MD5"</code>, <code>"SHA1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Hh][Aa]1|[Mm][Dd]5)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireSignedSMIMEMessages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RequireSignedSMIMEMessages parameter specifies whether the mobile device must send signed S/MIME messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireStorageCardEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RequireStorageCardEncryption parameter specifies whether storage card encryption is required on the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnapprovedInROMApplicationList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The UnapprovedInROMApplicationList parameter specifies a list of applications that can't be run in ROM on the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UNCAccessEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UNCAccessEnabled parameter specifies whether access to Microsoft Windows file shares is enabled from the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WSSAccessEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WSSAccessEnabled parameter specifies whether access to Microsoft Windows SharePoint Services is enabled from the mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Mobile Device Mailbox Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.offlineaddressbook"> <div class="definition-header"> <span class="def-name">microsoft.exchange.offlineaddressbook</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Offline Address Books in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the Offline Address Book. The maximum length is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddressLists</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddressLists parameter specifies the address lists or global address lists that are included in the OAB. You can use any value that uniquely identifies the address list.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfiguredAttributes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ConfiguredAttributes parameter specifies the recipient MAPI properties that are available in the OAB.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DiffRetentionPeriod</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DiffRetentionPeriod parameter specifies the number of days that the OAB difference files are stored on the server.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsDefault parameter specifies whether the OAB is used by all mailboxes and mailbox databases that don't have an OAB specified.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Offline Address Book should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.omeconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.exchange.omeconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create a new OME Configuration policy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the OME Configuration policy that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BackgroundColor</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The BackgroundColor parameter specifies the background color</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisclaimerText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DisclaimerText parameter specifies the disclaimer text in the email that contains the encrypted message</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmailText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EmailText parameter specifies the default text that accompanies encrypted email messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalMailExpiryInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The ExternalMailExpiryInDays parameter specifies the number of days that the encrypted message is available to external recipients in the Microsoft 365 portal. A valid value is an integer from 0 to 730.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IntroductionText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The IntroductionText parameter specifies the default text that accompanies encrypted email messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OTPEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OTPEnabled parameter specifies whether to allow recipients to use a one-time passcode to view encrypted messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PortalText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PortalText parameter specifies the text that appears at the top of the encrypted email viewing portal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyStatementUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PrivacyStatementUrl parameter specifies the Privacy Statement link in the encrypted email notification message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReadButtonText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ReadButtonText parameter specifies the text that appears on the 'Read the message' button.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SocialIdSignIn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SocialIdSignIn parameter specifies whether a user is allowed to view an encrypted message in the Microsoft 365 admin center using their own social network id (Google, Yahoo, and Microsoft account).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.onpremisesorganization"> <div class="definition-header"> <span class="def-name">microsoft.exchange.onpremisesorganization</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures On-Premises Organization in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the identity of the on-premises organization object.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HybridDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The HybridDomains parameter specifies the domains that are configured in the hybrid deployment between an Office 365 tenant and an on-premises Exchange organization. The domains specified in this parameter must match the domains listed in the HybridConfiguration Active Directory object for the on-premises Exchange organization configured by the Hybrid Configuration wizard.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundConnector</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The InboundConnector parameter specifies the name of the inbound connector configured on the Microsoft Exchange Online Protection (EOP) service for a hybrid deployment configured with an on-premises Exchange organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundConnector</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OutboundConnector parameter specifies the name of the outbound connector configured on the EOP service for a hybrid deployment configured with an on-premises Exchange organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OrganizationName parameter specifies the Active Directory object name of the on-premises Exchange organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationGuid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OrganizationGuid parameter specifies the globally unique identifier (GUID) of the on-premises Exchange organization object in the Office 365 tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationRelationship</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OrganizationRelationship parameter specifies the organization relationship configured by the Hybrid Configuration wizard on the Office 365 tenant as part of a hybrid deployment with an on-premises Exchange organization. This organization relationship defines the federated sharing features enabled on the Office 365 tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the On-Premises Organization should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.organizationconfig"> <div class="definition-header"> <span class="def-name">microsoft.exchange.organizationconfig</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Exchange Online organization-wide settings.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivityBasedAuthenticationTimeoutEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ActivityBasedAuthenticationTimeoutEnabled parameter specifies whether the timed logoff feature is enabled. The default value is $true</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivityBasedAuthenticationTimeoutInterval</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ActivityBasedAuthenticationTimeoutInterval parameter specifies the time span for logoff. You enter this value as a time span: hh:mm:ss where hh = hours, mm = minutes and ss = seconds. Valid values for this parameter are from 00:05:00 to 08:00:00 (5 minutes to 8 hours). The default value is 06:00:00 (6 hours).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivityBasedAuthenticationTimeoutWithSingleSignOnEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ActivityBasedAuthenticationTimeoutWithSingleSignOnEnabled parameter specifies whether to keep single sign-on enabled. The default value is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsForOfficeEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AppsForOfficeEnabled parameter specifies whether to enable apps for Outlook features. By default, the parameter is set to $true. If the flag is set to $false, no new apps can be activated for any user in the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AsyncSendEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AsyncSendEnabled parameter specifies whether to enable or disable async send in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuditDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AuditDisabled parameter specifies whether to disable or enable mailbox auditing for the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutodiscoverPartialDirSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Setting this parameter to $true will cause unknown users to be redirected to the on-premises endpoint and will allow on-premises users to discover their mailbox automatically.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoExpandingArchive</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AutoExpandingArchive switch enables the unlimited archiving feature (called auto-expanding archiving) in an Exchange Online organization. You don't need to specify a value with this switch.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockMoveMessagesForGroupFolders</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for BlockMoveMessagesForGroupFolders</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsAddressEntryRestricted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsAddressEntryRestricted parameter specifies whether addresses can be collected from Bookings customers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsAuthEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsAuthEnabled parameter specifies whether to enforce authentication to access all published Bookings pages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsBlockedWordsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for BookingsBlockedWordsEnabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsCreationOfCustomQuestionsRestricted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsCreationOfCustomQuestionsRestricted parameter specifies whether Bookings admins can add custom questions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsEnabled parameter specifies whether to enable Microsoft Bookings in an organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsExposureOfStaffDetailsRestricted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsExposureOfStaffDetailsRestricted parameter specifies whether the attributes of internal Bookings staff members are visible to external Bookings customers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsMembershipApprovalRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsMembershipApprovalRequired parameter enables a membership approval requirement when new staff members are added to Bookings calendars.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsNamingPolicyEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for BookingsNamingPolicyEnabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsNamingPolicyPrefix</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>No description available for BookingsNamingPolicyPrefix</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsNamingPolicyPrefixEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for BookingsNamingPolicyPrefixEnabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsNamingPolicySuffix</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>No description available for BookingsNamingPolicySuffix</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsNamingPolicySuffixEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for BookingsNamingPolicySuffixEnabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsNotesEntryRestricted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsNotesEntryRestricted parameter specifies whether appointment notes can be collected from Bookings customers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsPaymentsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsPaymentsEnabled parameter specifies whether to enable online payment node inside Bookings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsPhoneNumberEntryRestricted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsPhoneNumberEntryRestricted parameter specifies whether phone numbers can be collected from Bookings customers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsSearchEngineIndexDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for BookingsSearchEngineIndexDisabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsSmsMicrosoftEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for BookingsSmsMicrosoftEnabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsSocialSharingRestricted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BookingsSocialSharingRestricted parameter allows you to control whether, or not, your users can see social sharing options inside Bookings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ByteEncoderTypeFor7BitCharsets</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The ByteEncoderTypeFor7BitCharsets parameter specifies the 7-bit transfer encoding method for MIME format for messages sent to this remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ComplianceMLBgdCrawlEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for ComplianceMLBgdCrawlEnabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorsActionableMessagesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConnectorsActionableMessagesEnabled parameter specifies whether to enable or disable actionable buttons in messages (connector cards) from connected apps on Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConnectorsEnabled parameter specifies whether to enable or disable all connected apps in organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorsEnabledForOutlook</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConnectorsEnabledForOutlook parameter specifies whether to enable or disable connected apps in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorsEnabledForSharepoint</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConnectorsEnabledForSharepoint parameter specifies whether to enable or disable connected apps on Sharepoint.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorsEnabledForTeams</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConnectorsEnabledForTeams parameter specifies whether to enable or disable connected apps on Teams.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorsEnabledForYammer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConnectorsEnabledForYammer parameter specifies whether to enable or disable connected apps on Yammer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomerLockboxEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Customer Lockbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultAuthenticationPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultAuthenticationPolicy parameter specifies the authentication policy that's used for the whole organization. You can use any value that uniquely identifies the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultGroupAccessType</span> </div> <div class="desc-html"><p>The DefaultGroupAccessType parameter specifies the default access type for Office 365 groups.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Private"</code>, <code>"Public"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ii][Vv][Aa][Tt][Ee]|[Pp][Uu][Bb][Ll][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultMinutesToReduceLongEventsBy</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The DefaultMinutesToReduceLongEventsBy parameter specifies the number of minutes to reduce calendar events by if the events are 60 minutes or longer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultMinutesToReduceShortEventsBy</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The DefaultMinutesToReduceShortEventsBy parameter specifies the number of minutes to reduce calendar events by if the events are less than 60 minutes long.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultPublicFolderAgeLimit</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultPublicFolderAgeLimit parameter specifies the default age limit for the contents of public folders across the entire organization. Content in a public folder is automatically deleted when this age limit is exceeded. This attribute applies to all public folders in the organization that don't have their own AgeLimit setting. To specify a value, enter it as a time span: dd.hh:mm:ss where d = days, h = hours, m = minutes, and s = seconds. Or, enter the value $null. The default value is blank ($null).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultPublicFolderDeletedItemRetention</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultPublicFolderDeletedItemRetention parameter specifies the default value of the length of time to retain deleted items for public folders across the entire organization. This attribute applies to all public folders in the organization that don't have their own RetainDeletedItemsFor attribute set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultPublicFolderIssueWarningQuota</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultPublicFolderIssueWarningQuota parameter specifies the default value across the entire organization for the public folder size at which a warning message is sent to this folder's owners, warning that the public folder is almost full. This attribute applies to all public folders within the organization that don't have their own warning quota attribute set. The default value of this attribute is unlimited. The valid input range for this parameter is from 0 through 2199023254529 bytes(2 TB). If you enter a value of unlimited, no size limit is imposed on the public folder.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultPublicFolderMaxItemSize</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultPublicFolderMaxItemSize parameter specifies the default maximum size for posted items within public folders across the entire organization. Items larger than the value of the DefaultPublicFolderMaxItemSize parameter are rejected. This attribute applies to all public folders within the organization that don't have their own MaxItemSize attribute set. The default value of this attribute is unlimited.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultPublicFolderMovedItemRetention</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultPublicFolderMovedItemRetention parameter specifies how long items that have been moved between mailboxes are kept in the source mailbox for recovery purposes before being removed by the Public Folder Assistant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultPublicFolderProhibitPostQuota</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultPublicFolderProhibitPostQuota parameter specifies the size of a public folder at which users are notified that the public folder is full. Users can't post to a folder whose size is larger than the DefaultPublicFolderProhibitPostQuota parameter value. The default value of this attribute is unlimited.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DirectReportsGroupAutoCreationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DirectReportsGroupAutoCreationEnabled parameter specifies whether to enable or disable the automatic creation of direct report Office 365 groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisablePlusAddressInRecipients</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DisablePlusAddressInRecipients parameter specifies whether to enable or disable plus addressing (also known as subaddressing) for Exchange Online mailboxes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DistributionGroupDefaultOU</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DistributionGroupDefaultOU parameter specifies the container where distribution groups are created by default.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DistributionGroupNameBlockedWordsList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The DistributionGroupNameBlockedWordsList parameter specifies words that can't be included in the names of distribution groups. Separate multiple values with commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DistributionGroupNamingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DistributionGroupNamingPolicy parameter specifies the template applied to the name of distribution groups that are created in the organization. You can enforce that a prefix or suffix be applied to all distribution groups. Prefixes and suffixes can be either a string or an attribute, and you can combine strings and attributes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ElcProcessingDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ElcProcessingDisabled parameter specifies whether to enable or disable the processing of mailboxes by the Managed Folder Assistant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableOutlookEvents</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableOutlookEvents parameter specifies whether Outlook or Outlook on the web automatically discovers events from email messages and adds them to user calendars.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndUserDLUpgradeFlowsDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EndUserDLUpgradeFlowsDisabled parameter specifies whether to prevent users from upgrading their own distribution groups to Office 365 groups in an Exchange Online organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EwsAllowEntourage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EwsAllowEntourage parameter specifies whether to enable or disable Entourage 2008 to access Exchange Web Services (EWS) for the entire organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EwsAllowList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EwsAllowList parameter specifies the applications that are allowed to access EWS or REST when the EwsApplicationAccessPolicy parameter is set to EwsAllowList. Other applications that aren't specified by this parameter aren't allowed to access EWS or REST. You identify the application by its user agent string value. Wildcard characters (*) are supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EwsAllowMacOutlook</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EwsAllowMacOutlook parameter enables or disables access to mailboxes by Outlook for Mac clients that use Exchange Web Services (for example, Outlook for Mac 2011 or later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EwsAllowOutlook</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EwsAllowOutlook parameter enables or disables access to mailboxes by Outlook clients that use Exchange Web Services. Outlook uses Exchange Web Services for free/busy, out-of-office settings, and calendar sharing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EwsApplicationAccessPolicy</span> </div> <div class="desc-html"><p>The EwsApplicationAccessPolicy parameter specifies the client applications that have access to EWS and REST.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"EnforceAllowList"</code>, <code>"EnforceBlockList"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Ff][Oo][Rr][Cc][Ee][Aa][Ll][Ll][Oo][Ww][Ll][Ii][Ss][Tt]|[Ee][Nn][Ff][Oo][Rr][Cc][Ee][Bb][Ll][Oo][Cc][Kk][Ll][Ii][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EwsBlockList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EwsBlockList parameter specifies the applications that aren't allowed to access EWS or REST when the EwsApplicationAccessPolicy parameter is set to EnforceBlockList. All other applications that aren't specified by this parameter are allowed to access EWS or REST. You identify the application by its user agent string value. Wildcard characters (*) are supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EwsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EwsEnabled parameter specifies whether to globally enable or disable EWS access for the entire organization, regardless of what application is making the request.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeNotificationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExchangeNotificationEnabled parameter enables or disables Exchange notifications sent to administrators regarding their organizations. Valid input for this parameter is $true or $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeNotificationRecipients</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeNotificationRecipients parameter specifies the recipients for Exchange notifications sent to administrators regarding their organizations. If the ExchangeNotificationEnabled parameter is set to $false, no notification messages are sent. Be sure to enclose values that contain spaces in quotation marks and separate multiple values with commas. If this parameter isn't set, Exchange notifications are sent to all administrators.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindTimeAttendeeAuthenticationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FindTimeAttendeeAuthenticationEnabled parameter controls whether attendees are required to verify their identity in meeting polls using the FindTime Outlook add-in.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindTimeAutoScheduleDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FindTimeAutoScheduleDisabled parameter controls automatically scheduling the meeting once a consensus is reached in meeting polls using the FindTime Outlook add-in.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindTimeLockPollForAttendeesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FindTimeLockPollForAttendeesEnabled controls whether the Lock poll for attendees setting is managed by the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindTimeOnlineMeetingOptionDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FindTimeOnlineMeetingOptionDisabled parameter controls the availability of the Online meeting checkbox for Teams in meeting polls using the FindTime Outlook add-in.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FocusedInboxOn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FocusedInboxOn parameter enables or disables Focused Inbox for the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HierarchicalAddressBookRoot</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The HierarchicalAddressBookRoot parameter specifies the user, contact, or group to be used as the root organization for a hierarchical address book in the Exchange organization. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IPListBlocked</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The IPListBlocked parameter specifies the blocked IP addresses that aren't allowed to connect to Exchange Online organization. These settings affect client connections that use Basic authentication where on-premises Active Directory Federation Services (ADFS) servers federate authentication with Azure Active Directory. Note that the new settings might take up to 4 hours to fully propagate across the service.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsGroupFoldersAndRulesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for IsGroupFoldersAndRulesEnabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsGroupMemberAllowedToEditContent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for IsGroupMemberAllowedToEditContent</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LeanPopoutEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The LeanPopoutEnabled parameter specifies whether to enable faster loading of pop-out messages in Outlook on the web for Internet Explorer and Microsoft Edge.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LinkPreviewEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The LinkPreviewEnabled parameter specifies whether link preview of URLs in email messages is allowed for the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsAllTipsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MailTipsAllTipsEnabled parameter specifies whether MailTips are enabled. The default value is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsExternalRecipientsTipsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MailTipsExternalRecipientsTipsEnabled parameter specifies whether MailTips for external recipients are enabled. The default value is $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsGroupMetricsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MailTipsGroupMetricsEnabled parameter specifies whether MailTips that rely on group metrics data are enabled. The default value is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsLargeAudienceThreshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The MailTipsLargeAudienceThreshold parameter specifies what a large audience is. The default value is 25.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsMailboxSourcedTipsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MailTipsMailboxSourcedTipsEnabled parameter specifies whether MailTips that rely on mailbox data (out-of-office or full mailbox) are enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaskClientIpInReceivedHeadersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for MaskClientIpInReceivedHeadersEnabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MatchSenderOrganizerProperties</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for MatchSenderOrganizerProperties.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageHighlightsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for MessageHighlightsEnabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageRecallEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MessageRecallEnabled parameter enables or disables the message recall feature in the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageRemindersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MessageRemindersEnabled parameter enables or disables the message reminders feature in the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MobileAppEducationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MobileAppEducationEnabled specifies whether to show or hide the Outlook for iOS and Android education reminder in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OAuth2ClientProfileEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OAuth2ClientProfileEnabled parameter enables or disables modern authentication in the Exchange organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnlineMeetingsByDefaultEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OnlineMeetingsByDefaultEnabled parameter specifies whether to set all meetings as Teams by default during meeting creation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutlookGifPickerDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OutlookGifPickerDisabled parameter disables the GIF Search (powered by Bing) feature that's built into the Compose page in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutlookMobileGCCRestrictionsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OutlookMobileGCCRestrictionsEnabled parameter specifies whether to enable or disable features within Outlook for iOS and Android that are not FedRAMP compliant for Office 365 US Government Community Cloud (GCC) customers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutlookPayEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OutlookPayEnabled parameter enables or disables Payments in Outlook in the Office 365 organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutlookTextPredictionDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for OutlookTextPredictionDisabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicComputersDetectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PublicComputersDetectionEnabled parameter specifies whether Outlook on the web will detect when a user signs from a public or private computer or network, and then enforces the attachment handling settings from public networks. The default is $false. However, if you set this parameter to $true, Outlook on the web will determine if the user is signing in from a public computer, and all public attachment handling rules will be applied and enforced.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicFoldersEnabled</span> </div> <div class="desc-html"><p>The PublicFoldersEnabled parameter specifies how public folders are deployed in your organization.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Local"</code>, <code>"None"</code>, <code>"Remote"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ll][Oo][Cc][Aa][Ll]|[Rr][Ee][Mm][Oo][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicFolderShowClientControl</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PublicFolderShowClientControl parameter enables or disables access to public folders in Microsoft Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReadTrackingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ReadTrackingEnabled parameter specifies whether the tracking for read status for messages in an organization is enabled. The default value is $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecallReadMessagesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for RecallReadMessagesEnabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemotePublicFolderMailboxes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemotePublicFolderMailboxes parameter specifies the identities of the public folder objects (represented as mail user objects locally) corresponding to the public folder mailboxes created in the remote forest. The public folder values set here are used only if the public folder deployment is a remote deployment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SendFromAliasEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SendFromAliasEnabled parameter allows mailbox users to send messages using aliases (proxy addresses). It does this by disabling the rewriting of aliases to their primary SMTP address. This change is implemented in the Exchange Online service</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharedDomainEmailAddressFlowEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available for SharedDomainEmailAddressFlowEnabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShortenEventScopeDefault</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ShortenEventScopeDefault parameter specifies whether calendar events start late or end early in the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteMailboxCreationURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SiteMailboxCreationURL parameter specifies the URL that's used to create site mailboxes. Site mailboxes improve collaboration and user productivity by allowing access to both SharePoint documents and Exchange email in Outlook 2013 or later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmtpActionableMessagesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SmtpActionableMessagesEnabled parameter specifies whether to enable or disable action buttons in email messages in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VisibleMeetingUpdateProperties</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The VisibleMeetingUpdateProperties parameter specifies whether meeting message updates will be auto-processed on behalf of attendees. Auto-processed updates are applied to the attendee's calendar item, and then the meeting message is moved to the deleted items. The attendee never sees the update in their inbox, but their calendar is updated.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebPushNotificationsDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WebPushNotificationsDisabled parameter specifies whether to enable or disable Web Push Notifications in Outlook on the Web. This feature provides web push notifications which appear on a user's desktop while the user is not using Outlook on the Web. This brings awareness of incoming messages while they are working elsewhere on their computer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebSuggestedRepliesDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WebSuggestedRepliesDisabled parameter specifies whether to enable or disable Suggested Replies in Outlook on the web. This feature provides suggested replies to emails so users can easily and quickly respond to messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkspaceTenantEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WorkspaceTenantEnabled parameter enables or disables workspace booking in the organization.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.organizationrelationship"> <div class="definition-header"> <span class="def-name">microsoft.exchange.organizationrelationship</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Organization Relationship in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the organization relationship. The maximum length is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ArchiveAccessEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ArchiveAccessEnabled parameter specifies whether the organization relationship has been configured to provide remote archive access.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeliveryReportEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DeliveryReportEnabled parameter specifies whether Delivery Reports should be shared over the organization relationship.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DomainNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The DomainNames parameter specifies the SMTP domains of the external organization. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether to enable the organization relationship.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FreeBusyAccessEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FreeBusyAccessEnabled parameter specifies whether the organization relationship should be used to retrieve free/busy information from the external organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FreeBusyAccessLevel</span> </div> <div class="desc-html"><p>The FreeBusyAccessLevel parameter specifies the maximum amount of detail returned to the requesting organization. Valid values are: None, AvailabilityOnly or LimitedDetails</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AvailabilityOnly"</code>, <code>"LimitedDetails"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ii][Ll][Ii][Tt][Yy][Oo][Nn][Ll][Yy]|[Ll][Ii][Mm][Ii][Tt][Ee][Dd][Dd][Ee][Tt][Aa][Ii][Ll][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FreeBusyAccessScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The FreeBusyAccessScope parameter specifies a mail-enabled security group in the internal organization that contains users whose free/busy information is accessible by an external organization. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailboxMoveEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MailboxMoveEnabled parameter specifies whether the organization relationship enables moving mailboxes to or from the external organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailboxMoveCapability</span> </div> <div class="desc-html"><p>The MailboxMoveCapability parameter is used in cross-tenant mailbox migrations.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Inbound"</code>, <code>"None"</code>, <code>"Outbound"</code>, <code>"RemoteInbound"</code>, <code>"RemoteOutbound"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Bb][Oo][Uu][Nn][Dd]|[Oo][Uu][Tt][Bb][Oo][Uu][Nn][Dd]|[Rr][Ee][Mm][Oo][Tt][Ee][Ii][Nn][Bb][Oo][Uu][Nn][Dd]|[Rr][Ee][Mm][Oo][Tt][Ee][Oo][Uu][Tt][Bb][Oo][Uu][Nn][Dd]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailboxMovePublishedScopes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The MailboxMovePublishedScopes parameter is used in cross-tenant mailbox migrations to specify the mail-enabled security groups whose members are allowed to migrate.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsAccessEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MailTipsAccessEnabled parameter specifies whether MailTips for users in this organization are returned over this organization relationship.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsAccessLevel</span> </div> <div class="desc-html"><p>The MailTipsAccessLevel parameter specifies the level of MailTips data externally shared over this organization relationship. This parameter can have the following values: All, Limited, None</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"Limited"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Ll][Ll]|[Ll][Ii][Mm][Ii][Tt][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailTipsAccessScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MailTipsAccessScope parameter specifies a mail-enabled security group in the internal organization that contains users whose free/busy information is accessible by an external organization. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OauthApplicationId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OAuthApplicationId is used in cross-tenant mailbox migrations to specify the application ID of the mailbox migration app that you consented to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationContact</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OrganizationContact parameter specifies the email address that can be used to contact the external organization (for example, administrator@fourthcoffee.com).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PhotosEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PhotosEnabled parameter specifies whether photos for users in the internal organization are returned over the organization relationship.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetApplicationUri</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TargetApplicationUri parameter specifies the target Uniform Resource Identifier (URI) of the external organization. The TargetApplicationUri parameter is specified by Exchange when requesting a delegated token to retrieve free and busy information, for example, mail.contoso.com.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetAutodiscoverEpr</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TargetAutodiscoverEpr parameter specifies the Autodiscover URL of Exchange Web Services for the external organization. Exchange uses Autodiscover to automatically detect the correct Exchangeserver endpoint to use for external requests.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetOwaURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TargetOwaURL parameter specifies the Outlook on the web (formerly Outlook Web App) URL of the external organization that's defined in the organization relationship. It is used for Outlook on the web redirection in a cross-premise Exchange scenario. Configuring this attribute enables users in the organization to use their current Outlook on the web URL to access Outlook on the web in the external organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetSharingEpr</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TargetSharingEpr parameter specifies the URL of the target Exchange Web Services for the external organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the OrganizationRelationship should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.outboundconnector"> <div class="definition-header"> <span class="def-name">microsoft.exchange.outboundconnector</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create a new Inbound connector in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the outbound connector that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether connector is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseMXRecord</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether connector should use MXRecords for target resolution.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorSource</span> </div> <div class="desc-html"><p>The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS!</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Default"</code>, <code>"HybridWizard"</code>, <code>"Migrated"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Mm][Ii][Gg][Rr][Aa][Tt][Ee][Dd]|[Hh][Yy][Bb][Rr][Ii][Dd][Ww][Ii][Zz][Aa][Rr][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectorType</span> </div> <div class="desc-html"><p>The ConnectorType parameter specifies a category for the domains that are serviced by the connector.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"OnPremises"</code>, <code>"Partner"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Aa][Rr][Tt][Nn][Ee][Rr]|[Oo][Nn][Pp][Rr][Ee][Mm][Ii][Ss][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomains parameter specifies the domain that the Outbound connector routes mail to. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartHosts</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SmartHosts parameter specifies the smart hosts the Outbound connector uses to route mail. This parameter is required if you set the UseMxRecord parameter to $false and must be specified on the same command line.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TlsDomain</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TlsDomain parameter specifies the domain name that the Outbound connector uses to verify the FQDN of the target certificate when establishing a TLS secured connection. This parameter is only used if the TlsSettings parameter is set to DomainValidation. Valid input for the TlsDomain parameter is an SMTP domain. You can use a wildcard character to specify all subdomains of a specified domain, as shown in the following example: <em>.contoso.com. However, you can't embed a wildcard character, as shown in the following example: domain.</em>.contoso.com</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TlsSettings</span> </div> <div class="desc-html"><p>The TlsSettings parameter specifies the TLS authentication level that's used for outbound TLS connections established by this Outbound connector.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"CertificateValidation"</code>, <code>"DomainValidation"</code>, <code>"EncryptionOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ii][Oo][Nn][Oo][Nn][Ll][Yy]|[Cc][Ee][Rr][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ee][Vv][Aa][Ll][Ii][Dd][Aa][Tt][Ii][Oo][Nn]|[Dd][Oo][Mm][Aa][Ii][Nn][Vv][Aa][Ll][Ii][Dd][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsTransportRuleScoped</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsTransportRuleScoped parameter specifies whether the Outbound connector is associated with a transport rule (also known as a mail flow rule).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RouteAllMessagesViaOnPremises</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RouteAllMessagesViaOnPremises parameter specifies that all messages serviced by this connector are first routed through the on-premises messaging system (Centralized mailrouting).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CloudServicesMailEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY!</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllAcceptedDomains</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllAcceptedDomains parameter specifies whether the Outbound connector is used in hybrid organizations where message recipients are in accepted domains of the cloud-based organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderRewritingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SenderRewritingEnabled parameter specifies that all messages that normally qualify for SRS rewriting are rewritten for routing through the on-premises email system.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TestMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TestMode parameter specifies whether you want to enabled or disable test mode for the Outbound connector.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ValidationRecipients</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ValidationRecipients parameter specifies the email addresses of the validation recipients for the Outbound connector. You can specify multiple email addresses separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.owamailboxpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.owamailboxpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures OWA Mailbox Policies in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name for the policy. The maximum length is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountTransferEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AccountTransferEnabled parameter specifies whether to enable or disable QR code sign-in. By default, QR code sign-in is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActionForUnknownFileAndMIMETypes</span> </div> <div class="desc-html"><p>The ActionForUnknownFileAndMIMETypes parameter specifies how to handle file types that aren't specified in the Allow, Block, and Force Save lists for file types and MIME types</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Allow"</code>, <code>"Block"</code>, <code>"ForceSave"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww]|[Ff][Oo][Rr][Cc][Ee][Ss][Aa][Vv][Ee]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveSyncIntegrationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ActiveSyncIntegrationEnabled parameter specifies whether to enable or disable Exchange ActiveSync settings in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdditionalAccountsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdditionalStorageProvidersAvailable</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AdditionalStorageProvidersAvailable parameter specifies whether to allow additional storage providers (for example, Box, Dropbox, Facebook, Google Drive, Egnyte, personal OneDrive) attachments in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllAddressListsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllAddressListsEnabled parameter specifies which address lists are available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCopyContactsToDeviceAddressBook</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowCopyContactsToDeviceAddressBook parameter specifies whether users can copy the contents of their Contacts folder to a mobile device's native address book when using Outlook on the web for devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedFileTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AllowedFileTypes parameter specifies the attachment file types (file extensions) that can be saved locally or viewed from Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedMimeTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AllowedMimeTypes parameter specifies the MIME extensions of attachments that allow the attachments to be saved locally or viewed from Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedFileTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The BlockedFileTypes parameter specifies a list of attachment file types (file extensions) that can't be saved locally or viewed from Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedMimeTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The BlockedMimeTypes parameter specifies MIME extensions in attachments that prevent the attachments from being saved locally or viewed from Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BookingsMailboxCreationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ChangeSettingsAccountEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassicAttachmentsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ClassicAttachmentsEnabled parameter specifies whether users can attach local files as regular email attachments in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConditionalAccessPolicy</span> </div> <div class="desc-html"><p>The ConditionalAccessPolicy parameter specifies the Outlook on the Web Policy for limited access. For this feature to work properly, you also need to configure a Conditional Access policy in the Azure Active Directory Portal.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Off"</code>, <code>"ReadOnly"</code>, <code>"ReadOnlyPlusAttachmentsBlocked"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Rr][Ee][Aa][Dd][Oo][Nn][Ll][Yy]|[Rr][Ee][Aa][Dd][Oo][Nn][Ll][Yy][Pp][Ll][Uu][Ss][Aa][Tt][Tt][Aa][Cc][Hh][Mm][Ee][Nn][Tt][Ss][Bb][Ll][Oo][Cc][Kk][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultTheme</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultTheme parameter specifies the default theme that's used in Outlook on the web when the user hasn't selected a theme. The default value is blank ($null).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DirectFileAccessOnPrivateComputersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DirectFileAccessOnPrivateComputersEnabled parameter specifies the left-click options for attachments in Outlook on the web for private computer sessions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DirectFileAccessOnPublicComputersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DirectFileAccessOnPrivateComputersEnabled parameter specifies the left-click options for attachments in Outlook on the web for public computer sessions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableFacebook</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DisableFacebook switch specifies whether users can synchronize their Facebook contacts to their Contacts folder in Outlook on the web. By default, Facebook integration is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayPhotosEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DisplayPhotosEnabled parameter specifies whether users see sender photos in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExplicitLogonEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExplicitLogonEnabled parameter specifies whether to allow a user to open someone else's mailbox in Outlook on the web (provided that user has permissions to the mailbox).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalImageProxyEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExternalImageProxyEnabled parameter specifies whether to load all external images through the Outlook external image proxy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalSPMySiteHostURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExternalSPMySiteHostURL specifies the My Site Host URL for external users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeedbackEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FeedbackEnabled parameter specifies whether to enable or disable inline feedback surveys in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceSaveAttachmentFilteringEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ForceSaveAttachmentFilteringEnabled parameter specifies whether files are filtered before they can be saved from Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceSaveFileTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ForceSaveFileTypes parameter specifies the attachment file types (file extensions) that can only be saved from Outlook on the web (not opened).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceSaveMimeTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ForceSaveMimeTypes parameter specifies the MIME extensions in attachments that only allow the attachments to be saved locally (not opened).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceWacViewingFirstOnPrivateComputers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ForceWacViewingFirstOnPrivateComputers parameter specifies whether private computers must first preview an Office file as a web page in Office Online Server (formerly known as Office Web Apps Server and Web Access Companion Server) before opening the file in the local application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceWacViewingFirstOnPublicComputers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ForceWacViewingFirstOnPublicComputers parameter specifies whether public computers must first preview an Office file as a web page in Office Online Server before opening the file in the local application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FreCardsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The FreCardsEnabled parameter specifies whether the theme, signature, and phone cards are available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalAddressListEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The GlobalAddressListEnabled parameter specifies whether the global address list is available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupCreationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The GroupCreationEnabled parameter specifies whether Office 365 group creation is available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstantMessagingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The InstantMessagingEnabled parameter specifies whether instant messaging is available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstantMessagingType</span> </div> <div class="desc-html"><p>The InstantMessagingType parameter specifies the type of instant messaging provider in Outlook on the web.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"None"</code>, <code>"Ocs"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Oo][Cc][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InterestingCalendarsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The InterestingCalendarsEnabled parameter specifies whether interesting calendars are available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalSPMySiteHostURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The InternalSPMySiteHostURL specifies the My Site Host URL for internal users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IRMEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IRMEnabled parameter specifies whether Information Rights Management (IRM) features are available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ItemsToOtherAccountsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsDefault switch specifies whether the Outlook on the web policy is the default policy that's used to configure the Outlook on the web settings for new mailboxes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">JournalEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The JournalEnabled parameter specifies whether the Journal folder is available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalEventsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The LocalEventsEnabled parameter specifies whether local events calendars are available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LogonAndErrorLanguage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The LogonAndErrorLanguage parameter specifies the language that used in Outlook on the web for forms-based authentication and for error messages when a user's current language setting can't be read. A valid value is a supported Microsoft Windows Language Code Identifier (LCID). For example, 1033 is US English.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessagePreviewsDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The NotesEnabled parameter specifies whether the Notes folder is available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NpsSurveysEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The NpsSurveysEnabled parameter specifies whether to enable or disable the Net Promoter Score (NPS) survey in Outlook on the web. The survey allows uses to rate Outlook on the web on a scale of 1 to 5, and to provide feedback and suggested improvements in free text.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneWinNativeOutlookEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OneWinNativeOutlookEnabled parameter controls the availability of the new Outlook for Windows App.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When the OrganizationEnabled parameter is set to $false, the Automatic Reply option doesn't include external and internal options, the address book doesn't show the organization hierarchy, and the Resources tab in Calendar forms is disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnSendAddinsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OnSendAddinsEnabled parameter specifies whether to enable or disable on send add-ins in Outlook on the web (add-ins that support events when a user clicks Send).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundCharset</span> </div> <div class="desc-html"><p>The OutboundCharset parameter specifies the character set that's used for outgoing messages in Outlook on the web.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AlwaysUTF8"</code>, <code>"AutoDetect"</code>, <code>"UserLanguageChoice"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Uu][Tt][Oo][Dd][Ee][Tt][Ee][Cc][Tt]|[Aa][Ll][Ww][Aa][Yy][Ss][Uu][Tt][Ff]8|[Uu][Ss][Ee][Rr][Ll][Aa][Nn][Gg][Uu][Aa][Gg][Ee][Cc][Hh][Oo][Ii][Cc][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutlookBetaToggleEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OutlookBetaToggleEnabled parameter specifies whether to enable or disable the Outlook on the web Preview toggle. The Preview toggle allows users to try the new Outlook on the web experience.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OWALightEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OWALightEnabled parameter controls the availability of the light version of Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalAccountsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalAccountCalendarsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PersonalAccountCalendarsEnabled parameter specifies whether to allow users to connect to their personal Outlook.com or Google Calendar in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PhoneticSupportEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PhoneticSupportEnabled parameter specifies phonetically spelled entries in the address book. This parameter is available for use in Japan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PlacesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PlacesEnabled parameter specifies whether to enable or disable Places in Outlook on the web. Places lets users search, share, and map location details by using Bing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PremiumClientEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PremiumClientEnabled parameter controls the availability of the full version of Outlook Web App.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrintWithoutDownloadEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PrintWithoutDownloadEnabled specifies whether to allow printing of supported files without downloading the attachment in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProjectMocaEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ProjectMocaEnabled parameter enables or disables access to Project Moca in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicFoldersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PublicFoldersEnabled parameter specifies whether a user can browse or read items in public folders in Outlook Web App.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoverDeletedItemsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RecoverDeletedItemsEnabled parameter specifies whether a user can use Outlook Web App to view, recover, or delete permanently items that have been deleted from the Deleted Items folder.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReferenceAttachmentsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ReferenceAttachmentsEnabled parameter specifies whether users can attach files from the cloud as linked attachments in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemindersAndNotificationsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RemindersAndNotificationsEnabled parameter specifies whether notifications and reminders are enabled in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportJunkEmailEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ReportJunkEmailEnabled parameter specifies whether users can report messages to Microsoft or unsubscribe from messages in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RulesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RulesEnabled parameter specifies whether a user can view, create, or modify server-side rules in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SatisfactionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SatisfactionEnabled parameter specifies whether to enable or disable the satisfaction survey.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SaveAttachmentsToCloudEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SaveAttachmentsToCloudEnabled parameter specifies whether users can save regular email attachments to the cloud.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchFoldersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SearchFoldersEnabled parameter specifies whether Search Folders are available in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetPhotoEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SetPhotoEnabled parameter specifies whether users can add, change, and remove their sender photo in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetPhotoURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SetPhotoURL parameter controls where users go to select their photo. Note that you can't specify a URL that contains one or more picture files, as there is no mechanism to copy a URL photo to the properties of the users' Exchange Online mailboxes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShowOnlineArchiveEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>No description available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignaturesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SignaturesEnabled parameter specifies whether to enable or disable the use of signatures in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SkipCreateUnifiedGroupCustomSharepointClassification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SkipCreateUnifiedGroupCustomSharepointClassification parameter specifies whether to skip a custom SharePoint page during the creation of Office 365 Groups in Outlook web app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamSnapCalendarsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TeamSnapCalendarsEnabled parameter specifies whether to allow users to connect to their personal TeamSnap calendars in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TextMessagingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TextMessagingEnabled parameter specifies whether users can send and receive text messages in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ThemeSelectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ThemeSelectionEnabled parameter specifies whether users can change the theme in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UMIntegrationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UMIntegrationEnabled parameter specifies whether Unified Messaging (UM) integration is enabled in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseGB18030</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UseGB18030 parameter specifies whether to use the GB18030 character set instead of GB2312 in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseISO885915</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UseISO885915 parameter specifies whether to use the character set ISO8859-15 instead of ISO8859-1 in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserVoiceEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UserVoiceEnabled parameter specifies whether to enable or disable Outlook UserVoice in Outlook on the web. Outlook UserVoice is a customer feedback area that's available in Office 365.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WacEditingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WacEditingEnabled parameter specifies whether to enable or disable editing documents in Outlook on the web by using Office Online Server (formerly known as Office Web Apps Server and Web Access Companion Server).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WacExternalServicesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WacExternalServicesEnabled parameter specifies whether to enable or disable external services when viewing documents in Outlook on the web (for example, machine translation) by using Office Online Server.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WacOMEXEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WacOMEXEnabled parameter specifies whether to enable or disable apps for Outlook in Outlook on the web in Office Online Server.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WacViewingOnPrivateComputersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WacViewingOnPrivateComputersEnabled parameter specifies whether to enable or disable web viewing of supported Office documents private computer sessions in Office Online Server (formerly known as Office Web Apps Server and Web Access Companion Server). By default, all Outlook on the web sessions are considered to be on private computers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WacViewingOnPublicComputersEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WacViewingOnPublicComputersEnabled parameter specifies whether to enable or disable web viewing of supported Office documents in public computer sessions in Office Online Server.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WeatherEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The WeatherEnabled parameter specifies whether to enable or disable weather information in the calendar in Outlook on the web.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebPartsFrameOptionsType</span> </div> <div class="desc-html"><p>The WebPartsFrameOptionsType parameter specifies what sources can access web parts in IFRAME or FRAME elements in Outlook on the web.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Deny"</code>, <code>"None"</code>, <code>"SameOrigin"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ss][Aa][Mm][Ee][Oo][Rr][Ii][Gg][Ii][Nn]|[Dd][Ee][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the OWA Mailbox Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.partnerapplication"> <div class="definition-header"> <span class="def-name">microsoft.exchange.partnerapplication</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Partner Applications in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies a new name for the partner application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationIdentifier</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplicationIdentifier parameter specifies a unique application identifier for the partner application that uses an authorization server.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AcceptSecurityIdentifierInformation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AcceptSecurityIdentifierInformation parameter specifies whether Exchange should accept security identifiers (SIDs) from another trusted Active Directory forest for the partner application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountType</span> </div> <div class="desc-html"><p>The AccountType parameter specifies the type of Microsoft account that's required for the partner application.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ConsumerAccount"</code>, <code>"OrganizationalAccount"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Aa][Ll][Aa][Cc][Cc][Oo][Uu][Nn][Tt]|[Cc][Oo][Nn][Ss][Uu][Mm][Ee][Rr][Aa][Cc][Cc][Oo][Uu][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether the partner application is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LinkedAccount</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The LinkedAccount parameter specifies a linked Active Directory user account for the application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Partner Application should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.perimeterconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.exchange.perimeterconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Modify the perimeter Configuration policy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GatewayIPAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Use the GatewayIPAddresses parameter to create or modify a list of gateway server IP addresses to add to IP safelists.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.place"> <div class="definition-header"> <span class="def-name">microsoft.exchange.place</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a place in Exchange Online (e.g., room).</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the room mailbox that you want to modify. You can use any value that uniquely identifies the room.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The display name of the place.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AudioDeviceName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AudioDeviceName parameter specifies the name of the audio device in the room. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Building</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Building parameter specifies the building name or building number that the room is in. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Capacity</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Capacity parameter specifies the capacity of the room. A valid value is an integer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">City</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The City parameter specifies the room's city. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CountryOrRegion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CountryOrRegion parameter specifies the room's country or region. A valid value is a valid ISO 3166-1 two-letter country code (for example, AU for Australia) or the corresponding friendly name for the country (which might be different from the official ISO 3166 Maintenance Agency short name).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Desks</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayDeviceName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DisplayDeviceName parameter specifies the name of the display device in the room. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Floor</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Floor parameter specifies the floor number that the room is on.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FloorLabel</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The FloorLabel parameter specifies a descriptive label for the floor that the room is on. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GeoCoordinates</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The GeoCoordinates parameter specifies the room's location in latitude, longitude and (optionally) altitude coordinates.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsWheelChairAccessible</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsWheelChairAccessible parameter specifies whether the room is wheelchair accessible.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Label</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Label parameter specifies a descriptive label for the room (for example, a number or name). If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MTREnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MTREnabled parameter identifies the room as configured with a Microsoft Teams room system. You can add Teams room systems as audio sources in Teams meetings that involve the room.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ParentId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ParentId parameter specifies the ID of a Place in the parent location hierarchy in Microsoft Places.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ParentType</span> </div> <div class="desc-html"><p>The ParentType parameter specifies the parent type of the ParentId in Microsoft Places. Valid values are: Floor, Section</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Floor"</code>, <code>"None"</code>, <code>"Section"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ff][Ll][Oo][Oo][Rr]|[Ss][Ee][Cc][Tt][Ii][Oo][Nn]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Phone</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Phone parameter specifies the room's telephone number.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostalCode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PostalCode parameter specifies the room's postal code.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The State parameter specifies the room's state or province.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Street</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Street parameter specifies the room's physical address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Tags</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Tags parameter specifies additional features of the room (for example, details like the type of view or furniture type).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VideoDeviceName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The VideoDeviceName parameter specifies the name of the video device in the room. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.policytipconfig"> <div class="definition-header"> <span class="def-name">microsoft.exchange.policytipconfig</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Policy Tips in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the custom Policy Tip you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Value</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Value parameter specifies the text that's displayed by the Policy Tip.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Policy Tip Config should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.quarantinepolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.quarantinepolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create or modify a EXOQuarantinePolicy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the QuarantinePolicy you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndUserQuarantinePermissionsValue</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The EndUserQuarantinePermissionsValue parameter specifies the end-user permissions for the quarantine policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ESNEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ESNEnabled parameter specifies whether to enable quarantine notifications (formerly known as end-user spam notifications) for the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MultiLanguageCustomDisclaimer</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The MultiLanguageCustomDisclaimer parameter specifies the custom disclaimer text to use near the bottom of quarantine notifications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MultiLanguageSenderName</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The MultiLanguageSenderName parameter specifies the email sender's display name to use in quarantine notifications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MultiLanguageSetting</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The MultiLanguageSetting parameter specifies the language of quarantine notifications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationBrandingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OrganizationBrandingEnabled parameter enables or disables organization branding in the end-user quarantine notification messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this QuarantinePolicy should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndUserSpamNotificationFrequency</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EndUserSpamNotificationFrequency parameter species how often quarantine notifications are sent to users. Valid values are: 04:00:00 (4 hours),1.00:00:00 (1 day),7.00:00:00 (7 days)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QuarantinePolicyType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The QuarantinePolicyType parameter filters the results by the specified quarantine policy type. Valid values are: QuarantinePolicy, GlobalQuarantinePolicy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndUserSpamNotificationFrequencyInDays</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomDisclaimer</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndUserSpamNotificationCustomFromAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EndUserSpamNotificationCustomFromAddress specifies the email address of an existing internal sender to use as the sender for quarantine notifications. To set this parameter back to the default email address quarantine@messaging.microsoft.com, use the value $null.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EsnCustomSubject</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EsnCustomSubject parameter specifies the text to use in the Subject field of quarantine notifications.This setting is available only in the built-in quarantine policy named DefaultGlobalTag that controls global quarantine policy settings.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.recipientpermission"> <div class="definition-header"> <span class="def-name">microsoft.exchange.recipientpermission</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource allows users to retrieve Office 365 Recipient Permissions.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The mailbox the permission should be given on.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Trustee</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The account to give the permission to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessRights</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The access rights granted to the account. Only 'SendAs' is supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the group exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.remotedomain"> <div class="definition-header"> <span class="def-name">microsoft.exchange.remotedomain</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Remote Email Domains in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specify the Identity for the RemoteDomain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DomainName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DomainName parameter specifies the SMTP domain that you want to establish as a remote domain. A valid value is an SMTP domain (for example, contoso.com). The maximum length is 256 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the RemoteDomain should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedOOFType</span> </div> <div class="desc-html"><p>The AllowedOOFType parameter specifies the type of automatic replies or out-of-office (also known as OOF) notifications than can be sent to recipients in the remote domain. Valid values are: External, ExternalLegacy, InternalLegacy or None</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"External"</code>, <code>"ExternalLegacy"</code>, <code>"InternalLegacy"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Ll][Ee][Gg][Aa][Cc][Yy]|[Ii][Nn][Tt][Ee][Rr][Nn][Aa][Ll][Ll][Ee][Gg][Aa][Cc][Yy]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoForwardEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AutoForwardEnabled parameter specifies whether to allow messages that are auto-forwarded by client email programs in your organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoReplyEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AutoReplyEnabled parameter specifies whether to allow messages that are automatic replies from client email programs in your organization (for example, automatic reply messages that are generated by rules in Outlook).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ByteEncoderTypeFor7BitCharsets</span> </div> <div class="desc-html"><p>The ByteEncoderTypeFor7BitCharsets parameter specifies the 7-bit transfer encoding method for MIME format for messages sent to this remote domain.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Undefined"</code>, <code>"Use7Bit"</code>, <code>"UseBase64"</code>, <code>"UseBase64Html7BitTextPlain"</code>, <code>"UseBase64HtmlDetectTextPlain"</code>, <code>"UseQP"</code>, <code>"UseQPHtml7BitTextPlain"</code>, <code>"UseQPHtmlDetectTextPlain"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee]7[Bb][Ii][Tt]|[Uu][Ss][Ee][Qq][Pp]|[Uu][Ss][Ee][Bb][Aa][Ss][Ee]64|[Uu][Ss][Ee][Qq][Pp][Hh][Tt][Mm][Ll][Dd][Ee][Tt][Ee][Cc][Tt][Tt][Ee][Xx][Tt][Pp][Ll][Aa][Ii][Nn]|[Uu][Ss][Ee][Bb][Aa][Ss][Ee]64[Hh][Tt][Mm][Ll][Dd][Ee][Tt][Ee][Cc][Tt][Tt][Ee][Xx][Tt][Pp][Ll][Aa][Ii][Nn]|[Uu][Ss][Ee][Qq][Pp][Hh][Tt][Mm][Ll]7[Bb][Ii][Tt][Tt][Ee][Xx][Tt][Pp][Ll][Aa][Ii][Nn]|[Uu][Ss][Ee][Bb][Aa][Ss][Ee]64[Hh][Tt][Mm][Ll]7[Bb][Ii][Tt][Tt][Ee][Xx][Tt][Pp][Ll][Aa][Ii][Nn]|[Uu][Nn][Dd][Ee][Ff][Ii][Nn][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CharacterSet</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The CharacterSet parameter specifies a character set for MIME messages without defined character sets that are sent from your organization to recipients in the remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentType</span> </div> <div class="desc-html"><p>The ContentType parameter specifies the outbound message content type and formatting.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"MimeHtml"</code>, <code>"MimeHtmlText"</code>, <code>"MimeText"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Ii][Mm][Ee][Hh][Tt][Mm][Ll][Tt][Ee][Xx][Tt]|[Mm][Ii][Mm][Ee][Tt][Ee][Xx][Tt]|[Mm][Ii][Mm][Ee][Hh][Tt][Mm][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeliveryReportEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DeliveryReportEnabled parameter specifies whether to allow delivery reports from client software in your organization to recipients in the remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplaySenderName</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DisplaySenderName parameter specifies whether to show the sender's Display Name in the From email address for messages sent to recipients in the remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsInternal</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsInternal parameter specifies whether the recipients in the remote domain are considered to be internal recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LineWrapSize</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The LineWrapSize parameter specifies the line-wrap size for messages to recipients in the remote domain. Valid values are an integer from 0 through 132 or the value to unlimited. The default value is unlimited.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MeetingForwardNotificationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The MeetingForwardNotificationEnabled parameter specifies whether to enable meeting forward notifications for recipients in the remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Name parameter specifies a unique name for the remote domain object. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NDREnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The NDREnabled parameter specifies whether to allow non-delivery reports (also known NDRs or bounce messages) from your organization to recipients in the remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NonMimeCharacterSet</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The NonMimeCharacterSet parameter specifies a character set for plain text messages without defined character sets that are sent from your organization to recipients in the remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreferredInternetCodePageForShiftJis</span> </div> <div class="desc-html"><p>The PreferredInternetCodePageForShiftJis parameter specifies the specific code page to use for Shift JIS character encoding in messages that are sent to recipients in the remote domain.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"50220"</code>, <code>"50221"</code>, <code>"50222"</code>, <code>"Undefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(50220|50221|50222|[Uu][Nn][Dd][Ee][Ff][Ii][Nn][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequiredCharsetCoverage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The RequiredCharsetCoverage parameter specifies a percentage threshold for characters in a message that must match to apply your organization's preferred character set before switching to automatic character set detection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetDeliveryDomain</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TargetDeliveryDomain parameter specifies whether the remote domain is used in cross-forest deployments to generate target email addresses for new mail users that represent users in the other organization (for example, all mailboxes hosted on Exchange Online are represented as mail users in your on-premises organization).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TNEFEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TNEFEnabled parameter specifies whether Transport Neutral Encapsulation Format (TNEF) message encoding is used on messages sent to the remote domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrustedMailInboundEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TrustedMailInboundEnabled parameter specifies whether messages from senders in the remote domain are treated as trusted messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrustedMailOutboundEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TrustedMailOutboundEnabled parameter specifies whether messages sent to recipients in the remote domain are treated as trusted messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseSimpleDisplayName</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UseSimpleDisplayName parameter specifies whether the sender's simple display name is used for the From email address in messages sent to recipients in the remote domain.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.reportsubmissionpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.reportsubmissionpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create or modify an EXOReportSubmissionPolicy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the resource is a single instance, the value must be 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableQuarantineReportingOption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DisableQuarantineReportingOption parameter allows or prevents users from reporting messages in quarantine.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableCustomNotificationSender</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableCustomNotificationSender parameter specifies whether a custom sender email address is used for result messages after an admin reviews and marks the reported messages as junk, not junk, or phishing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableOrganizationBranding</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableOrganizationBranding parameter specifies whether to show the company logo in the footer of result messages that users receive after an admin reviews and marks the reported messages as junk, not junk, or phishing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableReportToMicrosoft</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableReportToMicrosoft parameter specifies whether Microsoft integrated reporting experience is enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableThirdPartyAddress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableThirdPartyAddress parameter specifies whether you're using third-party reporting tools in Outlook instead of Microsoft tools to send messages to the reporting mailbox in Exchange Online.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableUserEmailNotification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableUserEmailNotification parameter species whether users receive result messages after an admin reviews and marks the reported messages as junk, not junk, or phishing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">JunkReviewResultMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The JunkReviewResultMessage parameter specifies the custom text to use in result messages after an admin reviews and marks the reported messages as junk.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotJunkReviewResultMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The NotJunkReviewResultMessage parameter specifies the custom text to use in result messages after an admin reviews and marks the reported messages as not junk.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationFooterMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The NotificationFooterMessage parameter specifies the custom footer text to use in email notifications after an admin reviews and marks the reported messages as junk, not junk, or phishing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationSenderAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The NotificationSenderAddress parameter specifies the sender email address to use in result messages after an admin reviews and marks the reported messages as junk, not junk, or phishing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PhishingReviewResultMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PhishingReviewResultMessage parameter specifies the custom text to use in result messages after an admin reviews and marks the reported messages as phishing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostSubmitMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PostSubmitMessage parameter specifies the custom pop-up message text to use in Outlook notifications after users report messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostSubmitMessageEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PostSubmitMessageEnabled parameter enables or disables the pop-up Outlook notifications that users see after they report messages using Microsoft reporting tools.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostSubmitMessageTitle</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PostSubmitMessage parameter parameter specifies the custom pop-up message title to use in Outlook notifications after users report messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSubmitMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PreSubmitMessage parameter specifies the custom pop-up message text to use in Outlook notifications before users report messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSubmitMessageEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PreSubmitMessageEnabled parameter enables or disables the pop-up Outlook notifications that users see before they report messages using Microsoft reporting tools.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSubmitMessageTitle</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PreSubmitMessage parameter parameter specifies the custom pop-up message title to use in Outlook notifications before users report messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportJunkAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ReportJunkAddresses parameter specifies the email address of the reporting mailbox in Exchange Online to receive user reported messages in reporting in Outlook using Microsoft or third-party reporting tools in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportJunkToCustomizedAddress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ReportJunkToCustomizedAddress parameter specifies whether to send user reported messages from Outlook (using Microsoft or third-party reporting tools) to the reporting mailbox as part of reporting in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportNotJunkAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ReportNotJunkAddresses parameter specifies the email address of the reporting mailbox in Exchange Online to receive user reported messages in reporting in Outlook using Microsoft or third-party reporting tools in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportNotJunkToCustomizedAddress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ReportNotJunkToCustomizedAddress parameter specifies whether to send user reported messages from Outlook (using Microsoft or third-party reporting tools) to the reporting mailbox as part of reporting in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportPhishAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ReportPhishAddresses parameter specifies the email address of the reporting mailbox in Exchange Online to receive user reported messages in reporting in Outlook using Microsoft or third-party reporting tools in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportPhishToCustomizedAddress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ReportPhishToCustomizedAddress parameter specifies whether to send user reported messages from Outlook (using Microsoft or third-party reporting tools) to the reporting mailbox as part of reporting in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ThirdPartyReportAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Use the ThirdPartyReportAddresses parameter to specify the email address of the reporting mailbox when you're using a third-party product for user submissions instead of reporting in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this report submission policy should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.reportsubmissionrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.reportsubmissionrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Create or modify an EXOReportSubmissionRule in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the resource is a single instance, the value must be 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Identity parameter specifies the report submission rule that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comments</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentTo parameter specifies the email address of the reporting mailbox in Exchange Online where user reported messages are sent.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this report submission rule should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.resourceconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.exchange.resourceconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Modify the resource Configuration policy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ResourcePropertySchema</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ResourcePropertySchema parameter specifies the custom resource property that you want to make available to room or equipment mailboxes. This parameter uses the syntax Room/<Text> or Equipment/<Text> where the <Text> value doesn't contain spaces. For example, Room/Whiteboard or Equipment/Van.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specifies if this Outbound connector should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.roleassignmentpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.roleassignmentpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Role Assignment Policies in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the new name of the assignment policy. The maximum length is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Description parameter specifies the description that's displayed when the role assignment policy is viewed using the Get-RoleAssignmentPolicy cmdlet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsDefault switch makes the assignment policy the default assignment policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Roles</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Roles parameter specifies the management roles to assign to the role assignment policy when it's created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Role Assignment Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.rolegroup"> <div class="definition-header"> <span class="def-name">microsoft.exchange.rolegroup</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Role Groups in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the name of the role. The maximum length of the name is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Description parameter specifies the description that's displayed when the role group is viewed using the Get-RoleGroup cmdlet. Enclose the description in quotation marks</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Members</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Members parameter specifies the mailboxes or mail-enabled USGs to add as a member of the role group. You can identify the user or group by the name, DN, or primary SMTP address value. You can specify multiple members separated by commas (Value1,Value2,...ValueN). If the value contains spaces, enclose the value in quotation marks</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Roles</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Roles parameter specifies the management roles to assign to the role group when it's created. If a role name contains spaces, enclose the name in quotation marks. If you want to assign more that one role, separate the role names with commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Role Group should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.safeattachmentpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.safeattachmentpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of the Safe Attachments policies in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the name of the SafeAttachmentpolicy that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Action</span> </div> <div class="desc-html"><p>The Action parameter specifies the action for the Safe Attachments policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Allow"</code>, <code>"Block"</code>, <code>"DynamicDelivery"</code>, <code>"Replace"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk]|[Rr][Ee][Pp][Ll][Aa][Cc][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Dd][Yy][Nn][Aa][Mm][Ii][Cc][Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActionOnError</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ActionOnError parameter specifies the error handling option for Safe Attachments scanning (what to do if scanning times out or an error occurs). Valid values are: $true: The action specified by the Action parameter is applied to messages even when the attachments aren't successfully scanned. $false: The action specified by the Action parameter isn't applied to messages when the attachments aren't successfully scanned. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdminDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AdminDisplayName parameter specifies a description for the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enable</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify if this policy should be enabled. Default is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QuarantineTag</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The QuarantineTag specifies the quarantine policy that's used on messages that are quarantined as malware by Safe Attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Redirect</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Redirect parameter specifies whether to send detected malware attachments to another email address. Valid values are: $true: Malware attachments are sent to the email address specified by the RedirectAddress parameter. $false: Malware attachments aren't sent to another email address. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RedirectAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RedirectAddress parameter specifies the email address where detected malware attachments are sent when the Redirect parameter is set to the value $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.safeattachmentrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.safeattachmentrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Safe Attachment Rule in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the name of the SafeAttachment rule that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafeAttachmentPolicy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The SafeAttachmentPolicy parameter specifies the name of the SafeAttachment policy that's associated with the SafeAttachment rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify if this rule should be enabled. Default is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comments</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.safelinkspolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.safelinkspolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of the SafeLinks policies in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the SafeLinks policy that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdminDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AdminDisplayName parameter specifies a description for the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowClickThrough</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowClickThrough parameter specifies whether to allow users to click through to the original URL on warning pages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomNotificationText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The custom notification text specifies the customized notification text to show to users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeliverMessageAfterScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DeliverMessageAfterScan parameter specifies whether to deliver email messages only after Safe Links scanning is complete. Valid values are: $true: Wait until Safe Links scanning is complete before delivering the message. $false: If Safe Links scanning can't complete, deliver the message anyway. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DoNotRewriteUrls</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The DoNotRewriteUrls parameter specifies a URL that's skipped by Safe Links scanning. You can specify multiple values separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableForInternalSenders</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableForInternalSenders parameter specifies whether the Safe Links policy is applied to messages sent between internal senders and internal recipients within the same Exchange Online organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableOrganizationBranding</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableOrganizationBranding parameter specifies whether your organization's logo is displayed on Safe Links warning and notification pages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableSafeLinksForOffice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableSafeLinksForOffice parameter specifies whether to enable Safe Links protection for supported Office desktop, mobile, or web apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableSafeLinksForTeams</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableSafeLinksForTeams parameter specifies whether Safe Links is enabled for Microsoft Teams. Valid values are: $true: Safe Links is enabled for Teams. If a protected user clicks a malicious link in a Teams conversation, group chat, or from channels, a warning page will appear in the default web browser. $false: Safe Links isn't enabled for Teams. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableSafeLinksForEmail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableSafeLinksForEmail parameter specifies whether to enable Safe Links protection for email messages. Valid values are: $true: Safe Links is enabled for email. When a user clicks a link in an email, the link is checked by Safe Links. If the link is found to be malicious, a warning page appears in the default web browser. $false: Safe Links isn't enabled for email. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableUrlRewrite</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DisableUrlRewrite parameter specifies whether to rewrite (wrap) URLs in email messages. Valid values are: $true: URLs in messages are not rewritten, but messages are still scanned by Safe Links prior to delivery. Time of click checks on links are done using the Safe Links API in supported Outlook clients (currently, Outlook for Windows and Outlook for Mac). Typically, we don't recommend using this value. $false: URLs in messages are rewritten. API checks still occur on unwrapped URLs in supported clients if the user is in a valid Safe Links policy. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScanUrls</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ScanUrls parameter specifies whether to enable or disable the scanning of links in email messages. Valid values are: $true: Scanning links in email messages is enabled. $false: Scanning links in email messages is disabled. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrackClicks</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The TrackClicks parameter specifies whether to track user clicks related to Safe Links protection of links.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseTranslatedNotificationText</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UseTranslatedNotificationText specifies whether to use Microsoft Translator to automatically localize the custom notification text that you specified with the CustomNotificationText parameter.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.safelinksrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.safelinksrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an SafeLinks Rule in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter specifies the name of the SafeLink rule that you want to modify.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafeLinksPolicy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The SafeLinksPolicy parameter specifies the name of the SafeLink policy that's associated with the SafeLinksing rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify if this rule should be enabled. Default is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comments</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentToMemberOf parameter looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.sharedmailbox"> <div class="definition-header"> <span class="def-name">microsoft.exchange.sharedmailbox</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource allows users to create Office 365 Shared Mailboxes.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the Shared Mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier of the Shared Mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrimarySMTPAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The primary email address of the Shared Mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Alias</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The alias of the Shared Mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmailAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EmailAddresses parameter specifies all the email addresses (proxy addresses) for the Shared Mailbox</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the group exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.sharingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.exchange.sharingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Sharing Policies in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the sharing policy. The maximum length is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Default</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Default switch specifies that the sharing policy is the default sharing policy for all mailboxes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether to enable the sharing policy. Valid values for this parameter are $true or $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Domains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Domains parameter specifies domains to which this policy applies and the sharing policy action.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Sharing Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.sweeprule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.sweeprule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Use this resource to create Sweep rules in mailboxes. Sweep rules run at regular intervals to help keep your Inbox clean.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the name of the Sweep rule. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Provider</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Provider parameter specifies the provider for the Sweep rule. If the value contains spaces, enclose the value in quotation marks. For Sweep rules that you create in Outlook on the web, the default value is Exchange16.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DestinationFolder</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DestinationFolder parameter specifies an action for the Sweep rule that moves messages to the specified folder.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether the Sweep rule is enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeepForDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The KeepForDays parameter specifies an action for the Sweep rule that specifies the number of days to keep messages that match the conditions of the rule. After the number of days have passed, the messages are moved to the location that's specified by the DestinationFolder parameter (by default, the Deleted Items folder). You can't use this parameter with the KeepLatest parameter and the Sweep rule must contain a KeepForDays or KeepLatest parameter value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeepLatest</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The KeepLatest parameter specifies an action for the Sweep rule that specifies the number of messages to keep that match the conditions of the rule. After the number of messages is exceeded, the oldest messages are moved to the location that's specified by the DestinationFolder parameter (by default, the Deleted Items folder). You can't use this parameter with the KeepForDays parameter and the Sweep rule must contain a KeepForDays or KeepLatest parameter value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Mailbox</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Mailbox parameter specifies the mailbox where you want to create the Sweep rule. You can use any value that uniquely identifies the mailbox.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SenderName parameter specifies a condition for the Sweep rule that looks for the specified sender in messages. For internal senders, you can use any value that uniquely identifies the sender.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SourceFolder</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SourceFolder parameter specifies a condition for the Sweep rule that looks for messages in the specified folder.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemCategory</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SystemCategory parameter specifies a condition for the sweep rule that looks for messages with the specified system category. System categories are available to all mailboxes in the organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.transportconfig"> <div class="definition-header"> <span class="def-name">microsoft.exchange.transportconfig</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Exchange Online transport settings.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the resource is a single instance, the value must be 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddressBookPolicyRoutingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AddressBookPolicyRoutingEnabled parameter controls how recipients are resolved in an organization that uses address book policies to create separate virtual organizations within the same Exchange organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowLegacyTLSClients</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow legacy TLS clients</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClearCategories</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ClearCategories parameter keeps or removes Microsoft Outlook message categories during content conversion.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConvertDisclaimerWrapperToEml</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConvertDisclaimerWrapperToEml parameter specifies whether the original message will be added as a TNEF attachment or a regular EML attachment to a disclaimer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DSNConversionMode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DSNConversionMode parameter controls how Exchange handles delivery status notifications that are generated by earlier versions of Exchange or other messaging systems.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalDelayDsnEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExternalDelayDsnEnabled parameter specifies whether a delay delivery status notification (DSN) message should be created for external messages that couldn't be immediately delivered.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalDsnDefaultLanguage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExternalDsnDefaultLanguage parameter specifies which Exchange server language should be used by default when you create external DSN messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalDsnLanguageDetectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExternalDsnLanguageDetectionEnabled parameter specifies whether the server should try to send an external DSN message in the same language as the original message that generated the notification.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalDsnReportingAuthority</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExternalDsnReportingAuthority parameter specifies the domain in the machine-readable part of external DSN messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalDsnSendHtml</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExternalDsnSendHtml parameter specifies whether external DSN messages should be HTML or plain text.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalPostmasterAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExternalPostmasterAddress parameter specifies the email address in the From header field of an external DSN message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HeaderPromotionModeSetting</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The HeaderPromotionModeSetting parameter specifies whether named properties are created for custom X-headers on messages received.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalDelayDsnEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The InternalDelayDsnEnabled parameter specifies whether a delay DSN message should be created for messages sent to or from recipients or senders in the same Exchange organization that couldn't be immediately delivered.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalDsnDefaultLanguage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The InternalDsnDefaultLanguage parameter specifies which Exchange server language should be used by default when you create internal DSN messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalDsnLanguageDetectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The InternalDsnLanguageDetectionEnabled parameter specifies whether the server should try to send an internal DSN message in the same language as the original message that generated the notification.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalDsnReportingAuthority</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The InternalDsnReportingAuthority parameter specifies the domain in the machine-readable part of internal DSN messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalDsnSendHtml</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The InternalDsnSendHtml parameter specifies whether internal DSN messages should be HTML or plain text.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">JournalMessageExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The JournalMessageExpirationDays parameter extends the number of days that undeliverable journal reports are queued before they expire.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">JournalingReportNdrTo</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The JournalingReportNdrTo parameter specifies the email address to which journal reports are sent if the journaling mailbox is unavailable.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxRecipientEnvelopeLimit</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MaxRecipientEnvelopeLimit parameter specifies the maximum number of recipients in a message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReplyAllStormBlockDurationHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Reply all storm block duration hours.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReplyAllStormDetectionMinimumRecipients</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Reply all storm detection minimum recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReplyAllStormDetectionMinimumReplies</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Reply all storm detection minimum replies.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReplyAllStormProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Reply all storm protection enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Rfc2231EncodingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Rfc2231EncodingEnabled parameter specifies whether the RFC 2231 encoding of MIME parameters for outbound messages is enabled in your organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmtpClientAuthenticationDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SmtpClientAuthenticationDisabled parameter specifies whether to disable authenticated SMTP (SMTP AUTH) for the whole organization.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.exchange.transportrule"> <div class="definition-header"> <span class="def-name">microsoft.exchange.transportrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Transport Rules in Exchange Online.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the display name of the transport rule to be created. The maximum length is 64 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ADComparisonAttribute</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ADComparisonOperator</span> </div> <div class="desc-html"><p>This parameter specifies a condition or part of a condition for the rule. The name of the corresponding exception parameter starts with ExceptIf.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Equal"</code>, <code>"NotEqual"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Qq][Uu][Aa][Ll]|[Nn][Oo][Tt][Ee][Qq][Uu][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivationDate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ActivationDate parameter specifies when the rule starts processing messages. The rule won't take any action on messages until the specified date/time.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddManagerAsRecipientType</span> </div> <div class="desc-html"><p>The AddManagerAsRecipientType parameter specifies an action that delivers or redirects messages to the user that's defined in the sender's Manager attribute.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Bcc"</code>, <code>"Cc"</code>, <code>"Redirect"</code>, <code>"To"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Tt][Oo]|[Cc][Cc]|[Bb][Cc][Cc]|[Rr][Ee][Dd][Ii][Rr][Ee][Cc][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddToRecipients</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddToRecipients parameter specifies an action that adds recipients to the To field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfCcHeader</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfCcHeader parameter specifies a condition that looks for recipients in the Cc field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfCcHeaderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfCcHeaderMemberOf parameter specifies a condition that looks for group members in the Cc field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfRecipientAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfRecipientAddressContainsWords parameter specifies a condition that looks for words in recipient email addresses.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfRecipientAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfToCcHeader</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfToCcHeader parameter specifies a condition that looks for recipients in the To or Cc fields of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfToCcHeaderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfToCcHeaderMemberOf parameter specifies a condition that looks for group members in the To and Cc fields of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfToHeader</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfToHeader parameter specifies a condition that looks for recipients in the To field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfToHeaderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfToHeaderMemberOf parameter specifies a condition that looks for group members in the To field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyClassification</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyClassification parameter specifies an action that applies a message classification to messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyHtmlDisclaimerFallbackAction</span> </div> <div class="desc-html"><p>The ApplyHtmlDisclaimerFallbackAction parameter specifies what to do if the HTML disclaimer can't be added to a message.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Ignore"</code>, <code>"Reject"</code>, <code>"Wrap"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ww][Rr][Aa][Pp]|[Ii][Gg][Nn][Oo][Rr][Ee]|[Rr][Ee][Jj][Ee][Cc][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyHtmlDisclaimerLocation</span> </div> <div class="desc-html"><p>The ApplyHtmlDisclaimerLocation parameter specifies where to insert the HTML disclaimer text in the body of messages.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Append"</code>, <code>"Prepend"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Pp][Pp][Ee][Nn][Dd]|[Pp][Rr][Ee][Pp][Ee][Nn][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyHtmlDisclaimerText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyHtmlDisclaimerText parameter specifies an action that adds the disclaimer text to messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyOME</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ApplyOME parameter specifies an action that encrypts messages and their attachments by using Office 365 Message Encryption.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyRightsProtectionCustomizationTemplate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyRightsProtectionCustomizationTemplate parameter specifies an action that applies a custom branding template for OME encrypted messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyRightsProtectionTemplate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyRightsProtectionTemplate parameter specifies an action that applies rights management service (RMS) templates to messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AttachmentContainsWords parameter specifies a condition that looks for words in message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentExtensionMatchesWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AttachmentExtensionMatchesWords parameter specifies a condition that looks for words in the file name extensions of message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentHasExecutableContent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AttachmentHasExecutableContent parameter specifies a condition that looks for executable content in message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentIsPasswordProtected</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AttachmentIsPasswordProtected parameter specifies a condition that looks for password protected files in messages (because the contents of the file can't be inspected).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentIsUnsupported</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AttachmentIsUnsupported parameter specifies a condition that looks for unsupported file types in messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AttachmentMatchesPatterns parameter specifies a condition that looks for text patterns in the content of message attachments by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentNameMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AttachmentNameMatchesPatterns parameter specifies a condition that looks for text patterns in the file name of message attachments by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentProcessingLimitExceeded</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AttachmentProcessingLimitExceeded parameter specifies a condition that looks for messages where attachment scanning didn't complete.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentPropertyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AttachmentPropertyContainsWords parameter specifies a condition that looks for words in the properties of attached Office documents.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttachmentSizeOver</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AttachmentSizeOver parameter specifies a condition that looks for messages where any attachment is greater than the specified size.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BetweenMemberOf1</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The BetweenMemberOf1 parameter specifies a condition that looks for messages that are sent between group members.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BetweenMemberOf2</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The BetweenMemberOf2 parameter specifies a condition that looks for messages that are sent between group members.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlindCopyTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The BlindCopyTo parameter specifies an action that adds recipients to the Bcc field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comments</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comments parameter specifies optional descriptive text for the rule. The length of the comment can't exceed 1024 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentCharacterSetContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ContentCharacterSetContainsWords parameter specifies a condition that looks for character set names in messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CopyTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The CopyTo parameter specifies an action that adds recipients to the Cc field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeleteMessage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DeleteMessage parameter specifies an action that silently drops messages without an NDR.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DlpPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DlpPolicy parameter specifies the data loss prevention (DLP) policy that's associated with the rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether the new rule is created as enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfADComparisonAttribute</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfADComparisonAttribute parameter specifies an exception that compares an Active Directory attribute between the sender and all recipients of the message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfADComparisonOperator</span> </div> <div class="desc-html"><p>The ExceptIfADComparisonOperator parameter specifies the comparison operator for the ExceptIfADComparisonAttribute parameter.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Equal"</code>, <code>"NotEqual"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Qq][Uu][Aa][Ll]|[Nn][Oo][Tt][Ee][Qq][Uu][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfCcHeader</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfCcHeader parameter specifies an exception that looks for recipients in the Cc field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfCcHeaderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfCcHeaderMemberOf parameter specifies an exception that looks for group members in the Cc field of messages. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfRecipientAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfRecipientAddressContainsWords parameter specifies an exception that looks for words in recipient email addresses.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfRecipientAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfRecipientAddressMatchesPatterns parameter specifies an exception that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfToCcHeader</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfToCcHeader parameter specifies an exception that looks for recipients in the To or Cc fields of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfToCcHeaderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfToCcHeaderMemberOf parameter specifies an exception that looks for group members in the To and Cc fields of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfToHeader</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfToHeader parameter specifies an exception that looks for recipients in the To field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfToHeaderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfToHeaderMemberOf parameter specifies an exception that looks for group members in the To field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentContainsWords parameter specifies an exception that looks for words in message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentExtensionMatchesWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentExtensionMatchesWords parameter specifies an exception that looks for words in the file name extensions of message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentHasExecutableContent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentHasExecutableContent parameter specifies an exception that looks for executable content in message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentIsPasswordProtected</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentIsPasswordProtected parameter specifies an exception that looks for password protected files in messages (because the contents of the file can't be inspected).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentIsUnsupported</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentIsUnsupported parameter specifies an exception that looks for unsupported file types in messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentMatchesPatterns parameter specifies an exception that looks for text patterns in the content of message attachments by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentNameMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentNameMatchesPatterns parameter specifies an exception that looks for text patterns in the file name of message attachments by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentPropertyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentPropertyContainsWords parameter specifies an exception that looks for words in the properties of attached Office documents.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentProcessingLimitExceeded</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentProcessingLimitExceeded parameter specifies an exception that looks for messages where attachment scanning didn't complete.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAttachmentSizeOver</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfAttachmentSizeOver parameter specifies an exception that looks for messages where any attachment is greater than the specified size.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfBetweenMemberOf1</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfBetweenMemberOf1 parameter specifies an exception that looks for messages that are sent between group members.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfBetweenMemberOf2</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfBetweenMemberOf2 parameter specifies an exception that looks for messages that are sent between group members.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfContentCharacterSetContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfContentCharacterSetContainsWords parameter specifies an exception that looks for character set names in messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFrom</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFrom parameter specifies an exception that looks for messages from specific senders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromAddressContainsWords parameter specifies an exception that looks for words in the sender's email address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromAddressMatchesPatterns parameter specifies an exception that looks for text patterns in the sender's email address by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromMemberOf parameter specifies an exception that looks for messages sent by group members.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromScope</span> </div> <div class="desc-html"><p>The ExceptIfFromScope parameter specifies an exception that looks for the location of message senders.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"InOrganization"</code>, <code>"NotInOrganization"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Tt][Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHasClassification</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfHasClassification parameter specifies an exception that looks for messages with the specified message classification.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHasNoClassification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfHasNoClassification parameter specifies an exception that looks for messages with or without any message classifications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHasSenderOverride</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DEPRECATED</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHeaderContainsMessageHeader</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfHeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the ExceptIfHeaderContainsWords parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHeaderContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfHeaderContainsWords parameter specifies an exception that looks for words in a header field.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHeaderMatchesMessageHeader</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfHeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the ExceptIfHeaderMatchesPatterns parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHeaderMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfHeaderMatchesPatterns parameter specifies an exception that looks for text patterns in a header field by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfManagerAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfManagerForEvaluatedUser</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfManagerForEvaluatedUser parameter specifies an exception that looks for users in the Manager attribute of senders or recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfMessageTypeMatches</span> </div> <div class="desc-html"><p>The ExceptIfMessageTypeMatches parameter specifies an exception that looks for messages of the specified type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ApprovalRequest"</code>, <code>"AutoForward"</code>, <code>"Calendaring"</code>, <code>"Encrypted"</code>, <code>"OOF"</code>, <code>"PermissionControlled"</code>, <code>"ReadReceipt"</code>, <code>"Signed"</code>, <code>"Voicemail"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Oo][Ff]|[Aa][Uu][Tt][Oo][Ff][Oo][Rr][Ww][Aa][Rr][Dd]|[Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ee][Dd]|[Cc][Aa][Ll][Ee][Nn][Dd][Aa][Rr][Ii][Nn][Gg]|[Pp][Ee][Rr][Mm][Ii][Ss][Ss][Ii][Oo][Nn][Cc][Oo][Nn][Tt][Rr][Oo][Ll][Ll][Ee][Dd]|[Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll]|[Ss][Ii][Gg][Nn][Ee][Dd]|[Aa][Pp][Pp][Rr][Oo][Vv][Aa][Ll][Rr][Ee][Qq][Uu][Ee][Ss][Tt]|[Rr][Ee][Aa][Dd][Rr][Ee][Cc][Ee][Ii][Pp][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfMessageContainsDataClassifications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>DEPRECATED</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfMessageSizeOver</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfMessageSizeOver parameter specifies an exception that looks for messages larger than the specified size.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientADAttributeContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientADAttributeContainsWords parameter specifies an exception that looks for words in the Active Directory attributes of recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientADAttributeMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientADAttributeMatchesPatterns parameter specifies an exception that looks for text patterns in the Active Directory attributes of recipients by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientAddressContainsWords parameter specifies an exception that looks for words in recipient email addresses.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientAddressMatchesPatterns parameter specifies an exception that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientInSenderList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSCLOver</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfSCLOver parameter specifies an exception that looks for the SCL value of messages</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderADAttributeContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderADAttributeContainsWords parameter specifies an exception that looks for words in Active Directory attributes of message senders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderADAttributeMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderADAttributeMatchesPatterns parameter specifies an exception that looks for text patterns in Active Directory attributes of message senders by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderDomainIs parameter specifies an exception that looks for senders with email address in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderInRecipientList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderIpRanges</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderIpRanges parameter specifies an exception that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderManagementRelationship</span> </div> <div class="desc-html"><p>The ExceptIfSenderManagementRelationship parameter specifies an exception that looks for the relationship between the sender and recipients in messages.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"DirectReport"</code>, <code>"Manager"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Aa][Nn][Aa][Gg][Ee][Rr]|[Dd][Ii][Rr][Ee][Cc][Tt][Rr][Ee][Pp][Oo][Rr][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentToScope</span> </div> <div class="desc-html"><p>The ExceptIfSentToScope parameter specifies an exception that looks for the location of a recipient.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ExternalNonPartner"</code>, <code>"ExternalPartner"</code>, <code>"InOrganization"</code>, <code>"NotInOrganization"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Tt][Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Pp][Aa][Rr][Tt][Nn][Ee][Rr]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Nn][Oo][Nn][Pp][Aa][Rr][Tt][Nn][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectContainsWords parameter specifies an exception that looks for words in the Subject field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectMatchesPatterns parameter specifies an exception that looks for text patterns in the Subject field of messages by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectOrBodyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectOrBodyContainsWords parameter specifies an exception that looks for words in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectOrBodyMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectOrBodyMatchesPatterns parameter specifies an exception that looks for text patterns in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfWithImportance</span> </div> <div class="desc-html"><p>The ExceptIfWithImportance parameter specifies an exception that looks for messages with the specified importance level.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Low"</code>, <code>"Normal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ll][Oo][Ww]|[Nn][Oo][Rr][Mm][Aa][Ll]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExpiryDate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExpiryDate parameter specifies when this rule will stop processing messages. The rule won't take any action on messages after the specified date/time.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">From</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The From parameter specifies a condition that looks for messages from specific senders. You can use any value that uniquely identifies the sender.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FromAddressContainsWords parameter specifies a condition that looks for words in the sender's email address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FromAddressMatchesPatterns parameter specifies a condition that looks for text patterns in the sender's email address by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FromMemberOf parameter specifies a condition that looks for messages sent by group members.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromScope</span> </div> <div class="desc-html"><p>The FromScope parameter specifies a condition that looks for the location of message senders.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"InOrganization"</code>, <code>"NotInOrganization"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Tt][Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GenerateIncidentReport</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The GenerateIncidentReport parameter specifies where to send the incident report that's defined by the IncidentReportContent parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GenerateNotification</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The GenerateNotification parameter specifies an action that sends a notification message to recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HasClassification</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The HasClassification parameter specifies a condition that looks for messages with the specified message classification.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HasNoClassification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The HasNoClassification parameter specifies a condition that looks for messages with or without any message classifications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HasSenderOverride</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DEPRECATED</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HeaderContainsMessageHeader</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The HeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the HeaderContainsWords parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HeaderContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The HeaderContainsWords parameter specifies a condition that looks for words in a header field.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HeaderMatchesMessageHeader</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The HeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the HeaderMatchesPatterns parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HeaderMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The HeaderMatchesPatterns parameter specifies a condition that looks for text patterns in a header field by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncidentReportContent</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The IncidentReportContent parameter specifies the message properties that are included in the incident report that's generated when a message violates a DLP policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagerAddresses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagerForEvaluatedUser</span> </div> <div class="desc-html"><p>The ManagerForEvaluatedUser parameter specifies a condition that looks for users in the Manager attribute of senders or recipients.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Recipient"</code>, <code>"Sender"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Rr][Ee][Cc][Ii][Pp][Ii][Ee][Nn][Tt]|[Ss][Ee][Nn][Dd][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageContainsDataClassifications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>DEPRECATED</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageSizeOver</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MessageSizeOver parameter specifies a condition that looks for messages larger than the specified size. The size includes the message and all attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageTypeMatches</span> </div> <div class="desc-html"><p>The MessageTypeMatches parameter specifies a condition that looks for messages of the specified type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ApprovalRequest"</code>, <code>"AutoForward"</code>, <code>"Calendaring"</code>, <code>"Encrypted"</code>, <code>"OOF"</code>, <code>"PermissionControlled"</code>, <code>"ReadReceipt"</code>, <code>"Signed"</code>, <code>"Voicemail"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Oo][Ff]|[Aa][Uu][Tt][Oo][Ff][Oo][Rr][Ww][Aa][Rr][Dd]|[Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ee][Dd]|[Cc][Aa][Ll][Ee][Nn][Dd][Aa][Rr][Ii][Nn][Gg]|[Pp][Ee][Rr][Mm][Ii][Ss][Ss][Ii][Oo][Nn][Cc][Oo][Nn][Tt][Rr][Oo][Ll][Ll][Ee][Dd]|[Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll]|[Ss][Ii][Gg][Nn][Ee][Dd]|[Aa][Pp][Pp][Rr][Oo][Vv][Aa][Ll][Rr][Ee][Qq][Uu][Ee][Ss][Tt]|[Rr][Ee][Aa][Dd][Rr][Ee][Cc][Ee][Ii][Pp][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Mode</span> </div> <div class="desc-html"><p>The Mode parameter specifies how the rule operates.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Audit"</code>, <code>"AuditAndNotify"</code>, <code>"Enforce"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Uu][Dd][Ii][Tt]|[Aa][Uu][Dd][Ii][Tt][Aa][Nn][Dd][Nn][Oo][Tt][Ii][Ff][Yy]|[Ee][Nn][Ff][Oo][Rr][Cc][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModerateMessageByManager</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ModerateMessageByManager parameter specifies an action that forwards messages for approval to the user that's specified in the sender's Manager attribute.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModerateMessageByUser</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ModerateMessageByUser parameter specifies an action that forwards messages for approval to the specified users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifySender</span> </div> <div class="desc-html"><p>DEPRECATED</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"NotifyOnly"</code>, <code>"RejectMessage"</code>, <code>"RejectUnlessExplicitOverride"</code>, <code>"RejectUnlessFalsePositiveOverride"</code>, <code>"RejectUnlessSilentOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Ii][Ff][Yy][Oo][Nn][Ll][Yy]|[Rr][Ee][Jj][Ee][Cc][Tt][Mm][Ee][Ss][Ss][Aa][Gg][Ee]|[Rr][Ee][Jj][Ee][Cc][Tt][Uu][Nn][Ll][Ee][Ss][Ss][Ff][Aa][Ll][Ss][Ee][Pp][Oo][Ss][Ii][Tt][Ii][Vv][Ee][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Rr][Ee][Jj][Ee][Cc][Tt][Uu][Nn][Ll][Ee][Ss][Ss][Ss][Ii][Ll][Ee][Nn][Tt][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Rr][Ee][Jj][Ee][Cc][Tt][Uu][Nn][Ll][Ee][Ss][Ss][Ee][Xx][Pp][Ll][Ii][Cc][Ii][Tt][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrependSubject</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PrependSubject parameter specifies an action that adds text to add to the beginning of the Subject field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Priority parameter specifies a priority value for the rule that determines the order of rule processing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Quarantine</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Quarantine parameter specifies an action that quarantines messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientADAttributeContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientADAttributeContainsWords parameter specifies a condition that looks for words in the Active Directory attributes of recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientADAttributeMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientADAttributeMatchesPatterns parameter specifies a condition that looks for text patterns in the Active Directory attributes of recipients by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientAddressContainsWords parameter specifies a condition that looks for words in recipient email addresses.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientAddressMatchesPatterns parameter specifies a condition that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientAddressType</span> </div> <div class="desc-html"><p>The RecipientAddressType parameter specifies how conditions and exceptions check recipient email addresses.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Original"</code>, <code>"Resolved"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Rr][Ii][Gg][Ii][Nn][Aa][Ll]|[Rr][Ee][Ss][Oo][Ll][Vv][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientInSenderList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RedirectMessageTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RedirectMessageTo parameter specifies a rule action that redirects messages to the specified recipients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RejectMessageEnhancedStatusCode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RejectMessageEnhancedStatusCode parameter specifies the enhanced status code that's used when the rule rejects messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RejectMessageReasonText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RejectMessageReasonText parameter specifies the explanation text that's used when the rule rejects messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveHeader</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RemoveHeader parameter specifies an action that removes a header field from the message header.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveOME</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RemoveOME parameter specifies an action that removes the previous version of Office 365 Message Encryption from messages and their attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveOMEv2</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RemoveOMEv2 parameter specifies an action that removes Office 365 Message Encryption from messages and their attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveRMSAttachmentEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This parameter specifies an action or part of an action for the rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RouteMessageOutboundConnector</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RouteMessageOutboundConnector parameter specifies an action that routes messages through the specified Outbound connector in Office 365.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RouteMessageOutboundRequireTls</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RouteMessageOutboundRequireTls parameter specifies an action that uses Transport Layer Security (TLS) encryption to deliver messages outside your organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RuleErrorAction</span> </div> <div class="desc-html"><p>The RuleErrorAction parameter specifies what to do if rule processing can't be completed on messages.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Defer"</code>, <code>"Ignore"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Gg][Nn][Oo][Rr][Ee]|[Dd][Ee][Ff][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RuleSubType</span> </div> <div class="desc-html"><p>The RuleSubType parameter specifies the rule type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Dlp"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ll][Pp]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SCLOver</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SCLOver parameter specifies a condition that looks for the SCL value of messages</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderADAttributeContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderADAttributeContainsWords parameter specifies a condition that looks for words in Active Directory attributes of message senders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderADAttributeMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderADAttributeMatchesPatterns parameter specifies a condition that looks for text patterns in Active Directory attributes of message senders by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderAddressLocation</span> </div> <div class="desc-html"><p>The SenderAddressLocation parameter specifies where to look for sender addresses in conditions and exceptions that examine sender email addresses.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Envelope"</code>, <code>"Header"</code>, <code>"HeaderOrEnvelope"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Hh][Ee][Aa][Dd][Ee][Rr]|[Ee][Nn][Vv][Ee][Ll][Oo][Pp][Ee]|[Hh][Ee][Aa][Dd][Ee][Rr][Oo][Rr][Ee][Nn][Vv][Ee][Ll][Oo][Pp][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderDomainIs parameter specifies a condition that looks for senders with email address in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderInRecipientList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderIpRanges</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderIpRanges parameter specifies a condition that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderManagementRelationship</span> </div> <div class="desc-html"><p>The SenderManagementRelationship parameter specifies a condition that looks for the relationship between the sender and recipients in messages.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"DirectReport"</code>, <code>"Manager"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Aa][Nn][Aa][Gg][Ee][Rr]|[Dd][Ii][Rr][Ee][Cc][Tt][Rr][Ee][Pp][Oo][Rr][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentTo parameter specifies a condition that looks for recipients in messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentToMemberOf parameter specifies a condition that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToScope</span> </div> <div class="desc-html"><p>The SentToScope parameter specifies a condition that looks for the location of recipients.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ExternalNonPartner"</code>, <code>"ExternalPartner"</code>, <code>"InOrganization"</code>, <code>"NotInOrganization"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Tt][Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Pp][Aa][Rr][Tt][Nn][Ee][Rr]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Nn][Oo][Nn][Pp][Aa][Rr][Tt][Nn][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetAuditSeverity</span> </div> <div class="desc-html"><p>The SetAuditSeverity parameter specifies an action that sets the severity level of the incident report and the corresponding entry that's written to the message tracking log when messages violate DLP policies.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"DoNotAudit"</code>, <code>"High"</code>, <code>"Low"</code>, <code>"Medium"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Oo][Nn][Oo][Tt][Aa][Uu][Dd][Ii][Tt]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetHeaderName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SetHeaderName parameter specifies an action that adds or modifies a header field in the message header.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetHeaderValue</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SetHeaderValue parameter specifies an action that adds or modifies a header field in the message header.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetSCL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SetSCL parameter specifies an action that adds or modifies the SCL value of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StopRuleProcessing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The StopRuleProcessing parameter specifies an action that stops processing more rules.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectContainsWords parameter specifies a condition that looks for words in the Subject field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectMatchesPatterns parameter specifies a condition that looks for text patterns in the Subject field of messages by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectOrBodyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectOrBodyContainsWords parameter specifies a condition that looks for words in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectOrBodyMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectOrBodyMatchesPatterns parameter specifies a condition that looks for text patterns in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WithImportance</span> </div> <div class="desc-html"><p>The WithImportance parameter specifies a condition that looks for messages with the specified importance level.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Low"</code>, <code>"Normal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ll][Oo][Ww]|[Nn][Oo][Rr][Mm][Aa][Ll]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Transport Rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.administrativeunit"> <div class="definition-header"> <span class="def-name">microsoft.entra.administrativeunit</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure AD Administrative Unit.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>DisplayName of the Administrative Unit</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Object-Id of the Administrative Unit</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Administrative Unit</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Visibility</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Visibility of the Administrative Unit. Specify HiddenMembership if members of the AU are hidden</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MembershipType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify membership type. Possible values are Assigned and Dynamic. Note that the functionality is currently in preview.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MembershipRule</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify membership rule. Requires that MembershipType is set to Dynamic. Note that the functionality is currently in preview.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MembershipRuleProcessingState</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify dynamic membership-rule processing-state. Valid values are 'On' and 'Paused'. Requires that MembershipType is set to Dynamic. Note that the functionality is currently in preview.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Members</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specify members. Only specify if MembershipType is NOT set to Dynamic</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScopedRoleMembers</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specify Scoped Role Membership. Note: Any groups must be role-enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Administrative Unit exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.application"> <div class="definition-header"> <span class="def-name">microsoft.entra.application</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory Application.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>DisplayName of the app</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ObjectId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>ObjectID of the app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>AppId for the app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AvailableToOtherTenants</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether this application is available in other tenants.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A free text field to provide a description of the application object to end users. The maximum allowed size is 1024 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupMembershipClaims</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A bitmask that configures the groups claim issued in a user or OAuth 2.0 access token that the application expects.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Homepage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The URL to the application's homepage.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IdentifierUris</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>User-defined URI(s) that uniquely identify a Web application within its Azure AD tenant, or within a verified custom domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsFallbackPublicClient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies the fallback application type as public client, such as an installed application running on a mobile device. The default value is false, which means the fallback application type is confidential client such as web app. There are certain scenarios where Microsoft Entra ID cannot determine the client application type (for example, ROPC flow where it is configured without specifying a redirect URI). In those cases, Microsoft Entra ID will interpret the application type based on the value of this property.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KnownClientApplications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Client applications that are tied to this resource application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LogoutURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The logout url for this application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicClient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether this application is a public client (such as an installed application running on a mobile device). Default is false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReplyURLs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies the URLs that user tokens are sent to for sign in, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Owners</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>UPN or ObjectID values of the app's owners.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD App should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Permissions</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>API permissions for the Azure Active Directory Application.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.attributeset"> <div class="definition-header"> <span class="def-name">microsoft.entra.attributeset</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Represents a group of related custom security attribute definitions.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identifier for the attribute set that is unique within a tenant. Can be up to 32 characters long and include Unicode characters. Cannot contain spaces or special characters. Cannot be changed later. Case insensitive</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identifier for the attribute set that is unique within a tenant. Can be up to 32 characters long and include Unicode characters. Cannot contain spaces or special characters. Cannot be changed later. Case insensitive</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaxAttributesPerSet</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum number of custom security attributes that can be defined in this attribute set. Default value is null. If not specified, the administrator can add up to the maximum of 500 active attributes per tenant. Can be changed later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationcontextclassreference"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationcontextclassreference</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Represents a Microsoft Entra authentication context class reference. Authentication context class references are custom values that define a Conditional Access authentication requirement</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identifier used to reference the authentication context class. The id is used to trigger step-up authentication for the referenced authentication requirements and is the value that will be issued in the acrs claim of an access token. This value in the claim is used to verify that the required authentication context has been satisfied. The allowed values are c1 through c25.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"c1"</code>, <code>"c10"</code>, <code>"c11"</code>, <code>"c12"</code>, <code>"c13"</code>, <code>"c14"</code>, <code>"c15"</code>, <code>"c16"</code>, <code>"c17"</code>, <code>"c18"</code>, <code>"c19"</code>, <code>"c2"</code>, <code>"c20"</code>, <code>"c21"</code>, <code>"c22"</code>, <code>"c23"</code>, <code>"c24"</code>, <code>"c25"</code>, <code>"c3"</code>, <code>"c4"</code>, <code>"c5"</code>, <code>"c6"</code>, <code>"c7"</code>, <code>"c8"</code>, <code>"c9"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc]1|[Cc]2|[Cc]3|[Cc]4|[Cc]5|[Cc]6|[Cc]7|[Cc]8|[Cc]9|[Cc]10|[Cc]11|[Cc]12|[Cc]13|[Cc]14|[Cc]15|[Cc]16|[Cc]17|[Cc]18|[Cc]19|[Cc]20|[Cc]21|[Cc]22|[Cc]23|[Cc]24|[Cc]25)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A friendly name that identifies the authenticationContextClassReference object when building user-facing admin experiences. For example, a selection UX</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A short explanation of the policies that are enforced by authenticationContextClassReference. This value should be used to provide secondary text to describe the authentication context class reference when building user-facing admin experiences. For example, a selection UX.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsAvailable</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the authenticationContextClassReference has been published by the security admin and is ready for use by apps. When it's set to false, it shouldn't be shown in admin UX experiences because the value isn't currently available for selection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The name of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A description of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyMigrationState</span> </div> <div class="desc-html"><p>The state of migration of the authentication methods policy from the legacy multifactor authentication and self-service password reset (SSPR) policies. The possible values are: premigration - means the authentication methods policy is used for authentication only, legacy policies are respected. migrationInProgress - means the authentication methods policy is used for both authentication and SSPR, legacy policies are respected. migrationComplete - means the authentication methods policy is used for authentication and SSPR, legacy policies are ignored. unknownFutureValue - Evolvable enumeration sentinel value. Do not use.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"migrationComplete"</code>, <code>"migrationInProgress"</code>, <code>"preMigration"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Mm][Ii][Gg][Rr][Aa][Tt][Ii][Oo][Nn]|[Mm][Ii][Gg][Rr][Aa][Tt][Ii][Oo][Nn][Ii][Nn][Pp][Rr][Oo][Gg][Rr][Ee][Ss][Ss]|[Mm][Ii][Gg][Rr][Aa][Tt][Ii][Oo][Nn][Cc][Oo][Mm][Pp][Ll][Ee][Tt][Ee]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The version of the policy in use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReconfirmationInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Days before the user will be asked to reconfirm their method.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RegistrationEnforcement</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Enforce registration at sign-in time. This property can be used to remind users to set up targeted authentication methods.</p> </div> <details class="nested-properties"> <summary>1 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationMethodsRegistrationCampaign</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Run campaigns to remind users to setup targeted authentication methods.</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Users and groups of users that are excluded from being prompted to set up the authentication method.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Users and groups of users that are prompted to set up the authentication method.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SnoozeDurationInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the number of days that the user sees a prompt again if they select 'Not now' and snoozes the prompt. Minimum 0 days. Maximum: 14 days. If the value is '0' The user is prompted during every MFA attempt.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Enable or disable the feature. Possible values are: default, enabled, disabled, unknownFutureValue. The default value is used when the configuration hasn't been explicitly set and uses the default behavior of Azure AD for the setting. The default value is disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"default"</code>, <code>"disabled"</code>, <code>"enabled"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemCredentialPreferences</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Prompt users with their most-preferred credential for multifactor authentication.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Users and groups excluded from the preferred authentication method experience of the system.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Users and groups included in the preferred authentication method experience of the system.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Indicates whether the feature is enabled or disabled. Possible values are: default, enabled, disabled, unknownFutureValue. The default value is used when the configuration hasn't been explicitly set, and uses the default behavior of Azure Active Directory for the setting. The default value is disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"default"</code>, <code>"disabled"</code>, <code>"enabled"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicyauthenticator"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicyauthenticator</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy Authenticator</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A collection of Microsoft Authenticator settings such as number matching and location context, and whether they are enabled for all users or specific users only.</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">CompanionAppAllowedState</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Determines whether users will be able to approve push notifications on other Microsoft applications such as Outlook Mobile.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's excluded from using this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's allowed to use this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Enable or disable the feature. Possible values are: default, enabled, disabled, unknownFutureValue. The default value is used when the configuration hasn't been explicitly set and uses the default behavior of Azure AD for the setting. The default value is disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"default"</code>, <code>"disabled"</code>, <code>"enabled"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayAppInformationRequiredState</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Determines whether the user's Authenticator app will show them the client app they are signing into.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's excluded from using this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's allowed to use this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Enable or disable the feature. Possible values are: default, enabled, disabled, unknownFutureValue. The default value is used when the configuration hasn't been explicitly set and uses the default behavior of Azure AD for the setting. The default value is disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"default"</code>, <code>"disabled"</code>, <code>"enabled"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayLocationInformationRequiredState</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Determines whether the user's Authenticator app will show them the geographic location of where the authentication request originated from.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's excluded from using this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's allowed to use this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Enable or disable the feature. Possible values are: default, enabled, disabled, unknownFutureValue. The default value is used when the configuration hasn't been explicitly set and uses the default behavior of Azure AD for the setting. The default value is disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"default"</code>, <code>"disabled"</code>, <code>"enabled"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NumberMatchingRequiredState</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Specifies whether the user needs to enter a number in the Authenticator app from the login screen to complete their login. Value is ignored for phone sign-in notifications.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's excluded from using this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTarget</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>A single entity that's allowed to use this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Enable or disable the feature. Possible values are: default, enabled, disabled, unknownFutureValue. The default value is used when the configuration hasn't been explicitly set and uses the default behavior of Azure AD for the setting. The default value is disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"default"</code>, <code>"disabled"</code>, <code>"enabled"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSoftwareOathEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>true if users can use the OTP code generated by the Microsoft Authenticator app, false otherwise.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicyemail"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicyemail</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy Email</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowExternalIdToUseEmailOtp</span> </div> <div class="desc-html"><p>Determines whether email OTP is usable by external users for authentication. Possible values are: default, enabled, disabled, unknownFutureValue. Tenants in the default state who did not use public preview will automatically have email OTP enabled beginning in October 2021.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"default"</code>, <code>"disabled"</code>, <code>"enabled"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicyfido2"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicyfido2</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy Fido2</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsAttestationEnforced</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether attestation must be enforced for FIDO2 security key registration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSelfServiceRegistrationAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if users can register new FIDO2 security keys.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyRestrictions</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Controls whether key restrictions are enforced on FIDO2 security keys, either allowing or disallowing certain key types as defined by Authenticator Attestation GUID (AAGUID), an identifier that indicates the type (e.g. make and model) of the authenticator.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AaGuids</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>A collection of Authenticator Attestation GUIDs. AADGUIDs define key types and manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnforcementType</span> </div> <div class="desc-html"><p>Enforcement type. Possible values are: allow, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww]|[Bb][Ll][Oo][Cc][Kk]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsEnforced</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if the configured key enforcement is enabled.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicysms"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicysms</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy Sms</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicysoftware"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicysoftware</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy Software</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicytemporary"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicytemporary</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy Temporary</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Default length in characters of a Temporary Access Pass object. Must be between 8 and 48 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultLifetimeInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Default lifetime in minutes for a Temporary Access Pass. Value can be any integer between the minimumLifetimeInMinutes and maximumLifetimeInMinutes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsUsableOnce</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If true, all the passes in the tenant will be restricted to one-time use. If false, passes in the tenant can be created to be either one-time use or reusable.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumLifetimeInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 minutes (equivalent to 30 days).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumLifetimeInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum lifetime in minutes for any Temporary Access Pass created in the tenant. Value can be between 10 and 43200 minutes (equivalent to 30 days).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicyvoice"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicyvoice</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy Voice</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsOfficePhoneAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>true if users can register office phones, otherwise, false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationmethodpolicyx509"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationmethodpolicyx509</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Method Policy X509</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationModeConfiguration</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines strong authentication configurations. This configuration includes the default authentication mode and the different rules for strong authentication bindings.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Rules</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Rules are configured in addition to the authentication mode to bind a specific x509CertificateRuleType to an x509CertificateAuthenticationMode. For example, bind the policyOID with identifier 1.32.132.343 to x509CertificateMultiFactor authentication mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">X509CertificateAuthenticationDefaultMode</span> </div> <div class="desc-html"><p>The type of strong authentication mode. The possible values are: x509CertificateSingleFactor, x509CertificateMultiFactor, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"unknownFutureValue"</code>, <code>"x509CertificateMultiFactor"</code>, <code>"x509CertificateSingleFactor"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Xx]509[Cc][Ee][Rr][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ee][Ss][Ii][Nn][Gg][Ll][Ee][Ff][Aa][Cc][Tt][Oo][Rr]|[Xx]509[Cc][Ee][Rr][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ee][Mm][Uu][Ll][Tt][Ii][Ff][Aa][Cc][Tt][Oo][Rr]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateUserBindings</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Defines fields in the X.509 certificate that map to attributes of the Azure AD user object in order to bind the certificate to the user. The priority of the object determines the order in which the binding is carried out. The first binding that matches will be used and the rest ignored.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are excluded from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeTargets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Displayname of the groups of users that are included from a policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of the policy. Possible values are: enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authenticationstrengthpolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.authenticationstrengthpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Azure AD Authentication Strength Policy</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The name of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A description of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedCombinations</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The authentication method combinations allowed by this authentication strength policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.authorizationpolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.authorizationpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Azure Active Directory Authorization Policy.</p> <p>The policy is managed using the BETA API, some properties may have been added in the API but not in the resource</p> <h2>Azure AD Permissions</h2> <p>To authenticate via Microsoft Graph, this resource required the following Application permissions:</p> <ul> <li> <p><strong>Automate</strong></p> <ul> <li>Policy.Read.All</li> <li>Policy.ReadWrite.Authorization</li> </ul> </li> <li> <p><strong>Export</strong></p> <ul> <li>Policy.Read.All</li> </ul> </li> </ul> <p>NOTE: All permissions listed above require admin consent.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Display name for this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedToSignUpEmailBasedSubscriptions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean Indicates whether users can sign up for email based subscriptions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedToUseSSPR</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean Indicates whether the Self-Serve Password Reset feature can be used by users on the tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEmailVerifiedUsersToJoinOrganization</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean Indicates whether a user can join the tenant by email validation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowInvitesFrom</span> </div> <div class="desc-html"><p>Indicates who can invite external users to the organization. Possible values are: None, AdminsAndGuestInviters, AdminsGuestInvitersAndAllMembers, Everyone. Everyone is the default setting for all cloud environments except US Government.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AdminsAndGuestInviters"</code>, <code>"AdminsGuestInvitersAndAllMembers"</code>, <code>"Everyone"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Dd][Mm][Ii][Nn][Ss][Aa][Nn][Dd][Gg][Uu][Ee][Ss][Tt][Ii][Nn][Vv][Ii][Tt][Ee][Rr][Ss]|[Aa][Dd][Mm][Ii][Nn][Ss][Gg][Uu][Ee][Ss][Tt][Ii][Nn][Vv][Ii][Tt][Ee][Rr][Ss][Aa][Nn][Dd][Aa][Ll][Ll][Mm][Ee][Mm][Bb][Ee][Rr][Ss]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockMsolPowershell</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean To disable the use of MSOL PowerShell, set this property to true. This will also disable user-based access to the legacy service endpoint used by MSOL PowerShell. This does not affect Azure AD Connect or Microsoft Graph.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultUserRoleAllowedToCreateApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean Indicates whether the default user role can create applications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultUserRoleAllowedToCreateSecurityGroups</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean Indicates whether the default user role can create security groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultUserRoleAllowedToReadBitlockerKeysForOwnedDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the registered owners of a device can read their own BitLocker recovery keys with default user role.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultUserRoleAllowedToCreateTenants</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the default user role can create tenants. This setting corresponds to the Restrict non-admin users from creating tenants setting in the User settings menu in the Azure portal. When this setting is false, users assigned the Tenant Creator role can still create tenants.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultUserRoleAllowedToReadOtherUsers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean Indicates whether the default user role can read other users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GuestUserRole</span> </div> <div class="desc-html"><p>The role that should be granted to guest users. Refer to List unifiedRoleDefinitions to find the list of available role templates. Only supported roles today are User, Guest User, and Restricted Guest User (2af84b1e-32c8-42b7-82bc-daa82404023b).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Guest"</code>, <code>"RestrictedGuest"</code>, <code>"User"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Uu][Ee][Ss][Tt]|[Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ee][Dd][Gg][Uu][Ee][Ss][Tt]|[Uu][Ss][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PermissionGrantPolicyIdsAssignedToDefaultUserRole</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>String collection Indicates if user consent to apps is allowed, and if it is, which permission to grant consent and which app consent policy (permissionGrantPolicy) govern the permission for users to grant consent. Value should be in the format managePermissionGrantsForSelf.{id}, where {id} is the id of a built-in or custom app consent policy. An empty list indicates user consent to apps is disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify that the Azure Authorization Policy should exist.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.conditionalaccesspolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.conditionalaccesspolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory Conditional Access Policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>DisplayName of the AAD CA Policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the GUID for the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Specifies the State of the Policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"enabledForReportingButNotEnforced"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Ff][Oo][Rr][Rr][Ee][Pp][Oo][Rr][Tt][Ii][Nn][Gg][Bb][Uu][Tt][Nn][Oo][Tt][Ee][Nn][Ff][Oo][Rr][Cc][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeApplications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Cloud Apps in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationsFilter</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Rule syntax is similar to that used for membership rules for groups in Microsoft Entra ID.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationsFilterMode</span> </div> <div class="desc-html"><p>Mode to use for the filter. Possible values are include or exclude.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"exclude"</code>, <code>"include"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Cc][Ll][Uu][Dd][Ee]|[Ee][Xx][Cc][Ll][Uu][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeApplications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Cloud Apps out of scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeUserActions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>User Actions in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeUsers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Users in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeUsers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Users out of scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeGroups</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Groups in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeGroups</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Groups out of scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeRoles</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>AAD Admin Roles in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeRoles</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>AAD Admin Roles out of scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeGuestOrExternalUserTypes</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>Represents the Included internal guests or external user types. This is a multi-valued property. Supported values are: b2bCollaborationGuest, b2bCollaborationMember, b2bDirectConnectUser, internalGuest, OtherExternalUser, serviceProvider and unknownFutureValue.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeExternalTenantsMembershipKind</span> </div> <div class="desc-html"><p>Represents the Included Tenants membership kind. The possible values are: all, enumerated, unknownFutureValue. enumerated references an object of conditionalAccessEnumeratedExternalTenants derived type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>""</code>, <code>"all"</code>, <code>"enumerated"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(|[Aa][Ll][Ll]|[Ee][Nn][Uu][Mm][Ee][Rr][Aa][Tt][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeExternalTenantsMembers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Represents the Included collection of tenant ids in the scope of Conditional Access for guests and external users policy targeting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeGuestOrExternalUserTypes</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>Represents the Excluded internal guests or external user types. This is a multi-valued property. Supported values are: b2bCollaborationGuest, b2bCollaborationMember, b2bDirectConnectUser, internalGuest, OtherExternalUser, serviceProvider and unknownFutureValue.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeExternalTenantsMembershipKind</span> </div> <div class="desc-html"><p>Represents the Excluded Tenants membership kind. The possible values are: all, enumerated, unknownFutureValue. enumerated references an object of conditionalAccessEnumeratedExternalTenants derived type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>""</code>, <code>"all"</code>, <code>"enumerated"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(|[Aa][Ll][Ll]|[Ee][Nn][Uu][Mm][Ee][Rr][Aa][Tt][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeExternalTenantsMembers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Represents the Excluded collection of tenant ids in the scope of Conditional Access for guests and external users policy targeting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludePlatforms</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Client Device Platforms in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludePlatforms</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Client Device Platforms out of scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeLocations</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>AAD Named Locations in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludeLocations</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>AAD Named Locations out of scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceFilterMode</span> </div> <div class="desc-html"><p>Client Device Filter mode of the Policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"exclude"</code>, <code>"include"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Cc][Ll][Uu][Dd][Ee]|[Ee][Xx][Cc][Ll][Uu][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceFilterRule</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Client Device Filter rule of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRiskLevels</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>AAD Identity Protection User Risk Levels in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignInRiskLevels</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>AAD Identity Protection Sign-in Risk Levels in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientAppTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Client App types in scope of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GrantControlOperator</span> </div> <div class="desc-html"><p>Operator to be used for Grant Controls.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AND"</code>, <code>"OR"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Nn][Dd]|[Oo][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BuiltInControls</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of built-in Grant Controls to be applied by the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationEnforcedRestrictionsIsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies, whether Application Enforced Restrictions are enabled in the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CloudAppSecurityIsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies, whether Cloud App Security is enforced by the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CloudAppSecurityType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies, what Cloud App Security control is enforced by the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignInFrequencyValue</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Sign in frequency time in the given unit to be enforced by the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TermsOfUse</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Display name of the terms of use to assign.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomAuthenticationFactors</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Custom Controls assigned to the grant property of this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignInFrequencyType</span> </div> <div class="desc-html"><p>Sign in frequency unit (days/hours) to be interpreted by the policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>""</code>, <code>"Days"</code>, <code>"Hours"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Aa][Yy][Ss]|[Hh][Oo][Uu][Rr][Ss]|)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignInFrequencyIsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies, whether sign-in frequency is enforced by the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignInFrequencyInterval</span> </div> <div class="desc-html"><p>Sign in frequency interval. Possible values are: 'timeBased', 'everyTime' and 'unknownFutureValue'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"everyTime"</code>, <code>"timeBased"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Tt][Ii][Mm][Ee][Bb][Aa][Ss][Ee][Dd]|[Ee][Vv][Ee][Rr][Yy][Tt][Ii][Mm][Ee]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersistentBrowserIsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies, whether Browser Persistence is controlled by the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersistentBrowserMode</span> </div> <div class="desc-html"><p>Specifies, what Browser Persistence control is enforced by the Policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>""</code>, <code>"Always"</code>, <code>"Never"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ww][Aa][Yy][Ss]|[Nn][Ee][Vv][Ee][Rr]|)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationStrength</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the associated authentication strength policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TransferMethods</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Names of the associated authentication flow transfer methods. Possible values are '', 'deviceCodeFlow', 'authenticationTransfer', or 'deviceCodeFlow,authenticationTransfer'.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationContexts</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Authentication context class references.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD CA Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.crosstenantaccesspolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.crosstenantaccesspolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource manages Azure AD Cross Tenant Access Policies.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The name of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedCloudEndpoints</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>Used to specify which Microsoft clouds an organization would like to collaborate with. By default, this value is empty.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.crosstenantaccesspolicyconfigurationdefault"> <div class="definition-header"> <span class="def-name">microsoft.entra.crosstenantaccesspolicyconfigurationdefault</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource manages Azure AD Cross Tenant Access Policies Configuration Default.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BCollaborationInbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B collaboration.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BCollaborationOutbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BDirectConnectInbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B direct connect.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BDirectConnectOutbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B direct connect.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundTrust</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Determines the partner-specific configuration for trusting other Conditional Access claims from external Azure AD organizations.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsCompliantDeviceAccepted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether compliant devices from external Azure AD organizations are trusted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsHybridAzureADJoinedDeviceAccepted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether hybrid Azure AD joined devices from external Azure AD organizations are trusted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsMfaAccepted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether MFA from external Azure AD organizations is trusted.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the instance should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.crosstenantaccesspolicyconfigurationpartner"> <div class="definition-header"> <span class="def-name">microsoft.entra.crosstenantaccesspolicyconfigurationpartner</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource manages Azure AD Cross Tenant Access Policies Configuration Partner.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PartnerTenantId</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The tenant identifier for the partner Azure Active Directory (Azure AD) organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BCollaborationInbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B collaboration.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BCollaborationOutbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B collaboration.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BDirectConnectInbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users from other organizations accessing your resources via Azure AD B2B direct connect.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">B2BDirectConnectOutbound</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Defines your partner-specific configuration for users in your organization going outbound to access resources in another organization via Azure AD B2B direct connect.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Applications</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of applications targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersAndGroups</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The list of users and groups targeted with your cross-tenant access policy.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Defines whether access is allowed or blocked. The possible values are: allowed, blocked, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Targets</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies whether to target users, groups, or applications with this rule.</p> </div> </div> </div> </details> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticUserConsentSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Determines the partner-specific configuration for accepting trust claims from other tenant invitations.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether you want to automatically trust Inbound invitations.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether you want to automatically trust Outbound invitations.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundTrust</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Determines the partner-specific configuration for trusting other Conditional Access claims from external Azure AD organizations.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsCompliantDeviceAccepted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether compliant devices from external Azure AD organizations are trusted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsHybridAzureADJoinedDeviceAccepted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether hybrid Azure AD joined devices from external Azure AD organizations are trusted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsMfaAccepted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether MFA from external Azure AD organizations is trusted.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.entitlementmanagementaccesspackage"> <div class="definition-header"> <span class="def-name">microsoft.entra.entitlementmanagementaccesspackage</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure AD Entitlement Management Access Package.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Id of the access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CatalogId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identifier of the access package catalog referencing this access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether the access package is hidden from the requestor.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsRoleScopesVisible</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether role scopes are visible.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessPackageResourceRoleScopes</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The resources and roles included in the access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncompatibleAccessPackages</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The access packages whose assigned users are ineligible to be assigned this access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessPackagesIncompatibleWith</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The access packages that are incompatible with this package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncompatibleGroups</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The groups whose members are ineligible to be assigned this access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.entitlementmanagementaccesspackageassignmentpolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.entitlementmanagementaccesspackageassignmentpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure AD Entitlement Management Access Package Assignment Policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the access package assignment policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessPackageId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identifier of the access package.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessReviewSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Who must review, and how often, the assignments to the access package from this policy. This property is null if reviews are not required.</p> </div> <details class="nested-properties"> <summary>9 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessReviewTimeoutBehavior</span> </div> <div class="desc-html"><p>The default decision to apply if the request is not reviewed within the period specified in durationInDays.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"acceptAccessRecommendation"</code>, <code>"keepAccess"</code>, <code>"removeAccess"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Cc][Cc][Ee][Pp][Tt][Aa][Cc][Cc][Ee][Ss][Ss][Rr][Ee][Cc][Oo][Mm][Mm][Ee][Nn][Dd][Aa][Tt][Ii][Oo][Nn]|[Kk][Ee][Ee][Pp][Aa][Cc][Cc][Ee][Ss][Ss]|[Rr][Ee][Mm][Oo][Vv][Ee][Aa][Cc][Cc][Ee][Ss][Ss]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DurationInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of days within which reviewers should provide input.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsAccessRecommendationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to display recommendations to the reviewer. The default value is true</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsApprovalJustificationRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether the reviewer must provide justification for the approval. The default value is true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If true, access reviews are required for assignments from this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecurrenceType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The interval for recurrence, such as monthly or quarterly.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReviewerType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Who should be asked to do the review, either Self or Reviewers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Reviewers</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>If the reviewerType is Reviewers, this collection specifies the users who will be reviewers, either by ID or as members of a group, using a collection of singleUser and groupMembers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>When the first review should start.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CanExtend</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether a user can extend the access package assignment duration after approval.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DurationInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of days in which assignments from this policy last until they are expired.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExpirationDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The expiration date for assignments created in this policy. The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Questions</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Questions that are posed to the requestor.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequestApprovalSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Who must approve requests for access package in this policy.</p> </div> <details class="nested-properties"> <summary>5 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ApprovalMode</span> </div> <div class="desc-html"><p>One of SingleStage, Serial, Parallel, NoApproval (default). NoApproval is used when isApprovalRequired is false.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"NoApproval"</code>, <code>"Parallel"</code>, <code>"Serial"</code>, <code>"SingleStage"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Ii][Nn][Gg][Ll][Ee][Ss][Tt][Aa][Gg][Ee]|[Ss][Ee][Rr][Ii][Aa][Ll]|[Pp][Aa][Rr][Aa][Ll][Ll][Ee][Ll]|[Nn][Oo][Aa][Pp][Pp][Rr][Oo][Vv][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApprovalStages</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>If approval is required, the one or two elements of this collection define each of the stages of approval. An empty array if no approval is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsApprovalRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether approval is required for requests in this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsApprovalRequiredForExtension</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether approval is required for a user to extend their assignment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsRequestorJustificationRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the requestor is required to supply a justification in their request.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequestorSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Who can request this access package from this policy.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AcceptRequests</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether new requests are accepted on this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedRequestors</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The users who are allowed to request on this policy, which can be singleUser, groupMembers, and connectedOrganizationMembers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScopeType</span> </div> <div class="desc-html"><p>Who can request.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AllConfiguredConnectedOrganizationSubjects"</code>, <code>"AllExistingConnectedOrganizationSubjects"</code>, <code>"AllExistingDirectoryMemberUsers"</code>, <code>"AllExistingDirectorySubjects"</code>, <code>"AllExternalSubjects"</code>, <code>"NoSubjects"</code>, <code>"SpecificConnectedOrganizationSubjects"</code>, <code>"SpecificDirectorySubjects"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Ss][Uu][Bb][Jj][Ee][Cc][Tt][Ss]|[Ss][Pp][Ee][Cc][Ii][Ff][Ii][Cc][Dd][Ii][Rr][Ee][Cc][Tt][Oo][Rr][Yy][Ss][Uu][Bb][Jj][Ee][Cc][Tt][Ss]|[Ss][Pp][Ee][Cc][Ii][Ff][Ii][Cc][Cc][Oo][Nn][Nn][Ee][Cc][Tt][Ee][Dd][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Ss][Uu][Bb][Jj][Ee][Cc][Tt][Ss]|[Aa][Ll][Ll][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd][Cc][Oo][Nn][Nn][Ee][Cc][Tt][Ee][Dd][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Ss][Uu][Bb][Jj][Ee][Cc][Tt][Ss]|[Aa][Ll][Ll][Ee][Xx][Ii][Ss][Tt][Ii][Nn][Gg][Cc][Oo][Nn][Nn][Ee][Cc][Tt][Ee][Dd][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Ss][Uu][Bb][Jj][Ee][Cc][Tt][Ss]|[Aa][Ll][Ll][Ee][Xx][Ii][Ss][Tt][Ii][Nn][Gg][Dd][Ii][Rr][Ee][Cc][Tt][Oo][Rr][Yy][Mm][Ee][Mm][Bb][Ee][Rr][Uu][Ss][Ee][Rr][Ss]|[Aa][Ll][Ll][Ee][Xx][Ii][Ss][Tt][Ii][Nn][Gg][Dd][Ii][Rr][Ee][Cc][Tt][Oo][Rr][Yy][Ss][Uu][Bb][Jj][Ee][Cc][Tt][Ss]|[Aa][Ll][Ll][Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Ss][Uu][Bb][Jj][Ee][Cc][Tt][Ss])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomExtensionHandlers</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The collection of stages when to execute one or more custom access package workflow extensions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.entitlementmanagementaccesspackagecatalog"> <div class="definition-header"> <span class="def-name">microsoft.entra.entitlementmanagementaccesspackagecatalog</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure AD Entitlement Management Access Package Catalog.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the access package catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The id of the access package catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CatalogStatus</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Has the value Published if the access packages are available for management.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CatalogType</span> </div> <div class="desc-html"><p>One of UserManaged or ServiceDefault.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ServiceDefault"</code>, <code>"UserManaged"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Mm][Aa][Nn][Aa][Gg][Ee][Dd]|[Ss][Ee][Rr][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the access package catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsExternallyVisible</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether the access packages in this catalog can be requested by users outside of the tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.entitlementmanagementaccesspackagecatalogresource"> <div class="definition-header"> <span class="def-name">microsoft.entra.entitlementmanagementaccesspackagecatalogresource</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure AD Entitlement Management Access Package Catalog Resource.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the resource, such as the application name, group name or site name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the access package catalog resource.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CatalogId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique ID of the access package catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddedBy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The name of the user or application that first added this resource. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddedOn</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Timestamp type represents date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Attributes</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Contains information about the attributes to be collected from the requestor and sent to the resource application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A description for the resource.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsPendingOnboarding</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>True if the resource is not yet available for assignment. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OriginId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier of the resource in the origin system. In the case of an Azure AD group, this is the identifier of the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OriginSystem</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The type of the resource in the origin system.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ResourceType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The type of the resource.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Url</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A unique resource locator for the resource, such as the URL for signing a user into an application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.entitlementmanagementconnectedorganization"> <div class="definition-header"> <span class="def-name">microsoft.entra.entitlementmanagementconnectedorganization</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure AD Entitlement Management Connected Organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the connected organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Id of the Connected organization object.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the connected organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IdentitySources</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The identity sources in this connected organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>The state of a connected organization defines whether assignment policies with requestor scope type AllConfiguredConnectedOrganizationSubjects are applicable or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"configured"</code>, <code>"proposed"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Pp][Rr][Oo][Pp][Oo][Ss][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalSponsors</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of objectID of external sponsors. the sponsor can be a user or a group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternalSponsors</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of objectID of internal sponsors. the sponsor can be a user or a group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.externalidentitypolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.externalidentitypolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Represents the tenant-wide policy that controls whether external users can leave the guest Microsoft Entra tenant via self-service controls.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowExternalIdentitiesToLeave</span> <span class="type-badge">boolean</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Defines whether external users can leave the guest tenant. If set to false, self-service controls are disabled, and the admin of the guest tenant must manually remove the external user from the guest tenant. When the external user leaves the tenant, their data in the guest tenant is first soft-deleted then permanently deleted in 30 days.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeletedIdentitiesDataRemoval</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Reserved for future use.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.group"> <div class="definition-header"> <span class="def-name">microsoft.entra.group</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory group. IMPORTANT: It does not support mail enabled security groups or mail enabled groups that are not unified or dynamic groups.</p> <p>If using with AADUser, be aware that if AADUser->MemberOf is being specified and the referenced group is configured with AADGroup->Member then a conflict may arise if the two don't match. It is usually best to choose only one of them. See AADUser</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>DisplayName of the Azure Active Directory Group</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailNickname</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies a mail nickname for the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityEnabled</span> <span class="type-badge">boolean</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies whether the group is security enabled. For security groups, this value must be $True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailEnabled</span> <span class="type-badge">boolean</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies whether this group is mail enabled. Currently, you cannot create mail enabled groups in Azure AD.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies a description for the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies an ID for the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Owners</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>User Service Principal values for the group's owners.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Members</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>User Service Principal values for the group's members.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupAsMembers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Displayname values for the groups member of the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>DisplayName values for the groups that this group is a member of.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies that the group is a dynamic group. To create a dynamic group, specify a value of DynamicMembership.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MembershipRule</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the membership rule for a dynamic group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MembershipRuleProcessingState</span> </div> <div class="desc-html"><p>Specifies the rule processing state. The acceptable values for this parameter are: On. Process the group rule or Paused. Stop processing the group rule.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"On"</code>, <code>"Paused"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Nn]|[Pp][Aa][Uu][Ss][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsAssignableToRole</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether this group can be assigned a role. Only available when creating a group and can't be modified after group is created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AssignedToRole</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>DisplayName values for the roles that the group is assigned to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Visibility</span> </div> <div class="desc-html"><p>This parameter determines the visibility of the group's content and members list.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"HiddenMembership"</code>, <code>"Private"</code>, <code>"Public"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Uu][Bb][Ll][Ii][Cc]|[Pp][Rr][Ii][Vv][Aa][Tt][Ee]|[Hh][Ii][Dd][Dd][Ee][Nn][Mm][Ee][Mm][Bb][Ee][Rr][Ss][Hh][Ii][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AssignedLicenses</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>List of Licenses assigned to the group.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD Group should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.grouplifecyclepolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.grouplifecyclepolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory Group Lifecycle Policy (e.g. Expiration).</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupLifetimeInDays</span> <span class="type-badge">integer</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The number of days a group can exist before it needs to be renewed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagedGroupTypes</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>This parameter allows the admin to select which office 365 groups the policy will apply to. 'None' will create the policy in a disabled state. 'All' will apply the policy to every Office 365 group in the tenant. 'Selected' will allow the admin to choose specific Office 365 groups that the policy will apply to.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"None"</code>, <code>"Selected"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll]|[Nn][Oo][Nn][Ee]|[Ss][Ee][Ll][Ee][Cc][Tt][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AlternateNotificationEmails</span> <span class="type-badge">string[]</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Notification emails for groups that have no owners will be sent to these email addresses.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD Groups Lifecycle Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.groupsnamingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.groupsnamingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory Group Naming Policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrefixSuffixNamingRequirement</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Prefixes and suffixes to add to the group name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomBlockedWordsList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Comma delimited list of words that should be blocked from being included in groups' names.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD Groups Naming Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.groupssettings"> <div class="definition-header"> <span class="def-name">microsoft.entra.groupssettings</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory Groups Settings.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableGroupCreation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The flag indicating whether Office 365 group creation is allowed in the directory by non-admin users. This setting does not require an Azure Active Directory Premium P1 license.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableMIPLabels</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean indicating whether or not sensitivity labels can be assigned to M365-groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGuestsToBeGroupOwner</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean indicating whether or not a guest user can be an owner of groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGuestsToAccessGroups</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean indicating whether or not a guest user can have access to Office 365 groups content. This setting does not require an Azure Active Directory Premium P1 license.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GuestUsageGuidelinesUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The url of a link to the guest usage guidelines.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupCreationAllowedGroupName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the security group for which the members are allowed to create Office 365 groups even when EnableGroupCreation == false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowToAddGuests</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>A boolean indicating whether or not is allowed to add guests to this directory.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsageGuidelinesUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A link to the Group Usage Guidelines.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NewUnifiedGroupWritebackDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean, a tenant-wide setting that assigns the default value to the writebackConfiguration/isEnabled property of new groups, if the property isn't specified during group creation. This setting is applicable when group writeback is configured in Microsoft Entra Connect.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD Groups Naming Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.namedlocationpolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.namedlocationpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Azure AD Named Location Policies in Azure Active Directory</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the Display Name of a Named Location in Azure Active Directory</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OdataType</span> </div> <div class="desc-html"><p>Specifies the Odata Type of a Named Location object in Azure Active Directory</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.compliantNetworkNamedLocation"</code>, <code>"#microsoft.graph.countryNamedLocation"</code>, <code>"#microsoft.graph.ipNamedLocation"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Cc][Oo][Uu][Nn][Tt][Rr][Yy][Nn][Aa][Mm][Ee][Dd][Ll][Oo][Cc][Aa][Tt][Ii][Oo][Nn]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ii][Pp][Nn][Aa][Mm][Ee][Dd][Ll][Oo][Cc][Aa][Tt][Ii][Oo][Nn]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt][Nn][Ee][Tt][Ww][Oo][Rr][Kk][Nn][Aa][Mm][Ee][Dd][Ll][Oo][Cc][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the ID of a Named Location in Azure Active Directory.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IpRanges</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies the IP ranges of the Named Location in Azure Active Directory</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsTrusted</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies the isTrusted value for the Named Location (IP ranges only) in Azure Active Directory</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CountriesAndRegions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies the countries and regions for the Named Location in Azure Active Directory</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CountryLookupMethod</span> </div> <div class="desc-html"><p>Determines what method is used to decide which country the user is located in. Possible values are clientIpAddress(default) and authenticatorAppGps.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"authenticatorAppGps"</code>, <code>"clientIpAddress"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ll][Ii][Ee][Nn][Tt][Ii][Pp][Aa][Dd][Dd][Rr][Ee][Ss][Ss]|[Aa][Uu][Tt][Hh][Ee][Nn][Tt][Ii][Cc][Aa][Tt][Oo][Rr][Aa][Pp][Pp][Gg][Pp][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeUnknownCountriesAndRegions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies the includeUnknownCountriesAndRegions value for the Named Location in Azure Active Directory</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD Named Location should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.roledefinition"> <div class="definition-header"> <span class="def-name">microsoft.entra.roledefinition</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory role definition. To configure custom roles you require an Azure AD Premium P1 license. The account used to configure role definitions based on this resource needs either to be a "Global Administrator" or a "Privileged role administrator".</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies a display name for the role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsEnabled</span> <span class="type-badge">boolean</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies whether the role definition is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RolePermissions</span> <span class="type-badge">string[]</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies permissions for the role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies Id for the role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies a description for the role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ResourceScopes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies the resource scopes for the role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TemplateId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies template id for the role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Version</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies version for the role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD Role definition should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.roleeligibilityschedulerequest"> <div class="definition-header"> <span class="def-name">microsoft.entra.roleeligibilityschedulerequest</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Represents a request for a role eligibility for a principal through PIM. The role eligibility can be permanently eligible without an expiry date or temporarily eligible with an expiry date. Inherits from request.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Principal</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>User Principal Name of the eligibility request.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleDefinition</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Role associated with the eligibility request.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrincipalType</span> </div> <div class="desc-html"><p>Represented the type of principal to assign the request to. Accepted values are: Group and User.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Group"</code>, <code>"User"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Rr][Oo][Uu][Pp]|[Uu][Ss][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DirectoryScopeId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identifier of the directory object representing the scope of the role eligibility. The scope of an role eligibility determines the set of resources for which the principal has been granted access. Directory scopes are shared scopes stored in the directory that are understood by multiple applications. Use / for tenant-wide scope. Use appScopeId to limit the scope to an application only. Either directoryScopeId or appScopeId is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identifier for the Role Eligibility Schedule Request.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppScopeId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identifier of the app-specific scope when the role eligibility is scoped to an app. The scope of a role eligibility determines the set of resources for which the principal is eligible to access. App scopes are scopes that are defined and understood by this application only. Use / for tenant-wide app scopes. Use directoryScopeId to limit the scope to particular directory objects, for example, administrative units. Either directoryScopeId or appScopeId is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Action</span> </div> <div class="desc-html"><p>Represents the type of operation on the role eligibility request.The possible values are: adminAssign, adminUpdate, adminRemove, selfActivate, selfDeactivate, adminExtend, adminRenew, selfExtend, selfRenew, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adminAssign"</code>, <code>"adminExtend"</code>, <code>"adminRemove"</code>, <code>"adminRenew"</code>, <code>"adminUpdate"</code>, <code>"selfActivate"</code>, <code>"selfDeactivate"</code>, <code>"selfExtend"</code>, <code>"selfRenew"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Dd][Mm][Ii][Nn][Aa][Ss][Ss][Ii][Gg][Nn]|[Aa][Dd][Mm][Ii][Nn][Uu][Pp][Dd][Aa][Tt][Ee]|[Aa][Dd][Mm][Ii][Nn][Rr][Ee][Mm][Oo][Vv][Ee]|[Ss][Ee][Ll][Ff][Aa][Cc][Tt][Ii][Vv][Aa][Tt][Ee]|[Ss][Ee][Ll][Ff][Dd][Ee][Aa][Cc][Tt][Ii][Vv][Aa][Tt][Ee]|[Aa][Dd][Mm][Ii][Nn][Ee][Xx][Tt][Ee][Nn][Dd]|[Aa][Dd][Mm][Ii][Nn][Rr][Ee][Nn][Ee][Ww]|[Ss][Ee][Ll][Ff][Ee][Xx][Tt][Ee][Nn][Dd]|[Ss][Ee][Ll][Ff][Rr][Ee][Nn][Ee][Ww]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsValidationOnly</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether the call is a validation or an actual call. Only set this property if you want to check whether an activation is subject to additional rules like MFA before actually submitting the request.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Justification</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A message provided by users and administrators when create they create the unifiedRoleEligibilityScheduleRequest object. Optional when action is adminRemove. Whether this property is required or optional is also dependent on the settings for the Azure AD role.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScheduleInfo</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The period of the role eligibility. Optional when action is adminRemove. The period of eligibility is dependent on the settings of the Azure AD role.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">expiration</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>When the eligible or active assignment expires.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">duration</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The requestor's desired duration of access represented in ISO 8601 format for durations. For example, PT3H refers to three hours. If specified in a request, endDateTime should not be present and the type property should be set to afterDuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">endDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Timestamp of date and time information using ISO 8601 format and is always in UTC time. For example, midnight UTC on Jan 1, 2014 is 2014-01-01T00:00:00Z.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">type</span> </div> <div class="desc-html"><p>The requestor's desired expiration pattern type. The possible values are: notSpecified, noExpiration, afterDateTime, afterDuration.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"afterDateTime"</code>, <code>"afterDuration"</code>, <code>"noExpiration"</code>, <code>"notSpecified"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Ss][Pp][Ee][Cc][Ii][Ff][Ii][Ee][Dd]|[Nn][Oo][Ee][Xx][Pp][Ii][Rr][Aa][Tt][Ii][Oo][Nn]|[Aa][Ff][Tt][Ee][Rr][Dd][Aa][Tt][Ee][Tt][Ii][Mm][Ee]|[Aa][Ff][Tt][Ee][Rr][Dd][Uu][Rr][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">recurrence</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The frequency of the eligible or active assignment. This property is currently unsupported in PIM.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">pattern</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The frequency of an event.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">range</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The duration of an event.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">startDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>When the eligible or active assignment becomes active.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TicketInfo</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Ticket details linked to the role eligibility request including details of the ticket number and ticket system.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ticketNumber</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ticket number.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ticketSystem</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the ticket system.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.rolesetting"> <div class="definition-header"> <span class="def-name">microsoft.entra.rolesetting</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configure existing Azure roles. All UI parameters can be configured using this resource like:</p> <ul> <li>Notifications</li> <li>require approval / ticket / justification / MFA</li> </ul> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>RuleDefinition DisplayName</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the RoleId.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivationMaxDuration</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Activation maximum duration (hours).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivationReqJustification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require justification on activation (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivationReqTicket</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require ticket information on activation (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivationReqMFA</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require MFA on activation (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApprovaltoActivate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require approval to activate (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivateApprover</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Approver User UPN and/or Group Displayname</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PermanentEligibleAssignmentisExpirationRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow permanent eligible assignment (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExpireEligibleAssignment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Expire eligible assignments after (Days)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PermanentActiveAssignmentisExpirationRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow permanent active assignment (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExpireActiveAssignment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Expire active assignments after (Days)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AssignmentReqMFA</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require Azure Multi-Factor Authentication on active assignment (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AssignmentReqJustification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require justification on active assignment (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ElegibilityAssignmentReqMFA</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require Azure Multi-Factor Authentication on eligible assignment (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ElegibilityAssignmentReqJustification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require justification on eligible assignment (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAlertNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Role assignment alert, default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAlertNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Role assignment alert, additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAlertNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Role assignment alert, only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssigneeNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssigneeNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssigneeNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Notification to the assigned user (assignee), only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleApproveNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleApproveNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleApproveNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as eligible to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveAlertNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Role assignment alert, default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveAlertNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Role assignment alert, additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveAlertNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Role assignment alert, only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveAssigneeNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveAssigneeNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveAssigneeNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Notification to the assigned user (assignee), only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveApproveNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveApproveNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveApproveNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when members are assigned as active to this role: Request to approve a role assignment renewal/extension, only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssignmentAlertNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when eligible members activate this role: Role assignment alert, default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssignmentAlertNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when eligible members activate this role: Role assignment alert, additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssignmentAlertNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when eligible members activate this role: Role assignment alert, only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssignmentAssigneeNotificationDefaultRecipient</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssignmentAssigneeNotificationAdditionalRecipient</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Send notifications when eligible members activate this role: Notification to activated user (requestor), additional recipient (UPN)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EligibleAssignmentAssigneeNotificationOnlyCritical</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationContextRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Authorization context is required (True/False)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationContextName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Descriptive name of associated authorization context</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationContextId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Authorization context id</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD role setting should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.securitydefaults"> <div class="definition-header"> <span class="def-name">microsoft.entra.securitydefaults</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Security Defaults in Azure Active Directory.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Display name of the security defaults.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the security defaults.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Represents whether or not security defaults are enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD App should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.serviceprincipal"> <div class="definition-header"> <span class="def-name">microsoft.entra.serviceprincipal</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Azure Active Directory ServicePrincipal.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AppId</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The unique identifier for the associated application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppRoleAssignedTo</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>App role assignments for this app or service, granted to users, groups, and other service principals.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ObjectID</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ObjectID of the ServicePrincipal</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Displayname of the ServicePrincipal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AlternativeNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The alternative names for this service principal</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>True if the service principal account is enabled; otherwise, false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppRoleAssignmentRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether an application role assignment is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ErrorUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the error URL of the ServicePrincipal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Homepage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the homepage of the ServicePrincipal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LogoutUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the LogoutURL of the ServicePrincipal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublisherName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the PublisherName of the ServicePrincipal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReplyUrls</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The URLs that user tokens are sent to for sign in with the associated application, or the redirect URIs that OAuth 2.0 authorization codes and access tokens are sent to for the associated application.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SamlMetadataUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The URL for the SAML metadata of the ServicePrincipal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ServicePrincipalNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies an array of service principal names. Based on the identifierURIs collection, plus the application's appId property, these URIs are used to reference an application's service principal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ServicePrincipalType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The type of the service principal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Tags</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Tags linked to this service principal.Note that if you intend for this service principal to show up in the All Applications list in the admin portal, you need to set this value to {WindowsAzureActiveDirectoryIntegratedApp}</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD App should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.socialidentityprovider"> <div class="definition-header"> <span class="def-name">microsoft.entra.socialidentityprovider</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Represents identity providers with External Identities for both Microsoft Entra ID and Azure AD B2C tenants. For Microsoft Entra B2B scenarios in a Microsoft Entra tenant, the identity provider type can be Google or Facebook.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientId</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The client identifier for the application obtained when registering the application with the identity provider.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientSecret</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The client secret for the application that is obtained when the application is registered with the identity provider. This is write-only. A read operation returns ****.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The display name of the identity provider.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IdentityProviderType</span> </div> <div class="desc-html"><p>For a B2B scenario, possible values: Google, Facebook. For a B2C scenario, possible values: Microsoft, Google, Amazon, LinkedIn, Facebook, GitHub, Twitter, Weibo, QQ, WeChat.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AADSignup"</code>, <code>"Amazon"</code>, <code>"EmailOTP"</code>, <code>"Facebook"</code>, <code>"GitHub"</code>, <code>"Google"</code>, <code>"LinkedIn"</code>, <code>"Microsoft"</code>, <code>"MicrosoftAccount"</code>, <code>"QQ"</code>, <code>"Twitter"</code>, <code>"WeChat"</code>, <code>"Weibo"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Aa][Dd][Ss][Ii][Gg][Nn][Uu][Pp]|[Ee][Mm][Aa][Ii][Ll][Oo][Tt][Pp]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Aa][Cc][Cc][Oo][Uu][Nn][Tt]|[Gg][Oo][Oo][Gg][Ll][Ee]|[Aa][Mm][Aa][Zz][Oo][Nn]|[Ll][Ii][Nn][Kk][Ee][Dd][Ii][Nn]|[Ff][Aa][Cc][Ee][Bb][Oo][Oo][Kk]|[Gg][Ii][Tt][Hh][Uu][Bb]|[Tt][Ww][Ii][Tt][Tt][Ee][Rr]|[Ww][Ee][Ii][Bb][Oo]|[Qq][Qq]|[Ww][Ee][Cc][Hh][Aa][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.tenantdetails"> <div class="definition-header"> <span class="def-name">microsoft.entra.tenantdetails</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Azure AD Tenant Details</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MarketingNotificationEmails</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Email-addresses from the people who should receive Marketing Notifications</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityComplianceNotificationMails</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Email-addresses from the people who should receive Security Compliance Notifications</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityComplianceNotificationPhones</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Phone Numbers from the people who should receive Security Notifications</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TechnicalNotificationMails</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Email-addresses from the people who should receive Technical Notifications</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.tokenlifetimepolicy"> <div class="definition-header"> <span class="def-name">microsoft.entra.tokenlifetimepolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Azure AD Token Lifetime Policies</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>DisplayName of the Policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>ObjectID of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Definition</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Definition of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsOrganizationDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>IsOrganizationDefault of the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if the Azure AD Policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.entra.user"> <div class="definition-header"> <span class="def-name">microsoft.entra.user</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource allows users to create Azure AD Users and assign them licenses, roles and/or groups.</p> <p>If using with AADGroup, be aware that if AADUser->MemberOf is being specified and the referenced group is configured with AADGroup->Member then a conflict may arise if the two don't match. It is usually best to choose only one of them. See AADGroup</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">UserPrincipalName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The login name of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The display name for the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirstName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The first name of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LastName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The last name of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Roles</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of Azure Active Directory roles assigned to the user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsageLocation</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The country code the user will be assigned to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LicenseAssignment</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The account SKU Id for the license to be assigned to the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">City</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The City name of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Country</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Country name of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Department</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Department name of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Fax</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Fax Number of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Groups that the user is a direct member of</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MobilePhone</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Mobile Phone Number of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Office</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Office Name of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordNeverExpires</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether the user password expires periodically. Default value is false</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPolicies</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies password policies for the user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PhoneNumber</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Phone Number of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostalCode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Postal Code of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreferredLanguage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Preferred Language of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the state or province where the user is located</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StreetAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the street address of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Title</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the title of the user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserType</span> </div> <div class="desc-html"><p>Specifies the title of the user</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Guest"</code>, <code>"Member"</code>, <code>"Other"</code>, <code>"Viral"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Uu][Ee][Ss][Tt]|[Mm][Ee][Mm][Bb][Ee][Rr]|[Oo][Tt][Hh][Ee][Rr]|[Vv][Ii][Rr][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the user exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.apppermissionpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.apppermissionpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Manages the Teams App Permission Policies.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier to be assigned to the new Teams app permission policy. Use the 'Global' Identity if you wish to assign this policy to the entire tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables administrators to provide explanatory text to accompany a Teams app permission policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalCatalogAppsType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The types of apps for the Global Catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivateCatalogAppsType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The types of apps for the Private Catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultCatalogAppsType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The types of apps for the Default Catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalCatalogApps</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of apps for the Global Catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivateCatalogApps</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of apps for the Private Catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultCatalogApps</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of apps for the Default Catalog.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.appsetuppolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.appsetuppolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Manages Teams app setup policies in your tenant.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier to be assigned to the new Teams app setup policy. Use the 'Global' Identity if you wish to assign this policy to the entire tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables administrators to provide explanatory text to accompany a Teams app setup policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppPresetList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Choose which apps and messaging extensions you want to be installed in your users' personal Teams environment and in meetings they create. Users can install other available apps from the Teams app store.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppPresetMeetingList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Choose which apps and meeting extensions you want to be installed in your users' personal Teams environment and in meetings they create. Users can install other available apps from the Teams app store.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinnedAppBarApps</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Pinning an app displays the app in the app bar in Teams client. Admins can pin apps and they can allow users to pin apps. Pinning is used to highlight apps that are needed the most by users and promote ease of access.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinnedMessageBarApps</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Apps are pinned in messaging extensions and into the ellipsis menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserPinning</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If you turn this on, the user's existing app pins will be added to the list of pinned apps set in this policy. Users can rearrange, add, and remove pins as they choose. If you turn this off, the user's existing app pins will be removed and replaced with the apps defined in this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSideLoading</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This is also known as side loading. This setting determines if a user can upload a custom app package in the Teams app. Turning it on lets you create or develop a custom app to be used personally or across your organization without having to submit it to the Teams app store. Uploading a custom app also lets you test an app before you distribute it more widely by only assigning it to a single user or group of users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.audioconferencingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.audioconferencingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Configures a Teams Audio Conferencing Policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specify the name of the policy that you are creating</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTollFreeDialin</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether users of the Policy can have Toll free numbers</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MeetingInvitePhoneNumbers</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Determines the list of audio-conferencing Toll- and Toll-free telephone numbers that will be included in meetings invites created by users of this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.callholdpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.callholdpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Creates a new Teams call hold policy in your tenant. The Teams call hold policy is used to customize the call hold experience for Teams clients.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier to be assigned to the new Teams call hold policy. Use the 'Global' Identity if you wish to assign this policy to the entire tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AudioFileId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A string representing the ID referencing an audio file uploaded via the Import-CsOnlineAudioFile cmdlet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables administrators to provide explanatory text to accompany a Teams call hold policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.callingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.callingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams Calling Policy.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/teams-calling-policy">https://docs.microsoft.com/en-us/microsoftteams/teams-calling-policy</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Calling Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Calling Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPrivateCalling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Controls all calling capabilities in Teams. Turning this off will turn off all calling functionality in Teams. If you use Skype for Business for calling, this policy will not affect calling functionality in Skype for Business.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowVoicemail</span> </div> <div class="desc-html"><p>Enables inbound calls to be routed to voice mail. Valid options are: AlwaysEnabled, AlwaysDisabled, UserOverride.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AlwaysDisabled"</code>, <code>"AlwaysEnabled"</code>, <code>"UserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ww][Aa][Yy][Ss][Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Aa][Ll][Ww][Aa][Yy][Ss][Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCallGroups</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enables inbound calls to be routed to call groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDelegation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enables inbound calls to be routed to delegates; allows delegates to make outbound calls on behalf of the users for whom they have delegated permissions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCallForwardingToUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enables call forwarding or simultaneous ringing of inbound calls to other users in your tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCallForwardingToPhone</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enables call forwarding or simultaneous ringing of inbound calls to any phone number.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCallRedirect</span> </div> <div class="desc-html"><p>Setting this parameter provides the ability to configure call redirection capabilities on Teams phones.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"UserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSIPDevicesCalling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether the user is allowed to use SIP devices for calling on behalf of a Teams client.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowWebPSTNCalling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows PSTN calling from the Team web client</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreventTollBypass</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Setting this parameter to True will send calls through PSTN and incur charges rather than going through the network and bypassing the tolls.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BusyOnBusyEnabledType</span> </div> <div class="desc-html"><p>Setting this parameter lets you configure how incoming calls are handled when a user is already in a call or conference or has a call placed on hold. New or incoming calls will be rejected with a busy signal. Valid options are: Enabled, Disabled and Unanswered.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"Unanswered"</code>, <code>"UserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Nn][Aa][Nn][Ss][Ww][Ee][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CallRecordingExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Sets the expiration of the recorded 1:1 calls.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MusicOnHoldEnabledType</span> </div> <div class="desc-html"><p>Setting this parameter allows you to turn on or turn off music on hold when a PSTN caller is placed on hold. It is turned on by default. Valid options are: Enabled, Disabled, UserOverride. For now setting the value to UserOverride is the same as Enabled. This setting does not apply to call park and SLA boss delegate features. Valid options are: Enabled, Disabled, UserOverride.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"UserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafeTransferEnabled</span> </div> <div class="desc-html"><p>This parameter is not available for use. Valid options are: Enabled, Disabled, UserOverride.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"UserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCloudRecordingForCalls</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Setting this parameter to True will allows 1:1 Calls to be recorded.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTranscriptionforCalling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether post-meeting captions and transcriptions are allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LiveCaptionsEnabledTypeForCalling</span> </div> <div class="desc-html"><p>Determines whether real-time captions are available for the user in Teams meetings. Set this to DisabledUserOverride to allow user to turn on live captions. Set this to Disabled to prohibit.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"DisabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoAnswerEnabledType</span> </div> <div class="desc-html"><p>This setting allows the tenant admin to enable or disable the Auto-Answer setting. Valid options are: Enabled, Disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SpamFilteringEnabledType</span> </div> <div class="desc-html"><p>Setting this parameter determines whether calls identified as Spam will be rejected or not (probably). Valid options are: Enabled, Disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policyexists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.callparkpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.callparkpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>The TeamsCallParkPolicy controls whether or not users are able to leverage the call park feature in Microsoft Teams. Call park allows enterprise voice customers to place a call on hold and then perform a number of actions on that call: transfer to another department, retrieve via the same phone, or retrieve via a different Teams phone. The New-CsTeamsCallParkPolicy resource lets you create a new custom policy that can then be assigned to one or more specific users.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>A unique identifier for the policy - this will be used to retrieve the policy later on to assign it to specific users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCallPark</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set to true, customers will be able to leverage the call park feature to place calls on hold and then decide how the call should be handled - transferred to another department, retrieved using the same phone, or retrieved using a different phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Call Park Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ParkTimeoutSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of seconds to wait before ringing the parker when the parked call hasn't been picked up. Value can be from 120 to 1800 (seconds).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PickupRangeEnd</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the maximum value that a rendered pickup code can take. Value can be from 10 to 9999. Note: PickupRangeStart must be smaller than PickupRangeEnd.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PickupRangeStart</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the minimum value that a rendered pickup code can take. Value can be from 10 to 9999.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.callqueue"> <div class="definition-header"> <span class="def-name">microsoft.teams.callqueue</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to manage Call Queue in your Skype for Business Online organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies a unique name for the Call Queue.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AgentAlertTime</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Name parameter specifies a unique name for the Call Queue.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowOptOut</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowOptOut parameter indicates whether or not agents can opt in or opt out from taking calls from a Call Queue.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DistributionLists</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The DistributionLists parameter lets you add all the members of the distribution lists to the Call Queue. This is a list of distribution list GUIDs. A service wide configurable maximum number of DLs per Call Queue are allowed. Only the first N (service wide configurable) agents from all distribution lists combined are considered for accepting the call. Nested DLs are supported. O365 Groups can also be used to add members to the Call Queue.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseDefaultMusicOnHold</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The UseDefaultMusicOnHold parameter indicates that this Call Queue uses the default music on hold. This parameter cannot be specified together with MusicOnHoldAudioFileId.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WelcomeMusicAudioFileId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The WelcomeMusicAudioFileId parameter represents the audio file to play when callers are connected with the Call Queue. This is the unique identifier of the audio file.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MusicOnHoldAudioFileId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The MusicOnHoldFileContent parameter represents music to play when callers are placed on hold. This is the unique identifier of the audio file. This parameter is required if the UseDefaultMusicOnHold parameter is not specified.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowAction</span> </div> <div class="desc-html"><p>The OverflowAction parameter designates the action to take if the overflow threshold is reached. The OverflowAction property must be set to one of the following values: DisconnectWithBusy, Forward, Voicemail, and SharedVoicemail. The default value is DisconnectWithBusy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"DisconnectWithBusy"</code>, <code>"Forward"</code>, <code>"SharedVoicemail"</code>, <code>"Voicemail"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Cc][Oo][Nn][Nn][Ee][Cc][Tt][Ww][Ii][Tt][Hh][Bb][Uu][Ss][Yy]|[Ff][Oo][Rr][Ww][Aa][Rr][Dd]|[Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll]|[Ss][Hh][Aa][Rr][Ee][Dd][Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowActionTarget</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowActionTarget parameter represents the target of the overflow action. If the OverFlowAction is set to Forward, this parameter must be set to a Guid or a telephone number with a mandatory 'tel:' prefix. If the OverflowAction is set to SharedVoicemail, this parameter must be set to a group ID (Microsoft 365, Distribution list, or Mail-enabled security). Otherwise, this parameter is optional.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowThreshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The OverflowThreshold parameter defines the number of calls that can be in the queue at any one time before the overflow action is triggered. The OverflowThreshold can be any integer value between 0 and 200, inclusive. A value of 0 causes calls not to reach agents and the overflow action to be taken immediately.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutAction</span> </div> <div class="desc-html"><p>The TimeoutAction parameter defines the action to take if the timeout threshold is reached. The TimeoutAction property must be set to one of the following values: Disconnect, Forward, Voicemail, and SharedVoicemail. The default value is Disconnect.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disconnect"</code>, <code>"Forward"</code>, <code>"SharedVoicemail"</code>, <code>"Voicemail"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Cc][Oo][Nn][Nn][Ee][Cc][Tt]|[Ff][Oo][Rr][Ww][Aa][Rr][Dd]|[Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll]|[Ss][Hh][Aa][Rr][Ee][Dd][Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutActionTarget</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutActionTarget represents the target of the timeout action. If the TimeoutAction is set to Forward, this parameter must be set to a Guid or a telephone number with a mandatory 'tel:' prefix. If the TimeoutAction is set to SharedVoicemail, this parameter must be set to an Office 365 Group ID. Otherwise, this field is optional.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutThreshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The TimeoutThreshold parameter defines the time (in seconds) that a call can be in the queue before that call times out. At that point, the system will take the action specified by the TimeoutAction parameter. The TimeoutThreshold can be any integer value between 0 and 2700 seconds (inclusive), and is rounded to the nearest 15th interval. For example, if set to 47 seconds, then it is rounded down to 45. If set to 0, welcome music is played, and then the timeout action will be taken.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoutingMethod</span> </div> <div class="desc-html"><p>The RoutingMethod defines how agents will be called in a Call Queue. If the routing method is set to Serial, then agents will be called one at a time. If the routing method is set to Attendant, then agents will be called in parallel. If routing method is set to RoundRobin, the agents will be called using Round Robin strategy so that all agents share the call-load equally. If routing method is set to LongestIdle, the agents will be called based on their idle time, i.e., the agent that has been idle for the longest period will be called.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Attendant"</code>, <code>"LongestIdle"</code>, <code>"RoundRobin"</code>, <code>"Serial"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Tt][Tt][Ee][Nn][Dd][Aa][Nn][Tt]|[Ss][Ee][Rr][Ii][Aa][Ll]|[Rr][Oo][Uu][Nn][Dd][Rr][Oo][Bb][Ii][Nn]|[Ll][Oo][Nn][Gg][Ee][Ss][Tt][Ii][Dd][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PresenceBasedRouting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The PresenceBasedRouting parameter indicates whether or not presence based routing will be applied while call being routed to Call Queue agents. When set to False, calls will be routed to agents who have opted in to receive calls, regardless of their presence state. When set to True, opted-in agents will receive calls only when their presence state is Available.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConferenceMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ConferenceMode parameter indicates whether or not Conference mode will be applied on calls for this Call queue. Conference mode significantly reduces the amount of time it takes for a caller to be connected to an agent, after the agent accepts the call.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Users</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Users parameter lets you add agents to the Call Queue. This parameter expects a list of user unique identifiers (GUID).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LanguageId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The LanguageId parameter indicates the language that is used to play shared voicemail prompts. This parameter becomes a required parameter If either OverflowAction or TimeoutAction is set to SharedVoicemail. You can query the supported languages using the Get-CsAutoAttendantSupportedLanguage cmdlet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OboResourceAccountIds</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The OboResourceAccountIds parameter lets you add resource account with phone number to the Call Queue. The agents in the Call Queue will be able to make outbound calls using the phone number on the resource accounts. This is a list of resource account GUIDs. Only Call Queue managed by a Teams Channel will be able to use this feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowDisconnectTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowDisconnectTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being disconnected due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowDisconnectAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowDisconnectAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being disconnected due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectPersonTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectPersonTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to a person in the organization due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectPersonAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectPersonAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to a person in the organization due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectVoiceAppTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectVoiceAppsTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to a voice application due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectVoiceAppAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectVoiceAppAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to a voice application due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectPhoneNumberTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectPhoneNumberTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to an external PSTN phone number due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectPhoneNumberAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectPhoneNumberAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to an external PSTN phone number due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectVoicemailTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectVoicemailTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to a person's voicemail due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowRedirectVoicemailAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectVoiceMailAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to a person's voicemail due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowSharedVoicemailTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowRedirectVoicemailTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to a person's voicemail due to overflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OverflowSharedVoicemailAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The OverflowSharedVoicemailAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is to be played as a greeting to the caller when transferred to shared voicemail on overflow. This parameter becomes a required parameter when OverflowAction is SharedVoicemail and OverflowSharedVoicemailTextToSpeechPrompt is null.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableOverflowSharedVoicemailTranscription</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableOverflowSharedVoicemailTranscription parameter is used to turn on transcription for voicemails left by a caller on overflow. This parameter is only applicable when OverflowAction is set to SharedVoicemail.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutDisconnectTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutDisconnectTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being disconnected due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutDisconnectAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutDisconnectAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being disconnected due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectPersonTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectPersonTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to a person in the organization due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectPersonAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectPersonAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to a person in the organization due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectVoiceAppTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectVoiceAppsTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to a voice application due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectVoiceAppAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectVoiceAppAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to a voice application due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectPhoneNumberTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectPhoneNumberTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to an external PSTN phone number due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectPhoneNumberAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectPhoneNumberAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to an external PSTN phone number due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectVoicemailTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectVoicemailTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is played to the caller when being redirected to a person's voicemail due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutRedirectVoicemailAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutRedirectVoiceMailAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is played to the caller when being redirected to a person's voicemail due to timeout.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutSharedVoicemailTextToSpeechPrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutSharedVoicemailTextToSpeechPrompt parameter indicates the Text-to-Speech (TTS) prompt which is to be played as a greeting to the caller when transferred to shared voicemail on timeout. This parameter becomes a required parameter when TimeoutAction is SharedVoicemail and TimeoutSharedVoicemailAudioFilePrompt is null.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeoutSharedVoicemailAudioFilePrompt</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TimeoutSharedVoicemailAudioFilePrompt parameter indicates the unique identifier for the Audio file prompt which is to be played as a greeting to the caller when transferred to shared voicemail on timeout. This parameter becomes a required parameter when TimeoutAction is SharedVoicemail and TimeoutSharedVoicemailTextToSpeechPrompt is null.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableTimeoutSharedVoicemailTranscription</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableTimeoutSharedVoicemailTranscription parameter is used to turn on transcription for voicemails left by a caller on timeout. This parameter is only applicable when TimeoutAction is set to SharedVoicemail.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ChannelId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the channel to connect a call queue to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ChannelUserObjectId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Guid should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx). This is the GUID of one of the owners of the team the channels belongs to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthorizedUsers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This is a list of GUIDs for users who are authorized to make changes to this call queue. The users must also have a TeamsVoiceApplications policy assigned. The GUID should contain 32 digits with 4 dashes (xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Team Message Policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.channelspolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.channelspolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams Channel Policy.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/teams-policies">https://docs.microsoft.com/en-us/microsoftteams/teams-policies</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Channel Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Channel Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowChannelSharingToExternalUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to share a shared channel with an external user. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowOrgWideTeamCreation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to create an org-wide team. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnablePrivateTeamDiscovery</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to discover private teams in suggestions and search results. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPrivateChannelCreation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to create a private channel. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSharedChannelCreation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to create a shared channel. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserToParticipateInExternalSharedChannel</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to participate in a shared channel that has been shared by an external user. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.channel"> <div class="definition-header"> <span class="def-name">microsoft.teams.channel</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to add and update channels in existing Teams.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Current channel name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the team the Channel belongs to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupID</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Team group ID, only used to target a Team when duplicated display names occurs.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NewDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Used to update current channel name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Channel description</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Team channel exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.channeltab"> <div class="definition-header"> <span class="def-name">microsoft.teams.channeltab</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a new Custom tab in a Channel.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display Name of the Channel Tab.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display Name of the Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ChannelName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display Name of the Channel.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Unique Id of the Team of the instance on the source tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsApp</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Teams App associated with the custom tab.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SortOrderIndex</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Index of the sort order for the custom tab.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebSiteUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Url of the website linked to the Channel Tab.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Url of the content linked to the Channel Tab.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Url of the location used to remove the app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EntityId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Entity linked to the Channel Tab.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Tab exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.clientconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.clientconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams client settings.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/enable-features-office-365#teams-settings-and-teams-upgrade-settings-in-the-microsoft-teams-admin-center">https://docs.microsoft.com/en-us/microsoftteams/enable-features-office-365#teams-settings-and-teams-upgrade-settings-in-the-microsoft-teams-admin-center</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The only valid input is Global - the tenant wide configuration</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Global"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowBox</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Designates whether users are able to leverage Box as a third party storage solution in Microsoft Teams. If $true, users will be able to add Box in the client and interact with the files stored there.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDropBox</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Designates whether users are able to leverage DropBox as a third party storage solution in Microsoft Teams. If $true, users will be able to add DropBox in the client and interact with the files stored there.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEmailIntoChannel</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to $true, mail hooks are enabled, and users can post messages to a channel by sending an email to the email address of Teams channel.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGoogleDrive</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Designates whether users are able to leverage GoogleDrive as a third party storage solution in Microsoft Teams. If $true, users will be able to add Google Drive in the client and interact with the files stored there.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGuestUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Designates whether or not guest users in your organization will have access to the Teams client. If $true, guests in your tenant will be able to access the Teams client. Note that this setting has a core dependency on Guest Access being enabled in your Office 365 tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowOrganizationTab</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to $true, users will be able to see the organizational chart icon other users' contact cards, and when clicked, this icon will display the detailed organizational chart.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowResourceAccountSendMessage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Surface Hub uses a device account to provide email and collaboration services (IM, video, voice). This device account is used as the originating identity (the from party) when sending email, IM, and placing calls. As this account is not coming from an individual, identifiable user, it is deemed anonymous because it originated from the Surface Hub's device account. If set to $true, these device accounts will be able to send chat messages in Skype for Business Online (does not apply to Microsoft Teams).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowScopedPeopleSearchandAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set to $true, the Exchange address book policy (ABP) will be used to provide customized view of the global address book for each user. This is only a virtual separation and not a legal separation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowShareFile</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Designates whether users are able to leverage ShareFile as a third party storage solution in Microsoft Teams. If $true, users will be able to add ShareFile in the client and interact with the files stored there.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSkypeBusinessInterop</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to $true, Teams conversations automatically show up in Skype for Business for users that aren't enabled for Teams.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEgnyte</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Designates whether users are able to leverage Egnyte as a third party storage solution in Microsoft Teams. If $true, users will be able to add Egnyte in the client and interact with the files stored there.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentPin</span> </div> <div class="desc-html"><p>This setting applies only to Skype for Business Online (not Microsoft Teams) and defines whether the user must provide a secondary form of authentication to access the meeting content from a resource device account. Meeting content is defined as files that are shared to the Content Bin - files that have been attached to the meeting.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AlwaysRequired"</code>, <code>"NotRequired"</code>, <code>"RequiredOutsideScheduleMeeting"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd][Oo][Uu][Tt][Ss][Ii][Dd][Ee][Ss][Cc][Hh][Ee][Dd][Uu][Ll][Ee][Mm][Ee][Ee][Tt][Ii][Nn][Gg]|[Aa][Ll][Ww][Aa][Yy][Ss][Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ResourceAccountContentAccess</span> </div> <div class="desc-html"><p>Require a secondary form of authentication to access meeting content.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"FullAccess"</code>, <code>"NoAccess"</code>, <code>"PartialAccess"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Aa][Cc][Cc][Ee][Ss][Ss]|[Pp][Aa][Rr][Tt][Ii][Aa][Ll][Aa][Cc][Cc][Ee][Ss][Ss]|[Ff][Uu][Ll][Ll][Aa][Cc][Cc][Ee][Ss][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictedSenderList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Senders domains can be further restricted to ensure that only allowed SMTP domains can send emails to the Teams channels. This is a comma-separated string of the domains you'd like to allow to send emails to Teams channels.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.compliancerecordingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.compliancerecordingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Creates a new Teams recording policy for governing automatic policy-based recording in your tenant. Automatic policy-based recording is only applicable to Microsoft Teams users.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier of the application instance of a policy-based recording application to be retrieved.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ComplianceRecordingApplications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>A list of application instances of policy-based recording applications to assign to this policy. The Id of each of these application instances must be the ObjectId of the application instance as obtained by the Get-CsOnlineApplicationInstance cmdlet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables administrators to provide explanatory text to accompany a Teams recording policy. For example, the Description might include information about the users the policy should be assigned to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableComplianceRecordingAudioNotificationForCalls</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Setting this attribute to true disables recording audio notifications for 1:1 calls that are under compliance recording.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Controls whether this Teams recording policy is active or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WarnUserOnRemoval</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This parameter is reserved for future use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.cortanapolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.cortanapolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>The CsTeamsCortanaPolicy resources enable administrators to control settings for Cortana voice assistant in Microsoft Teams.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier for Teams cortana policy you're creating.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CortanaVoiceInvocationMode</span> </div> <div class="desc-html"><p>The value of this field indicates if Cortana is enabled and mode of invocation.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"PushToTalkUserOverride"</code>, <code>"WakeWordPushToTalkUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Pp][Uu][Ss][Hh][Tt][Oo][Tt][Aa][Ll][Kk][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Ww][Aa][Kk][Ee][Ww][Oo][Rr][Dd][Pp][Uu][Ss][Hh][Tt][Oo][Tt][Aa][Ll][Kk][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Provide a description of your policy to identify purpose of creating it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.dialinconferencingtenantsettings"> <div class="definition-header"> <span class="def-name">microsoft.teams.dialinconferencingtenantsettings</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams User's Calling Settings.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://learn.microsoft.com/en-us/microsoftteams/user-call-settings">https://learn.microsoft.com/en-us/microsoftteams/user-call-settings</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only accepted value is Yes.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPSTNOnlyMeetingsByDefault</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies the default value that gets assigned to the 'AllowPSTNOnlyMeetings' setting of users when they are enabled for dial-in conferencing, or when a user's dial-in conferencing provider is set to Microsoft. If set to $true, the 'AllowPSTNOnlyMeetings' setting of the user will also be set to true. If $false, the user setting will be false. The default value for AllowPSTNOnlyMeetingsByDefault is $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticallyMigrateUserMeetings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Automatically Migrate User Meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticallyReplaceAcpProvider</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Automatically replace ACP Provider.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticallySendEmailsToUsers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether advisory emails will be sent to users when the events listed below occur. Setting the parameter to $true enables the emails to be sent, $false disables the emails. The default is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableDialOutJoinConfirmation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Dial out join confirmation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableEntryExitNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if, by default, announcements are made as users enter and exit a conference call. Set to $true to enable notifications, $false to disable notifications. The default is $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EntryExitAnnouncementsType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Supported entry and exit announcement type.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaskPstnNumbersType</span> </div> <div class="desc-html"><p>This parameter allows tenant administrators to configure masking of PSTN participant phone numbers in the roster view for Microsoft Teams meetings enabled for Audio Conferencing, scheduled within the organization. Possible values are MaskedForExternalUsers, MaskedForAllUsers or NoMasking</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"MaskedForAllUsers"</code>, <code>"MaskedForExternalUsers"</code>, <code>"NoMasking"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Aa][Ss][Kk][Ee][Dd][Ff][Oo][Rr][Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Uu][Ss][Ee][Rr][Ss]|[Mm][Aa][Ss][Kk][Ee][Dd][Ff][Oo][Rr][Aa][Ll][Ll][Uu][Ss][Ee][Rr][Ss]|[Nn][Oo][Mm][Aa][Ss][Kk][Ii][Nn][Gg])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the number of digits in the automatically generated PINs. Organizers can enter their PIN to start a meeting they scheduled if they join via phone and are the first person to join. The minimum value is 4, the maximum is 12, and the default is 5.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.emergencycallingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.emergencycallingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Emergency Calling Policies.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/manage-emergency-calling-policies">https://docs.microsoft.com/en-us/microsoftteams/manage-emergency-calling-policies</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Emergency Calling Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Emergency Calling Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnhancedEmergencyServiceDisclaimer</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Allows the tenant administrator to configure a text string, which is shown at the top of the Calls app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalLocationLookupMode</span> </div> <div class="desc-html"><p>Enables ExternalLocationLookupMode. This mode allows users to set Emergency addresses for remote locations.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationDialOutNumber</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>This parameter represents PSTN number which can be dialed out if NotificationMode is set to either of the two Conference values.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationGroup</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>NotificationGroup is a email list of users and groups to be notified of an emergency call.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationMode</span> </div> <div class="desc-html"><p>The type of conference experience for security desk notification.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ConferenceMuted"</code>, <code>"ConferenceUnMuted"</code>, <code>"NotificationOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Oo][Nn][Ll][Yy]|[Cc][Oo][Nn][Ff][Ee][Rr][Ee][Nn][Cc][Ee][Mm][Uu][Tt][Ee][Dd]|[Cc][Oo][Nn][Ff][Ee][Rr][Ee][Nn][Cc][Ee][Uu][Nn][Mm][Uu][Tt][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.emergencycallroutingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.emergencycallroutingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Emergency Call Routing Policies.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/manage-emergency-call-routing-policies">https://docs.microsoft.com/en-us/microsoftteams/manage-emergency-call-routing-policies</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Emergency Call Routing Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Emergency Call Routing Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmergencyNumbers</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Emergency number(s) associated with the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEnhancedEmergencyServices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Flag to enable Enhanced Emergency Services</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.enhancedencryptionpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.enhancedencryptionpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Use this resource to create a new Teams enhanced encryption policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier assigned to the Teams enhanced encryption policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CallingEndtoEndEncryptionEnabledType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Determines whether End-to-end encrypted calling is available for the user in Teams. Set this to DisabledUserOverride to allow user to turn on End-to-end encrypted calls. Set this to Disabled to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables administrators to provide explanatory text to accompany a Teams enhanced encryption policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MeetingEndToEndEncryption</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.eventspolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.eventspolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Events Policies.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Events Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Events Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEmailEditing</span> </div> <div class="desc-html"><p>This setting governs if a user is allowed to edit the communication emails in Teams Town Hall or Teams Webinar events.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEventIntegrations</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This setting governs access to the integrations tab in the event creation workflow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowWebinars</span> </div> <div class="desc-html"><p>Determines if webinars are allowed by the policy or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTownhalls</span> </div> <div class="desc-html"><p>This setting governs if a user can create town halls using Teams Events.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedQuestionTypesInRegistrationForm</span> </div> <div class="desc-html"><p>This setting governs which users in a tenant can add which registration form questions to an event registration page for attendees to answer when registering for the event.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AllQuestions"</code>, <code>"DefaultAndPredefinedOnly"</code>, <code>"DefaultOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt][Oo][Nn][Ll][Yy]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt][Aa][Nn][Dd][Pp][Rr][Ee][Dd][Ee][Ff][Ii][Nn][Ee][Dd][Oo][Nn][Ll][Yy]|[Aa][Ll][Ll][Qq][Uu][Ee][Ss][Tt][Ii][Oo][Nn][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedTownhallTypesForRecordingPublish</span> </div> <div class="desc-html"><p>This setting describes how IT admins can control which types of Town Hall attendees can have their recordings published.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Everyone"</code>, <code>"EveryoneInCompanyIncludingGuests"</code>, <code>"InviteOnly"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ii][Nn][Vv][Ii][Tt][Ee][Oo][Nn][Ll][Yy]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy][Ii][Nn][Cc][Ll][Uu][Dd][Ii][Nn][Gg][Gg][Uu][Ee][Ss][Tt][Ss]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedWebinarTypesForRecordingPublish</span> </div> <div class="desc-html"><p>This setting describes how IT admins can control which types of webinar attendees can have their recordings published.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Everyone"</code>, <code>"EveryoneInCompanyIncludingGuests"</code>, <code>"InviteOnly"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ii][Nn][Vv][Ii][Tt][Ee][Oo][Nn][Ll][Yy]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy][Ii][Nn][Cc][Ll][Uu][Dd][Ii][Nn][Gg][Gg][Uu][Ee][Ss][Tt][Ss]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EventAccessType</span> </div> <div class="desc-html"><p>Defines who is allowed to join the event.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Everyone"</code>, <code>"EveryoneInCompanyExcludingGuests"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy][Ee][Xx][Cc][Ll][Uu][Dd][Ii][Nn][Gg][Gg][Uu][Ee][Ss][Tt][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TownhallChatExperience</span> </div> <div class="desc-html"><p>This setting governs whether the user can enable the Comment Stream chat experience for Town Halls.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"None"</code>, <code>"Optimized"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Tt][Ii][Mm][Ii][Zz][Ee][Dd]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseMicrosoftECDN</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This setting governs whether the global admin disables this property and prevents the organizers from creating town halls that use Microsoft eCDN even though they have been assigned a Teams Premium license.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.federationconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.federationconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams Federation Configuration (CsTenantFederationConfiguration). In the Teams admin center this is available in 'External access' in the Users section.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/manage-external-access">https://docs.microsoft.com/en-us/microsoftteams/manage-external-access</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The only valid input is Global - the tenant wide configuration</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Global"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowFederatedUsers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to True users will be potentially allowed to communicate with users from other domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of federated domains to allow.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of federated domains to block.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPublicUsers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to True users will be potentially allowed to communicate with users who have accounts on public IM and presence providers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTeamsConsumer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows federation with people using Teams with an account that's not managed by an organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTeamsConsumerInbound</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows people using Teams with an account that's not managed by an organization, to discover and start communication with users in your organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalAccessWithTrialTenants</span> </div> <div class="desc-html"><p>When set to Blocked, all external access with users from Teams subscriptions that contain only trial licenses will be blocked. This means users from these trial-only tenants will not be able to reach to your users via chats, Teams calls, and meetings (using the users authenticated identity) and your users will not be able to reach users in these trial-only tenants. If this setting is set to Blocked, users from the trial-only tenant will also be removed from existing chats.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Allowed"</code>, <code>"Blocked"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TreatDiscoveredPartnersAsUnverified</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to True, messages sent from discovered partners are considered unverified. That means that those messages will be delivered only if they were sent from a person who is on the recipient's Contacts list.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharedSipAddressSpace</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to True, indicates that the users homed on Skype for Business Online use the same SIP domain as users homed on the on-premises version of Skype for Business Server.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictTeamsConsumerToExternalUserProfiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When set to True, Teamsconsumer have access only to external user profiles</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.feedbackpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.feedbackpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>New-CsTeamsFeedbackPolicy [-Identity] <string> [-UserInitiatedMode <string>] [-ReceiveSurveysMode <string>] [-AllowScreenshotCollection <bool>] [-AllowEmailCollection <bool>] [-AllowLogCollection <bool>] [-EnableFeatureSuggestions <bool>] [-Force] [-WhatIf] [-Confirm] [<CommonParameters>]</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specify the name of the Teams Feedback Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserInitiatedMode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies if users are allowed to give feedback.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReceiveSurveysMode</span> </div> <div class="desc-html"><p>Specifies if users are allowed to receive the survey.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"EnabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowScreenshotCollection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if Screenshot Collection is enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEmailCollection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if Email Collection is enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowLogCollection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if Log Collection is enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableFeatureSuggestions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if users are allowed to provide feature suggestions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.filespolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.filespolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>New-CsTeamsFilesPolicy [-Identity] <string> [-NativeFileEntryPoints <string>] [-SPChannelFilesTab <string>] [-MsftInternalProcessingMode <string>] [-WhatIf] [-Confirm] [<CommonParameters>]</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the policy instance name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NativeFileEntryPoints</span> </div> <div class="desc-html"><p>Specifies whether users see the options to upload files from OneDrive for Business, other cloud storage services configured for the user account, and SharePoint Online</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SPChannelFilesTab</span> </div> <div class="desc-html"><p>Specifies whether users see the Teams Files channel tab in any channel or in Teams chat.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.grouppolicyassignment"> <div class="definition-header"> <span class="def-name">microsoft.teams.grouppolicyassignment</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to assign Teams policy to a specified group</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupDisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Group Displayname of the group the policies are assigned to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyType</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Teams PolicyType. The type of the policy to be assigned. Possible values:</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ApplicationAccessPolicy"</code>, <code>"CallingLineIdentity"</code>, <code>"ExternalAccessPolicy"</code>, <code>"OnlineAudioConferencingRoutingPolicy"</code>, <code>"OnlineVoicemailPolicy"</code>, <code>"OnlineVoiceRoutingPolicy"</code>, <code>"TeamsAppSetupPolicy"</code>, <code>"TeamsAudioConferencingPolicy"</code>, <code>"TeamsCallHoldPolicy"</code>, <code>"TeamsCallingPolicy"</code>, <code>"TeamsCallParkPolicy"</code>, <code>"TeamsChannelsPolicy"</code>, <code>"TeamsComplianceRecordingPolicy"</code>, <code>"TeamsCortanaPolicy"</code>, <code>"TeamsEmergencyCallingPolicy"</code>, <code>"TeamsEnhancedEncryptionPolicy"</code>, <code>"TeamsEventsPolicy"</code>, <code>"TeamsFeedbackPolicy"</code>, <code>"TeamsFilesPolicy"</code>, <code>"TeamsIPPhonePolicy"</code>, <code>"TeamsMediaLoggingPolicy"</code>, <code>"TeamsMeetingBrandingPolicy"</code>, <code>"TeamsMeetingBroadcastPolicy"</code>, <code>"TeamsMeetingPolicy"</code>, <code>"TeamsMeetingTemplatePermissionPolicy"</code>, <code>"TeamsMessagingPolicy"</code>, <code>"TeamsMobilityPolicy"</code>, <code>"TeamsRoomVideoTeleConferencingPolicy"</code>, <code>"TeamsShiftsPolicy"</code>, <code>"TeamsUpdateManagementPolicy"</code>, <code>"TeamsVdiPolicy"</code>, <code>"TeamsVerticalPackagePolicy"</code>, <code>"TeamsVideoInteropServicePolicy"</code>, <code>"TenantDialPlan"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Pp][Pp][Ll][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Aa][Cc][Cc][Ee][Ss][Ss][Pp][Oo][Ll][Ii][Cc][Yy]|[Cc][Aa][Ll][Ll][Ii][Nn][Gg][Ll][Ii][Nn][Ee][Ii][Dd][Ee][Nn][Tt][Ii][Tt][Yy]|[Oo][Nn][Ll][Ii][Nn][Ee][Aa][Uu][Dd][Ii][Oo][Cc][Oo][Nn][Ff][Ee][Rr][Ee][Nn][Cc][Ii][Nn][Gg][Rr][Oo][Uu][Tt][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Oo][Nn][Ll][Ii][Nn][Ee][Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll][Pp][Oo][Ll][Ii][Cc][Yy]|[Oo][Nn][Ll][Ii][Nn][Ee][Vv][Oo][Ii][Cc][Ee][Rr][Oo][Uu][Tt][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Aa][Uu][Dd][Ii][Oo][Cc][Oo][Nn][Ff][Ee][Rr][Ee][Nn][Cc][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Cc][Aa][Ll][Ll][Hh][Oo][Ll][Dd][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Cc][Aa][Ll][Ll][Pp][Aa][Rr][Kk][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Cc][Hh][Aa][Nn][Nn][Ee][Ll][Ss][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Cc][Ee][Rr][Ee][Cc][Oo][Rr][Dd][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Cc][Oo][Rr][Tt][Aa][Nn][Aa][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Ee][Mm][Ee][Rr][Gg][Ee][Nn][Cc][Yy][Cc][Aa][Ll][Ll][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Ee][Nn][Hh][Aa][Nn][Cc][Ee][Dd][Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ii][Oo][Nn][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Ff][Ee][Ee][Dd][Bb][Aa][Cc][Kk][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Ff][Ii][Ll][Ee][Ss][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Ii][Pp][Pp][Hh][Oo][Nn][Ee][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Mm][Ee][Dd][Ii][Aa][Ll][Oo][Gg][Gg][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Mm][Ee][Ee][Tt][Ii][Nn][Gg][Bb][Rr][Oo][Aa][Dd][Cc][Aa][Ss][Tt][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Mm][Ee][Ee][Tt][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Mm][Ee][Ss][Ss][Aa][Gg][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Mm][Oo][Bb][Ii][Ll][Ii][Tt][Yy][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Rr][Oo][Oo][Mm][Vv][Ii][Dd][Ee][Oo][Tt][Ee][Ll][Ee][Cc][Oo][Nn][Ff][Ee][Rr][Ee][Nn][Cc][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Ss][Hh][Ii][Ff][Tt][Ss][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Uu][Pp][Dd][Aa][Tt][Ee][Mm][Aa][Nn][Aa][Gg][Ee][Mm][Ee][Nn][Tt][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Vv][Dd][Ii][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Vv][Ii][Dd][Ee][Oo][Ii][Nn][Tt][Ee][Rr][Oo][Pp][Ss][Ee][Rr][Vv][Ii][Cc][Ee][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Nn][Aa][Nn][Tt][Dd][Ii][Aa][Ll][Pp][Ll][Aa][Nn]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Aa][Cc][Cc][Ee][Ss][Ss][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Aa][Pp][Pp][Ss][Ee][Tt][Uu][Pp][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Cc][Aa][Ll][Ll][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Ee][Vv][Ee][Nn][Tt][Ss][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Mm][Ee][Ee][Tt][Ii][Nn][Gg][Bb][Rr][Aa][Nn][Dd][Ii][Nn][Gg][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Mm][Ee][Ee][Tt][Ii][Nn][Gg][Tt][Ee][Mm][Pp][Ll][Aa][Tt][Ee][Pp][Ee][Rr][Mm][Ii][Ss][Ss][Ii][Oo][Nn][Pp][Oo][Ll][Ii][Cc][Yy]|[Tt][Ee][Aa][Mm][Ss][Vv][Ee][Rr][Tt][Ii][Cc][Aa][Ll][Pp][Aa][Cc][Kk][Aa][Gg][Ee][Pp][Oo][Ll][Ii][Cc][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>GroupId, alternatively to Group Displayname</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Teams PolicyName. The name of the policy to be assigned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Teams Priority. The rank of the policy assignment, relative to other group policy assignments for the same policy type</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the group policy assignment exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.guestcallingconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.guestcallingconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams guest calling configuration.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/set-up-guests">https://docs.microsoft.com/en-us/microsoftteams/set-up-guests</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The only valid input is Global - the tenant wide configuration</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Global"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPrivateCalling</span> <span class="type-badge">boolean</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Designates whether guests who have been enabled for Teams can use calling functionality. If $false, guests cannot call.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.guestmeetingconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.guestmeetingconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams Guest Meetings Configuration.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/set-up-guests">https://docs.microsoft.com/en-us/microsoftteams/set-up-guests</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The only valid input is Global - the tenant wide configuration</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Global"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowIPVideo</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow guests to share their video. Set this to FALSE to prohibit guests from sharing their video.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LiveCaptionsEnabledType</span> </div> <div class="desc-html"><p>Determines whether real-time captions are available for guests in Teams meetings.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"DisabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenSharingMode</span> </div> <div class="desc-html"><p>Determines the mode in which guests can share a screen in calls or meetings. Set this to SingleApplication to allow the user to share an application at a given point in time. Set this to EntireScreen to allow the user to share anything on their screens. Set this to Disabled to prohibit the user from sharing their screens.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"EntireScreen"</code>, <code>"SingleApplication"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Tt][Ii][Rr][Ee][Ss][Cc][Rr][Ee][Ee][Nn]|[Ss][Ii][Nn][Gg][Ll][Ee][Aa][Pp][Pp][Ll][Ii][Cc][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMeetNow</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether guests can start ad-hoc meetings. Set this to TRUE to allow guests to start ad-hoc meetings. Set this to FALSE to prohibit guests from starting ad-hoc meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTranscription</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether guests can enable post-meeting captions and transcriptions in meetings. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.guestmessagingconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.guestmessagingconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams Guest Messaging Configuration.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/set-up-guests">https://docs.microsoft.com/en-us/microsoftteams/set-up-guests</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The only valid input is Global - the tenant wide configuration</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Global"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserEditMessage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if a user is allowed to edit their own messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserDeleteMessage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if a user is allowed to delete their own messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserChat</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if a user is allowed to chat.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserDeleteChat</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Turn this setting on to allow users to permanently delete their one-on-one chat, group chat, and meeting chat as participants (this deletes the chat only for them, not other users in the chat).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GiphyRatingType</span> </div> <div class="desc-html"><p>Determines Giphy content restrictions. Default value is Moderate, other options are Strict and NoRestriction.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Moderate"</code>, <code>"NoRestriction"</code>, <code>"Strict"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Oo][Dd][Ee][Rr][Aa][Tt][Ee]|[Ss][Tt][Rr][Ii][Cc][Tt]|[Nn][Oo][Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMemes</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if memes are available for use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowStickers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if stickers are available for use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGiphy</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if Giphy are available for use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowImmersiveReader</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if Immersive Reader is enabled.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.ipphonepolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.ipphonepolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>New-CsTeamsIPPhonePolicy allows you to create a policy to manage features related to Teams phone experiences. Teams phone policies determine the features that are available to users.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the policy instance name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowBetterTogether</span> </div> <div class="desc-html"><p>Determines whether Better Together mode is enabled, phones can lock and unlock in an integrated fashion when connected to their Windows PC running a 64-bit Teams desktop client.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowHomeScreen</span> </div> <div class="desc-html"><p>Determines whether the Home Screen feature of the Teams IP Phones is enabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"EnabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowHotDesking</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether hot desking mode is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the description of the policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HotDeskingIdleTimeoutInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the idle timeout value in minutes for the signed in user account. When the timeout is reached, the account is logged out.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchOnCommonAreaPhoneMode</span> </div> <div class="desc-html"><p>Determines whether a user can search the Global Address List in Common Area Phone Mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignInMode</span> </div> <div class="desc-html"><p>Determines the sign in mode for the device when signing in to Teams.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"CommonAreaPhoneSignIn"</code>, <code>"MeetingSignIn"</code>, <code>"UserSignIn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Ss][Ii][Gg][Nn][Ii][Nn]|[Cc][Oo][Mm][Mm][Oo][Nn][Aa][Rr][Ee][Aa][Pp][Hh][Oo][Nn][Ee][Ss][Ii][Gg][Nn][Ii][Nn]|[Mm][Ee][Ee][Tt][Ii][Nn][Gg][Ss][Ii][Gg][Nn][Ii][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.meetingbroadcastconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.meetingbroadcastconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams Meeting Broadcast Settings.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/teams-live-events/configure-teams-live-events">https://docs.microsoft.com/en-us/microsoftteams/teams-live-events/configure-teams-live-events</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The only valid input is Global - the tenant wide configuration</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Global"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies a URL where broadcast event attendees can find support information or FAQs specific to that event. The URL will be displayed to the attendees during the broadcast.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSdnProviderForBroadcastMeeting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set to $true, Teams meeting broadcast streams are enabled to take advantage of the network and bandwidth management capabilities of your Software Defined Network (SDN) provider.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SdnProviderName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the Software Defined Network (SDN) provider's name. This parameter is only required if AllowSdnProviderForBroadcastMeeting is set to $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SdnLicenseId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the Software Defined Network (SDN) license identifier. This is required and provided by some SDN providers. This parameter is only required if AllowSdnProviderForBroadcastMeeting is set to $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SdnApiTemplateUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the Software Defined Network (SDN) provider's HTTP API endpoint. This information is provided to you by the SDN provider. This parameter is only required if AllowSdnProviderForBroadcastMeeting is set to $true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SdnApiToken</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the Software Defined Network (SDN) provider's authentication token which is required to use their SDN license. This is required by some SDN providers who will give you the required token. This parameter is only required if AllowSdnProviderForBroadcastMeeting is set to $true.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.meetingbroadcastpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.meetingbroadcastpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams Meeting Broadcast Policies.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/teams-live-events/set-up-for-teams-live-events">https://docs.microsoft.com/en-us/microsoftteams/teams-live-events/set-up-for-teams-live-events</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The identifier of the Teams Meeting Broadcast Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowBroadcastScheduling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether this user can create broadcast events in Teams. This setting impacts broadcasts that use both self-service and external encoder production methods.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowBroadcastTranscription</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether real-time transcription and translation can be enabled in the broadcast event. Note: this setting is applicable to broadcast events that use Teams Meeting production only and does not apply when external encoder is used as production method.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BroadcastAttendeeVisibilityMode</span> </div> <div class="desc-html"><p>Specifies the attendee visibility mode of the broadcast events created by this user. This setting controls who can watch the broadcast event - e.g. anyone can watch this event including anonymous users or only authenticated users in my company can watch the event. Note: this setting is applicable to broadcast events that use Teams Meeting production only and does not apply when external encoder is used as production method.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Everyone"</code>, <code>"EveryoneInCompany"</code>, <code>"EveryoneInCompanyAndExternal"</code>, <code>"InvitedUsersInCompany"</code>, <code>"InvitedUsersInCompanyAndExternal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy]|[Ii][Nn][Vv][Ii][Tt][Ee][Dd][Uu][Ss][Ee][Rr][Ss][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy][Aa][Nn][Dd][Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll]|[Ii][Nn][Vv][Ii][Tt][Ee][Dd][Uu][Ss][Ee][Rr][Ss][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy][Aa][Nn][Dd][Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BroadcastRecordingMode</span> </div> <div class="desc-html"><p>Specifies whether broadcast events created by this user are always recorded, never recorded or user can choose whether to record or not. Note: this setting is applicable to broadcast events that use Teams Meeting production only and does not apply when external encoder is used as production method.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AlwaysDisabled"</code>, <code>"AlwaysEnabled"</code>, <code>"UserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ww][Aa][Yy][Ss][Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Aa][Ll][Ww][Aa][Yy][Ss][Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.meetingconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.meetingconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams Meeting Configuration.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/meeting-settings-in-teams">https://docs.microsoft.com/en-us/microsoftteams/meeting-settings-in-teams</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The only valid input is Global - the tenant wide configuration</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Global"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Ll][Oo][Bb][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LogoURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>URL to a logo image. This would be included in the meeting invite. Please ensure this URL is publicly accessible for invites that go beyond your federation boundaries.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LegalURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>URL to a website containing legal information and meeting disclaimers. This would be included in the meeting invite. Please ensure this URL is publicly accessible for invites that go beyond your federation boundaries.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HelpURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>URL to a website where users can obtain assistance on joining the meeting.This would be included in the meeting invite. Please ensure this URL is publicly accessible for invites that go beyond your federation boundaries.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomFooterText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Text to be used on custom meeting invitations.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableAnonymousJoin</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether anonymous users are blocked from joining meetings in the tenant. Set this to TRUE to block anonymous users from joining. Set this to FALSE to allow anonymous users to join meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableQoS</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether Quality of Service Marking for real-time media (audio, video, screen/app sharing) is enabled in the tenant. Set this to TRUE to enable and FALSE to disable.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientAudioPort</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the starting port number for client audio. Minimum allowed value: 1024 Maximum allowed value: 65535 Default value: 50000.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientAudioPortRange</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the total number of ports available for client audio. Default value is 20.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientVideoPort</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the starting port number for client video. Minimum allowed value: 1024 Maximum allowed value: 65535 Default value: 50020.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientVideoPortRange</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the total number of ports available for client video. Default value is 20.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientAppSharingPort</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the starting port number for client screen sharing or application sharing. Minimum allowed value: 1024 Maximum allowed value: 65535 Default value: 50040.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientMediaPortRangeEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether custom media port and range selections need to be enforced. When set to True, clients will use the specified port range for media traffic. When set to False (the default value) for any available port (from port 1024 through port 65535) will be used to accommodate media traffic.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClientAppSharingPortRange</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the total number of ports available for client sharing or application sharing. Default value is 20.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.meetingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.meetingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Meeting Policies.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/meeting-policies-overview">https://docs.microsoft.com/en-us/microsoftteams/meeting-policies-overview</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Meeting Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Meeting Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowChannelMeetingScheduling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user can schedule channel meetings. Set this to TRUE to allow a user to schedule channel meetings. Set this to FALSE to prohibit the user from scheduling channel meetings. Note this only restricts from scheduling and not from joining a meeting scheduled by another user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMeetNow</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user can start ad-hoc meetings. Set this to TRUE to allow a user to start ad-hoc meetings. Set this to FALSE to prohibit the user from starting ad-hoc meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPrivateMeetNow</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user can start private ad-hoc meetings. Set this to TRUE to allow a user to start private ad-hoc meetings. Set this to FALSE to prohibit the user from starting private ad-hoc meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MeetingChatEnabledType</span> </div> <div class="desc-html"><p>Determines whether or not Chat will be enabled, enabled except anonymous or disabled for meetings.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"EnabledExceptAnonymous"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Ee][Xx][Cc][Ee][Pp][Tt][Aa][Nn][Oo][Nn][Yy][Mm][Oo][Uu][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LiveCaptionsEnabledType</span> </div> <div class="desc-html"><p>Determines whether a user should have the option to view live captions or not in a meeting.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"DisabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowIPAudio</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether audio is enabled in a user's meetings or calls. Set this to TRUE to allow the user to share their audioo. Set this to FALSE to prohibit the user from sharing their audio.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowIPVideo</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow the user to share their video. Set this to FALSE to prohibit the user from sharing their video.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowEngagementReport</span> </div> <div class="desc-html"><p>Determines whether or not a meeting Organizer can track join and leave times for all users within their meetings as well as download a roster.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IPAudioMode</span> </div> <div class="desc-html"><p>Determines whether or not a user can use audio in a meeting that supports it.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"EnabledOutgoingIncoming"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd][Oo][Uu][Tt][Gg][Oo][Ii][Nn][Gg][Ii][Nn][Cc][Oo][Mm][Ii][Nn][Gg]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IPVideoMode</span> </div> <div class="desc-html"><p>Determines whether or not a user can use video in a meeting that supports it. Can only be enabled if IPAudioMode is enabled</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"EnabledOutgoingIncoming"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd][Oo][Uu][Tt][Gg][Oo][Ii][Nn][Gg][Ii][Nn][Cc][Oo][Mm][Ii][Nn][Gg]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowAnonymousUsersToDialOut</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>CURRENTLY DISABLED: Determines whether anonymous users can use the Call Me At feature for meeting audio.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowAnonymousUsersToStartMeeting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether anonymous users can initiate a meeting. Set this to TRUE to allow anonymous users to initiate a meeting. Set this to FALSE to prohibit them from initiating a meeting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPrivateMeetingScheduling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user can schedule private meetings. Set this to TRUE to allow a user to schedule private meetings. Set this to FALSE to prohibit the user from scheduling private meetings. Note this only restricts from scheduling and not from joining a meeting scheduled by another user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoAdmittedUsers</span> </div> <div class="desc-html"><p>Determines what types of participants will automatically be added to meetings organized by this user. Set this to EveryoneInCompany if you would like meetings to place every external user in the lobby but allow all users in the company to join the meeting immediately. Set this to Everyone if you'd like to admit anonymous users by default. Set this to EveryoneInSameAndFederatedCompany if you would like meetings to allow federated users to join like your company's users, but place all other external users in a lobby. Set this to InvitedUsers if you would like meetings to allow only the invited users.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Everyone"</code>, <code>"EveryoneInCompany"</code>, <code>"EveryoneInCompanyExcludingGuests"</code>, <code>"EveryoneInSameAndFederatedCompany"</code>, <code>"InvitedUsers"</code>, <code>"OrganizerOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Ss][Aa][Mm][Ee][Aa][Nn][Dd][Ff][Ee][Dd][Ee][Rr][Aa][Tt][Ee][Dd][Cc][Oo][Mm][Pp][Aa][Nn][Yy]|[Oo][Rr][Gg][Aa][Nn][Ii][Zz][Ee][Rr][Oo][Nn][Ll][Yy]|[Ii][Nn][Vv][Ii][Tt][Ee][Dd][Uu][Ss][Ee][Rr][Ss]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy][Ee][Xx][Cc][Ll][Uu][Dd][Ii][Nn][Gg][Gg][Uu][Ee][Ss][Tt][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPSTNUsersToBypassLobby</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether PSTN users should be automatically admitted to the meetings. Set this to TRUE to allow the PSTN user to be able bypass the meetinglobby. Set this to FALSE to prohibit the PSTN user from bypassing the meetinglobby.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCloudRecording</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether cloud recording is allowed in a user's meetings. Set this to TRUE to allow the user to be able to record meetings. Set this to FALSE to prohibit the user from recording meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowRecordingStorageOutsideRegion</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether cloud recording can be stored out of region for go-local tenants where recording is not yet enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DesignatedPresenterRoleMode</span> </div> <div class="desc-html"><p>Determines if users can change the default value of the Who can present? setting in Meeting options in the Teams client. This policy setting affects all meetings, including Meet Now meetings.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"EveryoneInCompanyUserOverride"</code>, <code>"EveryoneUserOverride"</code>, <code>"OrganizerOnlyUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Rr][Gg][Aa][Nn][Ii][Zz][Ee][Rr][Oo][Nn][Ll][Yy][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowOutlookAddIn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user can schedule Teams Meetings in Outlook desktop client. Set this to TRUE to allow the user to be able to schedule Teams meetings in Outlook client. Set this to FALSE to prohibit a user from scheduling Teams meeting in Outlook client.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPowerPointSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether Powerpoint sharing is allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowParticipantGiveRequestControl</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether participants can request or give control of screen sharing during meetings scheduled by this user. Set this to TRUE to allow the user to be able to give or request control. Set this to FALSE to prohibit the user from giving, requesting control in a meeting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowExternalParticipantGiveRequestControl</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether external participants can request or give control of screen sharing during meetings scheduled by this user. Set this to TRUE to allow the user to be able to give or request control. Set this to FALSE to prohibit an external user from giving or requesting control in a meeting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSharedNotes</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether users are allowed to take shared notes. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowWhiteboard</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether whiteboard is allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTranscription</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether real-time and/or post-meeting captions and transcriptions are allowed in a user's meetings. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaBitRateKb</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the media bit rate for audio/video/app sharing transmissions in meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenSharingMode</span> </div> <div class="desc-html"><p>Determines the mode in which a user can share a screen in calls or meetings. Set this to SingleApplication to allow the user to share an application at a given point in time. Set this to EntireScreen to allow the user to share anything on their screens. Set this to Disabled to prohibit the user from sharing their screens.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"EntireScreen"</code>, <code>"SingleApplication"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Ii][Nn][Gg][Ll][Ee][Aa][Pp][Pp][Ll][Ii][Cc][Aa][Tt][Ii][Oo][Nn]|[Ee][Nn][Tt][Ii][Rr][Ee][Ss][Cc][Rr][Ee][Ee][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VideoFiltersMode</span> </div> <div class="desc-html"><p>Determines which background filters are available to meeting attendees.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AllFilters"</code>, <code>"BlurAndDefaultBackgrounds"</code>, <code>"BlurOnly"</code>, <code>"NoFilters"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Ff][Ii][Ll][Tt][Ee][Rr][Ss]|[Bb][Ll][Uu][Rr][Oo][Nn][Ll][Yy]|[Bb][Ll][Uu][Rr][Aa][Nn][Dd][Dd][Ee][Ff][Aa][Uu][Ll][Tt][Bb][Aa][Cc][Kk][Gg][Rr][Oo][Uu][Nn][Dd][Ss]|[Aa][Ll][Ll][Ff][Ii][Ll][Tt][Ee][Rr][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowOrganizersToOverrideLobbySettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether organizers can override lobby settings for both VOIP and PSTN. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreferredMeetingProviderForIslandsMode</span> </div> <div class="desc-html"><p>Determines which Outlook Add-in the user will get as preferred Meeting provider(TeamsAndSfb or Teams).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Teams"</code>, <code>"TeamsAndSfb"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Tt][Ee][Aa][Mm][Ss][Aa][Nn][Dd][Ss][Ff][Bb]|[Tt][Ee][Aa][Mm][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowNDIStreaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is able to use NDI (Network Device Interface) in meetings - both for output and input streams.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserToJoinExternalMeeting</span> </div> <div class="desc-html"><p>Determines what types of external meetings users can join. Enabled is able join all external meetings.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"FederatedOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Ff][Ee][Dd][Ee][Rr][Aa][Tt][Ee][Dd][Oo][Nn][Ll][Yy]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnrollUserOverride</span> </div> <div class="desc-html"><p>Determines whether or not users will be able to enroll/capture their Biometric data: Face & Voice.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoomAttributeUserOverride</span> </div> <div class="desc-html"><p>Determines whether or not biometric data will be used to distinguish and or attribute in the transcript.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Attribute"</code>, <code>"Distinguish"</code>, <code>"Off"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Dd][Ii][Ss][Tt][Ii][Nn][Gg][Uu][Ii][Ss][Hh]|[Aa][Tt][Tt][Rr][Ii][Bb][Uu][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StreamingAttendeeMode</span> </div> <div class="desc-html"><p>Determines whether or not meetings created by users with this policy are able to utilize the meeting overflow capability.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsCameraFarEndPTZMode</span> </div> <div class="desc-html"><p>Determines whether or not meetings created by users with this policy are able to utilize the Camera Far-End PTZ Mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AutoAcceptAll"</code>, <code>"AutoAcceptInTenant"</code>, <code>"Disabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Aa][Uu][Tt][Oo][Aa][Cc][Cc][Ee][Pp][Tt][Ii][Nn][Tt][Ee][Nn][Aa][Nn][Tt]|[Aa][Uu][Tt][Oo][Aa][Cc][Cc][Ee][Pp][Tt][Aa][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMeetingReactions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether or not meetings created by users with this policy are able to utilize the Meeting Reactions feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WhoCanRegister</span> </div> <div class="desc-html"><p>Specifies who can attend and register for webinars.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Everyone"</code>, <code>"EveryoneInCompany"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee][Ii][Nn][Cc][Oo][Mm][Pp][Aa][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowAnnotations</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowAnonymousUsersToJoinMeeting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether anonymous users can join the meetings that impacted users organize. Set this to TRUE to allow anonymous users to join a meeting. Set this to FALSE to prohibit them from joining a meeting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMeetingCoach</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMeetingRegistration</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Controls if a user can create a webinar meeting. The default value is True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowNetworkConfigurationSettingsLookup</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether network configuration setting lookups can be made by users who are not Enterprise Voice enabled. It is used to enable Network Roaming policies.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowWatermarkForCameraVideo</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowWatermarkForScreenSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NewMeetingRecordingExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the number of days before meeting recordings will expire and move to the recycle bin. Value can be from 1 to 99,999 days. NOTE: You may opt to set Meeting Recordings to never expire by entering the value -1.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCartCaptionsScheduling</span> </div> <div class="desc-html"><p>Determines whether a user can add a URL for captions from a Communications Access Real-Time Translation (CART) captioner for providing real-time captions in meetings.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"DisabledUserOverride"</code>, <code>"EnabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDocumentCollaboration</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedStreamingMediaInput</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedAnonymousJoinClientTypes</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A user can join a Teams meeting anonymously using a Teams client or using a custom application built using Azure Communication Services. When anonymous meeting join is enabled, both types of clients may be used by default. This optional parameter can be used to block one of the client types that can be used. The allowed values are ACS (to block the use of Azure Communication Services clients) or Teams (to block the use of Teams clients). Both can also be specified, separated by a comma, but this is equivalent to disabling anonymous join completely.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ChannelRecordingDownload</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Determines how channel meeting recordings are saved, permissioned, and who can download them.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExplicitRecordingConsent</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceStreamingAttendeeMode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InfoShownInReportMode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LiveInterpretationEnabledType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Determines how meeting organizers can configure a meeting for language interpretation, select attendees of the meeting to become interpreters that other attendees can select and listen to the real-time translation they provide.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LiveStreamingMode</span> </div> <div class="desc-html"><p>Determines whether you provide support for your users to stream their Teams meetings to large audiences through Real-Time Messaging Protocol (RTMP).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MeetingInviteLanguages</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Controls how the join information in meeting invitations is displayed by enforcing a common language or enabling up to two languages to be displayed. Note: All Teams supported languages can be specified using language codes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QnAEngagementMode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoomPeopleNameUserOverride</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>N/A</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SpeakerAttributionMode</span> </div> <div class="desc-html"><p>Possible values: EnabledUserOverride or Disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"EnabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.messagingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.messagingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the Teams messaging policy.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/messaging-policies-in-teams">https://docs.microsoft.com/en-us/microsoftteams/messaging-policies-in-teams</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity for the teams messaging policy you're modifying. To modify the global policy, use this syntax: -Identity global. To modify a per-user policy, use syntax similar to this: -Identity TeamsMessagingPolicy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCommunicationComplianceEndUserReporting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Report inappropriate content.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowFluidCollaborate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines is Fluid Collaboration should be enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSecurityEndUserReporting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Report a security concern.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGiphy</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to access and post Giphys. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMemes</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to access and post memes. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowOwnerDeleteMessage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether owners are allowed to delete all the messages in their team. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserEditMessage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to edit their own messages. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSmartCompose</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Turn on this setting to let a user get text predictions for chat messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSmartReply</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Turn this setting on to enable suggested replies for chat messages. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowStickers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to access and post stickers. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUrlPreviews</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Use this setting to turn automatic URL previewing on or off in messages. Set this to TRUE to turn on. Set this to FALSE to turn off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserChat</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to chat. Set this to TRUE to allow a user to chat across private chat, group chat and in meetings. Set this to FALSE to prohibit all chat.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserDeleteMessage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to delete their own messages. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserTranslation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to translate messages to their client languages. Set this to TRUE to allow. Set this to FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowImmersiveReader</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to use Immersive Reader for reading conversation messages. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowRemoveUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to remove a user from a conversation. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPriorityMessages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to send priorities messages. Set this to TRUE to allow. Set this FALSE to prohibit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserDeleteChat</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Turn this setting on to allow users to permanently delete their 1:1, group chat, and meeting chat as participants (this deletes the chat only for them, not other users in the chat).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowVideoMessages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to send video messages in Chat. Set this to TRUE to allow a user to send video messages. Set this to FALSE to prohibit sending video messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Provide a description of your policy to identify purpose of creating it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GiphyRatingType</span> </div> <div class="desc-html"><p>Determines the Giphy content restrictions applicable to a user. Set this to STRICT, MODERATE or NORESTRICTION.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"MODERATE"</code>, <code>"NORESTRICTION"</code>, <code>"STRICT"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Tt][Rr][Ii][Cc][Tt]|[Mm][Oo][Dd][Ee][Rr][Aa][Tt][Ee]|[Nn][Oo][Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReadReceiptsEnabledType</span> </div> <div class="desc-html"><p>Use this setting to specify whether read receipts are user controlled, enabled for everyone, or disabled. Set this to UserPreference, Everyone or None.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Everyone"</code>, <code>"None"</code>, <code>"UserPreference"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Pp][Rr][Ee][Ff][Ee][Rr][Ee][Nn][Cc][Ee]|[Ee][Vv][Ee][Rr][Yy][Oo][Nn][Ee]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ChannelsInChatListEnabledType</span> </div> <div class="desc-html"><p>Possible values are: DisabledUserOverride,EnabledUserOverride.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"DisabledUserOverride"</code>, <code>"EnabledUserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AudioMessageEnabledType</span> </div> <div class="desc-html"><p>Determines whether a user is allowed to send audio messages. Possible values are: ChatsAndChannels,ChatsOnly,Disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ChatsAndChannels"</code>, <code>"ChatsOnly"</code>, <code>"Disabled"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Hh][Aa][Tt][Ss][Aa][Nn][Dd][Cc][Hh][Aa][Nn][Nn][Ee][Ll][Ss]|[Cc][Hh][Aa][Tt][Ss][Oo][Nn][Ll][Yy]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Tenant</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Globally unique identifier (GUID) of the tenant account whose external user communication policy are being created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Team Message Policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.mobilitypolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.mobilitypolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>The TeamsMobilityPolicy allows Admins to control Teams mobile usage for users.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specify the name of the Teams Mobility Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables administrators to provide explanatory text about the policy. For example, the Description might indicate the users the policy should be assigned to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IPAudioMobileMode</span> </div> <div class="desc-html"><p>When set to WifiOnly, prohibits the user from making and receiving calls or joining meetings using VoIP calls on the mobile device while on a cellular data connection. Possible values are: WifiOnly, AllNetworks.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AllNetworks"</code>, <code>"WifiOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ww][Ii][Ff][Ii][Oo][Nn][Ll][Yy]|[Aa][Ll][Ll][Nn][Ee][Tt][Ww][Oo][Rr][Kk][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IPVideoMobileMode</span> </div> <div class="desc-html"><p>When set to WifiOnly, prohibits the user from making and receiving video calls or enabling video in meetings using VoIP calls on the mobile device while on a cellular data connection. Possible values are: WifiOnly, AllNetworks.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AllNetworks"</code>, <code>"WifiOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ww][Ii][Ff][Ii][Oo][Nn][Ll][Yy]|[Aa][Ll][Ll][Nn][Ee][Tt][Ww][Oo][Rr][Kk][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MobileDialerPreference</span> </div> <div class="desc-html"><p>Determines the mobile dialer preference, possible values are: Teams, Native, UserOverride.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Native"</code>, <code>"Teams"</code>, <code>"UserOverride"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Tt][Ee][Aa][Mm][Ss]|[Nn][Aa][Tt][Ii][Vv][Ee]|[Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.networkroamingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.networkroamingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>New-CsTeamsNetworkRoamingPolicy allows IT Admins to create policies for Network Roaming and Bandwidth Control experiences in Microsoft Teams.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specify the name of the Teams Network Roaming Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowIPVideo</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow the user to share their video. Set this to FALSE to prohibit the user from sharing their video.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the new policy to be created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaBitRateKb</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the media bit rate for audio/video/app sharing transmissions in meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.onlinevoicemailpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.onlinevoicemailpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Online Voicemail Policies.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://learn.microsoft.com/en-us/microsoftteams/manage-voicemail-policies">https://learn.microsoft.com/en-us/microsoftteams/manage-voicemail-policies</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Online Voicemail Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableEditingCallAnswerRulesSetting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Controls if editing call answer rule settings are enabled or disabled for a user. Possible values are $true or $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableTranscription</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows you to disable or enable voicemail transcription. Possible values are $true or $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableTranscriptionProfanityMasking</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows you to disable or enable profanity masking for the voicemail transcriptions. Possible values are $true or $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableTranscriptionTranslation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows you to disable or enable translation for the voicemail transcriptions. Possible values are $true or $false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumRecordingLength</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A duration of voicemail maximum recording length. The length should be between 30 seconds to 600 seconds.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrimarySystemPromptLanguage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The primary (or first) language that voicemail system prompts will be presented in. Must also set SecondarySystemPromptLanguage. When set, this overrides the user language choice.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecondarySystemPromptLanguage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The secondary language that voicemail system prompts will be presented in. Must also set PrimarySystemPromptLanguage and may not be the same value as PrimarySystemPromptanguage. When set, this overrides the user language choice.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShareData</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies whether voicemail and transcription data are shared with the service for training and improving accuracy. Possible values are Defer and Deny.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.onlinevoicemailusersettings"> <div class="definition-header"> <span class="def-name">microsoft.teams.onlinevoicemailusersettings</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams User's Online Voicemail Settings.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter represents the ID of the specific user in your organization; this can be either a SIP URI or an Object ID.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CallAnswerRule</span> </div> <div class="desc-html"><p>The CallAnswerRule parameter represents the value of the call answer rule, which can be any of the following: DeclineCall, PromptOnly, PromptOnlyWithTransfer, RegularVoicemail, VoicemailWithTransferOption.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"DeclineCall"</code>, <code>"PromptOnly"</code>, <code>"PromptOnlyWithTransfer"</code>, <code>"RegularVoicemail"</code>, <code>"VoicemailWithTransferOption"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Cc][Ll][Ii][Nn][Ee][Cc][Aa][Ll][Ll]|[Pp][Rr][Oo][Mm][Pp][Tt][Oo][Nn][Ll][Yy]|[Pp][Rr][Oo][Mm][Pp][Tt][Oo][Nn][Ll][Yy][Ww][Ii][Tt][Hh][Tt][Rr][Aa][Nn][Ss][Ff][Ee][Rr]|[Rr][Ee][Gg][Uu][Ll][Aa][Rr][Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll]|[Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll][Ww][Ii][Tt][Hh][Tt][Rr][Aa][Nn][Ss][Ff][Ee][Rr][Oo][Pp][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultGreetingPromptOverwrite</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultGreetingPromptOverwrite parameter represents the contents that overwrite the default normal greeting prompt. If the user's normal custom greeting is not set and DefaultGreetingPromptOverwrite is not empty, the voicemail service will play this overwrite greeting instead of the default normal greeting in the voicemail deposit scenario.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefaultOofGreetingPromptOverwrite</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DefaultOofGreetingPromptOverwrite parameter represents the contents that overwrite the default out-of-office greeting prompt. If the user's out-of-office custom greeting is not set and DefaultOofGreetingPromptOverwrite is not empty, the voicemail service will play this overwrite greeting instead of the default out-of-office greeting in the voicemail deposit scenario.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OofGreetingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OofGreetingEnabled parameter represents whether to play out-of-office greeting in voicemail deposit scenario.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OofGreetingFollowAutomaticRepliesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OofGreetingFollowAutomaticRepliesEnabled parameter represents whether to play out-of-office greeting in voicemail deposit scenario when user set automatic replies in Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OofGreetingFollowCalendarEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The OofGreetingFollowCalendarEnabled parameter represents whether to play out-of-office greeting in voicemail deposit scenario when user set out-of-office in calendar.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PromptLanguage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The PromptLanguage parameter represents the language that is used to play voicemail prompts.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShareData</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether voicemail and transcription data is shared with the service for training and improving accuracy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TransferTarget</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The TransferTarget parameter represents the target to transfer the call when call answer rule set to PromptOnlyWithTransfer or VoicemailWithTransferOption. Value of this parameter should be a SIP URI of another user in your organization. For user with Enterprise Voice enabled, a valid telephone number could also be accepted as TransferTarget.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VoicemailEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The VoicemailEnabled parameter represents whether to enable voicemail service. If set to $false, the user has no voicemail service.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.onlinevoiceuser"> <div class="definition-header"> <span class="def-name">microsoft.teams.onlinevoiceuser</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Online Voice User.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the identity of the target user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocationID</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the unique identifier of the emergency location to assign to the user. Location identities can be discovered by using the Get-CsOnlineLisLocation cmdlet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TelephoneNumber</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the telephone number to be assigned to the user. The value must be in E.164 format: +14255043920. Setting the value to $Null clears the user's telephone number.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the online voice user exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.orgwideappsettings"> <div class="definition-header"> <span class="def-name">microsoft.teams.orgwideappsettings</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Org-Wide App Settings for Teams.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the resource is a single instance, the value must be 'Yes'</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSideloadedAppsInteractionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether or not to allow interaction with custom apps.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.pstnusage"> <div class="definition-header"> <span class="def-name">microsoft.teams.pstnusage</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams PSTN Usage.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/direct-routing-voice-routing">https://docs.microsoft.com/en-us/microsoftteams/direct-routing-voice-routing</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Usage</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>An online PSTN usage (such as Local or Long Distance) that can be used in conjunction with voice routes and voice routing policies.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.shiftspolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.shiftspolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource allows you to create a new TeamsShiftPolicy instance and set it's properties.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the policy instance name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessGracePeriodMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the grace period time in minutes between when the first shift starts or last shift ends and when access is blocked</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessType</span> </div> <div class="desc-html"><p>Determines the Teams access type granted to the user. Today, only unrestricted access to Teams app is supported.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"UnrestrictedAccess_TeamsApp"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ee][Dd][Aa][Cc][Cc][Ee][Ss][Ss]_[Tt][Ee][Aa][Mm][Ss][Aa][Pp][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableScheduleOwnerPermissions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user can manage a Shifts schedule as a team member.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableShiftPresence</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether a user is given shift-based presence (On shift, Off shift, or Busy). This must be set in order to have any off shift warning message-specific settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShiftNoticeFrequency</span> </div> <div class="desc-html"><p>Determines the frequency of warning dialog displayed when user opens Teams.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Always"</code>, <code>"Never"</code>, <code>"ShowOnceOnChange"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ww][Aa][Yy][Ss]|[Ss][Hh][Oo][Ww][Oo][Nn][Cc][Ee][Oo][Nn][Cc][Hh][Aa][Nn][Gg][Ee]|[Nn][Ee][Vv][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShiftNoticeMessageCustom</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies a custom message. Must set ShiftNoticeMessageType to 'CustomMessage' to enforce this</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShiftNoticeMessageType</span> </div> <div class="desc-html"><p>Specifies the warning message is shown in the blocking dialog when a user access Teams off shift hours. Select one of 7 Microsoft provided messages, a default message or a custom message.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"CustomMessage"</code>, <code>"DefaultMessage"</code>, <code>"Message1"</code>, <code>"Message2"</code>, <code>"Message3"</code>, <code>"Message4"</code>, <code>"Message5"</code>, <code>"Message6"</code>, <code>"Message7"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt][Mm][Ee][Ss][Ss][Aa][Gg][Ee]|[Mm][Ee][Ss][Ss][Aa][Gg][Ee]1|[Mm][Ee][Ss][Ss][Aa][Gg][Ee]2|[Mm][Ee][Ss][Ss][Aa][Gg][Ee]3|[Mm][Ee][Ss][Ss][Aa][Gg][Ee]4|[Mm][Ee][Ss][Ss][Aa][Gg][Ee]5|[Mm][Ee][Ss][Ss][Aa][Gg][Ee]6|[Mm][Ee][Ss][Ss][Aa][Gg][Ee]7|[Cc][Uu][Ss][Tt][Oo][Mm][Mm][Ee][Ss][Ss][Aa][Gg][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.templatespolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.templatespolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams Templates Policy.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://learn.microsoft.com/en-us/microsoftteams/templates-policies">https://learn.microsoft.com/en-us/microsoftteams/templates-policies</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Templates Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Teams Templates Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HiddenTemplates</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of Teams templates to hide.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.tenantdialplan"> <div class="definition-header"> <span class="def-name">microsoft.teams.tenantdialplan</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to configure the tenant-wide dial plans for Microsoft Teams.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/create-and-manage-dial-plans">https://docs.microsoft.com/en-us/microsoftteams/create-and-manage-dial-plans</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity parameter is a unique identifier that designates the name of the tenant dial plan. Identity is an alphanumeric string that cannot exceed 49 characters. Valid characters are alphabetic or numeric characters, hyphen (-) and dot (.). The value should not begin with a (.).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Description parameter describes the tenant dial plan - what it's for, what type of user it applies to and any other information that helps to identify the purpose of the tenant dial plan. Maximum characters: 512.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NormalizationRules</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>List of normalization rules that are applied to this dial plan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalAccessPrefix</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExternalAccessPrefix parameter is a number (or set of numbers) that designates the call as external to the organization. (For example, to tenant-dial an outside line, first press 9.) This prefix is ignored by the normalization rules, although these rules are applied to the remainder of the number. The OptimizeDeviceDialing parameter must be set to True for this value to take effect. This parameter must match the regular expression [0-9]{1,4}: that is, it must be a value 0 through 9 and one to four digits in length. The default value is 9.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OptimizeDeviceDialing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if the dial plan should optimize device dialing or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SimpleName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SimpleName parameter is a display name for the tenant dial plan. This name must be unique among all tenant dial plans within the Skype for Business Server deployment.This string can be up to 49 characters long. Valid characters are alphabetic or numeric characters, hyphen (-), dot (.) and parentheses (()).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this dial plan should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.tenantnetworkregion"> <div class="definition-header"> <span class="def-name">microsoft.teams.tenantnetworkregion</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>As an Admin, you can use the Windows PowerShell command, New-CsTenantNetworkRegion to define network regions. A network region interconnects various parts of a network across multiple geographic areas. The RegionID parameter is a logical name that represents the geography of the region, and has no dependencies or restrictions. Tenant network region is used for Location Based Routing.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier for the network region to be created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CentralSite</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the associated Central Site.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Provide a description of the network region to identify purpose of creating it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.tenantnetworksite"> <div class="definition-header"> <span class="def-name">microsoft.teams.tenantnetworksite</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>As an Admin, you can use the Windows PowerShell command, New-CsTenantNetworkSite to define network sites. Network sites are defined as a collection of IP subnets. Each network site must be associated with a network region. Tenant network site is used for Location Based Routing.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier for the network site to be created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Provide a description of the network site to identify purpose of creating it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmergencyCallingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>This parameter is used to assign a custom emergency calling policy to a network site</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmergencyCallRoutingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>This parameter is used to assign a custom emergency call routing policy to a network site</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableLocationBasedRouting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This parameter determines whether the current site is enabled for location based routing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocationPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>LocationPolicy is the identifier for the location policy which the current network site is associating to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkRegionID</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>NetworkRegionID is the identifier for the network region which the current network site is associating to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkRoamingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>NetworkRoamingPolicy is the identifier for the network roaming policy to which the network site will associate to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The address of current network site.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.tenantnetworksubnet"> <div class="definition-header"> <span class="def-name">microsoft.teams.tenantnetworksubnet</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>As an Admin, you can use the Windows PowerShell command, New-CsTenantNetworkSubnet to define network subnets and assign them to network sites. Each internal subnet may only be associated with one site. Tenant network subnet is used for Location Based Routing.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">MaskBits</span> <span class="type-badge">integer</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>This parameter determines the length of bits to mask to the subnet. IPv4 format subnet accepts maskbits from 0 to 32 inclusive. IPv6 format subnet accepts maskbits from 0 to 128 inclusive.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier for the network subnet to be created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Provide a description of the network subnet to identify purpose of creating it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkSiteID</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>NetworkSiteID is the identifier for the network site which the current network subnet is associating to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.tenanttrustedipaddress"> <div class="definition-header"> <span class="def-name">microsoft.teams.tenanttrustedipaddress</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>As an Admin, you can use the Windows PowerShell command, New-CsTenantTrustedIPAddress to define external subnets and assign them to the tenant. You can define an unlimited number of external subnets for a tenant.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identifier for the IP address to be created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Provide a description of the trusted IP address to identify purpose of creating it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaskBits</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>This parameter determines the length of bits to mask to the subnet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.translationrule"> <div class="definition-header"> <span class="def-name">microsoft.teams.translationrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Cmdlet to create a new telephone number manipulation rule.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identifier of the rule. This parameter is required and later used to assign the rule to the Inbound or Outbound Trunk Normalization policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A friendly description of the normalization rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Pattern</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A regular expression that caller or callee number must match in order for this rule to be applied.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Translation</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The regular expression pattern that will be applied to the number to convert it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.unassignednumbertreatment"> <div class="definition-header"> <span class="def-name">microsoft.teams.unassignednumbertreatment</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Creates a new treatment for how calls to an unassigned number range should be routed. The call can be routed to a user, an application or to an announcement service where a custom message will be played to the caller.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Id of the treatment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Free format description of this treatment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Pattern</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A regular expression that the called number must match in order for the treatment to take effect. It is best practice to start the regular expression with the hat character and end it with the dollar character. You can use various regular expression test sites on the Internet to validate the expression.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Target</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The identity of the destination the call should be routed to. Depending on the TargetType it should either be the ObjectId of the user or application instance/resource account or the AudioFileId of the uploaded audio file.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetType</span> </div> <div class="desc-html"><p>The type of target used for the treatment. Allowed values are User, ResourceAccount and Announcement.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Announcement"</code>, <code>"ResourceAccount"</code>, <code>"User"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr]|[Rr][Ee][Ss][Oo][Uu][Rr][Cc][Ee][Aa][Cc][Cc][Oo][Uu][Nn][Tt]|[Aa][Nn][Nn][Oo][Uu][Nn][Cc][Ee][Mm][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TreatmentPriority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The priority of the treatment. Used to distinguish identical patterns. The lower the priority the higher preference. The priority needs to be unique.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.updatemanagementpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.updatemanagementpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Update policies. For additional information, please refer to <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/MicrosoftTeams/public-preview-doc-updates#set-the-update-policy">https://docs.microsoft.com/en-us/MicrosoftTeams/public-preview-doc-updates#set-the-update-policy</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Update Management Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the Teams Update Management Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowManagedUpdates</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if managed updates should be allowed or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPreview</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if preview builds should be allowed or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPublicPreview</span> </div> <div class="desc-html"><p>Determines the ring of public previews to subscribes to.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"Enabled"</code>, <code>"FollowOfficePreview"</code>, <code>"Forced"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Ff][Oo][Rr][Cc][Ee][Dd]|[Ff][Oo][Ll][Ll][Oo][Ww][Oo][Ff][Ff][Ii][Cc][Ee][Pp][Rr][Ee][Vv][Ii][Ee][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UpdateDayOfWeek</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Determines the day of week to perform the updates. Value should be between 0 and 6.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UpdateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Determines the time of day to perform the updates. Must be a valid HH:MM format string with leading 0. For instance 08:30.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UpdateTimeOfDay</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Determines the time of day to perform the updates. Accepts a DateTime as string. Only the time will be considered.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseNewTeamsClient</span> </div> <div class="desc-html"><p>Determines whether or not users will use the new Teams client.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AdminDisabled"</code>, <code>"MicrosoftChoice"</code>, <code>"NewTeamsAsDefault"</code>, <code>"NewTeamsOnly"</code>, <code>"UserChoice"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Ee][Ww][Tt][Ee][Aa][Mm][Ss][Aa][Ss][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Uu][Ss][Ee][Rr][Cc][Hh][Oo][Ii][Cc][Ee]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Cc][Hh][Oo][Ii][Cc][Ee]|[Aa][Dd][Mm][Ii][Nn][Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Nn][Ee][Ww][Tt][Ee][Aa][Mm][Ss][Oo][Nn][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.upgradeconfiguration"> <div class="definition-header"> <span class="def-name">microsoft.teams.upgradeconfiguration</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Upgrade settings.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/MicrosoftTeams/migration-interop-guidance-for-teams-with-skype">https://docs.microsoft.com/en-us/MicrosoftTeams/migration-interop-guidance-for-teams-with-skype</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the resource is a single instance, the value must be 'Yes'</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DownloadTeams</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DownloadTeams property allows admins to control whether the Skype for Business client should automatically download Teams in the background. This Boolean setting is only honored on Windows clients, and only for certain values of the user's TeamsUpgradePolicy. If NotifySfbUser=true or if Mode=TeamsOnly in TeamsUpgradePolicy, this setting is honored. Otherwise it is ignored.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SfBMeetingJoinUx</span> </div> <div class="desc-html"><p>The SfBMeetingJoinUx property allows admins to specify which app is used to join Skype for Business meetings, even after the user has been upgraded to Teams. Allowed values are: 'SkypeMeetingsApp' and 'NativeLimitedClient'. 'NativeLimitedClient' means the existing Skype for Business rich client will be used, but since the user is upgraded, only meeting functionality is available. Calling and Messaging are done via Teams. 'SkypeMeetingsApp' means use the web-downloadable app. This setting can be useful for organizations that have upgraded to Teams and no longer want to install Skype for Business on their users' computers.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"NativeLimitedClient"</code>, <code>"SkypeMeetingsApp"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Kk][Yy][Pp][Ee][Mm][Ee][Ee][Tt][Ii][Nn][Gg][Ss][Aa][Pp][Pp]|[Nn][Aa][Tt][Ii][Vv][Ee][Ll][Ii][Mm][Ii][Tt][Ee][Dd][Cc][Ll][Ii][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.upgradepolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.upgradepolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Teams Upgrade policies.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/meetings-first#prepare-for-teams-meetings-in-meetings-first">https://docs.microsoft.com/en-us/microsoftteams/meetings-first#prepare-for-teams-meetings-in-meetings-first</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Upgrade Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Users</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of users that will be granted the Upgrade Policy to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MigrateMeetingsToTeams</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to move existing Skype for Business meetings organized by the user to Teams. This parameter can only be true if the mode of the specified policy instance is either TeamsOnly or SfBWithTeamsCollabAndMeetings, and if the policy instance is being granted to a specific user. It not possible to trigger meeting migration when granting TeamsUpgradePolicy to the entire tenant.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.user"> <div class="definition-header"> <span class="def-name">microsoft.teams.user</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to add new users to a team</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Team NAme</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">User</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>UPN of user to add to Team</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Role</span> </div> <div class="desc-html"><p>User role in Team</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Guest"</code>, <code>"Member"</code>, <code>"Owner"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Uu][Ee][Ss][Tt]|[Mm][Ee][Mm][Bb][Ee][Rr]|[Oo][Ww][Nn][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Team user exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.usercallingsettings"> <div class="definition-header"> <span class="def-name">microsoft.teams.usercallingsettings</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams User's Calling Settings.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://learn.microsoft.com/en-us/microsoftteams/user-call-settings">https://learn.microsoft.com/en-us/microsoftteams/user-call-settings</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Identity of the user to set call forwarding, simultaneous ringing and call group settings for. Can be specified using the ObjectId or the SIP address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupNotificationOverride</span> </div> <div class="desc-html"><p>The group notification override that will be set on the specified user. The supported values are Ring, Mute and Banner.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Banner"</code>, <code>"Mute"</code>, <code>"Ring"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Rr][Ii][Nn][Gg]|[Mm][Uu][Tt][Ee]|[Bb][Aa][Nn][Nn][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CallGroupOrder</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The order in which to call members of the Call Group. The supported values are Simultaneous and InOrder.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CallGroupTargets</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The members of the Call Group. You need to always specify the full set of members as the parameter value. What you set here will overwrite the current call group membership.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsUnansweredEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This parameter controls whether forwarding for unasnwered calls is enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnansweredDelay</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The time the call will ring the user before it is forwarded to the unanswered target. The supported format is hh:mm:ss and the delay range needs to be between 10 and 60 seconds in 10 seconds increments, i.e. 00:00:10, 00:00:20, 00:00:30, 00:00:40, 00:00:50 and 00:01:00. The default value is 20 seconds.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnansweredTarget</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unanswered target. Supported type of values are ObjectId, SIP address and phone number. For phone numbers we support the following types of formats: E.164 (+12065551234 or +1206555000;ext=1234) or non-E.164 like 1234.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnansweredTargetType</span> </div> <div class="desc-html"><p>The unanswered target type. Supported values are Voicemail, SingleTarget, MyDelegates and Group.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Group"</code>, <code>"MyDelegates"</code>, <code>"SingleTarget"</code>, <code>"Voicemail"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Rr][Oo][Uu][Pp]|[Mm][Yy][Dd][Ee][Ll][Ee][Gg][Aa][Tt][Ee][Ss]|[Ss][Ii][Nn][Gg][Ll][Ee][Tt][Aa][Rr][Gg][Ee][Tt]|[Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsForwardingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This parameter controls whether forwarding is enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForwardingType</span> </div> <div class="desc-html"><p>The type of forwarding to set. Supported values are Immediate and Simultaneous</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Immediate"</code>, <code>"Simultaneous"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Mm][Mm][Ee][Dd][Ii][Aa][Tt][Ee]|[Ss][Ii][Mm][Uu][Ll][Tt][Aa][Nn][Ee][Oo][Uu][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForwardingTargetType</span> </div> <div class="desc-html"><p>The forwarding target type. Supported values are Voicemail, SingleTarget, MyDelegates and Group. Voicemail is only supported for Immediate forwarding.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Group"</code>, <code>"MyDelegates"</code>, <code>"SingleTarget"</code>, <code>"Voicemail"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Rr][Oo][Uu][Pp]|[Mm][Yy][Dd][Ee][Ll][Ee][Gg][Aa][Tt][Ee][Ss]|[Ss][Ii][Nn][Gg][Ll][Ee][Tt][Aa][Rr][Gg][Ee][Tt]|[Vv][Oo][Ii][Cc][Ee][Mm][Aa][Ii][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForwardingTarget</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The forwarding target. Supported types of values are ObjectId's, SIP addresses and phone numbers. For phone numbers we support the following types of formats: E.164 (+12065551234 or +1206555000;ext=1234) or non-E.164 like 1234.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.userpolicyassignment"> <div class="definition-header"> <span class="def-name">microsoft.teams.userpolicyassignment</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource is used to assign Teams policy to a specified user.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">User</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>User Principal Name of the user representing the policy assignments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CallingLineIdentity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Calling Line Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExternalAccessPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the External Access Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnlineVoicemailPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Online Voicemail Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnlineVoiceRoutingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Online VOice Routing Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsAppPermissionPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams App Permission Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsAppSetupPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams App Setup Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsAudioConferencingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Audio Conferencing Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsCallHoldPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Call Hold Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsCallingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Calling Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsCallParkPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Call Park Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsChannelsPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Channel Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsEmergencyCallingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Emergency Calling Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsEmergencyCallRoutingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Emergency Call Routing Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsEnhancedEncryptionPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Enhanced Encryption Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsEventsPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Events Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsMeetingBroadcastPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Meeting Broadcast Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsMeetingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Meeting Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsMessagingPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Messaging Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsMobilityPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Mobility Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsUpdateManagementPolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Update Management Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsUpgradePolicy</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Teams Upgrade Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TenantDialPlan</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the Tenant Dial Plan Policy.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.vdipolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.vdipolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource implements Teams VDI Policies.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identity of the VDI Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableAudioVideoInCallsAndMeetings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables Audio and Video in Calls and Meeting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableCallsAndMeetings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables Calls and Meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.voiceroute"> <div class="definition-header"> <span class="def-name">microsoft.teams.voiceroute</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams Voice Route.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/direct-routing-voice-routing">https://docs.microsoft.com/en-us/microsoftteams/direct-routing-voice-routing</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Voice Route.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A description of what this online voice route is for.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NumberPattern</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A regular expression that specifies the phone numbers to which this route applies. Numbers matching this pattern will be routed according to the rest of the routing settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnlinePstnGatewayList</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter contains a list of online gateways associated with this online voice route. Each member of this list must be the service Identity of the online PSTN gateway.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnlinePstnUsages</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>A list of online PSTN usages (such as Local, Long Distance, etc.) that can be applied to this online voice route. The PSTN usage must be an existing usage (PSTN usages can be retrieved by calling the Get-CsOnlinePstnUsage cmdlet).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>A number could resolve to multiple online voice routes. The priority determines the order in which the routes will be applied if more than one route is possible.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the route exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.voiceroutingpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.voiceroutingpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Teams Voice Routing Policy.</p> <p>More information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoftteams/manage-voice-routing-policies">https://docs.microsoft.com/en-us/microsoftteams/manage-voice-routing-policies</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the Teams Voice Routing Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnlinePstnUsages</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>A list of online PSTN usages (such as Local or Long Distance) that can be applied to this online voice routing policy. The online PSTN usage must be an existing usage (PSTN usages can be retrieved by calling the Get-CsOnlinePstnUsage cmdlet).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables administrators to provide explanatory text to accompany an online voice routing policy. For example, the Description might include information about the users the policy should be assigned to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.workloadpolicy"> <div class="definition-header"> <span class="def-name">microsoft.teams.workloadpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resources implements a Teams workload policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Unique identity for the Teams workload policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCalling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows calling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCallingPinned</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows pinning a call.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMeeting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows meetins.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMeetingPinned</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows pinning meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMessaging</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows messaging.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowMessagingPinned</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows pinning a message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the instance exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.teams.team"> <div class="definition-header"> <span class="def-name">microsoft.teams.team</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures or creates a new Team.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display Name of the Team</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupID</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Team group ID, only used to target a Team when duplicated display names occurs.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MailNickName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>MailNickName of O365 Group associated with Team</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Owner</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Owners of the Team</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Visibility</span> </div> <div class="desc-html"><p>Visibility of the Team</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"HiddenMembership"</code>, <code>"Private"</code>, <code>"Public"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Uu][Bb][Ll][Ii][Cc]|[Pp][Rr][Ii][Vv][Aa][Tt][Ee]|[Hh][Ii][Dd][Dd][Ee][Nn][Mm][Ee][Mm][Bb][Ee][Rr][Ss][Hh][Ii][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowAddRemoveApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow add or remove apps from the Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGiphy</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow giphy in Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GiphyContentRating</span> </div> <div class="desc-html"><p>Giphy content rating of the Team.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Moderate"</code>, <code>"Strict"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Tt][Rr][Ii][Cc][Tt]|[Mm][Oo][Dd][Ee][Rr][Aa][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowStickersAndMemes</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow stickers and mimes in the Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCustomMemes</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow custom memes in Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserEditMessages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow members to edit messages within Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowUserDeleteMessages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow members to delete messages within Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowOwnerDeleteMessages</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow owners to delete messages within Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeleteChannels</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow members to delete channels within Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCreateUpdateRemoveConnectors</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow members to manage connectors within Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCreateUpdateRemoveTabs</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow members to manage tabs within Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTeamMentions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow mentions in Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowChannelMentions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow channel mention in Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGuestCreateUpdateChannels</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow guests to create and update channels in Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowGuestDeleteChannels</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow guests to delete channel in Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowCreateUpdateChannels</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow members to create and update channels within Team.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShowInTeamsSearchAndSuggestions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>determines whether or not private teams should be searchable from Teams clients for users who do not belong to that team. Set to $false to make those teams not discoverable from Teams clients.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Team exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.accountprotectionlocaladministratorpasswordsolutionpolicy"> <div class="definition-header"> <span class="def-name">microsoft.intune.accountprotectionlocaladministratorpasswordsolutionpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Account Protection Local Administrator Password Solution Policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the account protection local administrator password solution policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the account protection local administrator password solution policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the account protection local administrator password solution policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the account protection local administrator password solution policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BackupDirectory</span> </div> <div class="desc-html"><p>Configures which directory the local admin account password is backed up to. 0 - Disabled, 1 - Azure AD, 2 - AD</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>0</code>, <code>1</code>, <code>2</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordAgeDays_AAD</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures the maximum password age of the managed local administrator account for Azure AD. Minimum - 7, Maximum - 365</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordAgeDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures the maximum password age of the managed local administrator account for Active Directory. Minimum - 1, Maximum - 365</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures additional enforcement of maximum password age for the managed local administrator account.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdEncryptedPasswordHistorySize</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures how many previous encrypted passwords will be remembered in Active Directory. Minimum - 0, Maximum - 12</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdPasswordEncryptionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether the password is encrypted before being stored in Active Directory.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdPasswordEncryptionPrincipal</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Configures the name or SID of a user or group that can decrypt the password stored in Active Directory.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdministratorAccountName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Configures the name of the managed local administrator account.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordComplexity</span> </div> <div class="desc-html"><p>Configures the password complexity of the managed local administrator account. 1 - Large letters, 2 - Large + small letters, 3 - Large + small letters + numbers, 4 - Large + small letters + numbers + special characters, 5 - Large letters + small letters + numbers + special characters (improved readability)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>1</code>, <code>2</code>, <code>3</code>, <code>4</code>, <code>5</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(1|2|3|4|5)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures the length of the password of the managed local administrator account. Minimum - 8, Maximum - 64</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostAuthenticationActions</span> </div> <div class="desc-html"><p>Specifies the actions to take upon expiration of the configured grace period. 1 - Reset password, 3 - Reset password and log off, 5 - Reset password and restart</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>1</code>, <code>3</code>, <code>5</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(1|3|5)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostAuthenticationResetDelay</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the amount of time (in hours) to wait after an authentication before executing the specified post-authentication actions. Minimum - 0, Maximum - 24</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.accountprotectionlocalusergroupmembershippolicy"> <div class="definition-header"> <span class="def-name">microsoft.intune.accountprotectionlocalusergroupmembershippolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Intune Account Protection Local User Group Membership policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the account protection rules policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the account protection policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the account protection rules policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUserGroupCollection</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Local User Group Collections of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the site collection exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.accountprotectionpolicy"> <div class="definition-header"> <span class="def-name">microsoft.intune.accountprotectionpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Intune Account Protection policy.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the account protection rules policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the account protection policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the account protection rules policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsHelloForBusinessBlocked</span> </div> <div class="desc-html"><p>Block Windows Hello for Business.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"false"</code>, <code>"notConfigured"</code>, <code>"true"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Tt][Rr][Uu][Ee]|[Ff][Aa][Ll][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum PIN length must be between 4 and 127. (4-127)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinMaximumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum PIN length must be between 4 and 127. (4-127)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinLowercaseCharactersUsage</span> </div> <div class="desc-html"><p>If required, user PIN must include at least one lowercase letter.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinUppercaseCharactersUsage</span> </div> <div class="desc-html"><p>If required, user PIN must include at least one uppercase letter.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinSpecialCharactersUsage</span> </div> <div class="desc-html"><p>If required, user PIN must include at least one special character.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinExpirationInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>If configured, the user will be forced to change their PIN after the set number of days. (0, 730), 0 = Never</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinPreviousBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>If configured, the user will not be able to reuse this number of previous PINs. (0, 50), 0 = Do not remember.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinRecoveryEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If enabled, the PIN recovery secret will be stored on the device and the user can change their PIN if needed. If disabled or not configured, the recovery secret will not be created or stored.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityDeviceRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If you enable this policy setting, only devices with a usable TPM provision Windows Hello for Business. If you disable or do not configure this policy setting, the TPM is still preferred, but all devices provision Windows Hello for Business.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnlockWithBiometricsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If allowed, Windows Hello for Business can authenticate using gestures, such as face and fingerprint. Users must still configure a PIN in case of failure.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnhancedAntiSpoofingForFacialFeaturesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If enabled, devices will use enhanced anti-spoofing, when available. If not configured, the client configuration for anti-spoofing will be honored.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseCertificatesForOnPremisesAuthEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If configured, Windows Hello for Business can use certificates to authenticate to on-premise resources.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseSecurityKeyForSignin</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Windows Hello security key as a logon credential for all PCs in the tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceGuardLocalSystemAuthorityCredentialGuardSettings</span> </div> <div class="desc-html"><p>Setting this Disable will disable the use of Credential Guard, which is the Windows default. Setting this to Enable with UEFI lock will enable Credential Guard and not allow it to be disabled remotely, as the UEFI persisted configuration must be manually cleared. Setting this to Enable without UEFI lock will enable Credential Guard and allow it to be turned off without physical access to the machine.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disable"</code>, <code>"enableWithoutUEFILock"</code>, <code>"enableWithUEFILock"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee]|[Ee][Nn][Aa][Bb][Ll][Ee][Ww][Ii][Tt][Hh][Uu][Ee][Ff][Ii][Ll][Oo][Cc][Kk]|[Ee][Nn][Aa][Bb][Ll][Ee][Ww][Ii][Tt][Hh][Oo][Uu][Tt][Uu][Ee][Ff][Ii][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the site collection exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.antiviruspolicywindows10settingcatalog"> <div class="definition-header"> <span class="def-name">microsoft.intune.antiviruspolicywindows10settingcatalog</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Endpoint Protection Antivirus policy for a Windows 10 Device. This policy setting enables the management of Microsoft Defender Antivirus for Windows 10 using the settings catalog.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the endpoint protection policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the endpoint protection policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the endpoint protection policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tamperprotection</span> </div> <div class="desc-html"><p>Allows or disallows scanning of archives. (0: enable feature. 1: disable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disableaccountprotectionui</span> </div> <div class="desc-html"><p>Use this policy setting to specify if to display the Account protection area in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disableappbrowserui</span> </div> <div class="desc-html"><p>Use this policy setting if you want to disable the display of the app and browser protection area in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablecleartpmbutton</span> </div> <div class="desc-html"><p>Disable the Clear TPM button in Windows Security. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disabledevicesecurityui</span> </div> <div class="desc-html"><p>Use this policy setting if you want to disable the display of the Device security area in the Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablefamilyui</span> </div> <div class="desc-html"><p>Use this policy setting if you want to disable the display of the family options area in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablehealthui</span> </div> <div class="desc-html"><p>Use this policy setting if you want to disable the display of the device performance and health area in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablenetworkui</span> </div> <div class="desc-html"><p>Use this policy setting if you want to disable the display of the firewall and network protection area in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disableenhancednotifications</span> </div> <div class="desc-html"><p>Use this policy setting if you want to disable the display of Windows Defender Security Center notifications. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disabletpmfirmwareupdatewarning</span> </div> <div class="desc-html"><p>Hide the recommendation to update TPM Firmware when a vulnerable firmware is detected. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablevirusui</span> </div> <div class="desc-html"><p>Use this policy setting if you want to disable the display of the virus and threat protection area in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">hideransomwaredatarecovery</span> </div> <div class="desc-html"><p>Use this policy setting to hide the Ransomware data recovery area in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">hidewindowssecuritynotificationareacontrol</span> </div> <div class="desc-html"><p>This policy setting hides the Windows Security notification area control. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">enablecustomizedtoasts</span> </div> <div class="desc-html"><p>Enable this policy to display your company name and contact options in the notifications. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">enableinappcustomization</span> </div> <div class="desc-html"><p>Enable this policy to have your company name and contact options displayed in a contact card fly out in Windows Defender Security Center. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">companyname</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The company name that is displayed to the users. CompanyName is required for both EnableCustomizedToasts and EnableInAppCustomization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">email</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The email address that is displayed to users. The default mail application is used to initiate email actions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">phone</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The phone number or Skype ID that is displayed to users. Skype is used to initiate the call.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">url</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The help portal URL that is displayed to users. The default browser is used to initiate this action.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowarchivescanning</span> </div> <div class="desc-html"><p>Allows or disallows scanning of archives. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowbehaviormonitoring</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Behavior Monitoring functionality. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowcloudprotection</span> </div> <div class="desc-html"><p>To best protect your PC, Windows Defender will send information to Microsoft about any problems it finds. Microsoft will analyze that information, learn more about problems affecting you and other customers, and offer improved solutions. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowdatagramprocessingonwinserver</span> </div> <div class="desc-html"><p>Allows or disallows Network Protection to enable datagram processing on Windows Server. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowemailscanning</span> </div> <div class="desc-html"><p>Allows or disallows scanning of email. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowfullscanonmappednetworkdrives</span> </div> <div class="desc-html"><p>Allows or disallows a full scan of mapped network drives. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowfullscanremovabledrivescanning</span> </div> <div class="desc-html"><p>Allows or disallows a full scan of removable drives. During a quick scan, removable drives may still be scanned. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowintrusionpreventionsystem</span> </div> <div class="desc-html"><p><a target="_blank" rel="noopener noreferrer" href="https://github.com/MicrosoftDocs/memdocs/issues/2250">https://github.com/MicrosoftDocs/memdocs/issues/2250</a> (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowioavprotection</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender IOAVP Protection functionality. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allownetworkprotectiondownlevel</span> </div> <div class="desc-html"><p>Allows or disallows Network Protection to be configured into block or audit mode on windows downlevel of RS3. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowrealtimemonitoring</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender real-time Monitoring functionality. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowscanningnetworkfiles</span> </div> <div class="desc-html"><p>Allows or disallows a scanning of network files. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowscriptscanning</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Script Scanning functionality. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowuseruiaccess</span> </div> <div class="desc-html"><p>Allows or disallows user access to the Windows Defender UI. I disallowed, all Windows Defender notifications will also be suppressed. (0: Prevents users from accessing UI. 1: Lets users access UI)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">avgcpuloadfactor</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Represents the average CPU load factor for the Windows Defender scan (in percent).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">archivemaxdepth</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the maximum folder depth to extract from archive files for scanning.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">archivemaxsize</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the maximum size, in KB, of archive files to be extracted and scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">checkforsignaturesbeforerunningscan</span> </div> <div class="desc-html"><p>This policy setting allows you to manage whether a check for new virus and spyware definitions will occur before running a scan. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">cloudblocklevel</span> </div> <div class="desc-html"><p>This policy setting determines how aggressive Microsoft Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer.(0: Default windows defender blocking level, 2: High blocking level, 4:High+ blocking level, 6:Zero tolerance blocking level)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"2"</code>, <code>"4"</code>, <code>"6"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|2|4|6)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">cloudextendedtimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>This feature allows Microsoft Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">daystoretaincleanedmalware</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Time period (in days) that quarantine items will be stored on the system.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablecatchupfullscan</span> </div> <div class="desc-html"><p>This policy setting allows you to configure catch-up scans for scheduled full scans. (1: disabled, 0: enabled)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablecatchupquickscan</span> </div> <div class="desc-html"><p>This policy setting allows you to configure catch-up scans for scheduled quick scans. (1: disabled, 0: enabled)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablednsovertcpparsing</span> </div> <div class="desc-html"><p>Disables or enables DNS over TCP Parsing for Network Protection. (0: enable feature. 1: disable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablehttpparsing</span> </div> <div class="desc-html"><p>Disables or enables HTTP Parsing for Network Protection. (0: enable feature. 1: disable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableSshParsing</span> </div> <div class="desc-html"><p>Disable Ssh Parsing (1: SSH parsing is disabled, 0: SSH parsing is enabled)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(1|0)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">enablelowcpupriority</span> </div> <div class="desc-html"><p>This policy setting allows you to enable or disable low CPU priority for scheduled scans. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">enablenetworkprotection</span> </div> <div class="desc-html"><p>This policy allows you to turn on network protection (block/audit) or off. (0: disabled, 1: block mode, 2: audit mode)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code>, <code>"2"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">excludedextensions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Allows an administrator to specify a list of file type extensions to ignore during a scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">excludedpaths</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Allows an administrator to specify a list of directory paths to ignore during a scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">excludedprocesses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Allows an administrator to specify a list of files opened by processes to ignore during a scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">puaprotection</span> </div> <div class="desc-html"><p>Specifies the level of detection for potentially unwanted applications (PUAs). (0: disabled, 1: block mode, 2: audit mode)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code>, <code>"2"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">engineupdateschannel</span> </div> <div class="desc-html"><p>Enable this policy to specify when devices receive Microsoft Defender engine updates during the monthly gradual rollout. (0: Not configured, 2: Beta Channel, 3: Current Channel (Preview), 4: Current Channel (Staged), 5: Current Channel (Broad), 6: Critical)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"2"</code>, <code>"3"</code>, <code>"4"</code>, <code>"5"</code>, <code>"6"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|2|3|4|5|6)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">meteredconnectionupdates</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Allow managed devices to update through metered connections. (0: disabled, 1: enabled)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">platformupdateschannel</span> </div> <div class="desc-html"><p>Enable this policy to specify when devices receive Microsoft Defender platform updates during the monthly gradual rollout. (0: Not configured, 2: Beta Channel, 3: Current Channel (Preview), 4: Current Channel (Staged), 5: Current Channel (Broad), 6: Critical)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"2"</code>, <code>"3"</code>, <code>"4"</code>, <code>"5"</code>, <code>"6"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|2|3|4|5|6)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">securityintelligenceupdateschannel</span> </div> <div class="desc-html"><p>Enable this policy to specify when devices receive Microsoft Defender security intelligence updates during the daily gradual rollout. (0: Not configured, 4: Current Channel (Staged), 5: Current Channel (Broad))</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"4"</code>, <code>"5"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|4|5)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">realtimescandirection</span> </div> <div class="desc-html"><p>Controls which sets of files should be monitored. (0: Monitor all files (bi-directional), 1: Monitor incoming files, 2: Monitor outgoing files)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code>, <code>"2"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">scanparameter</span> </div> <div class="desc-html"><p>Selects whether to perform a quick scan or full scan. (1: Quick scan, 2: Full scan)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"1"</code>, <code>"2"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(1|2)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">schedulequickscantime</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Selects the time of day that the Windows Defender quick scan should run.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">schedulescanday</span> </div> <div class="desc-html"><p>Selects the day that the Windows Defender scan should run. (0: Every day, 1: Sunday, 2: Monday, 3: Tuesday, 4: Wednesday, 5: Thursday, 6: Friday, 7: Saturday, 8: No scheduled scan)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code>, <code>"2"</code>, <code>"3"</code>, <code>"4"</code>, <code>"5"</code>, <code>"6"</code>, <code>"7"</code>, <code>"8"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2|3|4|5|6|7|8)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">schedulescantime</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Selects the time of day that the Windows Defender scan should run. Must be between 0 and 1380 minutes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disabletlsparsing</span> </div> <div class="desc-html"><p>This setting disables TLS Parsing for Network Protection. (0: enabled, 1: disabled)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">randomizescheduletasktimes</span> </div> <div class="desc-html"><p>Specifies if the start time of the scan is randomized. (0: no randomization, 1: randomized)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">schedulerrandomizationtime</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>This setting allows you to configure the scheduler randomization in hours. The randomization interval is [1 - 23] hours.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">signatureupdatefallbackorder</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This policy setting allows you to define the order in which different definition update sources should be contacted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">signatureupdatefilesharessources</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This policy setting allows you to configure UNC file share sources for downloading definition updates.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">signatureupdateinterval</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the interval (in hours) that will be used to check for signatures, so instead of using the ScheduleDay and ScheduleTime the check for new signatures will be set according to the interval. Must be between 0 and 24 hours.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">submitsamplesconsent</span> </div> <div class="desc-html"><p>Checks for the user consent level in Windows Defender to send data. (0: Always prompt, 1: Send safe samples automatically, 2: Never send, 3: Send all samples automatically)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code>, <code>"2"</code>, <code>"3"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2|3)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">disablelocaladminmerge</span> </div> <div class="desc-html"><p>This policy setting controls whether or not complex list settings configured by a local administrator are merged with managed settings. (0: enable local admin merge, 1: disable local admin merge)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowonaccessprotection</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender On Access Protection functionality. (0: disable feature. 1: enable feature)</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">lowseveritythreats</span> </div> <div class="desc-html"><p>Allows an administrator to specify low severity threats corresponding action ID to take.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userdefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">moderateseveritythreats</span> </div> <div class="desc-html"><p>Allows an administrator to specify moderate severity threats corresponding action ID to take.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userdefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">severethreats</span> </div> <div class="desc-html"><p>Allows an administrator to specify high severity threats corresponding action ID to take.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userdefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">highseveritythreats</span> </div> <div class="desc-html"><p>Allows an administrator to specify severe threats corresponding action ID to take.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userdefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">templateId</span> </div> <div class="desc-html"><p>Template Id of the policy. 0: Windows Security Experience, 1: Defender Update controls, 2: Microsoft Defender Antivirus exclusions, 3: Microsoft Defender Antivirus</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"45fea5e9-280d-4da1-9792-fb5736da0ca9_1"</code>, <code>"804339ad-1553-4478-a742-138fb5807418_1"</code>, <code>"d948ff9b-99cb-4ee0-8012-1fbc09685377_1"</code>, <code>"e3f74c5a-a6de-411d-aef6-eb15628f3a0a_1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd]948[Ff][Ff]9[Bb]-99[Cc][Bb]-4[Ee][Ee]0-8012-1[Ff][Bb][Cc]09685377_1|[Ee]3[Ff]74[Cc]5[Aa]-[Aa]6[Dd][Ee]-411[Dd]-[Aa][Ee][Ff]6-[Ee][Bb]15628[Ff]3[Aa]0[Aa]_1|45[Ff][Ee][Aa]5[Ee]9-280[Dd]-4[Dd][Aa]1-9792-[Ff][Bb]5736[Dd][Aa]0[Cc][Aa]9_1|804339[Aa][Dd]-1553-4478-[Aa]742-138[Ff][Bb]5807418_1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.appconfigurationpolicy"> <div class="definition-header"> <span class="def-name">microsoft.intune.appconfigurationpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Intune App configuration policies.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the app configuration policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Key of the entity. Read-Only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the app configuration policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomSettings</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Custom settings for the app configuration policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.applicationcontrolpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.applicationcontrolpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Intune Endpoint Protection Application Control policy for an Windows 10 Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the endpoint protection application control policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the endpoint protection application control policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppLockerApplicationControl</span> </div> <div class="desc-html"><p>App locker application control mode</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditComponentsAndStoreApps"</code>, <code>"auditComponentsStoreAppsAndSmartlocker"</code>, <code>"enforceComponentsAndStoreApps"</code>, <code>"enforceComponentsStoreAppsAndSmartlocker"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Ff][Oo][Rr][Cc][Ee][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Aa][Nn][Dd][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss]|[Aa][Uu][Dd][Ii][Tt][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Aa][Nn][Dd][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss]|[Ee][Nn][Ff][Oo][Rr][Cc][Ee][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss][Aa][Nn][Dd][Ss][Mm][Aa][Rr][Tt][Ll][Oo][Cc][Kk][Ee][Rr]|[Aa][Uu][Dd][Ii][Tt][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss][Aa][Nn][Dd][Ss][Mm][Aa][Rr][Tt][Ll][Oo][Cc][Kk][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenBlockOverrideForFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not SmartScreen will not present an option for the user to disregard the warning and run the app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenEnableInshell</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enforce the use of SmartScreen for all users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the site collection exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.appprotectionpolicyandroid"> <div class="definition-header"> <span class="def-name">microsoft.intune.appprotectionpolicyandroid</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune app protection policy for an Android Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Android App Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Android App Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodOfflineBeforeAccessCheck</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The period after which access is checked when the device is not connected to the internet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodOnlineBeforeAccessCheck</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The period after which access is checked when the device is connected to the internet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedInboundDataTransferSources</span> </div> <div class="desc-html"><p>Sources from which data is allowed to be transferred. Possible values are: allApps, managedApps, none.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allApps"</code>, <code>"managedApps"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Pp][Pp][Ss]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedOutboundDataTransferDestinations</span> </div> <div class="desc-html"><p>Destinations to which data is allowed to be transferred. Possible values are: allApps, managedApps, none.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allApps"</code>, <code>"managedApps"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Pp][Pp][Ss]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationalCredentialsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether organizational credentials are required for app use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedOutboundClipboardSharingLevel</span> </div> <div class="desc-html"><p>The level to which the clipboard may be shared between apps on the managed device. Possible values are: allApps, managedAppsWithPasteIn, managedApps, blocked.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allApps"</code>, <code>"blocked"</code>, <code>"managedApps"</code>, <code>"managedAppsWithPasteIn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Pp][Pp][Ss]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss][Ww][Ii][Tt][Hh][Pp][Aa][Ss][Tt][Ee][Ii][Nn]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DataBackupBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the backup of a managed app's data is blocked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceComplianceRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether device compliance is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagedBrowserToOpenLinksRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for Android) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SaveAsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether users may use the Save As menu item to save a copy of protected files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodOfflineBeforeWipeIsEnforced</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether an app-level pin is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableAppPinIfDevicePinIsSet</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether use of the app pin is required if the device pin is set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumPinRetries</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SimplePinBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block simple PIN and require complex PIN to be set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumPinLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum pin length required for an app-level pin if PinRequired is set to True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinCharacterSet</span> </div> <div class="desc-html"><p>Character set which may be used for an app-level pin if PinRequired is set to True. Possible values are: numeric, alphanumericAndSymbol.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumericAndSymbol"</code>, <code>"numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Aa][Nn][Dd][Ss][Yy][Mm][Bb][Oo][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedDataStorageLocations</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Data storage locations where a user may store managed data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContactSyncBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether contacts can be synced to the user's device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodBeforePinReset</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>TimePeriod before the all-level pin must be reset if PinRequired is set to True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrintBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether printing is allowed from managed apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireClass3Biometrics</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require user to apply Class 3 Biometrics on their Android device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequirePinAfterBiometricChange</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>A PIN prompt will override biometric prompts if class 3 biometrics are updated on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FingerprintBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Apps</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of IDs representing the Android apps controlled by this protection policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of IDs of the groups assigned to this Android Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludedGroups</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of IDs of the groups that are excluded from this Android Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagedBrowser</span> </div> <div class="desc-html"><p>Indicates in which managed browser(s) that internet links should be opened. Used in conjunction with CustomBrowserPackageId, CustomBrowserDisplayName and ManagedBrowserToOpenLinksRequired. Possible values are: notConfigured, microsoftEdge.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"microsoftEdge"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Ee][Dd][Gg][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumRequiredAppVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will block the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumRequiredOSVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will block the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumRequiredPatchVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will block the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWarningAppVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will result in warning message on the managed app</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWarningOSVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will result in warning message on the managed app</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWarningPatchVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will result in warning message on the managed app</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppGroupType</span> </div> <div class="desc-html"><p>The apps controlled by this protection policy, overrides any values in Apps unless this value is 'selectedPublicApps'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allApps"</code>, <code>"allCoreMicrosoftApps"</code>, <code>"allMicrosoftApps"</code>, <code>"selectedPublicApps"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Pp][Pp][Ss]|[Aa][Ll][Ll][Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Aa][Pp][Pp][Ss]|[Aa][Ll][Ll][Cc][Oo][Rr][Ee][Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Aa][Pp][Pp][Ss]|[Ss][Ee][Ll][Ee][Cc][Tt][Ee][Dd][Pp][Uu][Bb][Ll][Ii][Cc][Aa][Pp][Pp][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsAssigned</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates if the policy is deployed to any inclusion groups or not. Inherited from targetedManagedAppProtection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from taking Screenshots.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptAppData</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the 'Encrypt org data' value is enabled. True = require</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableAppEncryptionIfDeviceEncryptionIsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the 'Encrypt org data on enrolled devices' value is enabled. False = require. Only functions if EncryptAppData is set to True</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomBrowserDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The application name for browser associated with the 'Unmanaged Browser ID'. This name will be displayed to users if the specified browser is not installed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomBrowserPackageId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The application ID for a single browser. Web content (http/s) from policy managed applications will open in the specified browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy. To avoid creation of duplicate policies DisplayName will be searched for if the ID is not found</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.appprotectionpolicyios"> <div class="definition-header"> <span class="def-name">microsoft.intune.appprotectionpolicyios</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune app protection policy for an iOS Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the iOS App Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the iOS App Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the iOS App Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodOfflineBeforeAccessCheck</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The period after which access is checked when the device is not connected to the internet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodOnlineBeforeAccessCheck</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The period after which access is checked when the device is connected to the internet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedInboundDataTransferSources</span> </div> <div class="desc-html"><p>Sources from which data is allowed to be transferred. Possible values are: allApps, managedApps, none.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allApps"</code>, <code>"managedApps"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Pp][Pp][Ss]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedOutboundDataTransferDestinations</span> </div> <div class="desc-html"><p>Destinations to which data is allowed to be transferred. Possible values are: allApps, managedApps, none.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allApps"</code>, <code>"managedApps"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Pp][Pp][Ss]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationalCredentialsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether organizational credentials are required for app use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedOutboundClipboardSharingLevel</span> </div> <div class="desc-html"><p>The level to which the clipboard may be shared between apps on the managed device. Possible values are: allApps, managedAppsWithPasteIn, managedApps, blocked.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allApps"</code>, <code>"blocked"</code>, <code>"managedApps"</code>, <code>"managedAppsWithPasteIn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Pp][Pp][Ss]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss][Ww][Ii][Tt][Hh][Pp][Aa][Ss][Tt][Ee][Ii][Nn]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp][Ss]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DataBackupBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the backup of a managed app's data is blocked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceComplianceRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether device compliance is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagedBrowserToOpenLinksRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SaveAsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether users may use the Save As menu item to save a copy of protected files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodOfflineBeforeWipeIsEnforced</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether an app-level pin is required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableAppPinIfDevicePinIsSet</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether use of the app pin is required if the device pin is set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumPinRetries</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SimplePinBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block simple PIN and require complex PIN to be set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumPinLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum pin length required for an app-level pin if PinRequired is set to True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinCharacterSet</span> </div> <div class="desc-html"><p>Character set which may be used for an app-level pin if PinRequired is set to True. Possible values are: numeric, alphanumericAndSymbol.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumericAndSymbol"</code>, <code>"numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Aa][Nn][Dd][Ss][Yy][Mm][Bb][Oo][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedDataStorageLocations</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Data storage locations where a user may store managed data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContactSyncBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether contacts can be synced to the user's device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PeriodBeforePinReset</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>TimePeriod before the all-level pin must be reset if PinRequired is set to True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrintBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether printing is allowed from managed apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FingerprintBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FaceIdBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagedBrowser</span> </div> <div class="desc-html"><p>Indicates in which managed browser(s) that internet links should be opened. When this property is configured, ManagedBrowserToOpenLinksRequired should be true. Possible values are: notConfigured, microsoftEdge.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"microsoftEdge"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Ee][Dd][Gg][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumRequiredAppVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will block the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWarningAppVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will result in warning message on the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumRequiredOSVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will block the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWarningOSVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will result in warning message on the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumRequiredSdkVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will block the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWipeOSVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than or equal to the specified version will wipe the managed app and the associated company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWipeAppVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than or equal to the specified version will wipe the managed app and the associated company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppActionIfDeviceComplianceRequired</span> </div> <div class="desc-html"><p>Defines a managed app behavior, either block or wipe, when the device is either rooted or jailbroken, if DeviceComplianceRequired is set to true.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"block"</code>, <code>"warn"</code>, <code>"wipe"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk]|[Ww][Ii][Pp][Ee]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppActionIfMaximumPinRetriesExceeded</span> </div> <div class="desc-html"><p>Defines a managed app behavior, either block or wipe, based on maximum number of incorrect pin retry attempts.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"block"</code>, <code>"warn"</code>, <code>"wipe"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk]|[Ww][Ii][Pp][Ee]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinRequiredInsteadOfBiometricTimeout</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Timeout in minutes for an app pin instead of non biometrics passcode .</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedOutboundClipboardSharingExceptionLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of characters that may be cut or copied from Org data and accounts to any application. This setting overrides the AllowedOutboundClipboardSharingLevel restriction. Default value of '0' means no exception is allowed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationRestriction</span> </div> <div class="desc-html"><p>Specify app notification restriction.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"blockOrganizationalData"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Oo][Ww]|[Bb][Ll][Oo][Cc][Kk][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Aa][Ll][Dd][Aa][Tt][Aa]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TargetedAppManagementLevels</span> </div> <div class="desc-html"><p>The intended app management levels for this policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"androidEnterprise"</code>, <code>"mdm"</code>, <code>"unmanaged"</code>, <code>"unspecified"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Ss][Pp][Ee][Cc][Ii][Ff][Ii][Ee][Dd]|[Uu][Nn][Mm][Aa][Nn][Aa][Gg][Ee][Dd]|[Mm][Dd][Mm]|[Aa][Nn][Dd][Rr][Oo][Ii][Dd][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppDataEncryptionType</span> </div> <div class="desc-html"><p>Require app data to be encrypted.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"afterDeviceRestart"</code>, <code>"useDeviceSettings"</code>, <code>"whenDeviceLocked"</code>, <code>"whenDeviceLockedExceptOpenFiles"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Dd][Ee][Vv][Ii][Cc][Ee][Ss][Ee][Tt][Tt][Ii][Nn][Gg][Ss]|[Aa][Ff][Tt][Ee][Rr][Dd][Ee][Vv][Ii][Cc][Ee][Rr][Ee][Ss][Tt][Aa][Rr][Tt]|[Ww][Hh][Ee][Nn][Dd][Ee][Vv][Ii][Cc][Ee][Ll][Oo][Cc][Kk][Ee][Dd][Ee][Xx][Cc][Ee][Pp][Tt][Oo][Pp][Ee][Nn][Ff][Ii][Ll][Ee][Ss]|[Ww][Hh][Ee][Nn][Dd][Ee][Vv][Ii][Cc][Ee][Ll][Oo][Cc][Kk][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExemptedAppProtocols</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Apps in this list will be exempt from the policy and will be able to receive data from managed apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumWipeSdkVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Versions less than the specified version will block the managed app from accessing company data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedIosDeviceModels</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Semicolon separated list of device models allowed, as a string, for the managed app to work.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppActionIfIosDeviceModelNotAllowed</span> </div> <div class="desc-html"><p>Defines a managed app behavior, either block or wipe, if the specified device model is not allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"block"</code>, <code>"warn"</code>, <code>"wipe"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk]|[Ww][Ii][Pp][Ee]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilterOpenInToOnlyManagedApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Defines if open-in operation is supported from the managed app to the filesharing locations selected. This setting only applies when AllowedOutboundDataTransferDestinations is set to ManagedApps and DisableProtectionOfManagedOutboundOpenInData is set to False.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableProtectionOfManagedOutboundOpenInData</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disable protection of data transferred to other apps through IOS 'OpenIn' option. This setting is only allowed to be True when AllowedOutboundDataTransferDestinations is set to ManagedApps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProtectInboundDataFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Protect incoming data from unknown source. This setting is only allowed to be True when AllowedInboundDataTransferSources is set to AllApps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomBrowserProtocol</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A custom browser protocol to open weblink on iOS.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Apps</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of IDs representing the iOS apps controlled by this protection policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of IDs of the groups assigned to this iOS Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludedGroups</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of IDs of the groups that are excluded from this iOS Protection Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.asrrulespolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.asrrulespolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Intune Endpoint Protection Attack Surface Reduction rules policy for a Windows 10 Device. This resource returns ASR rules created using deviceConfiguration Graph settings.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProcessCreationType</span> </div> <div class="desc-html"><p>This rule blocks processes created through PsExec and WMI from running.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedRansomewareProtectionType</span> </div> <div class="desc-html"><p>This rule provides an extra layer of protection against ransomware.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockPersistenceThroughWmiType</span> </div> <div class="desc-html"><p>This rule prevents malware from abusing WMI to attain persistence on a device.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScriptObfuscatedMacroCodeType</span> </div> <div class="desc-html"><p>This rule detects suspicious properties within an obfuscated script.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OfficeMacroCodeAllowWin32ImportsType</span> </div> <div class="desc-html"><p>This rule prevents VBA macros from calling Win32 APIs.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OfficeAppsLaunchChildProcessType</span> </div> <div class="desc-html"><p>This rule blocks Office apps from creating child processes. Office apps include Word, Excel, PowerPoint, OneNote, and Access.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GuardMyFoldersType</span> </div> <div class="desc-html"><p>This rule enable Controlled folder access which protects your data by checking apps against a list of known, trusted apps.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditDiskModification"</code>, <code>"auditMode"</code>, <code>"blockDiskModification"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Bb][Ll][Oo][Cc][Kk][Dd][Ii][Ss][Kk][Mm][Oo][Dd][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn]|[Aa][Uu][Dd][Ii][Tt][Dd][Ii][Ss][Kk][Mm][Oo][Dd][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UntrustedUSBProcessType</span> </div> <div class="desc-html"><p>With this rule, admins can prevent unsigned or untrusted executable files from running from USB removable drives, including SD cards.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttackSurfaceReductionExcludedPaths</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Exclude files and paths from attack surface reduction rules</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UntrustedExecutableType</span> </div> <div class="desc-html"><p>This rule blocks executable files that don't meet a prevalence, age, or trusted list criteria, such as .exe, .dll, or .scr, from launching.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OfficeCommunicationAppsLaunchChildProcess</span> </div> <div class="desc-html"><p>This rule prevents Outlook from creating child processes, while still allowing legitimate Outlook functions.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"disable"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmailContentExecutionType</span> </div> <div class="desc-html"><p>This rule blocks the following file types from launching from email opened within the Microsoft Outlook application, or Outlook.com and other popular webmail providers.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScriptDownloadedPayloadExecutionType</span> </div> <div class="desc-html"><p>This rule prevents scripts from launching potentially malicious downloaded content.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdditionalGuardedFolders</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of additional folders that need to be protected</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdobeReaderLaunchChildProcess</span> </div> <div class="desc-html"><p>This rule prevents attacks by blocking Adobe Reader from creating processes.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OfficeAppsExecutableContentCreationOrLaunchType</span> </div> <div class="desc-html"><p>This rule prevents Office apps, including Word, Excel, and PowerPoint, from creating potentially malicious executable content, by blocking malicious code from being written to disk.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreventCredentialStealingType</span> </div> <div class="desc-html"><p>This rule helps prevent credential stealing by locking down Local Security Authority Subsystem Service (LSASS).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OfficeAppsOtherProcessInjectionType</span> </div> <div class="desc-html"><p>This rule blocks code injection attempts from Office apps into other processes.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GuardedFoldersAllowedAppPaths</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of apps that have access to protected folders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the site collection exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.attacksurfacereductionrulespolicywindows10configmanager"> <div class="definition-header"> <span class="def-name">microsoft.intune.attacksurfacereductionrulespolicywindows10configmanager</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Endpoint Protection Attack Surface Reduction Rules policy for a Windows 10 Device for Configuration Manager. This policy setting enables setting the state (Block/Audit/Off/Warn) for each attack surface reduction (ASR) rule. Each ASR rule listed can be set to one of the following states (Block/Audit/Off/Warn). The ASR rule ID and state should be added under the Options for this setting. Each entry must be listed as a name value pair. The name defines a valid ASR rule ID, while the value contains the status ID indicating the status of the rule.</p> <p>For more information about ASR rule ID and status ID, see Enable Attack Surface Reduction: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction">https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/enable-attack-surface-reduction</a>.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttackSurfaceReductionOnlyExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Exclude files and paths from attack surface reduction rules</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAbuseOfExploitedVulnerableSignedDrivers</span> </div> <div class="desc-html"><p>This rule prevents an application from writing a vulnerable signed driver to disk.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAdobeReaderFromCreatingChildProcesses</span> </div> <div class="desc-html"><p>This rule prevents attacks by blocking Adobe Reader from creating processes.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAllOfficeApplicationsFromCreatingChildProcesses</span> </div> <div class="desc-html"><p>This rule blocks Office apps from creating child processes. Office apps include Word, Excel, PowerPoint, OneNote, and Access.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem</span> </div> <div class="desc-html"><p>This rule helps prevent credential stealing by locking down Local Security Authority Subsystem Service (LSASS).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutableContentFromEmailClientAndWebmail</span> </div> <div class="desc-html"><p>This rule blocks the following file types from launching from email opened within the Microsoft Outlook application, or Outlook.com and other popular webmail providers.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion</span> </div> <div class="desc-html"><p>This rule blocks executable files that don't meet a prevalence, age, or trusted list criteria, such as .exe, .dll, or .scr, from launching.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutionOfPotentiallyObfuscatedScripts</span> </div> <div class="desc-html"><p>This rule detects suspicious properties within an obfuscated script.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent</span> </div> <div class="desc-html"><p>This rule prevents scripts from launching potentially malicious downloaded content.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeApplicationsFromCreatingExecutableContent</span> </div> <div class="desc-html"><p>This rule prevents Office apps, including Word, Excel, and PowerPoint, from creating potentially malicious executable content, by blocking malicious code from being written to disk.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses</span> </div> <div class="desc-html"><p>This rule blocks code injection attempts from Office apps into other processes.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeCommunicationAppFromCreatingChildProcesses</span> </div> <div class="desc-html"><p>This rule prevents Outlook from creating child processes, while still allowing legitimate Outlook functions.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockPersistenceThroughWMIEventSubscription</span> </div> <div class="desc-html"><p>This rule prevents malware from abusing WMI to attain persistence on a device.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockProcessCreationsFromPSExecAndWMICommands</span> </div> <div class="desc-html"><p>This rule blocks processes created through PsExec and WMI from running.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockUntrustedUnsignedProcessesThatRunFromUSB</span> </div> <div class="desc-html"><p>With this rule, admins can prevent unsigned or untrusted executable files from running from USB removable drives, including SD cards.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockWin32APICallsFromOfficeMacros</span> </div> <div class="desc-html"><p>This rule prevents VBA macros from calling Win32 APIs.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseAdvancedProtectionAgainstRansomware</span> </div> <div class="desc-html"><p>This rule provides an extra layer of protection against ransomware.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ControlledFolderAccessProtectedFolders</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of additional folders that need to be protected</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ControlledFolderAccessAllowedApplications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of apps that have access to protected folders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableControlledFolderAccess</span> </div> <div class="desc-html"><p>This rule enable Controlled folder access which protects your data by checking apps against a list of known, trusted apps.values 0:disable, 1:enable, 2:audit, 3: Block disk modification only, 4: Audit disk modification only</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code>, <code>"2"</code>, <code>"3"</code>, <code>"4"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2|3|4)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceandappmanagementassignmentfilter"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceandappmanagementassignmentfilter</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource represents the properties of the Intune Assignment Filter. For more information: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/graph/api/resources/intune-policyset-deviceandappmanagementassignmentfilter?view=graph-rest-beta">https://docs.microsoft.com/en-us/graph/api/resources/intune-policyset-deviceandappmanagementassignmentfilter?view=graph-rest-beta</a></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>DisplayName of the Assignment Filter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Key of the Assignment Filter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Assignment Filter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Rule</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Rule definition of the Assignment Filter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Platform</span> <span class="type-badge">string</span> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecategory"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecategory</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Intune device categories.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the device category.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the device category.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the category exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecleanuprule"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecleanuprule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Intune device cleanup rule.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">IsSingleInstance</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Only valid value is 'Yes'.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Yes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Yy][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Indicates whether the cleanup rule is enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceInactivityBeforeRetirementInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days until Intune devices are deleted. Minimum: 30, Maximum: 270.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the category exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecompliancepolicyandroid"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecompliancepolicyandroid</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of Android device compliance policies in your cloud-based organization.</p> <h2>Parameters</h2> <h3>Microsoft Defender for Endpoint</h3> <ul> <li><strong>Require the device to be at or under the machine risk score</strong> Select the maximum allowed machine risk score for devices evaluated by Microsoft Defender for Endpoint. Devices that exceed this score get marked as noncompliant. <ul> <li>Not configured (<em>default</em>)</li> <li>Clear</li> <li>Low</li> <li>Medium</li> <li>High</li> </ul> </li> </ul> <h3>Device Health</h3> <ul> <li><strong>Devices managed with device administrator</strong> Device administrator capabilities are superseded by Android Enterprise. <ul> <li>Not configured (<em>default</em>)</li> <li>Block - Blocking device administrator will guide users to move to Android Enterprise Personally-Owned and Corporate-Owned Work Profile management to regain access.</li> </ul> </li> </ul> <h3>Rooted devices</h3> <ul> <li> <p><strong>Prevent rooted devices from having corporate access. (This compliance check is supported for Android 4.0 and above.)</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Mark rooted (jailbroken) devices as not compliant.</li> </ul> </li> <li> <p><strong>Require the device to be at or under the Device Threat Level</strong> Use this setting to take the risk assessment from a connected Mobile Threat Defense service as a condition for compliance.</p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Secured - This option is the most secure, as the device can't have any threats. If the device is detected with any level of threats, it's evaluated as noncompliant.</li> <li>Low - The device is evaluated as compliant if only low-level threats are present. Anything higher puts the device in a noncompliant status.</li> <li>Medium - The device is evaluated as compliant if existing threats on the device are low or medium level. If the device is detected to have high-level threats, it's determined to be noncompliant.</li> <li>High - This option is the least secure, and allows all threat levels. It may be useful if you're using this solution only for reporting purposes.</li> </ul> </li> </ul> <h3>Google Play Protect</h3> <ul> <li> <p><strong>Google Play Services is configured</strong> Google Play services allows security updates, and is a base-level dependency for many security features on certified-Google devices.</p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require that the Google Play services app is installed and enabled.</li> </ul> </li> <li> <p><strong>Up-to-date security provider</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require that an up-to-date security provider can protect a device from known vulnerabilities.</li> </ul> </li> <li> <p><strong>Threat scan on apps</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require that the Android Verify Apps feature is enabled.</li> </ul> </li> <li> <p><strong>SafetyNet device attestation</strong> Enter the level of SafetyNet attestation that must be met. Your options:</p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Check basic integrity</li> <li>Check basic integrity & certified devices</li> </ul> </li> </ul> <h3>Device Properties</h3> <ul> <li> <p><strong>Operating System Version</strong></p> <ul> <li>Minimum OS version When a device doesn't meet the minimum OS version requirement, it's reported as noncompliant. A link with information about how to upgrade is shown. The end user can choose to upgrade their device, and then get access to company resources.</li> </ul> <p><em>By default, no version is configured.</em></p> <ul> <li>Maximum OS version When a device is using an OS version later than the version specified in the rule, access to company resources is blocked. The user is asked to contact their IT admin. Until a rule is changed to allow the OS version, this device can't access company resources.</li> </ul> <p><em>By default, no version is configured.</em></p> </li> </ul> <h3>System Security</h3> <ul> <li> <p><strong>Encryption</strong> Encryption of data storage on a device Supported on Android 4.0 and later, or KNOX 4.0 and later.</p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Encrypt data storage on your devices. Devices are encrypted when you choose the Require a password to unlock mobile devices setting.</li> </ul> </li> <li> <p><strong>Device Security</strong> Block apps from unknown sources Supported on Android 4.0 to Android 7.x. Not supported by Android 8.0 and later</p> <ul> <li>Not configured (<em>default</em>) - this setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Block devices with Security > Unknown Sources enabled sources (<em>supported on Android 4.0 through Android 7.x. Not supported on Android 8.0 and later.</em>).</li> </ul> <p>To side-load apps, unknown sources must be allowed. If you're not side-loading Android apps, then set this feature to Block to enable this compliance policy.</p> </li> <li> <p><strong>Company portal app runtime integrity</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Choose Require to confirm the Company Portal app meets all the following requirements: <ul> <li>Has the default runtime environment installed</li> <li>Is properly signed</li> <li>Isn't in debug-mode</li> </ul> </li> </ul> </li> <li> <p><strong>Block USB debugging on device</strong> <em>(Supported on Android 4.2 or later)</em></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Prevent devices from using the USB debugging feature.</li> </ul> </li> <li> <p><strong>Minimum security patch level</strong> <em>(Supported on Android 6.0 or later)</em></p> <p>Select the oldest security patch level a device can have. Devices that aren't at least at this patch level are noncompliant. The date must be entered in the YYYY-MM-DD format.</p> <p><em>By default, no date is configured.</em></p> </li> <li> <p><strong>Restricted apps</strong> Enter the App name and App bundle ID for apps that should be restricted, and then select Add. A device with at least one restricted app installed is marked as non-compliant.</p> </li> </ul> <h3>Password</h3> <p>The available settings for passwords vary by the version of Android on the device.</p> <h4>All Android devices</h4> <p>The following settings are supported on Android 4.0 or later, and Knox 4.0 and later.</p> <ul> <li><strong>Maximum minutes of inactivity before password is required</strong> This setting specifies the length of time without user input after which the mobile device screen is locked. Options range from 1 Minute to 8 Hours. The recommended value is 15 Minutes. <ul> <li>Not configured (<em>default</em>)</li> </ul> </li> </ul> <h4>Android 10 and later</h4> <p>The following settings are supported on Android 10 or later, but not on Knox.</p> <ul> <li> <p><strong>Password complexity</strong> <em>This setting is supported on Android 10 or later, but not on Samsung Knox. On devices that run Android 9 and earlier or Samsung Knox, settings for the password length and type override this setting for complexity.</em></p> <p>Specify the required password complexity.</p> <ul> <li>None (<em>default</em>) - No password required.</li> <li>Low - The password satisfies one of the following conditions: <ul> <li>Pattern</li> <li>Numeric PIN has a repeating (4444) or ordered (1234, 4321, 2468) sequence.</li> </ul> </li> <li>Medium - The password satisfies one of the following conditions: <ul> <li>Numeric PIN doesn’t have a repeating (4444) or ordered (1234, 4321, 2468) sequence, and has minimum length of 4.</li> <li>Alphabetic, with a minimum length of 4.</li> <li>Alphanumeric, with a minimum length of 4.</li> </ul> </li> <li>High - The password satisfies one of the following conditions: <ul> <li>Numeric PIN doesn’t have a repeating (4444) or ordered (1234, 4321, 2468) sequence, and has minimum length of 8.</li> <li>Alphabetic, with a minimum length of 6.</li> <li>Alphanumeric, with a minimum length of 6.</li> </ul> </li> </ul> </li> </ul> <h4>Android 9 and earlier or Samsung Knox</h4> <p><em>The following settings are supported on Android 9.0 and earlier, and any version of Samsung Knox.</em></p> <ul> <li><strong>Require a password to unlock mobile devices</strong> This setting specifies whether to require users to enter a password before access is granted to information on their mobile devices. Recommended value: Require <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Users must enter a password before they can access their device.</li> </ul> </li> </ul> <p>When set to Require, the following setting can be configured:</p> <ul> <li> <p><strong>Required password type</strong> Choose if a password should include only numeric characters, or a mix of numerals and other characters.</p> <ul> <li>Device Default - To evaluate password compliance, be sure to select a password strength other than Device default.</li> <li>Low security biometric</li> <li>At least numeric</li> <li>Numeric complex - Repeated or consecutive numerals, such as 1111 or 1234, aren't allowed.</li> <li>At least alphabetic</li> <li>At least alphanumeric</li> <li>At least alphanumeric with symbols</li> </ul> <p>Based on the configuration of this setting, one or more of the following options are available:</p> <ul> <li>Minimum password length Enter the minimum number of digits or characters that the user's password must have.</li> <li>Maximum minutes of inactivity before password is required Enter the idle time before the user must reenter their password. When you choose Not configured (<em>default</em>), this setting isn't evaluated for compliance or non-compliance.</li> <li>Number of days until password expires Select the number of days before the password expires and the user must create a new password.</li> <li>Number of previous passwords to prevent reuse Enter the number of recent passwords that can't be reused. Use this setting to restrict the user from creating previously used passwords.</li> </ul> </li> </ul> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordRequired of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinimumLength of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>PasswordRequiredType of the Android device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphabetic"</code>, <code>"alphanumeric"</code>, <code>"alphanumericWithSymbols"</code>, <code>"any"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numeric"</code>, <code>"numericComplex"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequiredPasswordComplexity</span> </div> <div class="desc-html"><p>RequiredPasswordComplexity of the Android device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinutesOfInactivityBeforeLock of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordExpirationDays of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordPreviousPasswordBlockCount of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordSignInFailureCountBeforeFactoryReset of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityPreventInstallAppsFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityPreventInstallAppsFromUnknownSources of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityDisableUsbDebugging</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityDisableUsbDebugging of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireVerifyApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireVerifyApps of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DeviceThreatProtectionEnabled of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>DeviceThreatProtectionRequiredSecurityLevel of the Android device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"notSet"</code>, <code>"secured"</code>, <code>"unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>AdvancedThreatProtectionRequiredSecurityLevel of the Android device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"notSet"</code>, <code>"secured"</code>, <code>"unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityBlockJailbrokenDevices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityBlockJailbrokenDevices of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityBlockDeviceAdministratorManagedDevices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityBlockDeviceAdministratorManagedDevices of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMinimumVersion of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMaximumVersion of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinAndroidSecurityPatchLevel</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>MinAndroidSecurityPatchLevel of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>StorageRequireEncryption of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireSafetyNetAttestationBasicIntegrity</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireSafetyNetAttestationBasicIntegrity of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireSafetyNetAttestationCertifiedDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireSafetyNetAttestationCertifiedDevice of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireGooglePlayServices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireGooglePlayServices of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireUpToDateSecurityProviders</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireUpToDateSecurityProviders of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireCompanyPortalAppIntegrity</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireCompanyPortalAppIntegrity of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConditionStatementId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>ConditionStatementId of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictedApps</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>RestrictedApps of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleScopeTagIds</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>RoleScopeTagIds of the Android device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecompliancepolicyandroiddeviceowner"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecompliancepolicyandroiddeviceowner</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of Android Work Profile device compliance policies in your cloud-based organization.</p> <h2>Parameters</h2> <h3>Microsoft Defender for Endpoint - <em>for Personally-Owned Work Profile</em></h3> <ul> <li><strong>Require the device to be at or under the machine risk score</strong> Select the maximum allowed machine risk score for devices evaluated by Microsoft Defender for Endpoint. Devices which exceed this score get marked as noncompliant. <ul> <li>Not configured (<em>default</em>)</li> <li>Clear</li> <li>Low</li> <li>Medium</li> <li>High</li> </ul> </li> </ul> <h3>Device Health - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Rooted devices</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Mark rooted (jailbroken) devices as not compliant.</li> </ul> </li> <li> <p><strong>Require the device to be at or under the Device Threat Level</strong> Select the maximum allowed device threat level evaluated by your mobile threat defense service. Devices that exceed this threat level are marked noncompliant. To use this setting, choose the allowed threat level:</p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Secured - This option is the most secure, and means that the device can't have any threats. If the device is detected with any level of threats, it's evaluated as noncompliant.</li> <li>Low - The device is evaluated as compliant if only low-level threats are present. Anything higher puts the device in a noncompliant status.</li> <li>Medium - The device is evaluated as compliant if the threats that are present on the device are low or medium level. If the device is detected to have high-level threats, it's determined to be noncompliant.</li> <li>High - This option is the least secure, as it allows all threat levels. It may be useful if you're using this solution only for reporting purposes.</li> </ul> </li> </ul> <h3>Google Play Protect - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Google Play Services is configured</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require that the Google Play services app is installed and enabled. Google Play services allows security updates, and is a base-level dependency for many security features on certified-Google devices.</li> </ul> </li> <li> <p><strong>Up-to-date security provider</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require that an up-to-date security provider can protect a device from known vulnerabilities.</li> </ul> </li> <li> <p><strong>SafetyNet device attestation</strong> Enter the level of SafetyNet attestation that must be met. Your options:</p> <ul> <li>Not configured (<em>default</em>) - Setting isn't evaluated for compliance or non-compliance.</li> <li>Check basic integrity</li> <li>Check basic integrity & certified devices</li> </ul> </li> </ul> <p>Note:</p> <ul> <li>On Android Enterprise devices, Threat scan on apps is a device configuration policy. Using a configuration policy, administrators can enable the setting on a device. See Android Enterprise device restriction settings.</li> </ul> <h3>Device Properties - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Operating System Version - <em>for Personally-Owned Work Profile</em></strong></p> <ul> <li>Minimum OS version When a device doesn't meet the minimum OS version requirement, it's reported as non-compliant. A link with information on how to upgrade is shown. The end user can upgrade their device, and then access organization resources.</li> </ul> <p><em>By default, no version is configured.</em></p> </li> <li> <p><strong>Maximum OS version</strong> When a device is using an OS version later than the version in the rule, access to organization resources is blocked. The user is asked to contact their IT administrator. Until a rule is changed to allow the OS version, this device can't access organization resources.</p> <p><em>By default, no version is configured.</em></p> </li> </ul> <h3>System security - for <em>Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Require a password to unlock mobile devices</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Users must enter a password before they can access their device.</li> </ul> <p><em>This setting applies at the device level. If you only need to require a password at the Personally-Owned Work Profile level, then use a configuration policy. See Android Enterprise device configuration settings.</em></p> </li> <li> <p><strong>Required password type</strong> Choose if a password should include only numeric characters, or a mix of numerals and other characters. Your options:</p> <ul> <li>Device Default</li> <li>Low security biometric</li> <li>At least numeric (<em>default</em>): Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>Numeric complex: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>At least alphabetic: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>At least alphanumeric: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>At least alphanumeric with symbols: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> </ul> <p>Depending on the password type you select, the following settings are available:</p> <ul> <li>Maximum minutes of inactivity before password is required Enter the idle time before the user must reenter their password. Options include the default of Not configured, and from 1 Minute to 8 hours.</li> <li>Number of days until password expires Enter the number of days, between 1-365, until the device password must be changed. For example, to change the password after 60 days, enter 60. When the password expires, users are prompted to create a new password.</li> <li>Minimum password length Enter the minimum length the password must have, between 4 and 16 characters.</li> <li>Number of previous passwords to prevent reuse Enter the number of recent passwords that can't be reused. Use this setting to restrict the user from creating previously used passwords.</li> </ul> </li> </ul> <h3>Encryption - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Encryption of data storage on device</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Encrypt data storage on your devices.</li> </ul> <p>You don't have to configure this setting because Android Enterprise devices enforce encryption.</p> </li> </ul> <h3>Device Security - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Block apps from unknown sources</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Block devices with Security > Unknown Sources enabled sources (supported on Android 4.0 through Android 7.x. Not supported by Android 8.0 and later).</li> </ul> <p><em>To side-load apps, unknown sources must be allowed. If you're not side-loading Android apps, then set this feature to Block to enable this compliance policy.</em></p> </li> <li> <p><strong>Company portal app runtime integrity</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Choose Require to confirm the Company Portal app meets all the following requirements: <ul> <li>Has the default runtime environment installed</li> <li>Is properly signed</li> <li>Isn't in debug-mode</li> <li>Is installed from a known source</li> </ul> </li> </ul> </li> <li> <p><strong>Block USB debugging on device</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Prevent devices from using the USB debugging feature.</li> </ul> </li> </ul> <p><em>You don't have to configure this setting because USB debugging is already disabled on Android Enterprise devices.</em></p> <ul> <li><strong>Minimum security patch level</strong> Select the oldest security patch level a device can have. Devices that aren't at least at this patch level are noncompliant. The date must be entered in the YYYY-MM-DD format.</li> </ul> <p><em>By default, no date is configured.</em></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DeviceThreatProtectionEnabled of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionRequiredSecurityLevel</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>DeviceThreatProtectionRequiredSecurityLevel of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionRequiredSecurityLevel</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>AdvancedThreatProtectionRequiredSecurityLevel of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireSafetyNetAttestationBasicIntegrity</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireSafetyNetAttestationBasicIntegrity of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireSafetyNetAttestationCertifiedDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireSafetyNetAttestationCertifiedDevice of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">osMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>osMinimumVersion of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">osMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>osMaximumVersion of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">passwordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordRequired of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">passwordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinimumLength of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>PasswordRequiredType of the Android Device Owner device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphabetic"</code>, <code>"alphanumeric"</code>, <code>"alphanumericWithSymbols"</code>, <code>"any"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numeric"</code>, <code>"numericComplex"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinutesOfInactivityBeforeLock of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordExpirationDays of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordCountToBlock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordPreviousPasswordCountToBlock of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>StorageRequireEncryption of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireIntuneAppIntegrity</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireIntuneAppIntegrity of the Android Device Owner device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleScopeTagIds</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of Scope Tags for this Entity instance. Inherited from deviceConfiguration</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecompliancepolicyandroidworkprofile"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecompliancepolicyandroidworkprofile</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of Android Work Profile device compliance policies in your cloud-based organization.</p> <h2>Parameters</h2> <h3>Microsoft Defender for Endpoint - <em>for Personally-Owned Work Profile</em></h3> <ul> <li><strong>Require the device to be at or under the machine risk score</strong> Select the maximum allowed machine risk score for devices evaluated by Microsoft Defender for Endpoint. Devices which exceed this score get marked as noncompliant. <ul> <li>Not configured (<em>default</em>)</li> <li>Clear</li> <li>Low</li> <li>Medium</li> <li>High</li> </ul> </li> </ul> <h3>Device Health - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Rooted devices</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Mark rooted (jailbroken) devices as not compliant.</li> </ul> </li> <li> <p><strong>Require the device to be at or under the Device Threat Level</strong> Select the maximum allowed device threat level evaluated by your mobile threat defense service. Devices that exceed this threat level are marked noncompliant. To use this setting, choose the allowed threat level:</p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Secured - This option is the most secure, and means that the device can't have any threats. If the device is detected with any level of threats, it's evaluated as noncompliant.</li> <li>Low - The device is evaluated as compliant if only low-level threats are present. Anything higher puts the device in a noncompliant status.</li> <li>Medium - The device is evaluated as compliant if the threats that are present on the device are low or medium level. If the device is detected to have high-level threats, it's determined to be noncompliant.</li> <li>High - This option is the least secure, as it allows all threat levels. It may be useful if you're using this solution only for reporting purposes.</li> </ul> </li> </ul> <h3>Google Play Protect - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Google Play Services is configured</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require that the Google Play services app is installed and enabled. Google Play services allows security updates, and is a base-level dependency for many security features on certified-Google devices.</li> </ul> </li> <li> <p><strong>Up-to-date security provider</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require that an up-to-date security provider can protect a device from known vulnerabilities.</li> </ul> </li> <li> <p><strong>SafetyNet device attestation</strong> Enter the level of SafetyNet attestation that must be met. Your options:</p> <ul> <li>Not configured (<em>default</em>) - Setting isn't evaluated for compliance or non-compliance.</li> <li>Check basic integrity</li> <li>Check basic integrity & certified devices</li> </ul> <p>Note:</p> <ul> <li>On Android Enterprise devices, Threat scan on apps is a device configuration policy. Using a configuration policy, administrators can enable the setting on a device. See Android Enterprise device restriction settings.</li> </ul> </li> </ul> <h3>Device Properties - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Operating System Version - <em>for Personally-Owned Work Profile</em></strong></p> <ul> <li>Minimum OS version When a device doesn't meet the minimum OS version requirement, it's reported as non-compliant. A link with information on how to upgrade is shown. The end user can upgrade their device, and then access organization resources.</li> </ul> <p><em>By default, no version is configured.</em></p> </li> <li> <p><strong>Maximum OS version</strong> When a device is using an OS version later than the version in the rule, access to organization resources is blocked. The user is asked to contact their IT administrator. Until a rule is changed to allow the OS version, this device can't access organization resources.</p> <p><em>By default, no version is configured.</em></p> </li> </ul> <h3>System security - for <em>Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Require a password to unlock mobile devices</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Users must enter a password before they can access their device.</li> </ul> <p><em>This setting applies at the device level. If you only need to require a password at the Personally-Owned Work Profile level, then use a configuration policy. See Android Enterprise device configuration settings.</em></p> </li> <li> <p><strong>Required password type</strong> Choose if a password should include only numeric characters, or a mix of numerals and other characters. Your options:</p> <ul> <li>Device Default</li> <li>Low security biometric</li> <li>At least numeric (<em>default</em>): Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>Numeric complex: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>At least alphabetic: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>At least alphanumeric: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> <li>At least alphanumeric with symbols: Enter the minimum password length a user must enter, between 4 and 16 characters.</li> </ul> <p>Depending on the password type you select, the following settings are available:</p> <ul> <li>Maximum minutes of inactivity before password is required Enter the idle time before the user must reenter their password. Options include the default of Not configured, and from 1 Minute to 8 hours.</li> <li>Number of days until password expires Enter the number of days, between 1-365, until the device password must be changed. For example, to change the password after 60 days, enter 60. When the password expires, users are prompted to create a new password.</li> <li>Minimum password length Enter the minimum length the password must have, between 4 and 16 characters.</li> <li>Number of previous passwords to prevent reuse Enter the number of recent passwords that can't be reused. Use this setting to restrict the user from creating previously used passwords.</li> </ul> </li> </ul> <h3>Encryption - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Encryption of data storage on device</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Encrypt data storage on your devices.</li> </ul> <p>You don't have to configure this setting because Android Enterprise devices enforce encryption.</p> </li> </ul> <h3>Device Security - <em>for Personally-Owned Work Profile</em></h3> <ul> <li> <p><strong>Block apps from unknown sources</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Block devices with Security > Unknown Sources enabled sources (supported on Android 4.0 through Android 7.x. Not supported by Android 8.0 and later).</li> </ul> <p><em>To side-load apps, unknown sources must be allowed. If you're not side-loading Android apps, then set this feature to Block to enable this compliance policy.</em></p> </li> <li> <p><strong>Company portal app runtime integrity</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Choose Require to confirm the Company Portal app meets all the following requirements: <ul> <li>Has the default runtime environment installed</li> <li>Is properly signed</li> <li>Isn't in debug-mode</li> <li>Is installed from a known source</li> </ul> </li> </ul> </li> <li> <p><strong>Block USB debugging on device</strong></p> <ul> <li>Not configured (<em>default</em>) - This setting isn't evaluated for compliance or non-compliance.</li> <li>Block - Prevent devices from using the USB debugging feature.</li> </ul> </li> </ul> <p><em>You don't have to configure this setting because USB debugging is already disabled on Android Enterprise devices.</em></p> <ul> <li><strong>Minimum security patch level</strong> Select the oldest security patch level a device can have. Devices that aren't at least at this patch level are noncompliant. The date must be entered in the YYYY-MM-DD format.</li> </ul> <p><em>By default, no date is configured.</em></p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordRequired of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinimumLength of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>PasswordRequiredType of the AndroidWorkProfile device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphabetic"</code>, <code>"alphanumeric"</code>, <code>"alphanumericWithSymbols"</code>, <code>"any"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numeric"</code>, <code>"numericComplex"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinutesOfInactivityBeforeLock of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordExpirationDays of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordPreviousPasswordBlockCount of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordSignInFailureCountBeforeFactoryReset of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityPreventInstallAppsFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityPreventInstallAppsFromUnknownSources of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityDisableUsbDebugging</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityDisableUsbDebugging of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireVerifyApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireVerifyApps of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DeviceThreatProtectionEnabled of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>DeviceThreatProtectionRequiredSecurityLevel of the AndroidWorkProfile device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"notSet"</code>, <code>"secured"</code>, <code>"unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>AdvancedThreatProtectionRequiredSecurityLevel of the AndroidWorkProfile device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"notSet"</code>, <code>"secured"</code>, <code>"unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityBlockJailbrokenDevices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityBlockJailbrokenDevices of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMinimumVersion of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMaximumVersion of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinAndroidSecurityPatchLevel</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>MinAndroidSecurityPatchLevel of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>StorageRequireEncryption of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireSafetyNetAttestationBasicIntegrity</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireSafetyNetAttestationBasicIntegrity of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireSafetyNetAttestationCertifiedDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireSafetyNetAttestationCertifiedDevice of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireGooglePlayServices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireGooglePlayServices of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireUpToDateSecurityProviders</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireUpToDateSecurityProviders of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireCompanyPortalAppIntegrity</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityRequireCompanyPortalAppIntegrity of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequiredAndroidSafetyNetEvaluationType</span> </div> <div class="desc-html"><p>Require a specific SafetyNet evaluation type for compliance.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"basic"</code>, <code>"hardwareBacked"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Aa][Ss][Ii][Cc]|[Hh][Aa][Rr][Dd][Ww][Aa][Rr][Ee][Bb][Aa][Cc][Kk][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleScopeTagIds</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>RoleScopeTagIds of the AndroidWorkProfile device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecompliancepolicyios"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecompliancepolicyios</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Intune compliance policies for iOs devices.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeBlockSimple</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasscodeBlockSimple of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasscodeExpirationDays of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasscodeMinimumLength of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasscodeMinutesOfInactivityBeforeLock of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minutes of inactivity before the screen times out.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodePreviousPasscodeBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasscodePreviousPasscodeBlockCount of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinimumCharacterSetCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasscodeMinimumCharacterSetCount of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeRequiredType</span> </div> <div class="desc-html"><p>PasscodeRequiredType of the iOS device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumeric"</code>, <code>"deviceDefault"</code>, <code>"numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasscodeRequired of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMinimumVersion of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMaximumVersion of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumBuildVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Minimum IOS build version.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumBuildVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Maximum IOS build version.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityBlockJailbrokenDevices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecurityBlockJailbrokenDevices of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DeviceThreatProtectionEnabled of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>Require Mobile Threat Protection minimum risk level to report noncompliance.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"notSet"</code>, <code>"secured"</code>, <code>"unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>MDATP Require Mobile Threat Protection minimum risk level to report noncompliance.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"notSet"</code>, <code>"secured"</code>, <code>"unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagedEmailProfileRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>ManagedEmailProfileRequired of the iOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictedApps</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Credentials of the Intune Admin</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecompliancepolicymacos"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecompliancepolicymacos</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of MacOS compliance policies in your cloud-based organization.</p> <h2>Parameters</h2> <h3>Device Health</h3> <ul> <li><strong>Require a system integrity protection</strong> <ul> <li>Not configured <em>(default)</em> - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Require macOS devices to have System Integrity Protection enabled.</li> </ul> </li> </ul> <h3>Device Properties</h3> <ul> <li> <p><strong>Minimum OS required</strong> When a device doesn't meet the minimum OS version requirement, it's reported as non-compliant. A link with information on how to upgrade is shown. The device user can choose to upgrade their device. After that, they can access organization resources.</p> </li> <li> <p><strong>Maximum OS version allowed</strong> When a device uses an OS version later than the version in the rule, access to organization resources is blocked. The device user is asked to contact their IT administrator. The device can't access organization resources until a rule changes to allow the OS version.</p> </li> <li> <p><strong>Minimum OS build version</strong> When Apple publishes security updates, the build number is typically updated, not the OS version. Use this feature to enter a minimum allowed build number on the device.</p> </li> <li> <p><strong>Maximum OS build version</strong> When Apple publishes security updates, the build number is typically updated, not the OS version. Use this feature to enter a maximum allowed build number on the device.</p> </li> </ul> <h2>System security settings</h2> <h3>Password</h3> <ul> <li> <p><strong>Require a password to unlock mobile devices</strong></p> <ul> <li>Not configured <em>(default)</em></li> <li>Require Users must enter a password before they can access their device.</li> </ul> </li> <li> <p><strong>Simple passwords</strong></p> <ul> <li>Not configured <em>(default)</em> - Users can create passwords simple like 1234 or 1111.</li> <li>Block - Users can't create simple passwords, such as 1234 or 1111.</li> </ul> </li> <li> <p><strong>Minimum password length</strong></p> <ul> <li>Enter the minimum number of digits or characters that the password must have.</li> </ul> </li> <li> <p><strong>Password type</strong></p> <ul> <li>Choose if a password should have only Numeric characters, or if there should be a mix of numbers and other characters (Alphanumeric).</li> </ul> </li> <li> <p><strong>Number of non-alphanumeric characters in password</strong></p> <ul> <li>Enter the minimum number of special characters, such as &, #, %, !, and so on, that must be in the password.</li> </ul> <p>Setting a higher number requires the user to create a password that is more complex.</p> </li> <li> <p><strong>Maximum minutes of inactivity before password is required</strong></p> <ul> <li>Enter the idle time before the user must reenter their password.</li> </ul> </li> <li> <p><strong>Password expiration (days)</strong></p> <ul> <li>Select the number of days before the password expires, and they must create a new one.</li> </ul> </li> <li> <p><strong>Number of previous passwords to prevent reuse</strong></p> <ul> <li>Enter the number of previously used passwords that can't be used.</li> </ul> </li> </ul> <h3>Encryption</h3> <ul> <li><strong>Encryption of data storage on device</strong> <ul> <li>Not configured (<em>default</em>)</li> <li>Require - Use <em>Require</em> to encrypt data storage on your devices.</li> </ul> </li> </ul> <h3>Device Security</h3> <p>Firewall protects devices from unauthorized network access. You can use Firewall to control connections on a per-application basis.</p> <ul> <li> <p><strong>Firewall</strong></p> <ul> <li>Not configured <em>(default)</em> - This setting leaves the firewall turned off, and network traffic is allowed (not blocked).</li> <li>Enable - Use Enable to help protect devices from unauthorized access. Enabling this feature allows you to handle incoming internet connections, and use stealth mode.</li> </ul> </li> <li> <p><strong>Incoming connections</strong></p> <ul> <li>Not configured <em>(default)</em> - Allows incoming connections and sharing services.</li> <li>Block - Block all incoming network connections except the connections required for basic internet services, such as DHCP, Bonjour, and IPSec. This setting also blocks all sharing services, including screen sharing, remote access, iTunes music sharing, and more.</li> </ul> </li> <li> <p><strong>Stealth Mode</strong></p> <ul> <li>Not configured <em>(default)</em> - This setting leaves stealth mode turned off.</li> <li>Enable - Turn on stealth mode to prevent devices from responding to probing requests, which can be made my malicious users. When enabled, the device continues to answer incoming requests for authorized apps.</li> </ul> </li> </ul> <h3>Gatekeeper</h3> <p>For more information, see Gatekeeper on macOS.</p> <ul> <li><strong>Allow apps downloaded from these locations</strong> Allows supported applications to be installed on your devices from different locations. Your location options: <ul> <li>Not configured <em>(default)</em> - The gatekeeper option has no impact on compliance or non-compliance.</li> <li>Mac App Store - Only install apps for the Mac app store. Apps can't be installed from third parties nor identified developers. If a user selects Gatekeeper to install apps outside the Mac App Store, then the device is considered not compliant.</li> <li>Mac App Store and identified developers - Install apps for the Mac app store and from identified developers. macOS checks the identity of developers, and does some other checks to verify app integrity. If a user selects Gatekeeper to install apps outside these options, then the device is considered not compliant.</li> <li>Anywhere - Apps can be installed from anywhere, and by any developer. This option is the least secure.</li> </ul> </li> </ul> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordRequired of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockSimple</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordBlockSimple of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordExpirationDays of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinimumLength of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinutesOfInactivityBeforeLock of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordPreviousPasswordBlockCount of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumCharacterSetCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinimumCharacterSetCount of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>PasswordRequiredType of the MacOS device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Alphanumeric"</code>, <code>"DeviceDefault"</code>, <code>"Numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMinimumVersion of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMaximumVersion of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumBuildVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Minimum MacOS build version.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumBuildVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Maximum MacOS build version.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemIntegrityProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SystemIntegrityProtectionEnabled of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DeviceThreatProtectionEnabled of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>DeviceThreatProtectionRequiredSecurityLevel of the MacOS device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Low"</code>, <code>"Medium"</code>, <code>"NotSet"</code>, <code>"Secured"</code>, <code>"Unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>AdvancedThreatProtectionRequiredSecurityLevel of the MacOS device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Low"</code>, <code>"Medium"</code>, <code>"NotSet"</code>, <code>"Secured"</code>, <code>"Unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>StorageRequireEncryption of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GatekeeperAllowedAppSource</span> </div> <div class="desc-html"><p>System and Privacy setting that determines which download locations apps can be run from on a macOS device.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"anywhere"</code>, <code>"macAppStore"</code>, <code>"macAppStoreAndIdentifiedDevelopers"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Mm][Aa][Cc][Aa][Pp][Pp][Ss][Tt][Oo][Rr][Ee]|[Mm][Aa][Cc][Aa][Pp][Pp][Ss][Tt][Oo][Rr][Ee][Aa][Nn][Dd][Ii][Dd][Ee][Nn][Tt][Ii][Ff][Ii][Ee][Dd][Dd][Ee][Vv][Ee][Ll][Oo][Pp][Ee][Rr][Ss]|[Aa][Nn][Yy][Ww][Hh][Ee][Rr][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>FirewallEnabled of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallBlockAllIncoming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>FirewallBlockAllIncoming of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallEnableStealthMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>FirewallEnableStealthMode of the MacOS device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.devicecompliancepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.devicecompliancepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of Windows 10 compliance policies in your cloud-based organization.</p> <h2>Parameters</h2> <h3>Device Health</h3> <h4>Windows Health Attestation Service evaluation rules</h4> <ul> <li> <p><strong>Require BitLocker:</strong> Windows BitLocker Drive Encryption encrypts all data stored on the Windows operating system volume. BitLocker uses the Trusted Platform Module (TPM) to help protect the Windows operating system and user data. It also helps confirm that a computer isn't tampered with, even if its left unattended, lost, or stolen. If the computer is equipped with a compatible TPM, BitLocker uses the TPM to lock the encryption keys that protect the data. As a result, the keys can't be accessed until the TPM verifies the state of the computer.</p> <ul> <li>Not configured <em>(default)</em> - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - The device can protect data that's stored on the drive from unauthorized access when the system is off, or hibernates.</li> </ul> <p>Device HealthAttestation CSP - BitLockerStatus</p> </li> <li> <p><strong>Require Secure Boot to be enabled on the device:</strong></p> <ul> <li>Not configured <em>(default)</em> - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - The system is forced to boot to a factory trusted state. The core components that are used to boot the machine must have correct cryptographic signatures that are trusted by the organization that manufactured the device. The UEFI firmware verifies the signature before it lets the machine start. If any files are tampered with, which breaks their signature, the system doesn't boot.</li> </ul> </li> </ul> <h3>Device Properties</h3> <h4>Operating System Version</h4> <p>To discover build versions for all Windows 10 Feature Updates and Cumulative Updates (to be used in some of the fields below), see Windows 10 release information. Be sure to include the 10.0. prefix before the build numbers, as the following examples illustrate.</p> <ul> <li> <p><strong>Minimum OS version:</strong> Enter the minimum allowed version in the major.minor.build.revision number format. To get the correct value, open a command prompt, and type ver. The ver command returns the version in the following format:</p> <p>Microsoft Windows [Version 10.0.17134.1]</p> <p>When a device has an earlier version than the OS version you enter, it's reported as noncompliant. A link with information on how to upgrade is shown. The end user can choose to upgrade their device. After they upgrade, they can access company resources.</p> </li> <li> <p><strong>Maximum OS version:</strong> Enter the maximum allowed version, in the major.minor.build.revision number format. To get the correct value, open a command prompt, and type ver. The ver command returns the version in the following format:</p> <p>Microsoft Windows [Version 10.0.17134.1]</p> <p>When a device is using an OS version later than the version entered, access to organization resources is blocked. The end user is asked to contact their IT administrator. The device can't access organization resources until the rule is changed to allow the OS version.</p> </li> <li> <p><strong>Minimum OS required for mobile devices:</strong> Enter the minimum allowed version, in the major.minor.build number format.</p> <p>When a device has an earlier version that the OS version you enter, it's reported as noncompliant. A link with information on how to upgrade is shown. The end user can choose to upgrade their device. After they upgrade, they can access company resources.</p> </li> <li> <p><strong>Maximum OS required for mobile devices:</strong> Enter the maximum allowed version, in the major.minor.build number.</p> <p>When a device is using an OS version later than the version entered, access to organization resources is blocked. The end user is asked to contact their IT administrator. The device can't access organization resources until the rule is changed to allow the OS version.</p> </li> <li> <p><strong>Valid operating system builds:</strong> Specify a list of minimum and maximum operating system builds. Valid operating system builds provides additional flexibility when compared against minimum and maximum OS versions. Consider a scenario where minimum OS version is set to 10.0.18362.xxx (Windows 10 1903) and maximum OS version is set to 10.0.18363.xxx (Windows 10 1909). This configuration can allow a Windows 10 1903 device that doesn't have recent cumulative updates installed to be identified as compliant. Minimum and maximum OS versions might be suitable if you have standardized on a single Windows 10 release, but might not address your requirements if you need to use multiple builds, each with specific patch levels. In such a case, consider leveraging valid operating system builds instead, which allows multiple builds to be specified as per the following example.</p> <p>Example: The following table is an example of a range for the acceptable operating systems versions for different Windows 10 releases. In this example, three different Feature Updates have been allowed (1809, 1909 and 2004). Specifically, only those versions of Windows and which have applied cumulative updates from June to September 2020 will be considered to be compliant. This is sample data only. The table includes a first column that includes any text you want to describe the entry, followed by the minimum and maximum OS version for that entry. The second and third columns must adhere to valid OS build versions in the major.minor.build.revision number format. After you define one or more entries, you can Export the list as a comma-separated values (CSV) file.</p> <table><thead><tr><th>Description</th><th>Minimum OS version</th><th>Maximum OS version</th></tr></thead><tbody> <tr><td>Win 10 2004 (Jun-Sept 2020)</td><td>10.0.19041.329</td><td>10.0.19041.508</td></tr> <tr><td>Win 10 1909 (Jun-Sept 2020)</td><td>10.0.18363.900</td><td>10.0.18363.1110</td></tr> <tr><td>Win 10 1809 (Jun-Sept 2020)</td><td>10.0.17763.1282</td><td>10.0.17763.1490</td></tr> </tbody></table> </li> </ul> <h3>Configuration Manager Compliance</h3> <p>Applies only to co-managed devices running Windows 10 and later. Intune-only devices return a not available status.</p> <ul> <li><strong>Require device compliance from Configuration Manager:</strong> <ul> <li>Not configured <em>(default)</em> - Intune doesn't check for any of the Configuration Manager settings for compliance.</li> <li>Require - Require all settings (configuration items) in Configuration Manager to be compliant.</li> </ul> </li> </ul> <h3>System Security</h3> <h4>Password</h4> <ul> <li> <p><strong>Require a password to unlock mobile devices:</strong></p> <ul> <li>Not configured <em>(default)</em> - This setting isn't evaluated for compliance or non-compliance.</li> <li>Require - Users must enter a password before they can access their device.</li> </ul> </li> <li> <p><strong>Simple passwords:</strong></p> <ul> <li>Not configured <em>(default)</em> - Users can create simple passwords, such as 1234 or 1111.</li> <li>Block - Users can't create simple passwords, such as 1234 or 1111.</li> </ul> </li> <li> <p><strong>Password type:</strong> Choose the type of password or PIN required. Your options:</p> <ul> <li> <p>Device <em>(default)</em> - Require a password, numeric PIN, or alphanumeric PIN</p> </li> <li> <p>Numeric - Require a password or numeric PIN</p> </li> <li> <p>Alphanumeric - Require a password, or alphanumeric PIN. When set to Alphanumeric, the following settings are available:</p> </li> <li> <p>Password complexity: Your options:</p> <ul> <li>Require digits and lowercase letters <em>(default)</em></li> <li>Require digits, lowercase letters, and uppercase letters</li> <li>Require digits, lowercase letters, uppercase letters, and special characters</li> </ul> </li> </ul> </li> <li> <p><strong>Minimum password length:</strong> Enter the minimum number of digits or characters that the password must have.</p> </li> <li> <p><strong>Maximum minutes of inactivity before password is required:</strong> Enter the idle time before the user must reenter their password.</p> </li> <li> <p><strong>Password expiration (days):</strong> Enter the number of days before the password expires, and they must create a new one, from 1-730.</p> </li> <li> <p><strong>Number of previous passwords to prevent reuse:</strong> Enter the number of previously used passwords that can't be used.</p> </li> <li> <p><strong>Require password when device returns from idle state (Mobile and Holographic):</strong></p> <ul> <li>Not configured <em>(default)</em></li> <li>Require - Require device users to enter the password every time the device returns from an idle state.</li> </ul> <p><strong>Important</strong> When the password requirement is changed on a Windows desktop, users are impacted the next time they sign in, as that's when the device goes from idle to active. Users with passwords that meet the requirement are still prompted to change their passwords.</p> </li> </ul> <h3>Encryption</h3> <ul> <li> <p><strong>Encryption of data storage on a device:</strong> This setting applies to all drives on a device.</p> <ul> <li>Not configured <em>(default)</em></li> <li>Require - Use Require to encrypt data storage on your devices.</li> </ul> <p><strong>Note</strong> The Encryption of data storage on a device setting generically checks for the presence of encryption on the device, more specifically at the OS drive level. Currently, Intune supports only the encryption check with BitLocker. For a more robust encryption setting, consider using Require BitLocker, which leverages Windows Device Health Attestation to validate Bitlocker status at the TPM level.</p> </li> </ul> <h3>Device Security</h3> <ul> <li> <p><strong>Firewall:</strong></p> <ul> <li>Not configured <em>(default)</em> - Intune doesn't control the Microsoft Defender Firewall, nor change existing settings.</li> <li>Require - Turn on the Microsoft Defender Firewall, and prevent users from turning it off.</li> </ul> <p><strong>Note</strong> If the device immediately syncs after a reboot, or immediately syncs waking from sleep, then this setting may report as an Error. This scenario might not affect the overall device compliance status. To re-evaluate the compliance status, manually sync the device.</p> </li> <li> <p><strong>Trusted Platform Module (TPM):</strong></p> <ul> <li>Not configured <em>(default)</em> - Intune doesn't check the device for a TPM chip version.</li> <li>Require - Intune checks the TPM chip version for compliance. The device is compliant if the TPM chip version is greater than 0 (zero). The device isn't compliant if there isn't a TPM version on the device.</li> </ul> </li> <li> <p><strong>Antivirus:</strong></p> <ul> <li>Not configured <em>(default)</em> - Intune doesn't check for any antivirus solutions installed on the device.</li> <li>Require - Check compliance using antivirus solutions that are registered with Windows Security Center, such as Symantec and Microsoft Defender.</li> </ul> </li> <li> <p><strong>Antispyware:</strong></p> <ul> <li>Not configured <em>(default)</em> - Intune doesn't check for any antispyware solutions installed on the device.</li> <li>Require - Check compliance using antispyware solutions that are registered with Windows Security Center, such as Symantec and Microsoft Defender.</li> </ul> </li> </ul> <h3>Defender</h3> <p>The following compliance settings are supported with Windows 10 Desktop.</p> <ul> <li> <p><strong>Microsoft Defender Antimalware:</strong></p> <ul> <li>Not configured <em>(default)</em> - Intune doesn't control the service, nor change existing settings.</li> <li>Require - Turn on the Microsoft Defender anti-malware service, and prevent users from turning it off.</li> </ul> </li> <li> <p><strong>Microsoft Defender Antimalware minimum version:</strong> Enter the minimum allowed version of Microsoft Defender anti-malware service. For example, enter 4.11.0.0. When left blank, any version of the Microsoft Defender anti-malware service can be used.</p> <p>By <em>(default)</em>, no version is configured.</p> </li> <li> <p><strong>Microsoft Defender Antimalware security intelligence up-to-date:</strong> Controls the Windows Security virus and threat protection updates on the devices.</p> <ul> <li>Not configured <em>(default)</em> - Intune doesn't enforce any requirements.</li> <li>Require - Force the Microsoft Defender security intelligence be up-to-date.</li> </ul> </li> <li> <p><strong>Real-time protection:</strong></p> <ul> <li>Not configured (<em>(default)</em>) - Intune doesn't control this feature, nor change existing settings.</li> <li>Require - Turn on real-time protection, which scans for malware, spyware, and other unwanted software.</li> </ul> </li> </ul> <h3>Microsoft Defender for Endpoint</h3> <h4>Microsoft Defender for Endpoint rules</h4> <p>For additional information on Microsoft Defender for Endpoint integration in conditional access scenarios, see Configure Conditional Access in Microsoft Defender for Endpoint.</p> <ul> <li><strong>Require the device to be at or under the machine risk score:</strong> Use this setting to take the risk assessment from your defense threat services as a condition for compliance. Choose the maximum allowed threat level: <ul> <li>Not configured (<em>(default)</em>)</li> <li>Clear -This option is the most secure, as the device can't have any threats. If the device is detected as having any level of threats, it's evaluated as non-compliant.</li> <li>Low - The device is evaluated as compliant if only low-level threats are present. Anything higher puts the device in a non-compliant status.</li> <li>Medium - The device is evaluated as compliant if existing threats on the device are low or medium level. If the device is detected to have high-level threats, it's determined to be non-compliant.</li> <li>High - This option is the least secure, and allows all threat levels. It may be useful if you're using this solution only for reporting purposes.</li> </ul> </li> </ul> <h3>Windows Holographic for Business</h3> <p>Windows Holographic for Business uses the Windows 10 and later platform. Windows Holographic for Business supports the following setting:</p> <p><strong>System Security > Encryption > Encryption of data storage on device.</strong> To verify device encryption on the Microsoft HoloLens, see Verify device encryption.</p> <h3>Surface Hub</h3> <p>Surface Hub uses the Windows 10 and later platform. Surface Hubs are supported for both compliance and Conditional Access. To enable these features on Surface Hubs, we recommend you enable Windows 10 automatic enrollment in Intune (requires Azure Active Directory (Azure AD)), and target the Surface Hub devices as device groups. Surface Hubs are required to be Azure AD joined for compliance and Conditional Access to work.</p> <p>For guidance, see set up enrollment for Windows devices.</p> <p>Special consideration for Surface Hubs running Windows 10 Team OS: Surface Hubs that run Windows 10 Team OS do not support the Microsoft Defender for Endpoint and Password compliance policies at this time. Therefore, for Surface Hubs that run Windows 10 Team OS set the following two settings to their <em>(default)</em> of <em>Not configured</em>:</p> <ul> <li>In the category Password, set Require a password to unlock mobile devices to the <em>(default)</em> of Not configured.</li> <li>In the category Microsoft Defender for Endpoint, set Require the device to be at or under the machine risk score to the <em>(default)</em> of Not configured.</li> </ul> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordRequired of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockSimple</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordBlockSimple of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredToUnlockFromIdle</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>PasswordRequiredToUnlockFromIdle of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinutesOfInactivityBeforeLock of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordExpirationDays of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinimumLength of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumCharacterSetCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordMinimumCharacterSetCount of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>PasswordRequiredType of the Windows 10 device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Alphanumeric"</code>, <code>"DeviceDefault"</code>, <code>"Numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PasswordPreviousPasswordBlockCount of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireHealthyDeviceReport</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>RequireHealthyDeviceReport of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMinimumVersion of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OsMaximumVersion of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MobileOsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>MobileOsMinimumVersion of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MobileOsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>MobileOsMaximumVersion of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EarlyLaunchAntiMalwareDriverEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>EarlyLaunchAntiMalwareDriverEnabled of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>BitLockerEnabled of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecureBootEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SecureBootEnabled of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CodeIntegrityEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>CodeIntegrityEnabled of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>StorageRequireEncryption of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveFirewallRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>ActiveFirewallRequired of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DefenderEnabled of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>DefenderVersion of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignatureOutOfDate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>SignatureOutOfDate of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RTPEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>RTPEnabled of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AntivirusRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>AntivirusRequired of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AntiSpywareRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>AntiSpywareRequired of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>DeviceThreatProtectionEnabled of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceThreatProtectionRequiredSecurityLevel</span> </div> <div class="desc-html"><p>DeviceThreatProtectionRequiredSecurityLevel of the Windows 10 device compliance policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Low"</code>, <code>"Medium"</code>, <code>"NotSet"</code>, <code>"Secured"</code>, <code>"Unavailable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Vv][Aa][Ii][Ll][Aa][Bb][Ll][Ee]|[Ss][Ee][Cc][Uu][Rr][Ee][Dd]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Tt][Ss][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigurationManagerComplianceRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>ConfigurationManagerComplianceRequired of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TpmRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>TpmRequired of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceCompliancePolicyScript</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>DeviceCompliancePolicyScript of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ValidOperatingSystemBuildRanges</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ValidOperatingSystemBuildRanges of the Windows 10 device compliance policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationadministrativetemplatepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationadministrativetemplatepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Administrative Template Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>User provided name for the resource object.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>User provided description for the resource object.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyConfigurationIngestionType</span> </div> <div class="desc-html"><p>Type of definitions configured for this policy. Possible values are: unknown, custom, builtIn, mixed, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"builtIn"</code>, <code>"custom"</code>, <code>"mixed"</code>, <code>"unknown"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Kk][Nn][Oo][Ww][Nn]|[Cc][Uu][Ss][Tt][Oo][Mm]|[Bb][Uu][Ii][Ll][Tt][Ii][Nn]|[Mm][Ii][Xx][Ee][Dd]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefinitionValues</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The list of enabled or disabled group policy definition values for the configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationcustompolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationcustompolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Custom Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OmaSettings</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>OMA settings. This collection can contain a maximum of 1000 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationdefenderforendpointonboardingpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationdefenderforendpointonboardingpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionAutoPopulateOnboardingBlob</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Auto populate onboarding blob programmatically from Advanced Threat protection service</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionOffboardingBlob</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Windows Defender AdvancedThreatProtection Offboarding Blob.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionOffboardingFilename</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the file from which AdvancedThreatProtectionOffboardingBlob was obtained.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionOnboardingBlob</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Windows Defender AdvancedThreatProtection Onboarding Blob.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedThreatProtectionOnboardingFilename</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the file from which AdvancedThreatProtectionOnboardingBlob was obtained.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowSampleSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Windows Defender AdvancedThreatProtection 'Allow Sample Sharing' Rule</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableExpeditedTelemetryReporting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Expedite Windows Defender Advanced Threat Protection telemetry reporting frequency.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationdeliveryoptimizationpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationdeliveryoptimizationpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Delivery Optimization Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BackgroundDownloadFromHttpDelayInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies number of seconds to delay an HTTP source in a background download that is allowed to use peer-to-peer. Valid values 0 to 4294967295</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthMode</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Specifies foreground and background bandwidth usage using percentages, absolutes, or hours.</p> </div> <details class="nested-properties"> <summary>7 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumDownloadBandwidthInKilobytesPerSecond</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum download bandwidth in KiloBytes/second that the device can use across all concurrent download activities using Delivery Optimization. Valid values 0 to 4294967295</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumUploadBandwidthInKilobytesPerSecond</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum upload bandwidth in KiloBytes/second that a device will use across all concurrent upload activity using Delivery Optimization (0-4000000). Valid values 0 to 4000000 The default value is 0, which permits unlimited possible bandwidth (optimized for minimal usage of upload bandwidth). Valid values 0 to 4000000</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthBackgroundPercentageHours</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Background download percentage hours.</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthBeginBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the beginning of business hours using a 24-hour clock (0-23). Valid values 0 to 23</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthEndBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the end of business hours using a 24-hour clock (0-23). Valid values 0 to 23</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthPercentageDuringBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the percentage of bandwidth to limit during business hours (0-100). Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthPercentageOutsideBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the percentage of bandwidth to limit outsidse business hours (0-100). Valid values 0 to 100</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthForegroundPercentageHours</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Foreground download percentage hours.</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthBeginBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the beginning of business hours using a 24-hour clock (0-23). Valid values 0 to 23</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthEndBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the end of business hours using a 24-hour clock (0-23). Valid values 0 to 23</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthPercentageDuringBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the percentage of bandwidth to limit during business hours (0-100). Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BandwidthPercentageOutsideBusinessHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the percentage of bandwidth to limit outsidse business hours (0-100). Valid values 0 to 100</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumBackgroundBandwidthPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum background download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth (0-100). Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumForegroundBandwidthPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum foreground download bandwidth that Delivery Optimization uses across all concurrent download activities as a percentage of available download bandwidth (0-100). Valid values 0 to 100 The default value 0 (zero) means that Delivery Optimization dynamically adjusts to use the available bandwidth for foreground downloads. Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the entity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.deliveryOptimizationBandwidthAbsolute"</code>, <code>"#microsoft.graph.deliveryOptimizationBandwidthHoursWithPercentage"</code>, <code>"#microsoft.graph.deliveryOptimizationBandwidthPercentage"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy][Oo][Pp][Tt][Ii][Mm][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Bb][Aa][Nn][Dd][Ww][Ii][Dd][Tt][Hh][Aa][Bb][Ss][Oo][Ll][Uu][Tt][Ee]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy][Oo][Pp][Tt][Ii][Mm][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Bb][Aa][Nn][Dd][Ww][Ii][Dd][Tt][Hh][Hh][Oo][Uu][Rr][Ss][Ww][Ii][Tt][Hh][Pp][Ee][Rr][Cc][Ee][Nn][Tt][Aa][Gg][Ee]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy][Oo][Pp][Tt][Ii][Mm][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Bb][Aa][Nn][Dd][Ww][Ii][Dd][Tt][Hh][Pp][Ee][Rr][Cc][Ee][Nn][Tt][Aa][Gg][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CacheServerBackgroundDownloadFallbackToHttpDelayInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies number of seconds to delay a fall back from cache servers to an HTTP source for a background download. Valid values 0 to 2592000.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CacheServerForegroundDownloadFallbackToHttpDelayInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies number of seconds to delay a fall back from cache servers to an HTTP source for a foreground download. Valid values 0 to 2592000.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CacheServerHostNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies cache servers host names.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeliveryOptimizationMode</span> </div> <div class="desc-html"><p>Specifies the download method that delivery optimization can use to manage network bandwidth consumption for large content distribution scenarios. Possible values are: userDefined, httpOnly, httpWithPeeringNat, httpWithPeeringPrivateGroup, httpWithInternetPeering, simpleDownload, bypassMode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"bypassMode"</code>, <code>"httpOnly"</code>, <code>"httpWithInternetPeering"</code>, <code>"httpWithPeeringNat"</code>, <code>"httpWithPeeringPrivateGroup"</code>, <code>"simpleDownload"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Hh][Tt][Tt][Pp][Oo][Nn][Ll][Yy]|[Hh][Tt][Tt][Pp][Ww][Ii][Tt][Hh][Pp][Ee][Ee][Rr][Ii][Nn][Gg][Nn][Aa][Tt]|[Hh][Tt][Tt][Pp][Ww][Ii][Tt][Hh][Pp][Ee][Ee][Rr][Ii][Nn][Gg][Pp][Rr][Ii][Vv][Aa][Tt][Ee][Gg][Rr][Oo][Uu][Pp]|[Hh][Tt][Tt][Pp][Ww][Ii][Tt][Hh][Ii][Nn][Tt][Ee][Rr][Nn][Ee][Tt][Pp][Ee][Ee][Rr][Ii][Nn][Gg]|[Ss][Ii][Mm][Pp][Ll][Ee][Dd][Oo][Ww][Nn][Ll][Oo][Aa][Dd]|[Bb][Yy][Pp][Aa][Ss][Ss][Mm][Oo][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForegroundDownloadFromHttpDelayInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies number of seconds to delay an HTTP source in a foreground download that is allowed to use peer-to-peer (0-86400). Valid values 0 to 86400 Specifying 0 sets Delivery Optimization to manage this setting using the cloud service. Valid values 0 to 86400</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupIdSource</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Specifies to restrict peer selection to a specific source. The options set in this policy only apply to Delivery Optimization mode Group (2) download mode. If Group (2) isn't set as Download mode, this policy will be ignored. For option 3 - DHCP Option ID, the client will query DHCP Option ID 234 and use the returned GUID value as the Group ID.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupIdCustom</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies an arbitrary group ID that the device belongs to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GroupIdSourceOption</span> </div> <div class="desc-html"><p>Set this policy to restrict peer selection to a specific source. Possible values are: notConfigured, adSite, authenticatedDomainSid, dhcpUserOption, dnsSuffix.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adSite"</code>, <code>"authenticatedDomainSid"</code>, <code>"dhcpUserOption"</code>, <code>"dnsSuffix"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Dd][Ss][Ii][Tt][Ee]|[Aa][Uu][Tt][Hh][Ee][Nn][Tt][Ii][Cc][Aa][Tt][Ee][Dd][Dd][Oo][Mm][Aa][Ii][Nn][Ss][Ii][Dd]|[Dd][Hh][Cc][Pp][Uu][Ss][Ee][Rr][Oo][Pp][Tt][Ii][Oo][Nn]|[Dd][Nn][Ss][Ss][Uu][Ff][Ff][Ii][Xx])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the entity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.deliveryOptimizationGroupIdCustom"</code>, <code>"#microsoft.graph.deliveryOptimizationGroupIdSourceOptions"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy][Oo][Pp][Tt][Ii][Mm][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Gg][Rr][Oo][Uu][Pp][Ii][Dd][Cc][Uu][Ss][Tt][Oo][Mm]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy][Oo][Pp][Tt][Ii][Mm][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Gg][Rr][Oo][Uu][Pp][Ii][Dd][Ss][Oo][Uu][Rr][Cc][Ee][Oo][Pp][Tt][Ii][Oo][Nn][Ss])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumCacheAgeInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum time in days that each file is held in the Delivery Optimization cache after downloading successfully (0-3650). Valid values 0 to 3650</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumCacheSize</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Specifies the maximum cache size that Delivery Optimization either as a percentage or in GB.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumCacheSizeInGigabytes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum size in GB of Delivery Optimization cache. Valid values 0 to 4294967295</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumCacheSizePercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum cache size that Delivery Optimization can utilize, as a percentage of disk size (1-100). Valid values 1 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the entity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.deliveryOptimizationMaxCacheSizeAbsolute"</code>, <code>"#microsoft.graph.deliveryOptimizationMaxCacheSizePercentage"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy][Oo][Pp][Tt][Ii][Mm][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Mm][Aa][Xx][Cc][Aa][Cc][Hh][Ee][Ss][Ii][Zz][Ee][Aa][Bb][Ss][Oo][Ll][Uu][Tt][Ee]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Dd][Ee][Ll][Ii][Vv][Ee][Rr][Yy][Oo][Pp][Tt][Ii][Mm][Ii][Zz][Aa][Tt][Ii][Oo][Nn][Mm][Aa][Xx][Cc][Aa][Cc][Hh][Ee][Ss][Ii][Zz][Ee][Pp][Ee][Rr][Cc][Ee][Nn][Tt][Aa][Gg][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumBatteryPercentageAllowedToUpload</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the minimum battery percentage to allow the device to upload data (0-100). Valid values 0 to 100 The default value is 0. The value 0 (zero) means 'not limited' and the cloud service default value will be used. Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumDiskSizeAllowedToPeerInGigabytes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the minimum disk size in GB to use Peer Caching (1-100000). Valid values 1 to 100000 Recommended values: 64 GB to 256 GB. Valid values 1 to 100000</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumFileSizeToCacheInMegabytes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the minimum content file size in MB enabled to use Peer Caching (1-100000). Valid values 1 to 100000 Recommended values: 1 MB to 100,000 MB. Valid values 1 to 100000</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumRamAllowedToPeerInGigabytes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the minimum RAM size in GB to use Peer Caching (1-100000). Valid values 1 to 100000</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModifyCacheLocation</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the drive that Delivery Optimization should use for its cache.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictPeerSelectionBy</span> </div> <div class="desc-html"><p>Specifies to restrict peer selection via selected option.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"notConfigured"</code>, <code>"subnetMask"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ss][Uu][Bb][Nn][Ee][Tt][Mm][Aa][Ss][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VpnPeerCaching</span> </div> <div class="desc-html"><p>Specifies whether the device is allowed to participate in Peer Caching while connected via VPN to the domain network.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationdomainjoinpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationdomainjoinpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Domain Join Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveDirectoryDomainName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Active Directory domain name to join.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ComputerNameStaticPrefix</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Fixed prefix to be used for computer name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ComputerNameSuffixRandomCharCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Dynamically generated characters used as suffix for computer name. Valid values 3 to 14</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OrganizationalUnit</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Organizational unit (OU) where the computer account will be created. If this parameter is NULL, the well known computer object container will be used as published in the domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationemailprofilepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationemailprofilepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Email Profile Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Account name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DurationOfEmailToSync</span> </div> <div class="desc-html"><p>Duration of email to sync. Possible values are: userDefined, oneDay, threeDays, oneWeek, twoWeeks, oneMonth, unlimited.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"oneDay"</code>, <code>"oneMonth"</code>, <code>"oneWeek"</code>, <code>"threeDays"</code>, <code>"twoWeeks"</code>, <code>"unlimited"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Oo][Nn][Ee][Dd][Aa][Yy]|[Tt][Hh][Rr][Ee][Ee][Dd][Aa][Yy][Ss]|[Oo][Nn][Ee][Ww][Ee][Ee][Kk]|[Tt][Ww][Oo][Ww][Ee][Ee][Kk][Ss]|[Oo][Nn][Ee][Mm][Oo][Nn][Tt][Hh]|[Uu][Nn][Ll][Ii][Mm][Ii][Tt][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmailAddressSource</span> </div> <div class="desc-html"><p>Email attribute that is picked from AAD and injected into this profile before installing on the device. Possible values are: userPrincipalName, primarySmtpAddress.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"primarySmtpAddress"</code>, <code>"userPrincipalName"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Pp][Rr][Ii][Nn][Cc][Ii][Pp][Aa][Ll][Nn][Aa][Mm][Ee]|[Pp][Rr][Ii][Mm][Aa][Rr][Yy][Ss][Mm][Tt][Pp][Aa][Dd][Dd][Rr][Ee][Ss][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmailSyncSchedule</span> </div> <div class="desc-html"><p>Email sync schedule. Possible values are: userDefined, asMessagesArrive, manual, fifteenMinutes, thirtyMinutes, sixtyMinutes, basedOnMyUsage.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"asMessagesArrive"</code>, <code>"basedOnMyUsage"</code>, <code>"fifteenMinutes"</code>, <code>"manual"</code>, <code>"sixtyMinutes"</code>, <code>"thirtyMinutes"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Aa][Ss][Mm][Ee][Ss][Ss][Aa][Gg][Ee][Ss][Aa][Rr][Rr][Ii][Vv][Ee]|[Mm][Aa][Nn][Uu][Aa][Ll]|[Ff][Ii][Ff][Tt][Ee][Ee][Nn][Mm][Ii][Nn][Uu][Tt][Ee][Ss]|[Tt][Hh][Ii][Rr][Tt][Yy][Mm][Ii][Nn][Uu][Tt][Ee][Ss]|[Ss][Ii][Xx][Tt][Yy][Mm][Ii][Nn][Uu][Tt][Ee][Ss]|[Bb][Aa][Ss][Ee][Dd][Oo][Nn][Mm][Yy][Uu][Ss][Aa][Gg][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HostName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Exchange location that (URL) that the native mail app connects to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireSsl</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to use SSL.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SyncCalendar</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to sync the calendar.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SyncContacts</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to sync contacts.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SyncTasks</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to sync tasks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomDomainName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom domain name value used while generating an email profile before installing on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserDomainNameSource</span> </div> <div class="desc-html"><p>UserDomainname attribute that is picked from AAD and injected into this profile before installing on the device. Possible values are: fullDomainName, netBiosDomainName.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"fullDomainName"</code>, <code>"netBiosDomainName"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ff][Uu][Ll][Ll][Dd][Oo][Mm][Aa][Ii][Nn][Nn][Aa][Mm][Ee]|[Nn][Ee][Tt][Bb][Ii][Oo][Ss][Dd][Oo][Mm][Aa][Ii][Nn][Nn][Aa][Mm][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsernameAADSource</span> </div> <div class="desc-html"><p>Name of the AAD field, that will be used to retrieve UserName for email profile. Possible values are: userPrincipalName, primarySmtpAddress, samAccountName.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"primarySmtpAddress"</code>, <code>"samAccountName"</code>, <code>"userPrincipalName"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Pp][Rr][Ii][Nn][Cc][Ii][Pp][Aa][Ll][Nn][Aa][Mm][Ee]|[Pp][Rr][Ii][Mm][Aa][Rr][Yy][Ss][Mm][Tt][Pp][Aa][Dd][Dd][Rr][Ee][Ss][Ss]|[Ss][Aa][Mm][Aa][Cc][Cc][Oo][Uu][Nn][Tt][Nn][Aa][Mm][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsernameSource</span> </div> <div class="desc-html"><p>Username attribute that is picked from AAD and injected into this profile before installing on the device. Possible values are: userPrincipalName, primarySmtpAddress.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"primarySmtpAddress"</code>, <code>"userPrincipalName"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Pp][Rr][Ii][Nn][Cc][Ii][Pp][Aa][Ll][Nn][Aa][Mm][Ee]|[Pp][Rr][Ii][Mm][Aa][Rr][Yy][Ss][Mm][Tt][Pp][Aa][Dd][Dd][Rr][Ee][Ss][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationendpointprotectionpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationendpointprotectionpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Endpoint Protection Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowCameraMicrophoneRedirection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Gets or sets whether applications inside Microsoft Defender Application Guard can access the devices camera and microphone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowFileSaveOnHost</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow users to download files from Edge in the application guard container and save them on the host file system</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowPersistence</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow persisting user generated data inside the App Guard Container (favorites, cookies, web passwords, etc.)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowPrintToLocalPrinters</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow printing to Local Printers from Container</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowPrintToNetworkPrinters</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow printing to Network Printers from Container</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowPrintToPDF</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow printing to PDF from Container</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowPrintToXPS</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow printing to XPS from Container</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardAllowVirtualGPU</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow application guard to use virtual GPU</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardBlockClipboardSharing</span> </div> <div class="desc-html"><p>Block clipboard to share data from Host to Container, or from Container to Host, or both ways, or neither ways. Possible values are: notConfigured, blockBoth, blockHostToContainer, blockContainerToHost, blockNone.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"blockBoth"</code>, <code>"blockContainerToHost"</code>, <code>"blockHostToContainer"</code>, <code>"blockNone"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Bb][Oo][Tt][Hh]|[Bb][Ll][Oo][Cc][Kk][Hh][Oo][Ss][Tt][Tt][Oo][Cc][Oo][Nn][Tt][Aa][Ii][Nn][Ee][Rr]|[Bb][Ll][Oo][Cc][Kk][Cc][Oo][Nn][Tt][Aa][Ii][Nn][Ee][Rr][Tt][Oo][Hh][Oo][Ss][Tt]|[Bb][Ll][Oo][Cc][Kk][Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardBlockFileTransfer</span> </div> <div class="desc-html"><p>Block clipboard to transfer image file, text file or neither of them. Possible values are: notConfigured, blockImageAndTextFile, blockImageFile, blockNone, blockTextFile.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"blockImageAndTextFile"</code>, <code>"blockImageFile"</code>, <code>"blockNone"</code>, <code>"blockTextFile"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ii][Mm][Aa][Gg][Ee][Aa][Nn][Dd][Tt][Ee][Xx][Tt][Ff][Ii][Ll][Ee]|[Bb][Ll][Oo][Cc][Kk][Ii][Mm][Aa][Gg][Ee][Ff][Ii][Ll][Ee]|[Bb][Ll][Oo][Cc][Kk][Nn][Oo][Nn][Ee]|[Bb][Ll][Oo][Cc][Kk][Tt][Ee][Xx][Tt][Ff][Ii][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardBlockNonEnterpriseContent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block enterprise sites to load non-enterprise content, such as third party plug-ins</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardCertificateThumbprints</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Allows certain device level Root Certificates to be shared with the Microsoft Defender Application Guard container.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Windows Defender Application Guard</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardEnabledOptions</span> </div> <div class="desc-html"><p>Enable Windows Defender Application Guard for newer Windows builds. Possible values are: notConfigured, enabledForEdge, enabledForOffice, enabledForEdgeAndOffice.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"enabledForEdge"</code>, <code>"enabledForEdgeAndOffice"</code>, <code>"enabledForOffice"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Ff][Oo][Rr][Ee][Dd][Gg][Ee]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Ff][Oo][Rr][Oo][Ff][Ff][Ii][Cc][Ee]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Ff][Oo][Rr][Ee][Dd][Gg][Ee][Aa][Nn][Dd][Oo][Ff][Ff][Ii][Cc][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplicationGuardForceAuditing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Force auditing will persist Windows logs and events to meet security/compliance criteria (sample events are user login-logoff, use of privilege rights, software installation, system changes, etc.)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppLockerApplicationControl</span> </div> <div class="desc-html"><p>Enables the Admin to choose what types of app to allow on devices. Possible values are: notConfigured, enforceComponentsAndStoreApps, auditComponentsAndStoreApps, enforceComponentsStoreAppsAndSmartlocker, auditComponentsStoreAppsAndSmartlocker.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditComponentsAndStoreApps"</code>, <code>"auditComponentsStoreAppsAndSmartlocker"</code>, <code>"enforceComponentsAndStoreApps"</code>, <code>"enforceComponentsStoreAppsAndSmartlocker"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Ff][Oo][Rr][Cc][Ee][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Aa][Nn][Dd][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss]|[Aa][Uu][Dd][Ii][Tt][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Aa][Nn][Dd][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss]|[Ee][Nn][Ff][Oo][Rr][Cc][Ee][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss][Aa][Nn][Dd][Ss][Mm][Aa][Rr][Tt][Ll][Oo][Cc][Kk][Ee][Rr]|[Aa][Uu][Dd][Ii][Tt][Cc][Oo][Mm][Pp][Oo][Nn][Ee][Nn][Tt][Ss][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp][Ss][Aa][Nn][Dd][Ss][Mm][Aa][Rr][Tt][Ll][Oo][Cc][Kk][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerAllowStandardUserEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows the admin to allow standard users to enable encryption during Azure AD Join.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerDisableWarningForOtherDiskEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows the Admin to disable the warning prompt for other disk encryption on the user machines.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerEnableStorageCardEncryptionOnMobile</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows the admin to require encryption to be turned on using BitLocker. This policy is valid only for a mobile SKU.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerEncryptDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows the admin to require encryption to be turned on using BitLocker.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerFixedDrivePolicy</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>BitLocker Fixed Drive Policy.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionMethod</span> </div> <div class="desc-html"><p>Select the encryption method for fixed drives. Possible values are: aesCbc128, aesCbc256, xtsAes128, xtsAes256.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"aesCbc128"</code>, <code>"aesCbc256"</code>, <code>"xtsAes128"</code>, <code>"xtsAes256"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ee][Ss][Cc][Bb][Cc]128|[Aa][Ee][Ss][Cc][Bb][Cc]256|[Xx][Tt][Ss][Aa][Ee][Ss]128|[Xx][Tt][Ss][Aa][Ee][Ss]256)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryOptions</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This policy setting allows you to control how BitLocker-protected fixed data drives are recovered in the absence of the required credentials. This policy setting is applied when you turn on BitLocker.</p> </div> <details class="nested-properties"> <summary>7 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockDataRecoveryAgent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to block certificate-based data recovery agent.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableBitLockerAfterRecoveryInformationToStore</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enable BitLocker until recovery information is stored in AD DS.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableRecoveryInformationSaveToStore</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow BitLocker recovery information to store in AD DS.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideRecoveryOptions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow showing recovery options in BitLocker Setup Wizard for fixed or system disk.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryInformationToStore</span> </div> <div class="desc-html"><p>Configure what pieces of BitLocker recovery information are stored to AD DS. Possible values are: passwordAndKey, passwordOnly.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"passwordAndKey"</code>, <code>"passwordOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd][Aa][Nn][Dd][Kk][Ee][Yy]|[Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd][Oo][Nn][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryKeyUsage</span> </div> <div class="desc-html"><p>Indicates whether users are allowed or required to generate a 256-bit recovery key for fixed or system disk. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryPasswordUsage</span> </div> <div class="desc-html"><p>Indicates whether users are allowed or required to generate a 48-digit recovery password for fixed or system disk. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireEncryptionForWriteAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting determines whether BitLocker protection is required for fixed data drives to be writable on a computer.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerRecoveryPasswordRotation</span> </div> <div class="desc-html"><p>This setting initiates a client-driven recovery password rotation after an OS drive recovery (either by using bootmgr or WinRE). Possible values are: notConfigured, disabled, enabledForAzureAd, enabledForAzureAdAndHybrid.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabledForAzureAd"</code>, <code>"enabledForAzureAdAndHybrid"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Ff][Oo][Rr][Aa][Zz][Uu][Rr][Ee][Aa][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd][Ff][Oo][Rr][Aa][Zz][Uu][Rr][Ee][Aa][Dd][Aa][Nn][Dd][Hh][Yy][Bb][Rr][Ii][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerRemovableDrivePolicy</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>BitLocker Removable Drive Policy.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockCrossOrganizationWriteAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting determines whether BitLocker protection is required for removable data drives to be writable on a computer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionMethod</span> </div> <div class="desc-html"><p>Select the encryption method for removable drives. Possible values are: aesCbc128, aesCbc256, xtsAes128, xtsAes256.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"aesCbc128"</code>, <code>"aesCbc256"</code>, <code>"xtsAes128"</code>, <code>"xtsAes256"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ee][Ss][Cc][Bb][Cc]128|[Aa][Ee][Ss][Cc][Bb][Cc]256|[Xx][Tt][Ss][Aa][Ee][Ss]128|[Xx][Tt][Ss][Aa][Ee][Ss]256)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireEncryptionForWriteAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to block write access to devices configured in another organization. If requireEncryptionForWriteAccess is false, this value does not affect.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BitLockerSystemDrivePolicy</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>BitLocker System Drive Policy.</p> </div> <details class="nested-properties"> <summary>12 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionMethod</span> </div> <div class="desc-html"><p>Select the encryption method for operating system drives. Possible values are: aesCbc128, aesCbc256, xtsAes128, xtsAes256.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"aesCbc128"</code>, <code>"aesCbc256"</code>, <code>"xtsAes128"</code>, <code>"xtsAes256"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ee][Ss][Cc][Bb][Cc]128|[Aa][Ee][Ss][Cc][Bb][Cc]256|[Xx][Tt][Ss][Aa][Ee][Ss]128|[Xx][Tt][Ss][Aa][Ee][Ss]256)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MinimumPinLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum length of startup pin. Valid values 4 to 20</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrebootRecoveryEnableMessageAndUrl</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable pre-boot recovery message and Url. If requireStartupAuthentication is false, this value does not affect.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrebootRecoveryMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Defines a custom recovery message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrebootRecoveryUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Defines a custom recovery URL.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryOptions</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Allows to recover BitLocker encrypted operating system drives in the absence of the required startup key information. This policy setting is applied when you turn on BitLocker.</p> </div> <details class="nested-properties"> <summary>7 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockDataRecoveryAgent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to block certificate-based data recovery agent.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableBitLockerAfterRecoveryInformationToStore</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enable BitLocker until recovery information is stored in AD DS.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableRecoveryInformationSaveToStore</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow BitLocker recovery information to store in AD DS.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideRecoveryOptions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow showing recovery options in BitLocker Setup Wizard for fixed or system disk.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryInformationToStore</span> </div> <div class="desc-html"><p>Configure what pieces of BitLocker recovery information are stored to AD DS. Possible values are: passwordAndKey, passwordOnly.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"passwordAndKey"</code>, <code>"passwordOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd][Aa][Nn][Dd][Kk][Ee][Yy]|[Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd][Oo][Nn][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryKeyUsage</span> </div> <div class="desc-html"><p>Indicates whether users are allowed or required to generate a 256-bit recovery key for fixed or system disk. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecoveryPasswordUsage</span> </div> <div class="desc-html"><p>Indicates whether users are allowed or required to generate a 48-digit recovery password for fixed or system disk. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartupAuthenticationBlockWithoutTpmChip</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartupAuthenticationRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require additional authentication at startup.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartupAuthenticationTpmKeyUsage</span> </div> <div class="desc-html"><p>Indicates if TPM startup key is allowed/required/disallowed. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartupAuthenticationTpmPinAndKeyUsage</span> </div> <div class="desc-html"><p>Indicates if TPM startup pin key and key are allowed/required/disallowed. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartupAuthenticationTpmPinUsage</span> </div> <div class="desc-html"><p>Indicates if TPM startup pin is allowed/required/disallowed. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartupAuthenticationTpmUsage</span> </div> <div class="desc-html"><p>Indicates if TPM startup is allowed/required/disallowed. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAdditionalGuardedFolders</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of folder paths to be added to the list of protected folders</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAdobeReaderLaunchChildProcess</span> </div> <div class="desc-html"><p>Value indicating the behavior of Adobe Reader from creating child processes. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAdvancedRansomewareProtectionType</span> </div> <div class="desc-html"><p>Value indicating use of advanced protection against ransomeware. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowBehaviorMonitoring</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Behavior Monitoring functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowCloudProtection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>To best protect your PC, Windows Defender will send information to Microsoft about any problems it finds. Microsoft will analyze that information, learn more about problems affecting you and other customers, and offer improved solutions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowEndUserAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows user access to the Windows Defender UI. If disallowed, all Windows Defender notifications will also be suppressed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowIntrusionPreventionSystem</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Intrusion Prevention functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowOnAccessProtection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender On Access Protection functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowRealTimeMonitoring</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Realtime Monitoring functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowScanArchiveFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows scanning of archives.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowScanDownloads</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender IOAVP Protection functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowScanNetworkFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows a scanning of network files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowScanRemovableDrivesDuringFullScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows a full scan of removable drives. During a quick scan, removable drives may still be scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAllowScanScriptsLoadedInInternetExplorer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Script Scanning functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderAttackSurfaceReductionExcludedPaths</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of exe files and folders to be excluded from attack surface reduction rules</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderBlockEndUserAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows user access to the Windows Defender UI. If disallowed, all Windows Defender notifications will also be suppressed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderBlockPersistenceThroughWmiType</span> </div> <div class="desc-html"><p>Value indicating the behavior ofBlock persistence through WMI event subscription. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderCheckForSignaturesBeforeRunningScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting allows you to manage whether a check for new virus and spyware definitions will occur before running a scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderCloudBlockLevel</span> </div> <div class="desc-html"><p>Added in Windows 10, version 1709. This policy setting determines how aggressive Windows Defender Antivirus will be in blocking and scanning suspicious files. Value type is integer. This feature requires the 'Join Microsoft MAPS' setting enabled in order to function. Possible values are: notConfigured, high, highPlus, zeroTolerance.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"highPlus"</code>, <code>"notConfigured"</code>, <code>"zeroTolerance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Gg][Hh]|[Hh][Ii][Gg][Hh][Pp][Ll][Uu][Ss]|[Zz][Ee][Rr][Oo][Tt][Oo][Ll][Ee][Rr][Aa][Nn][Cc][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderCloudExtendedTimeoutInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Added in Windows 10, version 1709. This feature allows Windows Defender Antivirus to block a suspicious file for up to 60 seconds, and scan it in the cloud to make sure it's safe. Value type is integer, range is 0 - 50. This feature depends on three other MAPS settings the must all be enabled- 'Configure the 'Block at First Sight' feature 'Join Microsoft MAPS' 'Send file samples when further analysis is required'. Valid values 0 to 50</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDaysBeforeDeletingQuarantinedMalware</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Time period (in days) that quarantine items will be stored on the system. Valid values 0 to 90</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDetectedMalwareActions</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Allows an administrator to specify any valid threat severity levels and the corresponding default action ID to take.</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">HighSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for high severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LowSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for low severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModerateSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for moderate severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SevereSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for severe severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableBehaviorMonitoring</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Behavior Monitoring functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableCatchupFullScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting allows you to configure catch-up scans for scheduled full scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableCatchupQuickScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting allows you to configure catch-up scans for scheduled quick scans. A catch-up scan is a scan that is initiated because a regularly scheduled scan was missed. Usually these scheduled scans are missed because the computer was turned off at the scheduled time.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableCloudProtection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>To best protect your PC, Windows Defender will send information to Microsoft about any problems it finds. Microsoft will analyze that information, learn more about problems affecting you and other customers, and offer improved solutions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableIntrusionPreventionSystem</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Intrusion Prevention functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableOnAccessProtection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender On Access Protection functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableRealTimeMonitoring</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Realtime Monitoring functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableScanArchiveFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows scanning of archives.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableScanDownloads</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender IOAVP Protection functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableScanNetworkFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows a scanning of network files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableScanRemovableDrivesDuringFullScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows a full scan of removable drives. During a quick scan, removable drives may still be scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableScanScriptsLoadedInInternetExplorer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender Script Scanning functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderEmailContentExecution</span> </div> <div class="desc-html"><p>Value indicating if execution of executable content (exe, dll, ps, js, vbs, etc) should be dropped from email (webmail/mail-client). Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderEmailContentExecutionType</span> </div> <div class="desc-html"><p>Value indicating if execution of executable content (exe, dll, ps, js, vbs, etc) should be dropped from email (webmail/mail-client). Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderEnableLowCpuPriority</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting allows you to enable or disable low CPU priority for scheduled scans.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderEnableScanIncomingMail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows scanning of email.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderEnableScanMappedNetworkDrivesDuringFullScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows a full scan of mapped network drives.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderExploitProtectionXml</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Xml content containing information regarding exploit protection details.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderExploitProtectionXmlFileName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name of the file from which DefenderExploitProtectionXml was obtained.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderFileExtensionsToExclude</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>File extensions to exclude from scans and real time protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderFilesAndFoldersToExclude</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Files and folder to exclude from scans and real time protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderGuardedFoldersAllowedAppPaths</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of paths to exe that are allowed to access protected folders</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderGuardMyFoldersType</span> </div> <div class="desc-html"><p>Value indicating the behavior of protected folders. Possible values are: userDefined, enable, auditMode, blockDiskModification, auditDiskModification.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditDiskModification"</code>, <code>"auditMode"</code>, <code>"blockDiskModification"</code>, <code>"enable"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Bb][Ll][Oo][Cc][Kk][Dd][Ii][Ss][Kk][Mm][Oo][Dd][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn]|[Aa][Uu][Dd][Ii][Tt][Dd][Ii][Ss][Kk][Mm][Oo][Dd][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderNetworkProtectionType</span> </div> <div class="desc-html"><p>Value indicating the behavior of NetworkProtection. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeAppsExecutableContentCreationOrLaunch</span> </div> <div class="desc-html"><p>Value indicating the behavior of Office applications/macros creating or launching executable content. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeAppsExecutableContentCreationOrLaunchType</span> </div> <div class="desc-html"><p>Value indicating the behavior of Office applications/macros creating or launching executable content. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeAppsLaunchChildProcess</span> </div> <div class="desc-html"><p>Value indicating the behavior of Office application launching child processes. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeAppsLaunchChildProcessType</span> </div> <div class="desc-html"><p>Value indicating the behavior of Office application launching child processes. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeAppsOtherProcessInjection</span> </div> <div class="desc-html"><p>Value indicating the behavior of Office applications injecting into other processes. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeAppsOtherProcessInjectionType</span> </div> <div class="desc-html"><p>Value indicating the behavior ofOffice applications injecting into other processes. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeCommunicationAppsLaunchChildProcess</span> </div> <div class="desc-html"><p>Value indicating the behavior of Office communication applications, including Microsoft Outlook, from creating child processes. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeMacroCodeAllowWin32Imports</span> </div> <div class="desc-html"><p>Value indicating the behavior of Win32 imports from Macro code in Office. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderOfficeMacroCodeAllowWin32ImportsType</span> </div> <div class="desc-html"><p>Value indicating the behavior of Win32 imports from Macro code in Office. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderPotentiallyUnwantedAppAction</span> </div> <div class="desc-html"><p>Added in Windows 10, version 1607. Specifies the level of detection for potentially unwanted applications (PUAs). Windows Defender alerts you when potentially unwanted software is being downloaded or attempts to install itself on your computer. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderPreventCredentialStealingType</span> </div> <div class="desc-html"><p>Value indicating if credential stealing from the Windows local security authority subsystem is permitted. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderProcessCreation</span> </div> <div class="desc-html"><p>Value indicating response to process creations originating from PSExec and WMI commands. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderProcessCreationType</span> </div> <div class="desc-html"><p>Value indicating response to process creations originating from PSExec and WMI commands. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderProcessesToExclude</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Processes to exclude from scans and real time protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanDirection</span> </div> <div class="desc-html"><p>Controls which sets of files should be monitored. Possible values are: monitorAllFiles, monitorIncomingFilesOnly, monitorOutgoingFilesOnly.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"monitorAllFiles"</code>, <code>"monitorIncomingFilesOnly"</code>, <code>"monitorOutgoingFilesOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Oo][Nn][Ii][Tt][Oo][Rr][Aa][Ll][Ll][Ff][Ii][Ll][Ee][Ss]|[Mm][Oo][Nn][Ii][Tt][Oo][Rr][Ii][Nn][Cc][Oo][Mm][Ii][Nn][Gg][Ff][Ii][Ll][Ee][Ss][Oo][Nn][Ll][Yy]|[Mm][Oo][Nn][Ii][Tt][Oo][Rr][Oo][Uu][Tt][Gg][Oo][Ii][Nn][Gg][Ff][Ii][Ll][Ee][Ss][Oo][Nn][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanMaxCpuPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Represents the average CPU load factor for the Windows Defender scan (in percent). The default value is 50. Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanType</span> </div> <div class="desc-html"><p>Selects whether to perform a quick scan or full scan. Possible values are: userDefined, disabled, quick, full.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"full"</code>, <code>"quick"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Qq][Uu][Ii][Cc][Kk]|[Ff][Uu][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScheduledQuickScanTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Selects the time of day that the Windows Defender quick scan should run. For example, a value of 0=12:00AM, a value of 60=1:00AM, a value of 120=2:00, and so on, up to a value of 1380=11:00PM. The default value is 120</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScheduledScanDay</span> </div> <div class="desc-html"><p>Selects the day that the Windows Defender scan should run. Possible values are: userDefined, everyday, sunday, monday, tuesday, wednesday, thursday, friday, saturday, noScheduledScan.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"everyday"</code>, <code>"friday"</code>, <code>"monday"</code>, <code>"noScheduledScan"</code>, <code>"saturday"</code>, <code>"sunday"</code>, <code>"thursday"</code>, <code>"tuesday"</code>, <code>"userDefined"</code>, <code>"wednesday"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Vv][Ee][Rr][Yy][Dd][Aa][Yy]|[Ss][Uu][Nn][Dd][Aa][Yy]|[Mm][Oo][Nn][Dd][Aa][Yy]|[Tt][Uu][Ee][Ss][Dd][Aa][Yy]|[Ww][Ee][Dd][Nn][Ee][Ss][Dd][Aa][Yy]|[Tt][Hh][Uu][Rr][Ss][Dd][Aa][Yy]|[Ff][Rr][Ii][Dd][Aa][Yy]|[Ss][Aa][Tt][Uu][Rr][Dd][Aa][Yy]|[Nn][Oo][Ss][Cc][Hh][Ee][Dd][Uu][Ll][Ee][Dd][Ss][Cc][Aa][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScheduledScanTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Selects the time of day that the Windows Defender scan should run.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScriptDownloadedPayloadExecution</span> </div> <div class="desc-html"><p>Value indicating the behavior of js/vbs executing payload downloaded from Internet. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScriptDownloadedPayloadExecutionType</span> </div> <div class="desc-html"><p>Value indicating the behavior of js/vbs executing payload downloaded from Internet. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScriptObfuscatedMacroCode</span> </div> <div class="desc-html"><p>Value indicating the behavior of obfuscated js/vbs/ps/macro code. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScriptObfuscatedMacroCodeType</span> </div> <div class="desc-html"><p>Value indicating the behavior of obfuscated js/vbs/ps/macro code. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterBlockExploitProtectionOverride</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block user from overriding Exploit Protection settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableAccountUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the account protection area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableAppBrowserUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the app and browser protection area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableClearTpmUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the Clear TPM button.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableFamilyUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the family options area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableHardwareUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the hardware protection area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableHealthUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the device performance and health area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableNetworkUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the firewall and network protection area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableNotificationAreaUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the notification area control. The user needs to either sign out and sign in or reboot the computer for this setting to take effect.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableRansomwareUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the ransomware protection area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableSecureBootUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the secure boot area under Device security.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableTroubleshootingUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the security process troubleshooting under Device security.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableVirusUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of the virus and threat protection area.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Used to disable the display of update TPM Firmware when a vulnerable firmware is detected.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterHelpEmail</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The email address that is displayed to users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterHelpPhone</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The phone number or Skype ID that is displayed to users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterHelpURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The help portal URL this is displayed to users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterITContactDisplay</span> </div> <div class="desc-html"><p>Configure where to display IT contact information to end users. Possible values are: notConfigured, displayInAppAndInNotifications, displayOnlyInApp, displayOnlyInNotifications.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"displayInAppAndInNotifications"</code>, <code>"displayOnlyInApp"</code>, <code>"displayOnlyInNotifications"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ii][Ss][Pp][Ll][Aa][Yy][Ii][Nn][Aa][Pp][Pp][Aa][Nn][Dd][Ii][Nn][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss]|[Dd][Ii][Ss][Pp][Ll][Aa][Yy][Oo][Nn][Ll][Yy][Ii][Nn][Aa][Pp][Pp]|[Dd][Ii][Ss][Pp][Ll][Aa][Yy][Oo][Nn][Ll][Yy][Ii][Nn][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterNotificationsFromApp</span> </div> <div class="desc-html"><p>Notifications to show from the displayed areas of app. Possible values are: notConfigured, blockNoncriticalNotifications, blockAllNotifications.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"blockAllNotifications"</code>, <code>"blockNoncriticalNotifications"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Nn][Oo][Nn][Cc][Rr][Ii][Tt][Ii][Cc][Aa][Ll][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss]|[Bb][Ll][Oo][Cc][Kk][Aa][Ll][Ll][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSecurityCenterOrganizationDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The company name that is displayed to the users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSignatureUpdateIntervalInHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the interval (in hours) that will be used to check for signatures, so instead of using the ScheduleDay and ScheduleTime the check for new signatures will be set according to the interval. Valid values 0 to 24</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSubmitSamplesConsentType</span> </div> <div class="desc-html"><p>Checks for the user consent level in Windows Defender to send data. Possible values are: sendSafeSamplesAutomatically, alwaysPrompt, neverSend, sendAllSamplesAutomatically.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alwaysPrompt"</code>, <code>"neverSend"</code>, <code>"sendAllSamplesAutomatically"</code>, <code>"sendSafeSamplesAutomatically"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Ee][Nn][Dd][Ss][Aa][Ff][Ee][Ss][Aa][Mm][Pp][Ll][Ee][Ss][Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc][Aa][Ll][Ll][Yy]|[Aa][Ll][Ww][Aa][Yy][Ss][Pp][Rr][Oo][Mm][Pp][Tt]|[Nn][Ee][Vv][Ee][Rr][Ss][Ee][Nn][Dd]|[Ss][Ee][Nn][Dd][Aa][Ll][Ll][Ss][Aa][Mm][Pp][Ll][Ee][Ss][Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc][Aa][Ll][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderUntrustedExecutable</span> </div> <div class="desc-html"><p>Value indicating response to executables that don't meet a prevalence, age, or trusted list criteria. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderUntrustedExecutableType</span> </div> <div class="desc-html"><p>Value indicating response to executables that don't meet a prevalence, age, or trusted list criteria. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderUntrustedUSBProcess</span> </div> <div class="desc-html"><p>Value indicating response to untrusted and unsigned processes that run from USB. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderUntrustedUSBProcessType</span> </div> <div class="desc-html"><p>Value indicating response to untrusted and unsigned processes that run from USB. Possible values are: userDefined, block, auditMode, warn, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"block"</code>, <code>"disable"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceGuardEnableSecureBootWithDMA</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This property will be deprecated in May 2019 and will be replaced with property DeviceGuardSecureBootWithDMA. Specifies whether Platform Security Level is enabled at next reboot.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceGuardEnableVirtualizationBasedSecurity</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Turns On Virtualization Based Security(VBS).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceGuardLaunchSystemGuard</span> </div> <div class="desc-html"><p>Allows the IT admin to configure the launch of System Guard. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceGuardLocalSystemAuthorityCredentialGuardSettings</span> </div> <div class="desc-html"><p>Turn on Credential Guard when Platform Security Level with Secure Boot and Virtualization Based Security are both enabled. Possible values are: notConfigured, enableWithUEFILock, enableWithoutUEFILock, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disable"</code>, <code>"enableWithoutUEFILock"</code>, <code>"enableWithUEFILock"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Ww][Ii][Tt][Hh][Uu][Ee][Ff][Ii][Ll][Oo][Cc][Kk]|[Ee][Nn][Aa][Bb][Ll][Ee][Ww][Ii][Tt][Hh][Oo][Uu][Tt][Uu][Ee][Ff][Ii][Ll][Oo][Cc][Kk]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceGuardSecureBootWithDMA</span> </div> <div class="desc-html"><p>Specifies whether Platform Security Level is enabled at next reboot. Possible values are: notConfigured, withoutDMA, withDMA.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"notConfigured"</code>, <code>"withDMA"</code>, <code>"withoutDMA"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ww][Ii][Tt][Hh][Oo][Uu][Tt][Dd][Mm][Aa]|[Ww][Ii][Tt][Hh][Dd][Mm][Aa])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DmaGuardDeviceEnumerationPolicy</span> </div> <div class="desc-html"><p>This policy is intended to provide additional security against external DMA capable devices. It allows for more control over the enumeration of external DMA capable devices incompatible with DMA Remapping/device memory isolation and sandboxing. This policy only takes effect when Kernel DMA Protection is supported and enabled by the system firmware. Kernel DMA Protection is a platform feature that cannot be controlled via policy or by end user. It has to be supported by the system at the time of manufacturing. To check if the system supports Kernel DMA Protection, please check the Kernel DMA Protection field in the Summary page of MSINFO32.exe. Possible values are: deviceDefault, blockAll, allowAll.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowAll"</code>, <code>"blockAll"</code>, <code>"deviceDefault"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Bb][Ll][Oo][Cc][Kk][Aa][Ll][Ll]|[Aa][Ll][Ll][Oo][Ww][Aa][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallBlockStatefulFTP</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks stateful FTP connections to the device</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallCertificateRevocationListCheckMethod</span> </div> <div class="desc-html"><p>Specify how the certificate revocation list is to be enforced. Possible values are: deviceDefault, none, attempt, require.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"attempt"</code>, <code>"deviceDefault"</code>, <code>"none"</code>, <code>"require"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Nn][Oo][Nn][Ee]|[Aa][Tt][Tt][Ee][Mm][Pp][Tt]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallIdleTimeoutForSecurityAssociationInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures the idle timeout for security associations, in seconds, from 300 to 3600 inclusive. This is the period after which security associations will expire and be deleted. Valid values 300 to 3600</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallIPSecExemptionsAllowDHCP</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures IPSec exemptions to allow both IPv4 and IPv6 DHCP traffic</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallIPSecExemptionsAllowICMP</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures IPSec exemptions to allow ICMP</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallIPSecExemptionsAllowNeighborDiscovery</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures IPSec exemptions to allow neighbor discovery IPv6 ICMP type-codes</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallIPSecExemptionsAllowRouterDiscovery</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures IPSec exemptions to allow router discovery IPv6 ICMP type-codes</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallIPSecExemptionsNone</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures IPSec exemptions to no exemptions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallMergeKeyingModuleSettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If an authentication set is not fully supported by a keying module, direct the module to ignore only unsupported authentication suites rather than the entire set</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallPacketQueueingMethod</span> </div> <div class="desc-html"><p>Configures how packet queueing should be applied in the tunnel gateway scenario. Possible values are: deviceDefault, disabled, queueInbound, queueOutbound, queueBoth.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"deviceDefault"</code>, <code>"disabled"</code>, <code>"queueBoth"</code>, <code>"queueInbound"</code>, <code>"queueOutbound"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Qq][Uu][Ee][Uu][Ee][Ii][Nn][Bb][Oo][Uu][Nn][Dd]|[Qq][Uu][Ee][Uu][Ee][Oo][Uu][Tt][Bb][Oo][Uu][Nn][Dd]|[Qq][Uu][Ee][Uu][Ee][Bb][Oo][Tt][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallPreSharedKeyEncodingMethod</span> </div> <div class="desc-html"><p>Select the preshared key encoding to be used. Possible values are: deviceDefault, none, utF8.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"deviceDefault"</code>, <code>"none"</code>, <code>"utF8"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Nn][Oo][Nn][Ee]|[Uu][Tt][Ff]8)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallProfileDomain</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Configures the firewall profile settings for domain networks</p> </div> <details class="nested-properties"> <summary>23 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthorizedApplicationRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge authorized application rules from group policy with those from local store instead of ignoring the local store rules. When AuthorizedApplicationRulesFromGroupPolicyNotMerged and AuthorizedApplicationRulesFromGroupPolicyMerged are both true, AuthorizedApplicationRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthorizedApplicationRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging authorized application rules from group policy with those from local store instead of ignoring the local store rules. When AuthorizedApplicationRulesFromGroupPolicyNotMerged and AuthorizedApplicationRulesFromGroupPolicyMerged are both true, AuthorizedApplicationRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionSecurityRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge connection security rules from group policy with those from local store instead of ignoring the local store rules. When ConnectionSecurityRulesFromGroupPolicyNotMerged and ConnectionSecurityRulesFromGroupPolicyMerged are both true, ConnectionSecurityRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionSecurityRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging connection security rules from group policy with those from local store instead of ignoring the local store rules. When ConnectionSecurityRulesFromGroupPolicyNotMerged and ConnectionSecurityRulesFromGroupPolicyMerged are both true, ConnectionSecurityRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallEnabled</span> </div> <div class="desc-html"><p>Configures the host device to allow or block the firewall and advanced security enforcement for the network profile. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalPortRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge global port rules from group policy with those from local store instead of ignoring the local store rules. When GlobalPortRulesFromGroupPolicyNotMerged and GlobalPortRulesFromGroupPolicyMerged are both true, GlobalPortRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalPortRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging global port rules from group policy with those from local store instead of ignoring the local store rules. When GlobalPortRulesFromGroupPolicyNotMerged and GlobalPortRulesFromGroupPolicyMerged are both true, GlobalPortRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundConnectionsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all incoming connections by default. When InboundConnectionsRequired and InboundConnectionsBlocked are both true, InboundConnectionsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundConnectionsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow all incoming connections by default. When InboundConnectionsRequired and InboundConnectionsBlocked are both true, InboundConnectionsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundNotificationsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevents the firewall from displaying notifications when an application is blocked from listening on a port. When InboundNotificationsRequired and InboundNotificationsBlocked are both true, InboundNotificationsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundNotificationsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows the firewall to display notifications when an application is blocked from listening on a port. When InboundNotificationsRequired and InboundNotificationsBlocked are both true, InboundNotificationsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncomingTrafficBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all incoming traffic regardless of other policy settings. When IncomingTrafficRequired and IncomingTrafficBlocked are both true, IncomingTrafficBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncomingTrafficRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow incoming traffic pursuant to other policy settings. When IncomingTrafficRequired and IncomingTrafficBlocked are both true, IncomingTrafficBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundConnectionsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all outgoing connections by default. When OutboundConnectionsRequired and OutboundConnectionsBlocked are both true, OutboundConnectionsBlocked takes priority. This setting will get applied to Windows releases version 1809 and above.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundConnectionsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow all outgoing connections by default. When OutboundConnectionsRequired and OutboundConnectionsBlocked are both true, OutboundConnectionsBlocked takes priority. This setting will get applied to Windows releases version 1809 and above.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge Firewall Rule policies from group policy with those from local store instead of ignoring the local store rules. When PolicyRulesFromGroupPolicyNotMerged and PolicyRulesFromGroupPolicyMerged are both true, PolicyRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging Firewall Rule policies from group policy with those from local store instead of ignoring the local store rules. When PolicyRulesFromGroupPolicyNotMerged and PolicyRulesFromGroupPolicyMerged are both true, PolicyRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecuredPacketExemptionAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow the host computer to respond to unsolicited network traffic of that traffic is secured by IPSec even when stealthModeBlocked is set to true. When SecuredPacketExemptionBlocked and SecuredPacketExemptionAllowed are both true, SecuredPacketExemptionAllowed takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecuredPacketExemptionBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block the host computer to respond to unsolicited network traffic of that traffic is secured by IPSec even when stealthModeBlocked is set to true. When SecuredPacketExemptionBlocked and SecuredPacketExemptionAllowed are both true, SecuredPacketExemptionAllowed takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StealthModeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent the server from operating in stealth mode. When StealthModeRequired and StealthModeBlocked are both true, StealthModeBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StealthModeRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the server to operate in stealth mode. When StealthModeRequired and StealthModeBlocked are both true, StealthModeBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnicastResponsesToMulticastBroadcastsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block unicast responses to multicast broadcast traffic. When UnicastResponsesToMulticastBroadcastsRequired and UnicastResponsesToMulticastBroadcastsBlocked are both true, UnicastResponsesToMulticastBroadcastsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnicastResponsesToMulticastBroadcastsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow unicast responses to multicast broadcast traffic. When UnicastResponsesToMulticastBroadcastsRequired and UnicastResponsesToMulticastBroadcastsBlocked are both true, UnicastResponsesToMulticastBroadcastsBlocked takes priority.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallProfilePrivate</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Configures the firewall profile settings for private networks</p> </div> <details class="nested-properties"> <summary>23 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthorizedApplicationRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge authorized application rules from group policy with those from local store instead of ignoring the local store rules. When AuthorizedApplicationRulesFromGroupPolicyNotMerged and AuthorizedApplicationRulesFromGroupPolicyMerged are both true, AuthorizedApplicationRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthorizedApplicationRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging authorized application rules from group policy with those from local store instead of ignoring the local store rules. When AuthorizedApplicationRulesFromGroupPolicyNotMerged and AuthorizedApplicationRulesFromGroupPolicyMerged are both true, AuthorizedApplicationRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionSecurityRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge connection security rules from group policy with those from local store instead of ignoring the local store rules. When ConnectionSecurityRulesFromGroupPolicyNotMerged and ConnectionSecurityRulesFromGroupPolicyMerged are both true, ConnectionSecurityRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionSecurityRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging connection security rules from group policy with those from local store instead of ignoring the local store rules. When ConnectionSecurityRulesFromGroupPolicyNotMerged and ConnectionSecurityRulesFromGroupPolicyMerged are both true, ConnectionSecurityRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallEnabled</span> </div> <div class="desc-html"><p>Configures the host device to allow or block the firewall and advanced security enforcement for the network profile. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalPortRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge global port rules from group policy with those from local store instead of ignoring the local store rules. When GlobalPortRulesFromGroupPolicyNotMerged and GlobalPortRulesFromGroupPolicyMerged are both true, GlobalPortRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalPortRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging global port rules from group policy with those from local store instead of ignoring the local store rules. When GlobalPortRulesFromGroupPolicyNotMerged and GlobalPortRulesFromGroupPolicyMerged are both true, GlobalPortRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundConnectionsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all incoming connections by default. When InboundConnectionsRequired and InboundConnectionsBlocked are both true, InboundConnectionsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundConnectionsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow all incoming connections by default. When InboundConnectionsRequired and InboundConnectionsBlocked are both true, InboundConnectionsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundNotificationsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevents the firewall from displaying notifications when an application is blocked from listening on a port. When InboundNotificationsRequired and InboundNotificationsBlocked are both true, InboundNotificationsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundNotificationsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows the firewall to display notifications when an application is blocked from listening on a port. When InboundNotificationsRequired and InboundNotificationsBlocked are both true, InboundNotificationsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncomingTrafficBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all incoming traffic regardless of other policy settings. When IncomingTrafficRequired and IncomingTrafficBlocked are both true, IncomingTrafficBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncomingTrafficRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow incoming traffic pursuant to other policy settings. When IncomingTrafficRequired and IncomingTrafficBlocked are both true, IncomingTrafficBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundConnectionsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all outgoing connections by default. When OutboundConnectionsRequired and OutboundConnectionsBlocked are both true, OutboundConnectionsBlocked takes priority. This setting will get applied to Windows releases version 1809 and above.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundConnectionsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow all outgoing connections by default. When OutboundConnectionsRequired and OutboundConnectionsBlocked are both true, OutboundConnectionsBlocked takes priority. This setting will get applied to Windows releases version 1809 and above.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge Firewall Rule policies from group policy with those from local store instead of ignoring the local store rules. When PolicyRulesFromGroupPolicyNotMerged and PolicyRulesFromGroupPolicyMerged are both true, PolicyRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging Firewall Rule policies from group policy with those from local store instead of ignoring the local store rules. When PolicyRulesFromGroupPolicyNotMerged and PolicyRulesFromGroupPolicyMerged are both true, PolicyRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecuredPacketExemptionAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow the host computer to respond to unsolicited network traffic of that traffic is secured by IPSec even when stealthModeBlocked is set to true. When SecuredPacketExemptionBlocked and SecuredPacketExemptionAllowed are both true, SecuredPacketExemptionAllowed takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecuredPacketExemptionBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block the host computer to respond to unsolicited network traffic of that traffic is secured by IPSec even when stealthModeBlocked is set to true. When SecuredPacketExemptionBlocked and SecuredPacketExemptionAllowed are both true, SecuredPacketExemptionAllowed takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StealthModeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent the server from operating in stealth mode. When StealthModeRequired and StealthModeBlocked are both true, StealthModeBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StealthModeRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the server to operate in stealth mode. When StealthModeRequired and StealthModeBlocked are both true, StealthModeBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnicastResponsesToMulticastBroadcastsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block unicast responses to multicast broadcast traffic. When UnicastResponsesToMulticastBroadcastsRequired and UnicastResponsesToMulticastBroadcastsBlocked are both true, UnicastResponsesToMulticastBroadcastsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnicastResponsesToMulticastBroadcastsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow unicast responses to multicast broadcast traffic. When UnicastResponsesToMulticastBroadcastsRequired and UnicastResponsesToMulticastBroadcastsBlocked are both true, UnicastResponsesToMulticastBroadcastsBlocked takes priority.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallProfilePublic</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Configures the firewall profile settings for public networks</p> </div> <details class="nested-properties"> <summary>23 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthorizedApplicationRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge authorized application rules from group policy with those from local store instead of ignoring the local store rules. When AuthorizedApplicationRulesFromGroupPolicyNotMerged and AuthorizedApplicationRulesFromGroupPolicyMerged are both true, AuthorizedApplicationRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthorizedApplicationRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging authorized application rules from group policy with those from local store instead of ignoring the local store rules. When AuthorizedApplicationRulesFromGroupPolicyNotMerged and AuthorizedApplicationRulesFromGroupPolicyMerged are both true, AuthorizedApplicationRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionSecurityRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge connection security rules from group policy with those from local store instead of ignoring the local store rules. When ConnectionSecurityRulesFromGroupPolicyNotMerged and ConnectionSecurityRulesFromGroupPolicyMerged are both true, ConnectionSecurityRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionSecurityRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging connection security rules from group policy with those from local store instead of ignoring the local store rules. When ConnectionSecurityRulesFromGroupPolicyNotMerged and ConnectionSecurityRulesFromGroupPolicyMerged are both true, ConnectionSecurityRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallEnabled</span> </div> <div class="desc-html"><p>Configures the host device to allow or block the firewall and advanced security enforcement for the network profile. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalPortRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge global port rules from group policy with those from local store instead of ignoring the local store rules. When GlobalPortRulesFromGroupPolicyNotMerged and GlobalPortRulesFromGroupPolicyMerged are both true, GlobalPortRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalPortRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging global port rules from group policy with those from local store instead of ignoring the local store rules. When GlobalPortRulesFromGroupPolicyNotMerged and GlobalPortRulesFromGroupPolicyMerged are both true, GlobalPortRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundConnectionsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all incoming connections by default. When InboundConnectionsRequired and InboundConnectionsBlocked are both true, InboundConnectionsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundConnectionsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow all incoming connections by default. When InboundConnectionsRequired and InboundConnectionsBlocked are both true, InboundConnectionsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundNotificationsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevents the firewall from displaying notifications when an application is blocked from listening on a port. When InboundNotificationsRequired and InboundNotificationsBlocked are both true, InboundNotificationsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InboundNotificationsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows the firewall to display notifications when an application is blocked from listening on a port. When InboundNotificationsRequired and InboundNotificationsBlocked are both true, InboundNotificationsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncomingTrafficBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all incoming traffic regardless of other policy settings. When IncomingTrafficRequired and IncomingTrafficBlocked are both true, IncomingTrafficBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncomingTrafficRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow incoming traffic pursuant to other policy settings. When IncomingTrafficRequired and IncomingTrafficBlocked are both true, IncomingTrafficBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundConnectionsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block all outgoing connections by default. When OutboundConnectionsRequired and OutboundConnectionsBlocked are both true, OutboundConnectionsBlocked takes priority. This setting will get applied to Windows releases version 1809 and above.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutboundConnectionsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow all outgoing connections by default. When OutboundConnectionsRequired and OutboundConnectionsBlocked are both true, OutboundConnectionsBlocked takes priority. This setting will get applied to Windows releases version 1809 and above.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyRulesFromGroupPolicyMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to merge Firewall Rule policies from group policy with those from local store instead of ignoring the local store rules. When PolicyRulesFromGroupPolicyNotMerged and PolicyRulesFromGroupPolicyMerged are both true, PolicyRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PolicyRulesFromGroupPolicyNotMerged</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to prevent merging Firewall Rule policies from group policy with those from local store instead of ignoring the local store rules. When PolicyRulesFromGroupPolicyNotMerged and PolicyRulesFromGroupPolicyMerged are both true, PolicyRulesFromGroupPolicyMerged takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecuredPacketExemptionAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow the host computer to respond to unsolicited network traffic of that traffic is secured by IPSec even when stealthModeBlocked is set to true. When SecuredPacketExemptionBlocked and SecuredPacketExemptionAllowed are both true, SecuredPacketExemptionAllowed takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecuredPacketExemptionBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block the host computer to respond to unsolicited network traffic of that traffic is secured by IPSec even when stealthModeBlocked is set to true. When SecuredPacketExemptionBlocked and SecuredPacketExemptionAllowed are both true, SecuredPacketExemptionAllowed takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StealthModeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent the server from operating in stealth mode. When StealthModeRequired and StealthModeBlocked are both true, StealthModeBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StealthModeRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the server to operate in stealth mode. When StealthModeRequired and StealthModeBlocked are both true, StealthModeBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnicastResponsesToMulticastBroadcastsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to block unicast responses to multicast broadcast traffic. When UnicastResponsesToMulticastBroadcastsRequired and UnicastResponsesToMulticastBroadcastsBlocked are both true, UnicastResponsesToMulticastBroadcastsBlocked takes priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnicastResponsesToMulticastBroadcastsRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the firewall to allow unicast responses to multicast broadcast traffic. When UnicastResponsesToMulticastBroadcastsRequired and UnicastResponsesToMulticastBroadcastsBlocked are both true, UnicastResponsesToMulticastBroadcastsBlocked takes priority.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FirewallRules</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Configures the firewall rule settings. This collection can contain a maximum of 150 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LanManagerAuthenticationLevel</span> </div> <div class="desc-html"><p>This security setting determines which challenge/response authentication protocol is used for network logons. Possible values are: lmAndNltm, lmNtlmAndNtlmV2, lmAndNtlmOnly, lmAndNtlmV2, lmNtlmV2AndNotLm, lmNtlmV2AndNotLmOrNtm.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"lmAndNltm"</code>, <code>"lmAndNtlmOnly"</code>, <code>"lmAndNtlmV2"</code>, <code>"lmNtlmAndNtlmV2"</code>, <code>"lmNtlmV2AndNotLm"</code>, <code>"lmNtlmV2AndNotLmOrNtm"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ll][Mm][Aa][Nn][Dd][Nn][Ll][Tt][Mm]|[Ll][Mm][Nn][Tt][Ll][Mm][Aa][Nn][Dd][Nn][Tt][Ll][Mm][Vv]2|[Ll][Mm][Aa][Nn][Dd][Nn][Tt][Ll][Mm][Oo][Nn][Ll][Yy]|[Ll][Mm][Aa][Nn][Dd][Nn][Tt][Ll][Mm][Vv]2|[Ll][Mm][Nn][Tt][Ll][Mm][Vv]2[Aa][Nn][Dd][Nn][Oo][Tt][Ll][Mm]|[Ll][Mm][Nn][Tt][Ll][Mm][Vv]2[Aa][Nn][Dd][Nn][Oo][Tt][Ll][Mm][Oo][Rr][Nn][Tt][Mm])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LanManagerWorkstationDisableInsecureGuestLogons</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If enabled,the SMB client will allow insecure guest logons. If not configured, the SMB client will reject insecure guest logons.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAdministratorAccountName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Define a different account name to be associated with the security identifier (SID) for the account 'Administrator'.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAdministratorElevationPromptBehavior</span> </div> <div class="desc-html"><p>Define the behavior of the elevation prompt for admins in Admin Approval Mode. Possible values are: notConfigured, elevateWithoutPrompting, promptForCredentialsOnTheSecureDesktop, promptForConsentOnTheSecureDesktop, promptForCredentials, promptForConsent, promptForConsentForNonWindowsBinaries.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"elevateWithoutPrompting"</code>, <code>"notConfigured"</code>, <code>"promptForConsent"</code>, <code>"promptForConsentForNonWindowsBinaries"</code>, <code>"promptForConsentOnTheSecureDesktop"</code>, <code>"promptForCredentials"</code>, <code>"promptForCredentialsOnTheSecureDesktop"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Ll][Ee][Vv][Aa][Tt][Ee][Ww][Ii][Tt][Hh][Oo][Uu][Tt][Pp][Rr][Oo][Mm][Pp][Tt][Ii][Nn][Gg]|[Pp][Rr][Oo][Mm][Pp][Tt][Ff][Oo][Rr][Cc][Rr][Ee][Dd][Ee][Nn][Tt][Ii][Aa][Ll][Ss][Oo][Nn][Tt][Hh][Ee][Ss][Ee][Cc][Uu][Rr][Ee][Dd][Ee][Ss][Kk][Tt][Oo][Pp]|[Pp][Rr][Oo][Mm][Pp][Tt][Ff][Oo][Rr][Cc][Oo][Nn][Ss][Ee][Nn][Tt][Oo][Nn][Tt][Hh][Ee][Ss][Ee][Cc][Uu][Rr][Ee][Dd][Ee][Ss][Kk][Tt][Oo][Pp]|[Pp][Rr][Oo][Mm][Pp][Tt][Ff][Oo][Rr][Cc][Rr][Ee][Dd][Ee][Nn][Tt][Ii][Aa][Ll][Ss]|[Pp][Rr][Oo][Mm][Pp][Tt][Ff][Oo][Rr][Cc][Oo][Nn][Ss][Ee][Nn][Tt]|[Pp][Rr][Oo][Mm][Pp][Tt][Ff][Oo][Rr][Cc][Oo][Nn][Ss][Ee][Nn][Tt][Ff][Oo][Rr][Nn][Oo][Nn][Ww][Ii][Nn][Dd][Oo][Ww][Ss][Bb][Ii][Nn][Aa][Rr][Ii][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines whether to allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowPKU2UAuthenticationRequests</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block PKU2U authentication requests to this device to use online identities.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManager</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Edit the default Security Descriptor Definition Language string to allow or deny users and groups to make remote calls to the SAM.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>UI helper boolean for LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManager entity</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines whether a computer can be shut down without having to log on to Windows.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowUIAccessApplicationElevation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow UIAccess apps to prompt for elevation without using the secure desktop.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowUIAccessApplicationsForSecureLocations</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow UIAccess apps to prompt for elevation without using the secure desktop.Default is enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsAllowUndockWithoutHavingToLogon</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent a portable computer from being undocked without having to log in.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsBlockMicrosoftAccounts</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent users from adding new Microsoft accounts to this computer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsBlockRemoteLogonWithBlankPassword</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Local accounts that are not password protected to log on from locations other than the physical device.Default is enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsBlockRemoteOpticalDriveAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this settings allows only interactively logged on user to access CD-ROM media.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsBlockUsersInstallingPrinterDrivers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Restrict installing printer drivers as part of connecting to a shared printer to admins only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsClearVirtualMemoryPageFile</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines whether the virtual memory pagefile is cleared when the system is shut down.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsClientDigitallySignCommunicationsAlways</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines whether packet signing is required by the SMB client component.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If this security setting is enabled, the Server Message Block (SMB) redirector is allowed to send plaintext passwords to non-Microsoft SMB servers that do not support password encryption during authentication.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDetectApplicationInstallationsAndPromptForElevation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>App installations requiring elevated privileges will prompt for admin credentials.Default is enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDisableAdministratorAccount</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether the Local Administrator account is enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines whether the SMB client attempts to negotiate SMB packet signing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDisableGuestAccount</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if the Guest account is enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDisableServerDigitallySignCommunicationsAlways</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines whether packet signing is required by the SMB server component.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines whether the SMB server will negotiate SMB packet signing with clients that request it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines what additional permissions will be granted for anonymous connections to the computer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDoNotRequireCtrlAltDel</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require CTRL+ALT+DEL to be pressed before a user can log on.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This security setting determines if, at the next password change, the LAN Manager (LM) hash value for the new password is stored. Its not stored by default.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser</span> </div> <div class="desc-html"><p>Define who is allowed to format and eject removable NTFS media. Possible values are: notConfigured, administrators, administratorsAndPowerUsers, administratorsAndInteractiveUsers.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"administrators"</code>, <code>"administratorsAndInteractiveUsers"</code>, <code>"administratorsAndPowerUsers"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr][Ss]|[Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr][Ss][Aa][Nn][Dd][Pp][Oo][Ww][Ee][Rr][Uu][Ss][Ee][Rr][Ss]|[Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr][Ss][Aa][Nn][Dd][Ii][Nn][Tt][Ee][Rr][Aa][Cc][Tt][Ii][Vv][Ee][Uu][Ss][Ee][Rr][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsGuestAccountName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Define a different account name to be associated with the security identifier (SID) for the account 'Guest'.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsHideLastSignedInUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Do not display the username of the last person who signed in on this device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsHideUsernameAtSignIn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Do not display the username of the person signing in to this device after credentials are entered and before the devices desktop is shown.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsInformationDisplayedOnLockScreen</span> </div> <div class="desc-html"><p>Configure the user information that is displayed when the session is locked. If not configured, user display name, domain and username are shown. Possible values are: notConfigured, administrators, administratorsAndPowerUsers, administratorsAndInteractiveUsers.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"administrators"</code>, <code>"administratorsAndInteractiveUsers"</code>, <code>"administratorsAndPowerUsers"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr][Ss]|[Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr][Ss][Aa][Nn][Dd][Pp][Oo][Ww][Ee][Rr][Uu][Ss][Ee][Rr][Ss]|[Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr][Ss][Aa][Nn][Dd][Ii][Nn][Tt][Ee][Rr][Aa][Cc][Tt][Ii][Vv][Ee][Uu][Ss][Ee][Rr][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsInformationShownOnLockScreen</span> </div> <div class="desc-html"><p>Configure the user information that is displayed when the session is locked. If not configured, user display name, domain and username are shown. Possible values are: notConfigured, userDisplayNameDomainUser, userDisplayNameOnly, doNotDisplayUser.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"doNotDisplayUser"</code>, <code>"notConfigured"</code>, <code>"userDisplayNameDomainUser"</code>, <code>"userDisplayNameOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Dd][Ii][Ss][Pp][Ll][Aa][Yy][Nn][Aa][Mm][Ee][Dd][Oo][Mm][Aa][Ii][Nn][Uu][Ss][Ee][Rr]|[Uu][Ss][Ee][Rr][Dd][Ii][Ss][Pp][Ll][Aa][Yy][Nn][Aa][Mm][Ee][Oo][Nn][Ll][Yy]|[Dd][Oo][Nn][Oo][Tt][Dd][Ii][Ss][Pp][Ll][Aa][Yy][Uu][Ss][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsLogOnMessageText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Set message text for users attempting to log in.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsLogOnMessageTitle</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Set message title for users attempting to log in.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsMachineInactivityLimit</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Define maximum minutes of inactivity on the interactive desktops login screen until the screen saver runs. Valid values 0 to 9999</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsMachineInactivityLimitInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Define maximum minutes of inactivity on the interactive desktops login screen until the screen saver runs. Valid values 0 to 9999</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients</span> </div> <div class="desc-html"><p>This security setting allows a client to require the negotiation of 128-bit encryption and/or NTLMv2 session security. Possible values are: none, requireNtmlV2SessionSecurity, require128BitEncryption, ntlmV2And128BitEncryption.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"none"</code>, <code>"ntlmV2And128BitEncryption"</code>, <code>"require128BitEncryption"</code>, <code>"requireNtmlV2SessionSecurity"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Nn][Tt][Mm][Ll][Vv]2[Ss][Ee][Ss][Ss][Ii][Oo][Nn][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee]128[Bb][Ii][Tt][Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ii][Oo][Nn]|[Nn][Tt][Ll][Mm][Vv]2[Aa][Nn][Dd]128[Bb][Ii][Tt][Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers</span> </div> <div class="desc-html"><p>This security setting allows a server to require the negotiation of 128-bit encryption and/or NTLMv2 session security. Possible values are: none, requireNtmlV2SessionSecurity, require128BitEncryption, ntlmV2And128BitEncryption.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"none"</code>, <code>"ntlmV2And128BitEncryption"</code>, <code>"require128BitEncryption"</code>, <code>"requireNtmlV2SessionSecurity"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Nn][Tt][Mm][Ll][Vv]2[Ss][Ee][Ss][Ss][Ii][Oo][Nn][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee]128[Bb][Ii][Tt][Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ii][Oo][Nn]|[Nn][Tt][Ll][Mm][Vv]2[Aa][Nn][Dd]128[Bb][Ii][Tt][Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsOnlyElevateSignedExecutables</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enforce PKI certification path validation for a given executable file before it is permitted to run.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>By default, this security setting restricts anonymous access to shares and pipes to the settings for named pipes that can be accessed anonymously and Shares that can be accessed anonymously</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsSmartCardRemovalBehavior</span> </div> <div class="desc-html"><p>This security setting determines what happens when the smart card for a logged-on user is removed from the smart card reader. Possible values are: noAction, lockWorkstation, forceLogoff, disconnectRemoteDesktopSession.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disconnectRemoteDesktopSession"</code>, <code>"forceLogoff"</code>, <code>"lockWorkstation"</code>, <code>"noAction"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn]|[Ll][Oo][Cc][Kk][Ww][Oo][Rr][Kk][Ss][Tt][Aa][Tt][Ii][Oo][Nn]|[Ff][Oo][Rr][Cc][Ee][Ll][Oo][Gg][Oo][Ff][Ff]|[Dd][Ii][Ss][Cc][Oo][Nn][Nn][Ee][Cc][Tt][Rr][Ee][Mm][Oo][Tt][Ee][Dd][Ee][Ss][Kk][Tt][Oo][Pp][Ss][Ee][Ss][Ss][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsStandardUserElevationPromptBehavior</span> </div> <div class="desc-html"><p>Define the behavior of the elevation prompt for standard users. Possible values are: notConfigured, automaticallyDenyElevationRequests, promptForCredentialsOnTheSecureDesktop, promptForCredentials.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automaticallyDenyElevationRequests"</code>, <code>"notConfigured"</code>, <code>"promptForCredentials"</code>, <code>"promptForCredentialsOnTheSecureDesktop"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc][Aa][Ll][Ll][Yy][Dd][Ee][Nn][Yy][Ee][Ll][Ee][Vv][Aa][Tt][Ii][Oo][Nn][Rr][Ee][Qq][Uu][Ee][Ss][Tt][Ss]|[Pp][Rr][Oo][Mm][Pp][Tt][Ff][Oo][Rr][Cc][Rr][Ee][Dd][Ee][Nn][Tt][Ii][Aa][Ll][Ss][Oo][Nn][Tt][Hh][Ee][Ss][Ee][Cc][Uu][Rr][Ee][Dd][Ee][Ss][Kk][Tt][Oo][Pp]|[Pp][Rr][Oo][Mm][Pp][Tt][Ff][Oo][Rr][Cc][Rr][Ee][Dd][Ee][Nn][Tt][Ii][Aa][Ll][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable all elevation requests to go to the interactive user's desktop rather than the secure desktop. Prompt behavior policy settings for admins and standard users are used.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsUseAdminApprovalMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Defines whether the built-in admin account uses Admin Approval Mode or runs all apps with full admin privileges.Default is enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsUseAdminApprovalModeForAdministrators</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Define whether Admin Approval Mode and all UAC policy settings are enabled, default is enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Virtualize file and registry write failures to per user locations</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenBlockOverrideForFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows IT Admins to control whether users can can ignore SmartScreen warnings and run malicious files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenEnableInShell</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows IT Admins to configure SmartScreen for Windows.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsAccessCredentialManagerAsTrustedCaller</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right is used by Credential Manager during Backup/Restore. Users' saved credentials might be compromised if this privilege is given to other entities. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsActAsPartOfTheOperatingSystem</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right allows a process to impersonate any user without authentication. The process can therefore gain access to the same local resources as that user. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsAllowAccessFromNetwork</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users and groups are allowed to connect to the computer over the network. State Allowed is supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsBackupData</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when backing up files and directories. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsBlockAccessFromNetwork</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users and groups are block from connecting to the computer over the network. State Block is supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsChangeSystemTime</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users and groups can change the time and date on the internal clock of the computer. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsCreateGlobalObjects</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This security setting determines whether users can create global objects that are available to all sessions. Users who can create global objects could affect processes that run under other users' sessions, which could lead to application failure or data corruption. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsCreatePageFile</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users and groups can call an internal API to create and change the size of a page file. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsCreatePermanentSharedObjects</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which accounts can be used by processes to create a directory object using the object manager. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsCreateSymbolicLinks</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines if the user can create a symbolic link from the computer to which they are logged on. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsCreateToken</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users/groups can be used by processes to create a token that can then be used to get access to any local resources when the process uses an internal API to create an access token. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsDebugPrograms</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can attach a debugger to any process or to the kernel. Only states NotConfigured and Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsDelegation</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can set the Trusted for Delegation setting on a user or computer object. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsDenyLocalLogOn</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users cannot log on to the computer. States NotConfigured, Blocked are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsGenerateSecurityAudits</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which accounts can be used by a process to add entries to the security log. The security log is used to trace unauthorized system access. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsImpersonateClient</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Assigning this user right to a user allows programs running on behalf of that user to impersonate a client. Requiring this user right for this kind of impersonation prevents an unauthorized user from convincing a client to connect to a service that they have created and then impersonating that client, which can elevate the unauthorized user's permissions to administrative or system levels. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsIncreaseSchedulingPriority</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which accounts can use a process with Write Property access to another process to increase the execution priority assigned to the other process. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsLoadUnloadDrivers</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can dynamically load and unload device drivers or other code in to kernel mode. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsLocalLogOn</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can log on to the computer. States NotConfigured, Allowed are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsLockMemory</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which accounts can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsManageAuditingAndSecurityLogs</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsManageVolumes</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users and groups can run maintenance tasks on a volume, such as remote defragmentation. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsModifyFirmwareEnvironment</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines who can modify firmware environment values. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsModifyObjectLabels</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which user accounts can modify the integrity label of objects, such as files, registry keys, or processes owned by other users. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsProfileSingleProcess</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can use performance monitoring tools to monitor the performance of system processes. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsRemoteDesktopServicesLogOn</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users and groups are prohibited from logging on as a Remote Desktop Services client. Only states NotConfigured and Blocked are supported</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsRemoteShutdown</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users are allowed to shut down a computer from a remote location on the network. Misuse of this user right can result in a denial of service. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsRestoreData</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories, and determines which users can set any valid security principal as the owner of an object. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserRightsTakeOwnership</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>This user right determines which users can take ownership of any securable object in the system, including Active Directory objects, files and folders, printers, registry keys, processes, and threads. Only states NotConfigured and Allowed are supported.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalUsersOrGroups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Representing a collection of local users or groups which will be set on device if the state of this setting is Allowed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">State</span> </div> <div class="desc-html"><p>Representing the current state of this user rights setting. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsDefenderTamperProtection</span> </div> <div class="desc-html"><p>Configure windows defender TamperProtection settings. Possible values are: notConfigured, enable, disable.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disable"</code>, <code>"enable"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">XboxServicesAccessoryManagementServiceStartupMode</span> </div> <div class="desc-html"><p>This setting determines whether the Accessory management service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. Possible values are: manual, automatic, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"disabled"</code>, <code>"manual"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">XboxServicesEnableXboxGameSaveTask</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This setting determines whether xbox game save is enabled (1) or disabled (0).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">XboxServicesLiveAuthManagerServiceStartupMode</span> </div> <div class="desc-html"><p>This setting determines whether Live Auth Manager service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. Possible values are: manual, automatic, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"disabled"</code>, <code>"manual"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">XboxServicesLiveGameSaveServiceStartupMode</span> </div> <div class="desc-html"><p>This setting determines whether Live Game save service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. Possible values are: manual, automatic, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"disabled"</code>, <code>"manual"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">XboxServicesLiveNetworkingServiceStartupMode</span> </div> <div class="desc-html"><p>This setting determines whether Networking service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. Possible values are: manual, automatic, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"disabled"</code>, <code>"manual"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationfirmwareinterfacepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationfirmwareinterfacepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Firmware Interface Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Bluetooth</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Bluetooth. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BootFromBuiltInNetworkAdapters</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to boot from built-in network adapters. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BootFromExternalMedia</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to boot from external media. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Cameras</span> </div> <div class="desc-html"><p>Defines whether built-in cameras are enabled. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ChangeUefiSettingsPermission</span> </div> <div class="desc-html"><p>Defines the permission level granted to users to change UEFI settings. Possible values are: notConfiguredOnly, none.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"none"</code>, <code>"notConfiguredOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd][Oo][Nn][Ll][Yy]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FrontCamera</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Front Camera. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InfraredCamera</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Infrared camera. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Microphone</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Microphone. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrophonesAndSpeakers</span> </div> <div class="desc-html"><p>Defines whether built-in microphones or speakers are enabled. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NearFieldCommunication</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Near Field Communication. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Radios</span> </div> <div class="desc-html"><p>Defines whether built-in radios e.g. WIFI, NFC, Bluetooth, are enabled. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RearCamera</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable rear camera. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SdCard</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable SD Card Port. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SimultaneousMultiThreading</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Simultaneous MultiThreading. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsbTypeAPort</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable USB Type A Port. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VirtualizationOfCpuAndIO</span> </div> <div class="desc-html"><p>Defines whether CPU and IO virtualization is enabled. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WakeOnLAN</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Wake on LAN. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WakeOnPower</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Wake On Power. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFi</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable WiFi. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsPlatformBinaryTable</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Windows Platform Binary Table. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WirelessWideAreaNetwork</span> </div> <div class="desc-html"><p>Defines whether a user is allowed to enable Wireless Wide Area Network. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationhealthmonitoringconfigurationpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationhealthmonitoringconfigurationpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Health Monitoring Configuration Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeviceHealthMonitoring</span> </div> <div class="desc-html"><p>Enables device health monitoring on the device. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigDeviceHealthMonitoringCustomScope</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies custom set of events collected from the device where health monitoring is enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigDeviceHealthMonitoringScope</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>Specifies set of events collected from the device where health monitoring is enabled. Possible values are: undefined, healthMonitoring, bootPerformance, windowsUpdates, privilegeManagement.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationidentityprotectionpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationidentityprotectionpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Identity Protection Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnhancedAntiSpoofingForFacialFeaturesEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value used to enable enhanced anti-spoofing for facial feature recognition on Windows Hello face authentication.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinExpirationInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Integer value specifies the period (in days) that a PIN can be used before the system requires the user to change it. Valid values are 0 to 730 inclusive. Valid values 0 to 730</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinLowercaseCharactersUsage</span> </div> <div class="desc-html"><p>This value configures the use of lowercase characters in the Windows Hello for Business PIN. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinMaximumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Integer value that sets the maximum number of characters allowed for the work PIN. Valid values are 4 to 127 inclusive and greater than or equal to the value set for the minimum PIN. Valid values 4 to 127</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Integer value that sets the minimum number of characters required for the Windows Hello for Business PIN. Valid values are 4 to 127 inclusive and less than or equal to the value set for the maximum PIN. Valid values 4 to 127</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinPreviousBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Controls the ability to prevent users from using past PINs. This must be set between 0 and 50, inclusive, and the current PIN of the user is included in that count. If set to 0, previous PINs are not stored. PIN history is not preserved through a PIN reset. Valid values 0 to 50</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinRecoveryEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value that enables a user to change their PIN by using the Windows Hello for Business PIN recovery service.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinSpecialCharactersUsage</span> </div> <div class="desc-html"><p>Controls the ability to use special characters in the Windows Hello for Business PIN. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PinUppercaseCharactersUsage</span> </div> <div class="desc-html"><p>This value configures the use of uppercase characters in the Windows Hello for Business PIN. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityDeviceRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Controls whether to require a Trusted Platform Module (TPM) for provisioning Windows Hello for Business. A TPM provides an additional security benefit in that data stored on it cannot be used on other devices. If set to False, all devices can provision Windows Hello for Business even if there is not a usable TPM.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnlockWithBiometricsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Controls the use of biometric gestures, such as face and fingerprint, as an alternative to the Windows Hello for Business PIN. If set to False, biometric gestures are not allowed. Users must still configure a PIN as a backup in case of failures.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseCertificatesForOnPremisesAuthEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value that enables Windows Hello for Business to use certificates to authenticate on-premise resources.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseSecurityKeyForSignin</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value used to enable the Windows Hello security key as a logon credential.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsHelloForBusinessBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value that blocks Windows Hello for Business as a method for signing into Windows.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationimportedpfxcertificatepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationimportedpfxcertificatepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Imported Pfx Certificate Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IntendedPurpose</span> </div> <div class="desc-html"><p>Intended Purpose of the Certificate Profile - which could be Unassigned, SmimeEncryption, SmimeSigning etc. Possible values are: unassigned, smimeEncryption, smimeSigning, vpn, wifi.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"smimeEncryption"</code>, <code>"smimeSigning"</code>, <code>"unassigned"</code>, <code>"vpn"</code>, <code>"wifi"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Aa][Ss][Ss][Ii][Gg][Nn][Ee][Dd]|[Ss][Mm][Ii][Mm][Ee][Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ii][Oo][Nn]|[Ss][Mm][Ii][Mm][Ee][Ss][Ii][Gg][Nn][Ii][Nn][Gg]|[Vv][Pp][Nn]|[Ww][Ii][Ff][Ii])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateValidityPeriodScale</span> </div> <div class="desc-html"><p>Scale for the Certificate Validity Period. Possible values are: days, months, years.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"days"</code>, <code>"months"</code>, <code>"years"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Aa][Yy][Ss]|[Mm][Oo][Nn][Tt][Hh][Ss]|[Yy][Ee][Aa][Rr][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateValidityPeriodValue</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Value for the Certificate Validity Period</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyStorageProvider</span> </div> <div class="desc-html"><p>Key Storage Provider (KSP). Possible values are: useTpmKspOtherwiseUseSoftwareKsp, useTpmKspOtherwiseFail, usePassportForWorkKspOtherwiseFail, useSoftwareKsp.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"usePassportForWorkKspOtherwiseFail"</code>, <code>"useSoftwareKsp"</code>, <code>"useTpmKspOtherwiseFail"</code>, <code>"useTpmKspOtherwiseUseSoftwareKsp"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Tt][Pp][Mm][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Uu][Ss][Ee][Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee][Kk][Ss][Pp]|[Uu][Ss][Ee][Tt][Pp][Mm][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Ff][Aa][Ii][Ll]|[Uu][Ss][Ee][Pp][Aa][Ss][Ss][Pp][Oo][Rr][Tt][Ff][Oo][Rr][Ww][Oo][Rr][Kk][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Ff][Aa][Ii][Ll]|[Uu][Ss][Ee][Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee][Kk][Ss][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RenewalThresholdPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Certificate renewal threshold percentage. Valid values 1 to 99</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectAlternativeNameType</span> </div> <div class="desc-html"><p>Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"customAzureADAttribute"</code>, <code>"domainNameService"</code>, <code>"emailAddress"</code>, <code>"none"</code>, <code>"universalResourceIdentifier"</code>, <code>"userPrincipalName"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ee][Mm][Aa][Ii][Ll][Aa][Dd][Dd][Rr][Ee][Ss][Ss]|[Uu][Ss][Ee][Rr][Pp][Rr][Ii][Nn][Cc][Ii][Pp][Aa][Ll][Nn][Aa][Mm][Ee]|[Cc][Uu][Ss][Tt][Oo][Mm][Aa][Zz][Uu][Rr][Ee][Aa][Dd][Aa][Tt][Tt][Rr][Ii][Bb][Uu][Tt][Ee]|[Dd][Oo][Mm][Aa][Ii][Nn][Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ii][Cc][Ee]|[Uu][Nn][Ii][Vv][Ee][Rr][Ss][Aa][Ll][Rr][Ee][Ss][Oo][Uu][Rr][Cc][Ee][Ii][Dd][Ee][Nn][Tt][Ii][Ff][Ii][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectNameFormat</span> </div> <div class="desc-html"><p>Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"commonName"</code>, <code>"commonNameAsAadDeviceId"</code>, <code>"commonNameAsDurableDeviceId"</code>, <code>"commonNameAsEmail"</code>, <code>"commonNameAsIMEI"</code>, <code>"commonNameAsIntuneDeviceId"</code>, <code>"commonNameAsSerialNumber"</code>, <code>"commonNameIncludingEmail"</code>, <code>"custom"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Ii][Nn][Cc][Ll][Uu][Dd][Ii][Nn][Gg][Ee][Mm][Aa][Ii][Ll]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ee][Mm][Aa][Ii][Ll]|[Cc][Uu][Ss][Tt][Oo][Mm]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ii][Mm][Ee][Ii]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ss][Ee][Rr][Ii][Aa][Ll][Nn][Uu][Mm][Bb][Ee][Rr]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Aa][Aa][Dd][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ii][Nn][Tt][Uu][Nn][Ee][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Dd][Uu][Rr][Aa][Bb][Ll][Ee][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationkioskpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationkioskpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Kiosk Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeKioskEnablePublicBrowsing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable public browsing kiosk mode for the Microsoft Edge browser. The Default is false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskBrowserBlockedUrlExceptions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify URLs that the kiosk browser is allowed to navigate to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskBrowserBlockedURLs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify URLs that the kiosk browsers should not navigate to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskBrowserDefaultUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify the default URL the browser should navigate to on launch.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskBrowserEnableEndSessionButton</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable the kiosk browser's end session button. By default, the end session button is disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskBrowserEnableHomeButton</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable the kiosk browser's home button. By default, the home button is disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskBrowserEnableNavigationButtons</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable the kiosk browser's navigation buttons(forward/back). By default, the navigation buttons are disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskBrowserRestartOnIdleTimeInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of minutes the session is idle until the kiosk browser restarts in a fresh state. Valid values are 1-1440. Valid values 1 to 1440</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskProfiles</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>This policy setting allows to define a list of Kiosk profiles for a Kiosk configuration. This collection can contain a maximum of 3 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsKioskForceUpdateSchedule</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>force update schedule for Kiosk devices.</p> </div> <details class="nested-properties"> <summary>5 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DayofMonth</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Day of month. Valid values 1 to 31</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DayofWeek</span> </div> <div class="desc-html"><p>Day of week. Possible values are: sunday, monday, tuesday, wednesday, thursday, friday, saturday.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"friday"</code>, <code>"monday"</code>, <code>"saturday"</code>, <code>"sunday"</code>, <code>"thursday"</code>, <code>"tuesday"</code>, <code>"wednesday"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Uu][Nn][Dd][Aa][Yy]|[Mm][Oo][Nn][Dd][Aa][Yy]|[Tt][Uu][Ee][Ss][Dd][Aa][Yy]|[Ww][Ee][Dd][Nn][Ee][Ss][Dd][Aa][Yy]|[Tt][Hh][Uu][Rr][Ss][Dd][Aa][Yy]|[Ff][Rr][Ii][Dd][Aa][Yy]|[Ss][Aa][Tt][Uu][Rr][Dd][Aa][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Recurrence</span> </div> <div class="desc-html"><p>Recurrence schedule. Possible values are: none, daily, weekly, monthly.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"daily"</code>, <code>"monthly"</code>, <code>"none"</code>, <code>"weekly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Dd][Aa][Ii][Ll][Yy]|[Ww][Ee][Ee][Kk][Ll][Yy]|[Mm][Oo][Nn][Tt][Hh][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RunImmediatelyIfAfterStartDateTime</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If true, runs the task immediately if StartDateTime is in the past, else, runs at the next recurrence.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The start time for the force restart.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationnetworkboundarypolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationnetworkboundarypolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Network Boundary Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsNetworkIsolationPolicy</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Windows Network Isolation Policy</p> </div> <details class="nested-properties"> <summary>8 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseCloudResources</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Contains a list of enterprise resource domains hosted in the cloud that need to be protected. Connections to these resources are considered enterprise data. If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). A proxy server used for this purpose must also be configured using the EnterpriseInternalProxyServers policy. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseInternalProxyServers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This is the comma-separated list of internal proxy servers. For example, '157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59'. These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the EnterpriseCloudResources policy to force traffic to the matched cloud resources through these proxies.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseIPRanges</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Sets the enterprise IP ranges that define the computers in the enterprise network. Data that comes from those computers will be considered part of the enterprise and protected. These locations will be considered a safe destination for enterprise data to be shared to. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseIPRangesAreAuthoritative</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets. Default is false.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseNetworkDomainNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This is the list of domains that comprise the boundaries of the enterprise. Data from one of these domains that is sent to a device will be considered enterprise data and protected. These locations will be considered a safe destination for enterprise data to be shared to.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseProxyServers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This is a list of proxy servers. Any server not on this list is considered non-enterprise.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseProxyServersAreAuthoritative</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies. Default is false</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NeutralDomainResources</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of domain names that can used for work or personal resource.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpkcscertificatepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpkcscertificatepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Pkcs Certificate Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateStore</span> </div> <div class="desc-html"><p>Target store certificate. Possible values are: user, machine.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"machine"</code>, <code>"user"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr]|[Mm][Aa][Cc][Hh][Ii][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateTemplateName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>PKCS Certificate Template Name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificationAuthority</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>PKCS Certification Authority</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificationAuthorityName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>PKCS Certification Authority Name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomSubjectAlternativeNames</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtendedKeyUsages</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectAlternativeNameFormatString</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom String that defines the AAD Attribute.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectNameFormatString</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom format to use with SubjectNameFormat = Custom. Example: CN=EmailAddress}},E=EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateValidityPeriodScale</span> </div> <div class="desc-html"><p>Scale for the Certificate Validity Period. Possible values are: days, months, years.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"days"</code>, <code>"months"</code>, <code>"years"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Aa][Yy][Ss]|[Mm][Oo][Nn][Tt][Hh][Ss]|[Yy][Ee][Aa][Rr][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateValidityPeriodValue</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Value for the Certificate Validity Period</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyStorageProvider</span> </div> <div class="desc-html"><p>Key Storage Provider (KSP). Possible values are: useTpmKspOtherwiseUseSoftwareKsp, useTpmKspOtherwiseFail, usePassportForWorkKspOtherwiseFail, useSoftwareKsp.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"usePassportForWorkKspOtherwiseFail"</code>, <code>"useSoftwareKsp"</code>, <code>"useTpmKspOtherwiseFail"</code>, <code>"useTpmKspOtherwiseUseSoftwareKsp"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Tt][Pp][Mm][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Uu][Ss][Ee][Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee][Kk][Ss][Pp]|[Uu][Ss][Ee][Tt][Pp][Mm][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Ff][Aa][Ii][Ll]|[Uu][Ss][Ee][Pp][Aa][Ss][Ss][Pp][Oo][Rr][Tt][Ff][Oo][Rr][Ww][Oo][Rr][Kk][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Ff][Aa][Ii][Ll]|[Uu][Ss][Ee][Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee][Kk][Ss][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RenewalThresholdPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Certificate renewal threshold percentage. Valid values 1 to 99</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectAlternativeNameType</span> </div> <div class="desc-html"><p>Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"customAzureADAttribute"</code>, <code>"domainNameService"</code>, <code>"emailAddress"</code>, <code>"none"</code>, <code>"universalResourceIdentifier"</code>, <code>"userPrincipalName"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ee][Mm][Aa][Ii][Ll][Aa][Dd][Dd][Rr][Ee][Ss][Ss]|[Uu][Ss][Ee][Rr][Pp][Rr][Ii][Nn][Cc][Ii][Pp][Aa][Ll][Nn][Aa][Mm][Ee]|[Cc][Uu][Ss][Tt][Oo][Mm][Aa][Zz][Uu][Rr][Ee][Aa][Dd][Aa][Tt][Tt][Rr][Ii][Bb][Uu][Tt][Ee]|[Dd][Oo][Mm][Aa][Ii][Nn][Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ii][Cc][Ee]|[Uu][Nn][Ii][Vv][Ee][Rr][Ss][Aa][Ll][Rr][Ee][Ss][Oo][Uu][Rr][Cc][Ee][Ii][Dd][Ee][Nn][Tt][Ii][Ff][Ii][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectNameFormat</span> </div> <div class="desc-html"><p>Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"commonName"</code>, <code>"commonNameAsAadDeviceId"</code>, <code>"commonNameAsDurableDeviceId"</code>, <code>"commonNameAsEmail"</code>, <code>"commonNameAsIMEI"</code>, <code>"commonNameAsIntuneDeviceId"</code>, <code>"commonNameAsSerialNumber"</code>, <code>"commonNameIncludingEmail"</code>, <code>"custom"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Ii][Nn][Cc][Ll][Uu][Dd][Ii][Nn][Gg][Ee][Mm][Aa][Ii][Ll]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ee][Mm][Aa][Ii][Ll]|[Cc][Uu][Ss][Tt][Oo][Mm]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ii][Mm][Ee][Ii]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ss][Ee][Rr][Ii][Aa][Ll][Nn][Uu][Mm][Bb][Ee][Rr]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Aa][Aa][Dd][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ii][Nn][Tt][Uu][Nn][Ee][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Dd][Uu][Rr][Aa][Bb][Ll][Ee][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpolicyandroiddeviceadministrator"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpolicyandroiddeviceadministrator</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the settings of Android Device Administrator device restriction policy in your cloud-based organization.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsBlockClipboardSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block clipboard sharing between apps (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsBlockCopyPaste</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block copy and paste functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsBlockYouTube</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block YouTube (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsHideList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specify the apps that will be hidden on the device. Users cannot discover or run these apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsInstallAllowList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specify the apps that users can install. Users will not be able to install apps that are not on the list.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsLaunchBlockList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specify the apps that users cannot run on their device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Bluetooth (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CameraBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block use of camera</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockDataRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block data roaming over the cellular network (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockMessaging</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block SMS/MMS messaging functionality (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockVoiceRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block voice roaming over the cellular network (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockWiFiTethering</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Wi-Fi tethering (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CompliantAppListType</span> </div> <div class="desc-html"><p>Device compliance can be viewed in the Restricted Apps Compliance report.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"appsInListCompliant"</code>, <code>"appsNotInListCompliant"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Pp][Pp][Ss][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt]|[Aa][Pp][Pp][Ss][Nn][Oo][Tt][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CompliantAppsList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Enter the Google Play Store URL of the app you want. For example, to specify the Microsoft Remote Desktop app for Android, enter <a target="_blank" rel="noopener noreferrer" href="https://play.google.com/store/apps/details?id=com.microsoft.rdc.android">https://play.google.com/store/apps/details?id=com.microsoft.rdc.android</a>. To find the URL of an app, use a search engine to locate the store page. For example, to find the Remote Desktop app, you could search Microsoft Remote Desktop Play Store.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DateAndTimeBlockChanges</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block user from changing date and time on device (Samsung KNOX).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceSharingAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow multiple users to log into the Company Portal using their AAD credentials (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DiagnosticDataBlockSubmission</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block submitting diagnostic data from device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FactoryResetBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block factory reset on device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GoogleAccountBlockAutoSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Google account auto sync functionality on device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GooglePlayStoreBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Google Play store (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeApps</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Kiosk mode apps</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockSleepButton</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode block sleep button</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockVolumeButtons</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode block volume buttons</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocationServicesBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Location services blocked</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NfcBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Near Field Communication (NFC) technology (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockFingerprintUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block using fingerprint to unlock device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockTrustAgents</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Smart Lock or other trust agents from adjusting lock screen settings (Samsung KNOX Standard 5.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days until device password must be changed. (1-365)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum number of digits or characters in password. (4-16)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum minutes of inactivity until screen locks. Ignored by device if new time is longer than what's currently set on device. If set to Immediately, devices will use the minimum possible value per device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of new passwords that must be used until an old one can be reused.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require password to access device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>Specify the type of password required.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphabetic"</code>, <code>"alphanumeric"</code>, <code>"alphanumericWithSymbols"</code>, <code>"any"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numeric"</code>, <code>"numericComplex"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of consecutive times an incorrect password can be entered before device is wiped of all data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerOffBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block user from powering off device. If this setting is disabled the setting 'Number of sign-in failures before wiping device' does not function.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequiredPasswordComplexity</span> </div> <div class="desc-html"><p>Define the password complexity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block capturing contents of screen as an image.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireVerifyApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Security require verify apps</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageBlockGoogleBackup</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block sync with Google backup.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageBlockRemovableStorage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block removable storage usage (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireDeviceEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require encryption on device. Not all devices support encryption.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireRemovableStorageEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Storage cards must be encrypted. Not all devices support storage card encryption. For more information, see the device and mobile operating system documentation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VoiceAssistantBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block voice assistant (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VoiceDialingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block voice dialing (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebBrowserBlockAutofill</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block autofill.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebBrowserBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block web browser on device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebBrowserBlockJavaScript</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block JavaScript in the browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebBrowserBlockPopups</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block pop-ups in web browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebBrowserCookieSettings</span> </div> <div class="desc-html"><p>Allow or block browser cookies</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowAlways"</code>, <code>"allowCurrentWebSite"</code>, <code>"allowFromWebsitesVisited"</code>, <code>"blockAlways"</code>, <code>"browserDefault"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Rr][Oo][Ww][Ss][Ee][Rr][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Bb][Ll][Oo][Cc][Kk][Aa][Ll][Ww][Aa][Yy][Ss]|[Aa][Ll][Ll][Oo][Ww][Cc][Uu][Rr][Rr][Ee][Nn][Tt][Ww][Ee][Bb][Ss][Ii][Tt][Ee]|[Aa][Ll][Ll][Oo][Ww][Ff][Rr][Oo][Mm][Ww][Ee][Bb][Ss][Ii][Tt][Ee][Ss][Vv][Ii][Ss][Ii][Tt][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Aa][Ll][Ww][Aa][Yy][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Wi-Fi (Samsung KNOX Standard 4.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpolicyandroiddeviceowner"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpolicyandroiddeviceowner</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Device Configuration Policy Android Device Owner.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Id of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountsBlockModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block modification of accounts. Only supported on Dedicated devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsAllowInstallFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When allowed, users can enable the 'unknown sources' setting to install apps from sources other than the Google Play Store.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsAutoUpdatePolicy</span> </div> <div class="desc-html"><p>Devices check for app updates daily. The default behavior is to let device users decide. They'll be able to set their preferences in the managed Google Play app.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"always"</code>, <code>"never"</code>, <code>"notConfigured"</code>, <code>"userChoice"</code>, <code>"wiFiOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Uu][Ss][Ee][Rr][Cc][Hh][Oo][Ii][Cc][Ee]|[Nn][Ee][Vv][Ee][Rr]|[Ww][Ii][Ff][Ii][Oo][Nn][Ll][Yy]|[Aa][Ll][Ww][Aa][Yy][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsDefaultPermissionPolicy</span> </div> <div class="desc-html"><p>Define the default permission policy for requests for runtime permissions.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"autoDeny"</code>, <code>"autoGrant"</code>, <code>"deviceDefault"</code>, <code>"prompt"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Pp][Rr][Oo][Mm][Pp][Tt]|[Aa][Uu][Tt][Oo][Gg][Rr][Aa][Nn][Tt]|[Aa][Uu][Tt][Oo][Dd][Ee][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsRecommendSkippingFirstUseHints</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable a suggestion to apps that they skip their user tutorials and any introductory hints when they first start up, if applicable.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AzureAdSharedDeviceDataClearApps</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>A list of managed apps that will have their data cleared during a global sign-out in AAD shared device mode. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockConfiguration</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block configuring Bluetooth.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockContactSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block access to work contacts from another device such as a car system when an Android device is paired via Bluetooth.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CameraBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block all cameras on the device</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockWiFiTethering</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block tethering and access to portable hotspots.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateCredentialConfigurationDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks users from making any changes to credentials associated with certificates associated with certificates assigned to them.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CrossProfilePoliciesAllowCopyPaste</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not text copied from one profile (personal or work) can be pasted in the other.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CrossProfilePoliciesAllowDataSharing</span> </div> <div class="desc-html"><p>Indicates whether data from one profile (personal or work) can be shared with apps in the other profile.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"crossProfileDataSharingAllowed"</code>, <code>"crossProfileDataSharingBlocked"</code>, <code>"dataSharingFromWorkToPersonalBlocked"</code>, <code>"notConfigured"</code>, <code>"unkownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Cc][Rr][Oo][Ss][Ss][Pp][Rr][Oo][Ff][Ii][Ll][Ee][Dd][Aa][Tt][Aa][Ss][Hh][Aa][Rr][Ii][Nn][Gg][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Dd][Aa][Tt][Aa][Ss][Hh][Aa][Rr][Ii][Nn][Gg][Ff][Rr][Oo][Mm][Ww][Oo][Rr][Kk][Tt][Oo][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Cc][Rr][Oo][Ss][Ss][Pp][Rr][Oo][Ff][Ii][Ll][Ee][Dd][Aa][Tt][Aa][Ss][Hh][Aa][Rr][Ii][Nn][Gg][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Uu][Nn][Kk][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CrossProfilePoliciesShowWorkContactsInPersonalProfile</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not contacts stored in work profile are shown in personal profile contact searches/incoming calls.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DataRoamingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block data roaming.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DateTimeConfigurationBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block user from manually setting the date and time.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DetailedHelpText</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Represents the customized detailed help text provided to users when they attempt to modify managed settings on their device.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">defaultMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The default message displayed if the user's locale doesn't match with any of the localized messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">localizedMessages</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The list of <locale, message> pairs. This collection can contain a maximum of 500 elements.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceOwnerLockScreenMessage</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Represents the customized lock screen message provided to users when they attempt to modify managed settings on their device.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">defaultMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The default message displayed if the user's locale doesn't match with any of the localized messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">localizedMessages</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The list of <locale, message> pairs. This collection can contain a maximum of 500 elements.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnrollmentProfile</span> </div> <div class="desc-html"><p>Represents the enrollment profile type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"dedicatedDevice"</code>, <code>"fullyManaged"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ee][Dd][Ii][Cc][Aa][Tt][Ee][Dd][Dd][Ee][Vv][Ii][Cc][Ee]|[Ff][Uu][Ll][Ll][Yy][Mm][Aa][Nn][Aa][Gg][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FactoryResetBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block factory resetting from settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FactoryResetDeviceAdministratorEmails</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Email addresses of device admins for factory reset protection. When a device is factory reset, it will require that one of these admins log in with their Google account to unlock the device. If none are specified, factory reset protection is not enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GlobalProxy</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Proxy is set up directly with host, port and excluded hosts.</p> </div> <details class="nested-properties"> <summary>5 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the global proxy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.androidDeviceOwnerGlobalProxyAutoConfig"</code>, <code>"#microsoft.graph.androidDeviceOwnerGlobalProxyDirect"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Aa][Nn][Dd][Rr][Oo][Ii][Dd][Dd][Ee][Vv][Ii][Cc][Ee][Oo][Ww][Nn][Ee][Rr][Gg][Ll][Oo][Bb][Aa][Ll][Pp][Rr][Oo][Xx][Yy][Aa][Uu][Tt][Oo][Cc][Oo][Nn][Ff][Ii][Gg]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Aa][Nn][Dd][Rr][Oo][Ii][Dd][Dd][Ee][Vv][Ii][Cc][Ee][Oo][Ww][Nn][Ee][Rr][Gg][Ll][Oo][Bb][Aa][Ll][Pp][Rr][Oo][Xx][Yy][Dd][Ii][Rr][Ee][Cc][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">proxyAutoConfigURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The proxy auto-config URL.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">excludedHosts</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The excluded hosts.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">host</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The host name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">port</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The port.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GoogleAccountsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocking prevents users from adding their personal Google account to their device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskCustomizationDeviceSettingsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether a user can access the device's Settings app while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskCustomizationPowerButtonActionsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether the power menu is shown when a user long presses the Power button of a device in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskCustomizationStatusBar</span> </div> <div class="desc-html"><p>Indicates whether system info and notifications are disabled in Kiosk Mode</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"notConfigured"</code>, <code>"notificationsAndSystemInfoEnabled"</code>, <code>"systemInfoOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss][Aa][Nn][Dd][Ss][Yy][Ss][Tt][Ee][Mm][Ii][Nn][Ff][Oo][Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Ss][Yy][Ss][Tt][Ee][Mm][Ii][Nn][Ff][Oo][Oo][Nn][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskCustomizationSystemErrorWarnings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether system error dialogs for crashed or unresponsive apps are shown in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskCustomizationSystemNavigation</span> </div> <div class="desc-html"><p>Indicates which navigation features are enabled in Kiosk Mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"homeButtonOnly"</code>, <code>"navigationEnabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Aa][Vv][Ii][Gg][Aa][Tt][Ii][Oo][Nn][Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Hh][Oo][Mm][Ee][Bb][Uu][Tt][Tt][Oo][Nn][Oo][Nn][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAppOrderEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to enable app ordering in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAppPositions</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The ordering of items on Kiosk Mode Managed Home Screen. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeApps</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>A list of managed apps that will be shown when the device is in Kiosk Mode. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAppsInFolderOrderedByName</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to alphabetize applications within a folder in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBluetoothConfigurationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable end-users to configure and pair devices over Bluetooth.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeDebugMenuEasyAccessEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to allow a user to easy access to the debug menu in Kiosk Mode</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeExitCode</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The 4-6 digit PIN will be the code an IT administrator enters on a multi-app dedicated device to pause kiosk mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeFlashlightConfigurationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to allow a user to use the flashlight in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeFolderIcon</span> </div> <div class="desc-html"><p>Folder icon configuration for managed home screen in Kiosk Mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"darkCircle"</code>, <code>"darkSquare"</code>, <code>"lightCircle"</code>, <code>"lightSquare"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Aa][Rr][Kk][Ss][Qq][Uu][Aa][Rr][Ee]|[Dd][Aa][Rr][Kk][Cc][Ii][Rr][Cc][Ll][Ee]|[Ll][Ii][Gg][Hh][Tt][Ss][Qq][Uu][Aa][Rr][Ee]|[Ll][Ii][Gg][Hh][Tt][Cc][Ii][Rr][Cc][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeGridHeight</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of rows for Managed Home Screen grid with app ordering enabled in Kiosk Mode. Valid values 1 to 9999999.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeGridWidth</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of columns for Managed Home Screen grid with app ordering enabled in Kiosk Mode. Valid values 1 to 9999999.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeIconSize</span> </div> <div class="desc-html"><p>Icon size configuration for managed home screen in Kiosk Mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"large"</code>, <code>"largest"</code>, <code>"notConfigured"</code>, <code>"regular"</code>, <code>"small"</code>, <code>"smallest"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ss][Mm][Aa][Ll][Ll][Ee][Ss][Tt]|[Ss][Mm][Aa][Ll][Ll]|[Rr][Ee][Gg][Uu][Ll][Aa][Rr]|[Ll][Aa][Rr][Gg][Ee]|[Ll][Aa][Rr][Gg][Ee][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeLockHomeScreen</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to lock home screen to the end user in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedFolders</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>A list of managed folders for a device in Kiosk Mode. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenAutoSignout</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to automatically sign-out of MHS and Shared device mode applications after inactive for Managed Home Screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenInactiveSignOutDelayInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of seconds to give user notice before automatically signing them out for Managed Home Screen. Valid values 0 to 9999999.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenInactiveSignOutNoticeInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of seconds device is inactive before automatically signing user out for Managed Home Screen. Valid values 0 to 9999999.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenPinComplexity</span> </div> <div class="desc-html"><p>Complexity of PIN for sign-in session for Managed Home Screen.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"complex"</code>, <code>"notConfigured"</code>, <code>"simple"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ss][Ii][Mm][Pp][Ll][Ee]|[Cc][Oo][Mm][Pp][Ll][Ee][Xx])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenPinRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not require user to set a PIN for sign-in session for Managed Home Screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenPinRequiredToResume</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not required user to enter session PIN if screensaver has appeared for Managed Home Screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenSignInBackground</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom URL background for sign-in screen for Managed Home Screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenSignInBrandingLogo</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom URL branding logo for sign-in screen and session pin page for Managed Home Screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedHomeScreenSignInEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not show sign-in screen for Managed Home Screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedSettingsEntryDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to use single app kiosk mode or multi-app kiosk mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeMediaVolumeConfigurationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to allow a user to change the media volume in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeScreenOrientation</span> </div> <div class="desc-html"><p>Screen orientation configuration for managed home screen in Kiosk Mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"autoRotate"</code>, <code>"landscape"</code>, <code>"notConfigured"</code>, <code>"portrait"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Pp][Oo][Rr][Tt][Rr][Aa][Ii][Tt]|[Ll][Aa][Nn][Dd][Ss][Cc][Aa][Pp][Ee]|[Aa][Uu][Tt][Oo][Rr][Oo][Tt][Aa][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeScreenSaverConfigurationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Start screen saver when the device screen times out or locks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeScreenSaverDetectMediaDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not the device screen should show the screen saver if audio/video is playing in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeScreenSaverDisplayTimeInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of seconds that the device will display the screen saver for in Kiosk Mode. Valid values 0 to 9999999</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeScreenSaverImageUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>URL for an image that will be the device's screen saver in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeScreenSaverStartDelayInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of seconds the device needs to be inactive for before the screen saver is shown in Kiosk Mode. Valid values 1 to 9999999</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeShowAppNotificationBadge</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to display application notification badges in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeShowDeviceInfo</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to allow a user to access basic device information.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeUseManagedHomeScreenApp</span> </div> <div class="desc-html"><p>Whether or not to use single app kiosk mode or multi-app kiosk mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"multiAppMode"</code>, <code>"notConfigured"</code>, <code>"singleAppMode"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ss][Ii][Nn][Gg][Ll][Ee][Aa][Pp][Pp][Mm][Oo][Dd][Ee]|[Mm][Uu][Ll][Tt][Ii][Aa][Pp][Pp][Mm][Oo][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeVirtualHomeButtonEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable IT administrators to temporarily leave multi-app kiosk mode to make changes on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeVirtualHomeButtonType</span> </div> <div class="desc-html"><p>Enable a soft-key button that returns users to the Managed Home Screen. Choose between a persistent, floating button or a button activated by a swipe-up gesture.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"floating"</code>, <code>"notConfigured"</code>, <code>"swipeUp"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ss][Ww][Ii][Pp][Ee][Uu][Pp]|[Ff][Ll][Oo][Aa][Tt][Ii][Nn][Gg])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeWallpaperUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Customize the appearance of the screen background for assigned groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeWifiAllowedSsids</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The restricted set of WIFI SSIDs available for the user to configure in Kiosk Mode. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeWiFiConfigurationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable end-users to connect to different Wi-Fi networks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrophoneForceMute</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block unmuting the microphone and adjusting the microphone volume.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherConfigurationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to you want configure Microsoft Launcher.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherCustomWallpaperAllowUserModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the user can modify the wallpaper to personalize their device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherCustomWallpaperEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to configure the wallpaper on the targeted devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherCustomWallpaperImageUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Indicates the URL for the image file to use as the wallpaper on the targeted devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherDockPresenceAllowUserModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the user can modify the device dock configuration on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherDockPresenceConfiguration</span> </div> <div class="desc-html"><p>Indicates whether or not you want to configure the device dock.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ss][Hh][Oo][Ww]|[Hh][Ii][Dd][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherFeedAllowUserModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the user can modify the launcher feed on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherFeedEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the user can modify the launcher feed on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftLauncherSearchBarPlacementConfiguration</span> </div> <div class="desc-html"><p>Indicates whether or not you want to configure the device dock.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"bottom"</code>, <code>"hide"</code>, <code>"notConfigured"</code>, <code>"top"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Tt][Oo][Pp]|[Bb][Oo][Tt][Tt][Oo][Mm]|[Hh][Ii][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkEscapeHatchAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether the network escape hatch is enabled. If a network connection can't be made at boot time, the escape hatch prompts the user to temporarily connect to a network in order to refresh the device policy. After applying policy, the temporary network will be forgotten and the device will continue booting. This prevents being unable to connect to a network if there is no suitable network in the last policy and the device boots into an app in lock task mode, or the user is otherwise unable to reach device settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NfcBlockOutgoingBeam</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block usage of NFC to beam data from apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockKeyguard</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disable lock screen</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockKeyguardFeatures</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>These features are accessible to users when the device is locked. Users will not be able to see or access disabled features.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days until device password must be changed. (1-365)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum length of the password required on the device. Valid values 4 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLetterCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of letter characters required for device password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLowerCaseCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of lower case characters required for device password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumNonLetterCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of non-letter characters required for device password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumNumericCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of numeric characters required for device password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumSymbolCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of symbol characters required for device password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumUpperCaseCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of upper case letter characters required for device password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum time after which the device will lock. Can disable screen lock as well so that it never times out.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordCountToBlock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Enter the number of unique passwords required before a user can reuse an old one. (1-24)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>Set the password's complexity requirements. Additional password requirements will become available based on your selection.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphabetic"</code>, <code>"alphanumeric"</code>, <code>"alphanumericWithSymbols"</code>, <code>"customPassword"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numeric"</code>, <code>"numericComplex"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Cc][Uu][Ss][Tt][Oo][Mm][Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequireUnlock</span> </div> <div class="desc-html"><p>Indicates the timeout period after which a device must be unlocked using a form of strong authentication.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"daily"</code>, <code>"deviceDefault"</code>, <code>"unkownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Dd][Aa][Ii][Ll][Yy]|[Uu][Nn][Kk][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of consecutive times an incorrect password can be entered before device is wiped of all data. (4-11)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalProfileAppsAllowInstallFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the user can install apps from unknown sources on the personal profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalProfileCameraBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to disable the use of the camera on the personal profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalProfilePersonalApplications</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Policy applied to applications in the personal profile. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalProfilePlayStoreMode</span> </div> <div class="desc-html"><p>Used together with PersonalProfilePersonalApplications to control how apps in the personal profile are allowed or blocked</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowedApps"</code>, <code>"blockedApps"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd][Aa][Pp][Pp][Ss]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd][Aa][Pp][Pp][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalProfileScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to disable the capability to take screenshots on the personal profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PlayStoreMode</span> </div> <div class="desc-html"><p>Users get access to all apps, except the ones you've required uninstall in Client Apps. If you choose 'Not configured' for this setting, users can only access the apps you've listed as available or required in Client Apps.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowList"</code>, <code>"blockList"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ll][Ii][Ss][Tt]|[Bb][Ll][Oo][Cc][Kk][Ll][Ii][Ss][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block screen capture</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityCommonCriteriaModeEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Represents the security common criteria mode enabled provided to users when they attempt to modify managed settings on their device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityDeveloperSettingsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the user is allowed to access developer settings like developer options and safe boot on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireVerifyApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Google Play Protect to scan apps before and after they're installed. If it detects a threat, it might warn the user to remove the app from the device. Required by default.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShortHelpText</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Represents the customized short help text provided to users when they attempt to modify managed settings on their device.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">defaultMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The default message displayed if the user's locale doesn't match with any of the localized messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">localizedMessages</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The list of <locale, message> pairs. This collection can contain a maximum of 500 elements.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StatusBarBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block access to the status bar, including notifications and quick settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StayOnModes</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>The battery plugged in modes for which the device stays on. When using this setting, it is recommended to clear the Time to lock screen setting so that the device doesn't lock itself while it stays on.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageAllowUsb</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow USB storage.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageBlockExternalMedia</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block mounting of external media.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageBlockUsbFileTransfer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block transfer of files over USB.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemUpdateFreezePeriods</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Indicates the annually repeating time periods during which system updates are postponed. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemUpdateInstallType</span> </div> <div class="desc-html"><p>When over-the-air updates are available for this device, they will be installed based on this policy.?</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"deviceDefault"</code>, <code>"postpone"</code>, <code>"windowed"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Pp][Oo][Ss][Tt][Pp][Oo][Nn][Ee]|[Ww][Ii][Nn][Dd][Oo][Ww][Ee][Dd]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemUpdateWindowEndMinutesAfterMidnight</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>End of the maintenance window in the device's time zone.?</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemUpdateWindowStartMinutesAfterMidnight</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Beginning of the maintenance window in the device's time zone.?</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemWindowsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disable window notifications such as toasts, incoming calls, outgoing calls, system alerts, and system errors.?</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersBlockAdd</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks users from adding and signing in to personal accounts while on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsersBlockRemove</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block removal of users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VolumeBlockAdjustment</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block changes to volume.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VpnAlwaysOnLockdownMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this forces all network traffic through the VPN tunnel. If a connection to the VPN can't be established, no network traffic will be allowed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VpnAlwaysOnPackageIdentifier</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Android app package name for app that will handle an always-on VPN connection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WifiBlockEditConfigurations</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block user creation or editing of any Wi-Fi configurations.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WifiBlockEditPolicyDefinedConfigurations</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block changes to Wi-Fi configurations created by the device owner. Users can create their own Wi-Fi configurations.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the number of days that a work profile password can be set before it expires and a new password will be required. Valid values 1 to 365</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum length of the work profile password. Valid values 4 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumLetterCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of numeric characters required for the work profile password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumLowerCaseCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of non-letter characters required for the work profile password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumNonLetterCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of letter characters required for the work profile password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumNumericCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of lower-case characters required for the work profile password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumSymbolCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of upper-case letter characters required for the work profile password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumUpperCaseCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the minimum number of symbol characters required for the work profile password. Valid values 1 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordPreviousPasswordCountToBlock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the length of the work profile password history, where the user will not be able to enter a new password that is the same as any password in the history. Valid values 0 to 24</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordRequiredType</span> </div> <div class="desc-html"><p>Indicates the minimum password quality required on the work profile password.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphabetic"</code>, <code>"alphanumeric"</code>, <code>"alphanumericWithSymbols"</code>, <code>"customPassword"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numeric"</code>, <code>"numericComplex"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Cc][Uu][Ss][Tt][Oo][Mm][Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordRequireUnlock</span> </div> <div class="desc-html"><p>Indicates the timeout period after which a work profile must be unlocked using a form of strong authentication.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"daily"</code>, <code>"deviceDefault"</code>, <code>"unkownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Dd][Aa][Ii][Ll][Yy]|[Uu][Nn][Kk][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Indicates the number of times a user can enter an incorrect work profile password before the device is wiped. Valid values 4 to 11</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpolicyandroidopensourceproject"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpolicyandroidopensourceproject</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune device configuration profile for an Android Open Source Project Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsBlockInstallFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent applications from unknown sources.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockConfiguration</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent bluetooth configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevents using Bluetooth on devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CameraBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevents access to the device camera.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FactoryResetBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent factory reset.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum number of characters required for the password.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum minutes of inactivity until screen locks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>Set password complexity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphabetic"</code>, <code>"alphanumeric"</code>, <code>"alphanumericWithSymbols"</code>, <code>"customPassword"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numeric"</code>, <code>"numericComplex"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Cc][Uu][Ss][Tt][Oo][Mm][Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of sign-in failures before wiping device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent screen capture.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityAllowDebuggingFeatures</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable debugging features.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageBlockExternalMedia</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent external media.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageBlockUsbFileTransfer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent USB file transfer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WifiBlockEditConfigurations</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent Wifi configuration edit.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpolicyandroidworkprofile"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpolicyandroidworkprofile</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune device configuration profile for an Android WorkProfile Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the device general configuration policy for Android WorkProfile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the device general configuration policy for Android WorkProfile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockFaceUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block face unlock.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockFingerprintUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block fingerprint unlock</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockIrisUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block iris unlock.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">passwordBlockTrustAgents</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block Smart Lock and other trust agents.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days before the password expires</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum length of passwords</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minutes of inactivity before the screen times out</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of previous passwords to block</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of sign in failures allowed before factory reset</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>Type of password that is required</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumericWithSymbols"</code>, <code>"atLeastAlphabetic"</code>, <code>"atLeastAlphanumeric"</code>, <code>"atLeastNumeric"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numericComplex"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Tt][Ll][Ee][Aa][Ss][Tt][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Tt][Ll][Ee][Aa][Ss][Tt][Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Tt][Ll][Ee][Aa][Ss][Tt][Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequiredPasswordComplexity</span> </div> <div class="desc-html"><p>Indicates the required device password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileAllowAppInstallsFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to allow installation of apps from unknown sources.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileDataSharingType</span> </div> <div class="desc-html"><p>Type of data sharing that is allowed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowPersonalToWork"</code>, <code>"deviceDefault"</code>, <code>"noRestrictions"</code>, <code>"preventAny"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Pp][Rr][Ee][Vv][Ee][Nn][Tt][Aa][Nn][Yy]|[Aa][Ll][Ll][Oo][Ww][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll][Tt][Oo][Ww][Oo][Rr][Kk]|[Nn][Oo][Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ii][Oo][Nn][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockNotificationsWhileDeviceLocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block notifications while device locked</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockAddingAccounts</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block users from adding/removing accounts in work profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBluetoothEnableContactSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow bluetooth devices to access enterprise contacts</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockScreenCapture</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block screen capture in work profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockCrossProfileCallerId</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block display work profile caller ID in personal profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockCamera</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block work profile camera</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockCrossProfileContactsSearch</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block work profile contacts availability in personal profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockCrossProfileCopyPaste</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean that indicates if the setting disallow cross profile copy paste is enabled</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileDefaultAppPermissionPolicy</span> </div> <div class="desc-html"><p>Type of password that is required</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"autoDeny"</code>, <code>"autoGrant"</code>, <code>"deviceDefault"</code>, <code>"prompt"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Pp][Rr][Oo][Mm][Pp][Tt]|[Aa][Uu][Tt][Oo][Gg][Rr][Aa][Nn][Tt]|[Aa][Uu][Tt][Oo][Dd][Ee][Nn][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordBlockFaceUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block face unlock in work profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordBlockFingerprintUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block fingerprint unlock in work profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordBlockIrisUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block iris unlock in work profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordBlockTrustAgents</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block Smart Lock and other trust agents for work profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days before the work profile password expires</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum length of work profile password</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinNumericCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum count of numeric characters required in work profile password</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinNonLetterCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum count of non-letter characters required in work profile password</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinLetterCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum count of letter characters required in work profile password</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinLowerCaseCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum count of lower-case characters required in work profile password</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinUpperCaseCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum count of upper-case characters required in work profile password</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinSymbolCharacters</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum count of symbols required in work profile password</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minutes of inactivity before the screen times out</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of previous work profile passwords to block</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of sign in failures allowed before work profile is removed and all corporate data deleted</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfilePasswordRequiredType</span> </div> <div class="desc-html"><p>Type of work profile password that is required</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumericWithSymbols"</code>, <code>"atLeastAlphabetic"</code>, <code>"atLeastAlphanumeric"</code>, <code>"atLeastNumeric"</code>, <code>"deviceDefault"</code>, <code>"lowSecurityBiometric"</code>, <code>"numericComplex"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Ll][Oo][Ww][Ss][Ee][Cc][Uu][Rr][Ii][Tt][Yy][Bb][Ii][Oo][Mm][Ee][Tt][Rr][Ii][Cc]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Tt][Ll][Ee][Aa][Ss][Tt][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc][Cc][Oo][Mm][Pp][Ll][Ee][Xx]|[Aa][Tt][Ll][Ee][Aa][Ss][Tt][Aa][Ll][Pp][Hh][Aa][Bb][Ee][Tt][Ii][Cc]|[Aa][Tt][Ll][Ee][Aa][Ss][Tt][Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc][Ww][Ii][Tt][Hh][Ss][Yy][Mm][Bb][Oo][Ll][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileRequiredPasswordComplexity</span> </div> <div class="desc-html"><p>Indicates the required device password complexity on Android. One of: NONE, LOW, MEDIUM, HIGH in work profile.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"low"</code>, <code>"medium"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileRequirePassword</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Password is required or not for work profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityRequireVerifyApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require the Android Verify apps feature is turned on</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VpnAlwaysOnPackageIdentifier</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Package identifier for always-on VPN.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VpnEnableAlwaysOnLockdownMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable lockdown mode for always-on VPN.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileAllowWidgets</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow widgets from work profile apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WorkProfileBlockPersonalAppInstallsFromUnknownSources</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent app installations from unknown sources in the personal profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the site collection exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpolicyios"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpolicyios</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Device Configuration Policy for iOS.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountBlockModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow account modification when the device is in supervised mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivationLockAllowWhenSupervised</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Activation Lock makes it harder for a lost or stolen device to be reactivated.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirDropBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow AirDrop when the device is in supervised mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirDropForceUnmanagedDropTarget</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Force AirDrop to be considered an unmanaged drop target.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirPlayForcePairingPasswordForOutgoingRequests</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Force requiring a pairing password for outgoing AirPlay requests.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirPrintBlockCredentialsStorage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks keychain storage of username and password for outgoing AirPrint request.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirPrintBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks AirPrint request.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirPrintBlockiBeaconDiscovery</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocking prevents malicious AirPrint Bluetooth beacons phishing for network traffic.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirPrintForceTrustedTLS</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Forces trusted certificates for TLS printing communication</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppClipsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block app clips.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppleNewsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Apple News</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplePersonalizedAdsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Apple PersonalizedAdsBlocked</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppleWatchBlockPairing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow Apple Watch pairing when the device is in supervised mode (iOS 9.0 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppleWatchForceWristDetection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Force paired Apple watch to use wrist detection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppRemovalBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block app removal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsSingleAppModeList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Apps you add to this list and assign to a device can lock the device to run only that app once launched, or lock the device while a certain action is running (for example, taking a test). Once the action is complete, or you remove the restriction, the device returns to its normal state.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppStoreBlockAutomaticDownloads</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks automatic downloading of apps purchased on other devices. Does not affect updates to existing apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppStoreBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>For supervised devices as of iOS 13.0.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppStoreBlockInAppPurchases</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block AppStore in-app purchases.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppStoreBlockUIAppInstallation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block App Store from Home Screen. Users may continue to use iTunes or Apple Configurator to install or update apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppStoreRequirePassword</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Users must enter Apple ID password for each in-app and iTunes purchase.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsVisibilityList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Enter the iTunes App Store URL of the app you want. For example, to specify the Microsoft Work Folders app for iOS, enter <a target="_blank" rel="noopener noreferrer" href="https://itunes.apple.com/us/app/work-folders/id950878067?mt=8">https://itunes.apple.com/us/app/work-folders/id950878067?mt=8</a>. To find the URL of an app, use a search engine to locate the store page. For example, to find the Work Folders app, you could search Microsoft Work Folders ITunes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsVisibilityListType</span> </div> <div class="desc-html"><p>Set whether the list is a list of apps to hide or a list of apps to make visible.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"appsInListCompliant"</code>, <code>"appsNotInListCompliant"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Pp][Pp][Ss][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt]|[Aa][Pp][Pp][Ss][Nn][Oo][Tt][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoFillForceAuthentication</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require Touch ID or Face ID before passwords or credit card information can be auto filled in Safari and Apps. Available with iOS 12.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoUnlockBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block auto unlock.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockSystemAppRemoval</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocking disables the ability to remove system apps from the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block modification of Bluetooth settings. To use this setting, the device must be in supervised mode (iOS 10.0+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CameraBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from accessing the camera of the device. Requires a supervised device for iOS 13 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockDataRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block data roaming over the cellular network. This won't show in the device's management profile, but a block will be enforced for data roaming every time the device checks in (typically every 8 hours).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockGlobalBackgroundFetchWhileRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block global background fetch while roaming over the cellular network.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockPerAppDataModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block changes to app cellular data usage settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockPersonalHotspot</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This value is available only with certain carriers. This won't show in the device's management profile, but a block will be enforced for personal hotspot every time the device checks in (typically every 8 hours). Block modification of personal hotspot in addition to this setting to ensure personal hotspot will always be blocked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockPersonalHotspotModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>For devices running iOS 12.2 and later. Users can't turn Personal Hotspot on or off. If you block this setting and block Personal Hotspot, Personal Hotspot will be turned off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockPlanModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow users to change the settings of the cellular plan on a supervised device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockVoiceRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block voice roaming over the cellular network.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificatesBlockUntrustedTlsCertificates</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block untrusted Transport Layer Security (TLS) certificates.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomAppBlockRemoteScreenObservation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block remote screen observation by Classroom app. To use this setting, the device must be in supervised mode (iOS 9.3+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomAppForceUnpromptedScreenObservation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Student devices enrolled in a class via the Classroom app will automatically give permission to that course's teacher to silently observe the student's screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomForceAutomaticallyJoinClasses</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Students can join a class without prompting the teacher.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomForceRequestPermissionToLeaveClasses</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Requires a student enrolled in an unmanaged course via Classroom to request permission from the teacher when attempting to leave the course. Only available in iOS 11.3+</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomForceUnpromptedAppAndDeviceLock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Teachers can lock an app open or lock the device without first prompting the user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CompliantAppListType</span> </div> <div class="desc-html"><p>Device compliance can be viewed in the Restricted Apps Compliance report.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"appsInListCompliant"</code>, <code>"appsNotInListCompliant"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Pp][Pp][Ss][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt]|[Aa][Pp][Pp][Ss][Nn][Oo][Tt][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CompliantAppsList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Enter the iTunes App Store URL of the app you want. For example, to specify the Microsoft Work Folders app for iOS, enter <a target="_blank" rel="noopener noreferrer" href="https://itunes.apple.com/us/app/work-folders/id950878067?mt=8">https://itunes.apple.com/us/app/work-folders/id950878067?mt=8</a>. To find the URL of an app, use a search engine to locate the store page. For example, to find the Work Folders app, you could search Microsoft Work Folders ITunes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigurationProfileBlockChanges</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from installing configuration profiles and certificates interactively when the device is in supervised mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContactsAllowManagedToUnmanagedWrite</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Users can sync and add their managed contacts (including business and corporate ones) to an unmanaged app, such as the device's built-in contacts app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContactsAllowUnmanagedToManagedRead</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>An unmanaged app, such as the device's built-in contacts app, can access contact info in a managed app, such as Outlook.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContinuousPathKeyboardBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>QuickPath enables continuous input on the device keyboard. Available for iOS/iPadOS 13.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DateAndTimeForceSetAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Forces device to Set Date & Time Automatically. The device's time zone will only be updated when the device has cellular connections or wifi with location services enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefinitionLookupBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block definition lookup when the device is in supervised mode (iOS 8.1.3 and later ).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceBlockEnableRestrictions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>On iOS 12.0 and later, this blocks users from setting their own Screen Time settings, which includes device restrictions. On iOS 11.4.1 and earlier, this blocks the user from enabling restrictions in the device settings. The blocking effect is the same on any supervised iOS device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceBlockEraseContentAndSettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the use of the erase all content and settings option on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceBlockNameModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow device name modification when the device is in supervised mode (iOS 9.0 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DiagnosticDataBlockSubmission</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the device from sending diagnostic and usage telemetry data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DiagnosticDataBlockSubmissionModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the modification of the diagnostic submission and app analytics settings in the Diagnostics and Usage pane in Settings. To use this setting, the device must be in supervised mode (iOS 9.3.2+).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentsBlockManagedDocumentsInUnmanagedApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from viewing managed documents in unmanaged apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentsBlockUnmanagedDocumentsInManagedApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from viewing unmanaged documents in managed apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmailInDomainSuffixes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Emails that the user sends or receives which don't match the domains you specify here will be marked as untrusted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseAppBlockTrust</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Removes the Trust Enterprise Developer button in Settings->General->Profiles & Device Management.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseAppBlockTrustModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the changing of enterprise app trust settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseBookBlockBackup</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to backup enterprise book.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseBookBlockMetadataSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to sync enterprise book metadata.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EsimBlockModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow the addition or removal of cellular plans on the eSIM of a supervised device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FaceTimeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using FaceTime. Requires a supervised device for iOS 13 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilesNetworkDriveAccessBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Using the Server Message Block (SMB) protocol, devices can access files or other resources on a network server. Available for devices running iOS and iPadOS, versions 13.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilesUsbDriveAccessBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Devices with access can connect to and open files on a USB drive. Available for devices running iOS and iPadOS, versions 13.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindMyDeviceInFindMyAppBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>A Find My app feature. Available for iOS/iPadOS 13.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindMyFriendsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block changes to the Find My Friends app settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindMyFriendsInFindMyAppBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>A Find My app feature. Used to locate family and friends from an Apple device or iCloud.com. Available for iOS/iPadOS 13.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GameCenterBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using Game Center when the device is in supervised mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GamingBlockGameCenterFriends</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block adding Game Center friends. For supervised devices as of iOS 13.0.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GamingBlockMultiplayer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>For supervised devices as of iOS 13.0.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HostPairingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Host pairing allows you to control which devices the device can pair with.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IBooksStoreBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using the iBooks Store when the device is in supervised mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IBooksStoreBlockErotica</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>User will not be able to download media from the iBook store that has been tagged as erotica.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockActivityContinuation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Handoff lets users start work on one iOS device, and continue it on another MacOS or iOS device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockBackup</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block backing up device to iCloud.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockDocumentSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing documents and data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockManagedAppsSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block managed apps from syncing to cloud.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockPhotoLibrary</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Any photos not fully downloaded from iCloud Photo Library to device will be removed from local storage.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockPhotoStreamSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block photo stream syncing to iCloud.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockSharedPhotoStream</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block shared photo streaming. Blocking can cause data loss.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudPrivateRelayBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block iCloud private relay.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudRequireEncryptedBackup</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require encryption on device backup.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ITunesBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block iTunes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ITunesBlockExplicitContent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block explicit iTunes music, podcast, and news content from iTunes. For supervised devices as of 13.0.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ITunesBlockMusicService</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Music service. If true, Music app reverts to classic mode and Music service is disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ITunesBlockRadio</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using iTunes Radio when the device is in supervised mode (iOS 9.3 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyboardBlockAutoCorrect</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block keyboard auto-correction when the device is in supervised mode (iOS 8.1.3 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyboardBlockDictation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using dictation input when the device is in supervised mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyboardBlockPredictive</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block predictive keyboards when device is in supervised mode (iOS 8.1.3 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyboardBlockShortcuts</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block keyboard shortcuts when the device is in supervised mode (iOS 9.0 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyboardBlockSpellCheck</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block keyboard spell-checking when the device is in supervised mode (iOS 8.1.3 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeychainBlockCloudSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables syncing credentials stored in the Keychain to iCloud.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowAssistiveSpeak</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow assistive speak while in kiosk mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowAssistiveTouchSettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Users can turn AssistiveTouch on or off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowAutoLock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode allow auto lock</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowColorInversionSettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Users can turn invert colors on or off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowRingerSwitch</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode allow ringer switch</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowScreenRotation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode allow screen rotation</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowSleepButton</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode allow sleep button</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowTouchscreen</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode allow touchscreen</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowVoiceControlModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow the user to toggle voice control in kiosk mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowVoiceOverSettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Users can turn VoiceOver on or off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowVolumeButtons</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Kiosk mode allow volume buttons</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAllowZoomSettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Users can turn zoom on or off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAppStoreUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>URL of app for kiosk mode, e.g. <a target="_blank" rel="noopener noreferrer" href="https://itunes.apple.com/us/app/work-folders/id950878067?mt=8">https://itunes.apple.com/us/app/work-folders/id950878067?mt=8</a></p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeAppType</span> </div> <div class="desc-html"><p>Indicates type of app in kiosk mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"appStoreApp"</code>, <code>"builtInApp"</code>, <code>"managedApp"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Pp][Pp][Ss][Tt][Oo][Rr][Ee][Aa][Pp][Pp]|[Mm][Aa][Nn][Aa][Gg][Ee][Dd][Aa][Pp][Pp]|[Bb][Uu][Ii][Ll][Tt][Ii][Nn][Aa][Pp][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockAutoLock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the auto-lock while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockRingerSwitch</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the ringer switch while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockScreenRotation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the screen rotation while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockSleepButton</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the sleep button while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockTouchscreen</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the touchscreen while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBlockVolumeButtons</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the volume buttons while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeBuiltInAppId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>To see a list of bundle IDs for common built-in iOS apps, see the Intune documentation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeEnableVoiceControl</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enable the voice control while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeManagedAppId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Add managed Intune apps from the Software Node.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeRequireAssistiveTouch</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce assistive touch while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeRequireColorInversion</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce color inversion while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeRequireMonoAudio</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce mono audio while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeRequireVoiceOver</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce voice control while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskModeRequireZoom</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce zoom while in Kiosk Mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenBlockControlCenter</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using control center on the lock screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenBlockNotificationView</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using the notification view on the lock screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenBlockPassbook</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using passbook when the device is locked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenBlockTodayView</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using the Today View on the lock screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagedPasteboardRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce managed pasteboard.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingApps</span> </div> <div class="desc-html"><p>Media content rating settings for apps.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove12"</code>, <code>"agesAbove17"</code>, <code>"agesAbove4"</code>, <code>"agesAbove9"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]4|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]9|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]17)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingAustralia</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for Australia</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for Australia</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove15"</code>, <code>"agesAbove18"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"mature"</code>, <code>"parentalGuidance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Mm][Aa][Tt][Uu][Rr][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]15|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]18)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for Australia</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove15"</code>, <code>"agesAbove15AdultViolence"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"children"</code>, <code>"general"</code>, <code>"mature"</code>, <code>"parentalGuidance"</code>, <code>"preschoolers"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Pp][Rr][Ee][Ss][Cc][Hh][Oo][Oo][Ll][Ee][Rr][Ss]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Mm][Aa][Tt][Uu][Rr][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]15|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]15[Aa][Dd][Uu][Ll][Tt][Vv][Ii][Oo][Ll][Ee][Nn][Cc][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingCanada</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for Canada</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for Canada</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove14"</code>, <code>"agesAbove18"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"parentalGuidance"</code>, <code>"restricted"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]14|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]18|[Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for Canada</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove14"</code>, <code>"agesAbove18"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"children"</code>, <code>"childrenAbove8"</code>, <code>"general"</code>, <code>"parentalGuidance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn][Aa][Bb][Oo][Vv][Ee]8|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]14|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]18)$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingFrance</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for France</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for France</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove10"</code>, <code>"agesAbove12"</code>, <code>"agesAbove16"</code>, <code>"agesAbove18"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]10|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]16|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]18)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for France</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove10"</code>, <code>"agesAbove12"</code>, <code>"agesAbove16"</code>, <code>"agesAbove18"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]10|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]16|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]18)$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingGermany</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for Germany</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for Germany</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adults"</code>, <code>"agesAbove12"</code>, <code>"agesAbove16"</code>, <code>"agesAbove6"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]6|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]16|[Aa][Dd][Uu][Ll][Tt][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for Germany</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adults"</code>, <code>"agesAbove12"</code>, <code>"agesAbove16"</code>, <code>"agesAbove6"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]6|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]16|[Aa][Dd][Uu][Ll][Tt][Ss])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingIreland</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for Ireland</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for Ireland</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adults"</code>, <code>"agesAbove12"</code>, <code>"agesAbove15"</code>, <code>"agesAbove16"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"parentalGuidance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]15|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]16|[Aa][Dd][Uu][Ll][Tt][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for Ireland</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"children"</code>, <code>"general"</code>, <code>"mature"</code>, <code>"parentalSupervision"</code>, <code>"youngAdults"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn]|[Yy][Oo][Uu][Nn][Gg][Aa][Dd][Uu][Ll][Tt][Ss]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Ss][Uu][Pp][Ee][Rr][Vv][Ii][Ss][Ii][Oo][Nn]|[Mm][Aa][Tt][Uu][Rr][Ee])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingJapan</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for Japan</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for Japan</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove15"</code>, <code>"agesAbove18"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"parentalGuidance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]15|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]18)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for Japan</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"explicitAllowed"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Ee][Xx][Pp][Ll][Ii][Cc][Ii][Tt][Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingNewZealand</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for New Zealand</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for New Zealand</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"agesAbove13"</code>, <code>"agesAbove15"</code>, <code>"agesAbove16"</code>, <code>"agesAbove16Restricted"</code>, <code>"agesAbove18"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"mature"</code>, <code>"parentalGuidance"</code>, <code>"restricted"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Mm][Aa][Tt][Uu][Rr][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]13|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]15|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]16|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]18|[Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ee][Dd]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]16[Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for New Zealand</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adults"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"parentalGuidance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Aa][Dd][Uu][Ll][Tt][Ss])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingUnitedKingdom</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for United Kingdom</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for UK</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adults"</code>, <code>"agesAbove12Cinema"</code>, <code>"agesAbove12Video"</code>, <code>"agesAbove15"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"parentalGuidance"</code>, <code>"universalChildren"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Uu][Nn][Ii][Vv][Ee][Rr][Ss][Aa][Ll][Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12[Vv][Ii][Dd][Ee][Oo]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]12[Cc][Ii][Nn][Ee][Mm][Aa]|[Aa][Gg][Ee][Ss][Aa][Bb][Oo][Vv][Ee]15|[Aa][Dd][Uu][Ll][Tt][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for UK</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"caution"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Cc][Aa][Uu][Tt][Ii][Oo][Nn])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MediaContentRatingUnitedStates</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Media content rating settings for United States</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">movieRating</span> </div> <div class="desc-html"><p>Movies rating selected for USA</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adults"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"general"</code>, <code>"parentalGuidance"</code>, <code>"parentalGuidance13"</code>, <code>"restricted"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]13|[Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ee][Dd]|[Aa][Dd][Uu][Ll][Tt][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">tvRating</span> </div> <div class="desc-html"><p>TV rating selected for USA</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"adults"</code>, <code>"allAllowed"</code>, <code>"allBlocked"</code>, <code>"childrenAbove14"</code>, <code>"childrenAbove7"</code>, <code>"childrenAll"</code>, <code>"general"</code>, <code>"parentalGuidance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll][Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Aa][Ll][Ll][Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn][Aa][Ll][Ll]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn][Aa][Bb][Oo][Vv][Ee]7|[Gg][Ee][Nn][Ee][Rr][Aa][Ll]|[Pp][Aa][Rr][Ee][Nn][Tt][Aa][Ll][Gg][Uu][Ii][Dd][Aa][Nn][Cc][Ee]|[Cc][Hh][Ii][Ll][Dd][Rr][Ee][Nn][Aa][Bb][Oo][Vv][Ee]14|[Aa][Dd][Uu][Ll][Tt][Ss])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessagesBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using the Messages app on the supervised device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkUsageRules</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>If you don't add any managed apps, the configured settings will apply to all managed apps by default. If you add specific managed apps, the configured settings will apply to only those apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NfcBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using nfc on the supervised device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationsBlockSettingsModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow notifications settings modification (iOS 9.3 and later).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnDeviceOnlyDictationForced</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce on device only dictation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnDeviceOnlyTranslationForced</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enforce on device only translation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeBlockFingerprintModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block users from adding, changing, or removing fingerprints and faces. Face ID is available in iOS 11.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeBlockFingerprintUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Face ID is available on iOS 11.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeBlockModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block passcode from being added, changed or removed. Changes to passcode restrictions will be ignored on supervised devices after blocking passcode modification.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeBlockSimple</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block simple password sequences, such as 1234 or 1111.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days until device password must be changed. (1-65535)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinimumCharacterSetCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum number (0-4) of non-alphanumeric characters, such as #, %, !, etc., required in the password. The default value is 0.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum number of digits or characters in password. (4-14)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set to 0 to require a password immediately. There is no maximum number of minutes, and this number overrides the number currently set on the device. (This compliance check is supported for devices with OS versions iOS 8.0 and above)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set to 0 to use the device's minimum possible value. This number (0-60) overrides the number currently set on the device. If set to Immediately, devices will use the minimum possible value per device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodePreviousPasscodeBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of new passwords that must be used until an old one can be reused. (1-24)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>In addition to requiring a password on all devices, this setting enforces a non-simple, 6-digit password requirement (regardless of other password settings you configure) on devices that are enrolled with Apple user enrollment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeRequiredType</span> </div> <div class="desc-html"><p>Type of passcode that is required.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumeric"</code>, <code>"deviceDefault"</code>, <code>"numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasscodeSignInFailureCountBeforeWipe</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of consecutive times an incorrect password can be entered before device is wiped of all data. (2-11)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockAirDropSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block AirDrop password sharing</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockAutoFill</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block password autofill.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockProximityRequests</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block password proximity requests.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PkiBlockOTAUpdates</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows your users to receive software updates without connecting their devices to a computer</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PodcastsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block podcasts.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyForceLimitAdTracking</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables device advertising identifier</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProximityBlockSetupToNewDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block user's from using their Apple devices to set up and configure other Apple devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariBlockAutofill</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block Safari autofill.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block Safari. For supervised devices as of iOS 13.0.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariBlockJavaScript</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block javascript in Safari.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariBlockPopups</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block popups on Safari.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariCookieSettings</span> </div> <div class="desc-html"><p>Cookie settings for Safari.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowAlways"</code>, <code>"allowCurrentWebSite"</code>, <code>"allowFromWebsitesVisited"</code>, <code>"blockAlways"</code>, <code>"browserDefault"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Rr][Oo][Ww][Ss][Ee][Rr][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Bb][Ll][Oo][Cc][Kk][Aa][Ll][Ww][Aa][Yy][Ss]|[Aa][Ll][Ll][Oo][Ww][Cc][Uu][Rr][Rr][Ee][Nn][Tt][Ww][Ee][Bb][Ss][Ii][Tt][Ee]|[Aa][Ll][Ll][Oo][Ww][Ff][Rr][Oo][Mm][Ww][Ee][Bb][Ss][Ii][Tt][Ee][Ss][Vv][Ii][Ss][Ii][Tt][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Aa][Ll][Ww][Aa][Yy][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariManagedDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Documents downloaded from the URLs you specify here will be considered managed (Safari only).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariPasswordAutoFillDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Users can save passwords in Safari only from URLs matching the patterns you specify here. To use this setting, the device must be in supervised mode and not configured for multiple users. (iOS 9.3+)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariRequireFraudWarning</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require fraud warning in Safari.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from taking Screenshots</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharedDeviceBlockTemporarySessions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block temporary sessions on shared devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiriBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block Siri.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiriBlockedWhenLocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block Siri when locked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiriBlockUserGeneratedContent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Siri from querying user-generated content from the internet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiriRequireProfanityFilter</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevents Siri from dictating, or speaking profane language.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SoftwareUpdatesEnforcedDelayInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Delay the user's software update for this many days. The maximum is 90 days. (1-90)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SoftwareUpdatesForceDelayed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Delay user visibility of Software Updates. This does not impact any scheduled updates. It represents days before software updates are visible to end users after release.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SpotlightBlockInternetResults</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks Spotlight from returning any results from an Internet search.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UnpairedExternalBootToRecoveryAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow users to boot devices into recovery mode with unpaired devices. Available for devices running iOS and iPadOS versions 14.5 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsbRestrictedModeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks USB Restricted mode. USB Restricted mode blocks USB accessories from exchanging data with a device that has been locked over an hour.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VoiceDialingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block voice dialing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VpnBlockCreation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks the creation of VPN configurations</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WallpaperBlockModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block wallpaper from being changed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiConnectOnlyToConfiguredNetworks</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Force the device to use only Wi-Fi networks set up through configuration profiles.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiConnectToAllowedNetworksOnlyForced</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Require devices to use Wi-Fi networks set up via configuration profiles. Available for devices running iOS and iPadOS versions 14.5 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WifiPowerOnForced</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Wi-Fi can't be turned off in the Settings app or in the Control Center, even when the device is in airplane mode. Available for iOS/iPadOS 13.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpolicymacos"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpolicymacos</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune device configuration profile for an MacOS Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddingGameCenterFriendsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures users from adding friends to Game Center. Available for devices running macOS versions 10.13 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AirDropBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether or not to allow AirDrop.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppleWatchBlockAutoUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks users from unlocking their Mac with Apple Watch.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CameraBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks users from taking photographs and videos.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomAppBlockRemoteScreenObservation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks AirPlay, screen sharing to other devices, and a Classroom app feature used by teachers to view their students' screens. This setting isn't available if you've blocked screenshots.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomAppForceUnpromptedScreenObservation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Unprompted observation means that teachers can view screens without warning students first. This setting isn't available if you've blocked screenshots.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomForceAutomaticallyJoinClasses</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Students can join a class without prompting the teacher.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomForceRequestPermissionToLeaveClasses</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Students enrolled in an unmanaged Classroom course must get teacher consent to leave the course.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ClassroomForceUnpromptedAppAndDeviceLock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Teachers can lock a student's device or app without the student's approval.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CompliantAppListType</span> </div> <div class="desc-html"><p>Device compliance can be viewed in the Restricted Apps Compliance report.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"appsInListCompliant"</code>, <code>"appsNotInListCompliant"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Aa][Pp][Pp][Ss][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt]|[Aa][Pp][Pp][Ss][Nn][Oo][Tt][Ii][Nn][Ll][Ii][Ss][Tt][Cc][Oo][Mm][Pp][Ll][Ii][Aa][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CompliantAppsList</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>List of apps in the compliance (either allow list or block list, controlled by CompliantAppListType).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentCachingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether or not to allow content caching.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefinitionLookupBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block look up, a feature that looks up the definition of a highlighted word.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EmailInDomainSuffixes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Emails that the user sends or receives which don't match the domains you specify here will be marked as untrusted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EraseContentAndSettingsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures the reset option on supervised devices. Available for devices running macOS versions 12.0 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GameCenterBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configured if the Game Center icon is removed from the Home screen. Available for devices running macOS versions 10.13 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockActivityContinuation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Handoff lets users start work on one MacOS device, and continue it on another MacOS or iOS device. Available for macOS 10.15 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockAddressBook</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing contacts.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockBookmarks</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing bookmarks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockCalendar</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing calendars.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockDocumentSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing documents and data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockMail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing mail.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockNotes</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing notes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockPhotoLibrary</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Any photos not fully downloaded from iCloud Photo Library to device will be removed from local storage.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudBlockReminders</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks iCloud from syncing reminders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudDesktopAndDocumentsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures if the synchronization of cloud desktop and documents is blocked. Available for devices running macOS 10.12.4 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ICloudPrivateRelayBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures if iCloud private relay is blocked or not. Available for devices running macOS 12 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ITunesBlockFileSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks files from being transferred using iTunes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ITunesBlockMusicService</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether or not to block files from being transferred using iTunes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyboardBlockDictation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block dictation, which is a feature that converts the user's voice to text.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeychainBlockCloudSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables syncing credentials stored in the Keychain to iCloud</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MultiplayerGamingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether multiplayer gaming when using Game Center is blocked. Available for devices running macOS versions 10.13 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockAirDropSharing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether or not to block sharing passwords with the AirDrop passwords feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockAutoFill</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether or not to block the AutoFill Passwords feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockFingerprintUnlock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Requires user to set a non-biometric passcode or password to unlock the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks user from changing the set passcode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockProximityRequests</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether or not to block requesting passwords from nearby devices.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockSimple</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block simple password sequences, such as 1234 or 1111.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days until device password must be changed. (1-65535)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMaximumAttemptCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures the number of allowed failed attempts to enter the passcode at the device's lock screen. Valid values 2 to 11</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumCharacterSetCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum number (0-4) of non-alphanumeric characters, such as #, %, !, etc., required in the password. The default value is 0.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Minimum number of digits or characters in password (4-16).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeLock</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set to 0 to require a password immediately. There is no maximum number of minutes, and this number overrides the number currently set on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set to 0 to use the device's minimum possible value. This number (0-60 minutes) overrides the number currently set on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesUntilFailedLoginReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures the number of minutes before the login is reset after the maximum number of unsuccessful login attempts is reached.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of new passwords that must be used until an old one can be reused. (1-24)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify the type of password required.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>Specify the type of password required.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumeric"</code>, <code>"deviceDefault"</code>, <code>"numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyAccessControls</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Configure an app's access to specific data, folders, and apps on a device. These settings apply to devices running macOS Mojave 10.14 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafariBlockAutofill</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks Safari from remembering what users enter in web forms.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether or not to block the user from taking Screenshots.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SoftwareUpdateMajorOSDeferredInstallDelayInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of days (1-90) to delay visibility of major OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SoftwareUpdateMinorOSDeferredInstallDelayInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of days (1-90) to delay visibility of minor OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SoftwareUpdateNonOSDeferredInstallDelayInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of days (1-90) to delay visibility of non-OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SoftwareUpdatesEnforcedDelayInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Delay the user's software update for this many days. The maximum is 90 days. (1-90)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SpotlightBlockInternetResults</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks Spotlight from returning any results from an Internet search</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TouchIdTimeoutInHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Configures the maximum hours after which the user must enter their password to unlock the device instead of using Touch ID. Available for devices running macOS 12 and later. Valid values 0 to 2147483647</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UpdateDelayPolicy</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>Configures whether to delay OS and/or app updates for macOS.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WallpaperModificationBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configures whether the wallpaper can be changed. Available for devices running macOS versions 10.13 and later.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountsBlockAddingNonMicrosoftAccountEmail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from adding email accounts to the device that are not associated with a Microsoft account.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActivateAppsWithVoice</span> </div> <div class="desc-html"><p>Specifies if Windows apps can be activated by voice. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AntiTheftModeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from selecting an AntiTheft mode preference (Windows 10 Mobile only).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppManagementMSIAllowUserControlOverInstall</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting permits users to change installation options that typically are available only to system administrators.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppManagementMSIAlwaysInstallWithElevatedPrivileges</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting directs Windows Installer to use elevated permissions when it installs any program on the system.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppManagementPackageFamilyNamesToLaunchAfterLogOn</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are to be launched after logon.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsAllowTrustedAppsSideloading</span> </div> <div class="desc-html"><p>Indicates whether apps from AppX packages signed with a trusted certificate can be side loaded. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AppsBlockWindowsStoreOriginatedApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to disable the launch of all apps from Windows Store that came pre-installed or were downloaded.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationAllowSecondaryDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows secondary authentication devices to work with Windows.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationPreferredAzureADTenantDomainName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the preferred domain among available domains in the Azure AD tenant.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationWebSignIn</span> </div> <div class="desc-html"><p>Indicates whether or not Web Credential Provider will be enabled. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothAllowedServices</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify a list of allowed Bluetooth services and profiles in hex formatted strings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockAdvertising</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using bluetooth advertising.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockDiscoverableMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using bluetooth discoverable mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using bluetooth.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockPrePairing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to block specific bundled Bluetooth peripherals to automatically pair with the host device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BluetoothBlockPromptedProximalConnections</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to block the users from using Swift Pair and other proximity based scenarios.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CameraBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from accessing the camera of the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockDataWhenRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using data over cellular while roaming.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockVpn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using VPN over cellular.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularBlockVpnWhenRoaming</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using VPN when roaming over cellular.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CellularData</span> </div> <div class="desc-html"><p>Whether or not to allow the cellular data channel on the device. If not configured, the cellular data channel is allowed and the user can turn it off. Possible values are: blocked, required, allowed, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code>, <code>"required"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Rr][Ee][Qq][Uu][Ii][Rr][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificatesBlockManualRootCertificateInstallation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from doing manual root certificate installation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigureTimeZone</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the time zone to be applied to the device. This is the standard Windows name for the target time zone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectedDevicesServiceBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to block Connected Devices Service which enables discovery and connection to other devices, remote messaging, remote app sessions and other cross-device experiences.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CopyPasteBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using copy paste.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CortanaBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to Block the user from using Cortana.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CryptographyAllowFipsAlgorithmPolicy</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify whether to allow or disallow the Federal Information Processing Standard (FIPS) policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DataProtectionBlockDirectMemoryAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderBlockEndUserAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether or not to block end user access to Defender.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderBlockOnAccessProtection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows or disallows Windows Defender On Access Protection functionality.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderCloudBlockLevel</span> </div> <div class="desc-html"><p>Specifies the level of cloud-delivered protection. Possible values are: notConfigured, high, highPlus, zeroTolerance.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"high"</code>, <code>"highPlus"</code>, <code>"notConfigured"</code>, <code>"zeroTolerance"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Gg][Hh]|[Hh][Ii][Gg][Hh][Pp][Ll][Uu][Ss]|[Zz][Ee][Rr][Oo][Tt][Oo][Ll][Ee][Rr][Aa][Nn][Cc][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderCloudExtendedTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Timeout extension for file scanning by the cloud. Valid values 0 to 50</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderCloudExtendedTimeoutInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Timeout extension for file scanning by the cloud. Valid values 0 to 50</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDaysBeforeDeletingQuarantinedMalware</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days before deleting quarantined malware. Valid values 0 to 90</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDetectedMalwareActions</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Gets or sets Defenders actions to take on detected Malware per threat level.</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">HighSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for high severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LowSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for low severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModerateSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for moderate severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SevereSeverity</span> </div> <div class="desc-html"><p>Indicates a Defender action to take for severe severity Malware threat detected. Possible values are: deviceDefault, clean, quarantine, remove, allow, userDefined, block.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"block"</code>, <code>"clean"</code>, <code>"deviceDefault"</code>, <code>"quarantine"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Cc][Ll][Ee][Aa][Nn]|[Qq][Uu][Aa][Rr][Aa][Nn][Tt][Ii][Nn][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Aa][Ll][Ll][Oo][Ww]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableCatchupFullScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When blocked, catch-up scans for scheduled full scans will be turned off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderDisableCatchupQuickScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When blocked, catch-up scans for scheduled quick scans will be turned off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderFileExtensionsToExclude</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>File extensions to exclude from scans and real time protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderFilesAndFoldersToExclude</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Files and folder to exclude from scans and real time protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderMonitorFileActivity</span> </div> <div class="desc-html"><p>Value for monitoring file activity. Possible values are: userDefined, disable, monitorAllFiles, monitorIncomingFilesOnly, monitorOutgoingFilesOnly.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disable"</code>, <code>"monitorAllFiles"</code>, <code>"monitorIncomingFilesOnly"</code>, <code>"monitorOutgoingFilesOnly"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee]|[Mm][Oo][Nn][Ii][Tt][Oo][Rr][Aa][Ll][Ll][Ff][Ii][Ll][Ee][Ss]|[Mm][Oo][Nn][Ii][Tt][Oo][Rr][Ii][Nn][Cc][Oo][Mm][Ii][Nn][Gg][Ff][Ii][Ll][Ee][Ss][Oo][Nn][Ll][Yy]|[Mm][Oo][Nn][Ii][Tt][Oo][Rr][Oo][Uu][Tt][Gg][Oo][Ii][Nn][Gg][Ff][Ii][Ll][Ee][Ss][Oo][Nn][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderPotentiallyUnwantedAppAction</span> </div> <div class="desc-html"><p>Gets or sets Defenders action to take on Potentially Unwanted Application (PUA), which includes software with behaviors of ad-injection, software bundling, persistent solicitation for payment or subscription, etc. Defender alerts user when PUA is being downloaded or attempts to install itself. Added in Windows 10 for desktop. Possible values are: deviceDefault, block, audit.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"deviceDefault"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderPotentiallyUnwantedAppActionSetting</span> </div> <div class="desc-html"><p>Gets or sets Defenders action to take on Potentially Unwanted Application (PUA), which includes software with behaviors of ad-injection, software bundling, persistent solicitation for payment or subscription, etc. Defender alerts user when PUA is being downloaded or attempts to install itself. Added in Windows 10 for desktop. Possible values are: userDefined, enable, auditMode, warn, notConfigured.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"auditMode"</code>, <code>"enable"</code>, <code>"notConfigured"</code>, <code>"userDefined"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee]|[Aa][Uu][Dd][Ii][Tt][Mm][Oo][Dd][Ee]|[Ww][Aa][Rr][Nn]|[Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderProcessesToExclude</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Processes to exclude from scans and real time protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderPromptForSampleSubmission</span> </div> <div class="desc-html"><p>The configuration for how to prompt user for sample submission. Possible values are: userDefined, alwaysPrompt, promptBeforeSendingPersonalData, neverSendData, sendAllDataWithoutPrompting.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alwaysPrompt"</code>, <code>"neverSendData"</code>, <code>"promptBeforeSendingPersonalData"</code>, <code>"sendAllDataWithoutPrompting"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Aa][Ll][Ww][Aa][Yy][Ss][Pp][Rr][Oo][Mm][Pp][Tt]|[Pp][Rr][Oo][Mm][Pp][Tt][Bb][Ee][Ff][Oo][Rr][Ee][Ss][Ee][Nn][Dd][Ii][Nn][Gg][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll][Dd][Aa][Tt][Aa]|[Nn][Ee][Vv][Ee][Rr][Ss][Ee][Nn][Dd][Dd][Aa][Tt][Aa]|[Ss][Ee][Nn][Dd][Aa][Ll][Ll][Dd][Aa][Tt][Aa][Ww][Ii][Tt][Hh][Oo][Uu][Tt][Pp][Rr][Oo][Mm][Pp][Tt][Ii][Nn][Gg])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderRequireBehaviorMonitoring</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require behavior monitoring.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderRequireCloudProtection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require cloud protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderRequireNetworkInspectionSystem</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require network inspection system.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderRequireRealTimeMonitoring</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require real time monitoring.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanArchiveFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to scan archive files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanDownloads</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to scan downloads.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanIncomingMail</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to scan incoming mail messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanMappedNetworkDrivesDuringFullScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to scan mapped network drives during full scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanMaxCpu</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Max CPU usage percentage during scan. Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanNetworkFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to scan files opened from a network folder.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanRemovableDrivesDuringFullScan</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to scan removable drives during full scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanScriptsLoadedInInternetExplorer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to scan scripts loaded in Internet Explorer browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScanType</span> </div> <div class="desc-html"><p>The defender system scan type. Possible values are: userDefined, disabled, quick, full.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"full"</code>, <code>"quick"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Qq][Uu][Ii][Cc][Kk]|[Ff][Uu][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScheduledQuickScanTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The time to perform a daily quick scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScheduledScanTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The defender time for the system scan.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderScheduleScanEnableLowCpuPriority</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When enabled, low CPU priority will be used during scheduled scans.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSignatureUpdateIntervalInHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The signature update interval in hours. Specify 0 not to check. Valid values 0 to 24</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSubmitSamplesConsentType</span> </div> <div class="desc-html"><p>Checks for the user consent level in Windows Defender to send data. Possible values are: sendSafeSamplesAutomatically, alwaysPrompt, neverSend, sendAllSamplesAutomatically.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alwaysPrompt"</code>, <code>"neverSend"</code>, <code>"sendAllSamplesAutomatically"</code>, <code>"sendSafeSamplesAutomatically"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Ee][Nn][Dd][Ss][Aa][Ff][Ee][Ss][Aa][Mm][Pp][Ll][Ee][Ss][Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc][Aa][Ll][Ll][Yy]|[Aa][Ll][Ww][Aa][Yy][Ss][Pp][Rr][Oo][Mm][Pp][Tt]|[Nn][Ee][Vv][Ee][Rr][Ss][Ee][Nn][Dd]|[Ss][Ee][Nn][Dd][Aa][Ll][Ll][Ss][Aa][Mm][Pp][Ll][Ee][Ss][Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc][Aa][Ll][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DefenderSystemScanSchedule</span> </div> <div class="desc-html"><p>Defender day of the week for the system scan. Possible values are: userDefined, everyday, sunday, monday, tuesday, wednesday, thursday, friday, saturday, noScheduledScan.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"everyday"</code>, <code>"friday"</code>, <code>"monday"</code>, <code>"noScheduledScan"</code>, <code>"saturday"</code>, <code>"sunday"</code>, <code>"thursday"</code>, <code>"tuesday"</code>, <code>"userDefined"</code>, <code>"wednesday"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Vv][Ee][Rr][Yy][Dd][Aa][Yy]|[Ss][Uu][Nn][Dd][Aa][Yy]|[Mm][Oo][Nn][Dd][Aa][Yy]|[Tt][Uu][Ee][Ss][Dd][Aa][Yy]|[Ww][Ee][Dd][Nn][Ee][Ss][Dd][Aa][Yy]|[Tt][Hh][Uu][Rr][Ss][Dd][Aa][Yy]|[Ff][Rr][Ii][Dd][Aa][Yy]|[Ss][Aa][Tt][Uu][Rr][Dd][Aa][Yy]|[Nn][Oo][Ss][Cc][Hh][Ee][Dd][Uu][Ll][Ee][Dd][Ss][Cc][Aa][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeveloperUnlockSetting</span> </div> <div class="desc-html"><p>Indicates whether or not to allow developer unlock. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceManagementBlockFactoryResetOnMobile</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from resetting their phone.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceManagementBlockManualUnenroll</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from doing manual un-enrollment from device management.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DiagnosticsDataSubmissionMode</span> </div> <div class="desc-html"><p>Gets or sets a value allowing the device to send diagnostic and usage telemetry data, such as Watson. Possible values are: userDefined, none, basic, enhanced, full.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"basic"</code>, <code>"enhanced"</code>, <code>"full"</code>, <code>"none"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Nn][Oo][Nn][Ee]|[Bb][Aa][Ss][Ii][Cc]|[Ee][Nn][Hh][Aa][Nn][Cc][Ee][Dd]|[Ff][Uu][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayAppListWithGdiDPIScalingTurnedOff</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of legacy applications that have GDI DPI Scaling turned off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayAppListWithGdiDPIScalingTurnedOn</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of legacy applications that have GDI DPI Scaling turned on.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeAllowStartPagesModification</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow users to change Start pages on Edge. Use the EdgeHomepageUrls to specify the Start pages that the user would see by default when they open Edge.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockAccessToAboutFlags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to prevent access to about flags on Edge browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockAddressBarDropdown</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the address bar dropdown functionality in Microsoft Edge. Disable this settings to minimize network connections from Microsoft Edge to Microsoft services.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockAutofill</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block auto fill.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockCompatibilityList</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Microsoft compatibility list in Microsoft Edge. This list from Microsoft helps Edge properly display sites with known compatibility issues.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockDeveloperTools</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block developer tools in the Edge browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using the Edge browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockEditFavorites</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from making changes to Favorites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockExtensions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block extensions in the Edge browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockFullScreenMode</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or prevent Edge from entering the full screen mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockInPrivateBrowsing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block InPrivate browsing on corporate networks, in the Edge browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockJavaScript</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using JavaScript.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockLiveTileDataCollection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the collection of information by Microsoft for live tile creation when users pin a site to Start from Microsoft Edge.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockPasswordManager</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block password manager.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockPopups</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block popups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockPrelaunch</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Decide whether Microsoft Edge is prelaunched at Windows startup.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockPrinting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configure Edge to allow or block printing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockSavingHistory</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configure Edge to allow browsing history to be saved or to never save browsing history.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockSearchEngineCustomization</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from adding new search engine or changing the default search engine.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockSearchSuggestions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from using the search suggestions in the address bar.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockSendingDoNotTrackHeader</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from sending the do not track header.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockSendingIntranetTrafficToInternetExplorer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to switch the intranet traffic from Edge to Internet Explorer. Note: the name of this property is misleading the property is obsolete, use EdgeSendIntranetTrafficToInternetExplorer instead.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockSideloadingExtensions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the user can sideload extensions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockTabPreloading</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configure whether Edge preloads the new tab page at Windows startup.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeBlockWebContentOnNewTabPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Configure to load a blank page in Edge instead of the default New tab page and prevent users from changing it.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeClearBrowsingDataOnExit</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Clear browsing data on exiting Microsoft Edge.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeCookiePolicy</span> </div> <div class="desc-html"><p>Indicates which cookies to block in the Edge browser. Possible values are: userDefined, allow, blockThirdParty, blockAll.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allow"</code>, <code>"blockAll"</code>, <code>"blockThirdParty"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww]|[Bb][Ll][Oo][Cc][Kk][Tt][Hh][Ii][Rr][Dd][Pp][Aa][Rr][Tt][Yy]|[Bb][Ll][Oo][Cc][Kk][Aa][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeDisableFirstRunPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the Microsoft web page that opens on the first use of Microsoft Edge. This policy allows enterprises, like those enrolled in zero emissions configurations, to block this page.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeEnterpriseModeSiteListLocation</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Indicates the enterprise mode site list location. Could be a local file, local network or http location.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeFavoritesBarVisibility</span> </div> <div class="desc-html"><p>Get or set a value that specifies whether to set the favorites bar to always be visible or hidden on any page. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeFavoritesListLocation</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The location of the favorites list to provision. Could be a local file, local network or http location.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeFirstRunUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The first run URL for when Edge browser is opened for the first time.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeHomeButtonConfiguration</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Causes the Home button to either hide, load the default Start page, load a New tab page, or a custom URL</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">HomeButtonCustomURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The specific URL to load.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the entity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.edgeHomeButtonHidden"</code>, <code>"#microsoft.graph.edgeHomeButtonLoadsStartPage"</code>, <code>"#microsoft.graph.edgeHomeButtonOpensCustomURL"</code>, <code>"#microsoft.graph.edgeHomeButtonOpensNewTab"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ee][Dd][Gg][Ee][Hh][Oo][Mm][Ee][Bb][Uu][Tt][Tt][Oo][Nn][Hh][Ii][Dd][Dd][Ee][Nn]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ee][Dd][Gg][Ee][Hh][Oo][Mm][Ee][Bb][Uu][Tt][Tt][Oo][Nn][Ll][Oo][Aa][Dd][Ss][Ss][Tt][Aa][Rr][Tt][Pp][Aa][Gg][Ee]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ee][Dd][Gg][Ee][Hh][Oo][Mm][Ee][Bb][Uu][Tt][Tt][Oo][Nn][Oo][Pp][Ee][Nn][Ss][Cc][Uu][Ss][Tt][Oo][Mm][Uu][Rr][Ll]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ee][Dd][Gg][Ee][Hh][Oo][Mm][Ee][Bb][Uu][Tt][Tt][Oo][Nn][Oo][Pp][Ee][Nn][Ss][Nn][Ee][Ww][Tt][Aa][Bb])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeHomeButtonConfigurationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable the Home button configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeHomepageUrls</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of URLs for homepages shodwn on MDM-enrolled devices on Edge browser.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeKioskModeRestriction</span> </div> <div class="desc-html"><p>Controls how the Microsoft Edge settings are restricted based on the configure kiosk mode. Possible values are: notConfigured, digitalSignage, normalMode, publicBrowsingSingleApp, publicBrowsingMultiApp.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"digitalSignage"</code>, <code>"normalMode"</code>, <code>"notConfigured"</code>, <code>"publicBrowsingMultiApp"</code>, <code>"publicBrowsingSingleApp"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ii][Gg][Ii][Tt][Aa][Ll][Ss][Ii][Gg][Nn][Aa][Gg][Ee]|[Nn][Oo][Rr][Mm][Aa][Ll][Mm][Oo][Dd][Ee]|[Pp][Uu][Bb][Ll][Ii][Cc][Bb][Rr][Oo][Ww][Ss][Ii][Nn][Gg][Ss][Ii][Nn][Gg][Ll][Ee][Aa][Pp][Pp]|[Pp][Uu][Bb][Ll][Ii][Cc][Bb][Rr][Oo][Ww][Ss][Ii][Nn][Gg][Mm][Uu][Ll][Tt][Ii][Aa][Pp][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeKioskResetAfterIdleTimeInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the time in minutes from the last user activity before Microsoft Edge kiosk resets. Valid values are 0-1440. The default is 5. 0 indicates no reset. Valid values 0 to 1440</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeNewTabPageURL</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify the page opened when new tabs are created.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeOpensWith</span> </div> <div class="desc-html"><p>Specify what kind of pages are open at start. Possible values are: notConfigured, startPage, newTabPage, previousPages, specificPages.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"newTabPage"</code>, <code>"notConfigured"</code>, <code>"previousPages"</code>, <code>"specificPages"</code>, <code>"startPage"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ss][Tt][Aa][Rr][Tt][Pp][Aa][Gg][Ee]|[Nn][Ee][Ww][Tt][Aa][Bb][Pp][Aa][Gg][Ee]|[Pp][Rr][Ee][Vv][Ii][Oo][Uu][Ss][Pp][Aa][Gg][Ee][Ss]|[Ss][Pp][Ee][Cc][Ii][Ff][Ii][Cc][Pp][Aa][Gg][Ee][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgePreventCertificateErrorOverride</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or prevent users from overriding certificate errors.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeRequiredExtensionPackageFamilyNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify the list of package family names of browser extensions that are required and cannot be turned off by the user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeRequireSmartScreen</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Require the user to use the smart screen filter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeSearchEngine</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Allows IT admins to set a default search engine for MDM-Controlled devices. Users can override this and change their default search engine provided the AllowSearchEngineCustomization policy is not set.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeSearchEngineType</span> </div> <div class="desc-html"><p>Allows IT admins to set a predefined default search engine for MDM-Controlled devices. Possible values are: default, bing.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"bing"</code>, <code>"default"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Bb][Ii][Nn][Gg])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeSearchEngineOpenSearchXmlUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Points to a https link containing the OpenSearch xml file that contains, at minimum, the short name and the URL to the search Engine.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the entity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.edgeSearchEngine"</code>, <code>"#microsoft.graph.edgeSearchEngineCustom"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ee][Dd][Gg][Ee][Ss][Ee][Aa][Rr][Cc][Hh][Ee][Nn][Gg][Ii][Nn][Ee]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ee][Dd][Gg][Ee][Ss][Ee][Aa][Rr][Cc][Hh][Ee][Nn][Gg][Ii][Nn][Ee][Cc][Uu][Ss][Tt][Oo][Mm])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeSendIntranetTrafficToInternetExplorer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to switch the intranet traffic from Edge to Internet Explorer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeShowMessageWhenOpeningInternetExplorerSites</span> </div> <div class="desc-html"><p>Controls the message displayed by Edge before switching to Internet Explorer. Possible values are: notConfigured, disabled, enabled, keepGoing.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"keepGoing"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Kk][Ee][Ee][Pp][Gg][Oo][Ii][Nn][Gg])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeSyncFavoritesWithInternetExplorer</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable favorites sync between Internet Explorer and Microsoft Edge. Additions, deletions, modifications and order changes to favorites are shared between browsers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EdgeTelemetryForMicrosoft365Analytics</span> </div> <div class="desc-html"><p>Specifies what type of telemetry data (none, intranet, internet, both) is sent to Microsoft 365 Analytics. Possible values are: notConfigured, intranet, internet, intranetAndInternet.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"internet"</code>, <code>"intranet"</code>, <code>"intranetAndInternet"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ii][Nn][Tt][Rr][Aa][Nn][Ee][Tt]|[Ii][Nn][Tt][Ee][Rr][Nn][Ee][Tt]|[Ii][Nn][Tt][Rr][Aa][Nn][Ee][Tt][Aa][Nn][Dd][Ii][Nn][Tt][Ee][Rr][Nn][Ee][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableAutomaticRedeployment</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow users with administrative rights to delete all user data and settings using CTRL + Win + R at the device lock screen so that the device can be automatically re-configured and re-enrolled into management.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnergySaverOnBatteryThresholdPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>This setting allows you to specify battery charge level at which Energy Saver is turned on. While on battery, Energy Saver is automatically turned on at (and below) the specified battery charge level. Valid input range (0-100). Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnergySaverPluggedInThresholdPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>This setting allows you to specify battery charge level at which Energy Saver is turned on. While plugged in, Energy Saver is automatically turned on at (and below) the specified battery charge level. Valid input range (0-100). Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseCloudPrintDiscoveryEndPoint</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Endpoint for discovering cloud printers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseCloudPrintDiscoveryMaxLimit</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maximum number of printers that should be queried from a discovery endpoint. This is a mobile only setting. Valid values 1 to 65535</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseCloudPrintMopriaDiscoveryResourceIdentifier</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OAuth resource URI for printer discovery service as configured in Azure portal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseCloudPrintOAuthAuthority</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Authentication endpoint for acquiring OAuth tokens.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseCloudPrintOAuthClientIdentifier</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>GUID of a client application authorized to retrieve OAuth tokens from the OAuth Authority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseCloudPrintResourceIdentifier</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>OAuth resource URI for print service as configured in the Azure portal.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExperienceBlockDeviceDiscovery</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enable device discovery UX.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExperienceBlockErrorDialogWhenNoSIM</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow the error dialog from displaying if no SIM card is detected.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExperienceBlockTaskSwitcher</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enable task switching on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExperienceDoNotSyncBrowserSettings</span> </div> <div class="desc-html"><p>Allow or prevent the syncing of Microsoft Edge Browser settings. Option for IT admins to prevent syncing across devices, but allow user override. Possible values are: notConfigured, blockedWithUserOverride, blocked.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"blocked"</code>, <code>"blockedWithUserOverride"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd][Ww][Ii][Tt][Hh][Uu][Ss][Ee][Rr][Oo][Vv][Ee][Rr][Rr][Ii][Dd][Ee]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FindMyFiles</span> </div> <div class="desc-html"><p>Controls if the user can configure search to Find My Files mode, which searches files in secondary hard drives and also outside of the user profile. Find My Files does not allow users to search files or locations to which they do not have access. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GameDvrBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block DVR and broadcasting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InkWorkspaceAccess</span> </div> <div class="desc-html"><p>Controls the user access to the ink workspace, from the desktop and from above the lock screen. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InkWorkspaceAccessState</span> </div> <div class="desc-html"><p>Controls the user access to the ink workspace, from the desktop and from above the lock screen. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InkWorkspaceBlockSuggestedApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify whether to show recommended app suggestions in the ink workspace.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InternetSharingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using internet sharing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocationServicesBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from location services.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenActivateAppsWithVoice</span> </div> <div class="desc-html"><p>This policy setting specifies whether Windows apps can be activated by voice while the system is locked. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenAllowTimeoutConfiguration</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify whether to show a user-configurable setting to control the screen timeout while on the lock screen of Windows 10 Mobile devices. If this policy is set to Allow, the value set by lockScreenTimeoutInSeconds is ignored.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenBlockActionCenterNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block action center notifications over lock screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenBlockCortana</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the user can interact with Cortana using speech while the system is locked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenBlockToastNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether to allow toast notifications above the device lock screen.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LockScreenTimeoutInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set the duration (in seconds) from the screen locking to the screen turning off for Windows 10 Mobile devices. Supported values are 11-1800. Valid values 11 to 1800</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LogonBlockFastUserSwitching</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables the ability to quickly switch between users that are logged on simultaneously without logging off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessagingBlockMMS</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the MMS send/receive functionality on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessagingBlockRichCommunicationServices</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the RCS send/receive functionality on the device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessagingBlockSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block text message back up and restore and Messaging Everywhere.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftAccountBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block a Microsoft account.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftAccountBlockSettingsSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block Microsoft account settings sync.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftAccountSignInAssistantSettings</span> </div> <div class="desc-html"><p>Controls the Microsoft Account Sign-In Assistant (wlidsvc) NT service. Possible values are: notConfigured, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkProxyApplySettingsDeviceWide</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set, proxy settings will be applied to all processes and accounts in the device. Otherwise, it will be applied to the user account that's enrolled into MDM.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkProxyAutomaticConfigurationUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Address to the proxy auto-config (PAC) script you want to use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkProxyDisableAutoDetect</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disable automatic detection of settings. If enabled, the system will try to find the path to a proxy auto-config (PAC) script.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkProxyServer</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Specifies manual proxy server settings.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Address</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Address to the proxy server. Specify an address in the format ':'</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Exceptions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Addresses that should not use the proxy server. The system will not use the proxy server for addresses beginning with what is specified in this node.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseForLocalAddresses</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether the proxy server should be used for local (intranet) addresses.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NfcBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using near field communication.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneDriveDisableFileSync</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Gets or sets a value allowing IT admins to prevent apps and features from working with files on OneDrive.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordBlockSimple</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify whether PINs or passwords such as '1111' or '1234' are allowed. For Windows 10 desktops, it also controls the use of picture passwords.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordExpirationDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The password expiration in days. Valid values 0 to 730</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumAgeInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>This security setting determines the period of time (in days) that a password must be used before the user can change it. Valid values 0 to 998</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumCharacterSetCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of character sets required in the password.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinimumLength</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The minimum password length. Valid values 4 to 16</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordMinutesOfInactivityBeforeScreenTimeout</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The minutes of inactivity before the screen times out.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordPreviousPasswordBlockCount</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of previous passwords to prevent reuse of. Valid values 0 to 50</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require the user to have a password.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequiredType</span> </div> <div class="desc-html"><p>The required password type. Possible values are: deviceDefault, alphanumeric, numeric.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"alphanumeric"</code>, <code>"deviceDefault"</code>, <code>"numeric"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Vv][Ii][Cc][Ee][Dd][Ee][Ff][Aa][Uu][Ll][Tt]|[Aa][Ll][Pp][Hh][Aa][Nn][Uu][Mm][Ee][Rr][Ii][Cc]|[Nn][Uu][Mm][Ee][Rr][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordRequireWhenResumeFromIdleState</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require a password upon resuming from an idle state.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PasswordSignInFailureCountBeforeFactoryReset</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of sign in failures before factory reset. Valid values 0 to 999</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalizationDesktopImageUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A http or https Url to a jpg, jpeg or png image that needs to be downloaded and used as the Desktop Image or a file Url to a local image on the file system that needs to used as the Desktop Image.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalizationLockScreenImageUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>A http or https Url to a jpg, jpeg or png image that needs to be downloaded and used as the Lock Screen Image or a file Url to a local image on the file system that needs to be used as the Lock Screen Image.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerButtonActionOnBattery</span> </div> <div class="desc-html"><p>This setting specifies the action that Windows takes when a user presses the Power button while on battery. Possible values are: notConfigured, noAction, sleep, hibernate, shutdown.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hibernate"</code>, <code>"noAction"</code>, <code>"notConfigured"</code>, <code>"shutdown"</code>, <code>"sleep"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn]|[Ss][Ll][Ee][Ee][Pp]|[Hh][Ii][Bb][Ee][Rr][Nn][Aa][Tt][Ee]|[Ss][Hh][Uu][Tt][Dd][Oo][Ww][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerButtonActionPluggedIn</span> </div> <div class="desc-html"><p>This setting specifies the action that Windows takes when a user presses the Power button while plugged in. Possible values are: notConfigured, noAction, sleep, hibernate, shutdown.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hibernate"</code>, <code>"noAction"</code>, <code>"notConfigured"</code>, <code>"shutdown"</code>, <code>"sleep"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn]|[Ss][Ll][Ee][Ee][Pp]|[Hh][Ii][Bb][Ee][Rr][Nn][Aa][Tt][Ee]|[Ss][Hh][Uu][Tt][Dd][Oo][Ww][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerHybridSleepOnBattery</span> </div> <div class="desc-html"><p>This setting allows you to turn off hybrid sleep while on battery. If you set this setting to disable, a hiberfile is not generated when the system transitions to sleep (Stand By). If you set this setting to enable or do not configure this policy setting, users control this setting. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerHybridSleepPluggedIn</span> </div> <div class="desc-html"><p>This setting allows you to turn off hybrid sleep while plugged in. If you set this setting to disable, a hiberfile is not generated when the system transitions to sleep (Stand By). If you set this setting to enable or do not configure this policy setting, users control this setting. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerLidCloseActionOnBattery</span> </div> <div class="desc-html"><p>This setting specifies the action that Windows takes when a user closes the lid on a mobile PC while on battery. Possible values are: notConfigured, noAction, sleep, hibernate, shutdown.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hibernate"</code>, <code>"noAction"</code>, <code>"notConfigured"</code>, <code>"shutdown"</code>, <code>"sleep"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn]|[Ss][Ll][Ee][Ee][Pp]|[Hh][Ii][Bb][Ee][Rr][Nn][Aa][Tt][Ee]|[Ss][Hh][Uu][Tt][Dd][Oo][Ww][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerLidCloseActionPluggedIn</span> </div> <div class="desc-html"><p>This setting specifies the action that Windows takes when a user closes the lid on a mobile PC while plugged in. Possible values are: notConfigured, noAction, sleep, hibernate, shutdown.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hibernate"</code>, <code>"noAction"</code>, <code>"notConfigured"</code>, <code>"shutdown"</code>, <code>"sleep"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn]|[Ss][Ll][Ee][Ee][Pp]|[Hh][Ii][Bb][Ee][Rr][Nn][Aa][Tt][Ee]|[Ss][Hh][Uu][Tt][Dd][Oo][Ww][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerSleepButtonActionOnBattery</span> </div> <div class="desc-html"><p>This setting specifies the action that Windows takes when a user presses the Sleep button while on battery. Possible values are: notConfigured, noAction, sleep, hibernate, shutdown.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hibernate"</code>, <code>"noAction"</code>, <code>"notConfigured"</code>, <code>"shutdown"</code>, <code>"sleep"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn]|[Ss][Ll][Ee][Ee][Pp]|[Hh][Ii][Bb][Ee][Rr][Nn][Aa][Tt][Ee]|[Ss][Hh][Uu][Tt][Dd][Oo][Ww][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerSleepButtonActionPluggedIn</span> </div> <div class="desc-html"><p>This setting specifies the action that Windows takes when a user presses the Sleep button while plugged in. Possible values are: notConfigured, noAction, sleep, hibernate, shutdown.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hibernate"</code>, <code>"noAction"</code>, <code>"notConfigured"</code>, <code>"shutdown"</code>, <code>"sleep"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Nn][Oo][Aa][Cc][Tt][Ii][Oo][Nn]|[Ss][Ll][Ee][Ee][Pp]|[Hh][Ii][Bb][Ee][Rr][Nn][Aa][Tt][Ee]|[Ss][Hh][Uu][Tt][Dd][Oo][Ww][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrinterBlockAddition</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Prevent user installation of additional printers from printers settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrinterDefaultName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Name (network host name) of an installed printer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrinterNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Automatically provision printers based on their names (network host names).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyAdvertisingId</span> </div> <div class="desc-html"><p>Enables or disables the use of advertising ID. Added in Windows 10, version 1607. Possible values are: notConfigured, blocked, allowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"allowed"</code>, <code>"blocked"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Bb][Ll][Oo][Cc][Kk][Ee][Dd]|[Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyAutoAcceptPairingAndConsentPrompts</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow the automatic acceptance of the pairing and privacy user consent dialog when launching apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyBlockActivityFeed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks the usage of cloud based speech services for Cortana, Dictation, or Store applications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyBlockInputPersonalization</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the usage of cloud based speech services for Cortana, Dictation, or Store applications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyBlockPublishUserActivities</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Blocks the shared experiences/discovery of recently used resources in task switcher etc.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyDisableLaunchExperience</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy prevents the privacy experience from launching during user logon for new and upgraded users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ResetProtectionModeBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from reset protection mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SafeSearchFilter</span> </div> <div class="desc-html"><p>Specifies what filter level of safe search is required. Possible values are: userDefined, strict, moderate.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"moderate"</code>, <code>"strict"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ss][Tt][Rr][Ii][Cc][Tt]|[Mm][Oo][Dd][Ee][Rr][Aa][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScreenCaptureBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from taking Screenshots.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchBlockDiacritics</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if search can use diacritics.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchBlockWebResults</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the web search.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchDisableAutoLanguageDetection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to use automatic language detection when indexing content and properties.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchDisableIndexerBackoff</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to disable the search indexer backoff feature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchDisableIndexingEncryptedItems</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block indexing of WIP-protected items to prevent them from appearing in search results for Cortana or Explorer.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchDisableIndexingRemovableDrive</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow users to add locations on removable drives to libraries and to be indexed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchDisableLocation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if search can use location information.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchDisableUseLocation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies if search can use location information.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchEnableAutomaticIndexSizeManangement</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies minimum amount of hard drive space on the same drive as the index location before indexing stops.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchEnableRemoteQueries</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block remote queries of this computers index.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecurityBlockAzureADJoinedDevicesAutoEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify whether to allow automatic device encryption during OOBE when the device is Azure AD joined (desktop only).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockAccountsPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Accounts in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockAddProvisioningPackage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from installing provisioning packages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockAppsPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Apps in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockChangeLanguage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from changing the language settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockChangePowerSleep</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from changing power and sleep settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockChangeRegion</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from changing the region settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockChangeSystemTime</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from changing date and time settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockDevicesPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Devices in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockEaseOfAccessPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Ease of Access in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockEditDeviceName</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from editing the device name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockGamingPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Gaming in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockNetworkInternetPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Network & Internet in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockPersonalizationPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Personalization in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockPrivacyPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Privacy in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockRemoveProvisioningPackage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the runtime configuration agent from removing provisioning packages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockSettingsApp</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockSystemPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to System in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockTimeLanguagePage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Time & Language in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockUpdateSecurityPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block access to Update & Security in Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharedUserAppDataAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block multiple users of the same app to share data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenAppInstallControl</span> </div> <div class="desc-html"><p>Added in Windows 10, version 1703. Allows IT Admins to control whether users are allowed to install apps from places other than the Store. Possible values are: notConfigured, anywhere, storeOnly, recommendations, preferStore.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"anywhere"</code>, <code>"notConfigured"</code>, <code>"preferStore"</code>, <code>"recommendations"</code>, <code>"storeOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Nn][Yy][Ww][Hh][Ee][Rr][Ee]|[Ss][Tt][Oo][Rr][Ee][Oo][Nn][Ll][Yy]|[Rr][Ee][Cc][Oo][Mm][Mm][Ee][Nn][Dd][Aa][Tt][Ii][Oo][Nn][Ss]|[Pp][Rr][Ee][Ff][Ee][Rr][Ss][Tt][Oo][Rr][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenBlockPromptOverride</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not users can override SmartScreen Filter warnings about potentially malicious websites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenBlockPromptOverrideForFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not users can override the SmartScreen Filter warnings about downloading unverified files</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmartScreenEnableAppInstallControl</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This property will be deprecated in July 2019 and will be replaced by property SmartScreenAppInstallControl. Allows IT Admins to control whether users are allowed to install apps from places other than the Store.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartBlockUnpinningAppsFromTaskbar</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block the user from unpinning apps from taskbar.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuAppListVisibility</span> </div> <div class="desc-html"><p>Setting the value of this collapses the app list, removes the app list entirely, or disables the corresponding toggle in the Settings app. Possible values are: userDefined, collapse, remove, disableSettingsApp.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"collapse"</code>, <code>"disableSettingsApp"</code>, <code>"remove"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Cc][Oo][Ll][Ll][Aa][Pp][Ss][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Ss][Ee][Tt][Tt][Ii][Nn][Gg][Ss][Aa][Pp][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideChangeAccountSettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides the change account setting from appearing in the user tile in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideFrequentlyUsedApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides the most used apps from appearing on the start menu and disables the corresponding toggle in the Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideHibernate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides hibernate from appearing in the power button in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideLock</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides lock from appearing in the user tile in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHidePowerButton</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides the power button from appearing in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideRecentJumpLists</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides recent jump lists from appearing on the start menu/taskbar and disables the corresponding toggle in the Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideRecentlyAddedApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides recently added apps from appearing on the start menu and disables the corresponding toggle in the Settings app.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideRestartOptions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides 'Restart/Update and Restart' from appearing in the power button in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideShutDown</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides shut down/update and shut down from appearing in the power button in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideSignOut</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides sign out from appearing in the user tile in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideSleep</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides sleep from appearing in the power button in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideSwitchAccount</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides switch account from appearing in the user tile in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuHideUserTile</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enabling this policy hides the user tile from appearing in the start menu.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuLayoutEdgeAssetsXml</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>This policy setting allows you to import Edge assets to be used with startMenuLayoutXml policy. Start layout can contain secondary tile from Edge app which looks for Edge local asset file. Edge local asset would not exist and cause Edge secondary tile to appear empty in this case. This policy only gets applied when startMenuLayoutXml policy is modified. The value should be a UTF-8 Base64 encoded byte array.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuLayoutXml</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Allows admins to override the default Start menu layout and prevents the user from changing it. The layout is modified by specifying an XML file based on a layout modification schema. XML needs to be in a UTF8 encoded byte array format.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuMode</span> </div> <div class="desc-html"><p>Allows admins to decide how the Start menu is displayed. Possible values are: userDefined, fullScreen, nonFullScreen.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"fullScreen"</code>, <code>"nonFullScreen"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ff][Uu][Ll][Ll][Ss][Cc][Rr][Ee][Ee][Nn]|[Nn][Oo][Nn][Ff][Uu][Ll][Ll][Ss][Cc][Rr][Ee][Ee][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderDocuments</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the Documents folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderDownloads</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the Downloads folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderFileExplorer</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the FileExplorer shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderHomeGroup</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the HomeGroup folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderMusic</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the Music folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderNetwork</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the Network folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderPersonalFolder</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the PersonalFolder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderPictures</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the Pictures folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderSettings</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the Settings folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartMenuPinnedFolderVideos</span> </div> <div class="desc-html"><p>Enforces the visibility (Show/Hide) of the Videos folder shortcut on the Start menu. Possible values are: notConfigured, hide, show.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"hide"</code>, <code>"notConfigured"</code>, <code>"show"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Hh][Ii][Dd][Ee]|[Ss][Hh][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageBlockRemovableStorage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using removable storage.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRequireMobileDeviceEncryption</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicating whether or not to require encryption on a mobile device.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRestrictAppDataToSystemVolume</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether application data is restricted to the system drive.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StorageRestrictAppInstallToSystemVolume</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether the installation of applications is restricted to the system drive.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SystemTelemetryProxyServer</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Gets or sets the fully qualified domain name (FQDN) or IP address of a proxy server to forward Connected User Experiences and Telemetry requests.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TaskManagerBlockEndTask</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specify whether non-administrators can use Task Manager to end tasks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TenantLockdownRequireNetworkDuringOutOfBoxExperience</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Whether the device is required to connect to the network.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UninstallBuiltInApps</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to uninstall a fixed list of built-in Windows apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UsbBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from USB connection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VoiceRecordingBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from voice recording.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WebRtcBlockLocalhostIpAddress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not user's localhost IP address is displayed while making phone calls using the WebRTC</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiBlockAutomaticConnectHotspots</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicating whether or not to block automatically connecting to Wi-Fi hotspots. Has no impact if Wi-Fi is blocked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using Wi-Fi.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiBlockManualConfiguration</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using Wi-Fi manual configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiScanInterval</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify how often devices scan for Wi-Fi networks. Supported values are 1-500, where 100 = default, and 500 = low frequency. Valid values 1 to 500</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Windows10AppsForceUpdateSchedule</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Windows 10 force update schedule for Apps.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Recurrence</span> </div> <div class="desc-html"><p>Recurrence schedule. Possible values are: none, daily, weekly, monthly.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"daily"</code>, <code>"monthly"</code>, <code>"none"</code>, <code>"weekly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Dd][Aa][Ii][Ll][Yy]|[Ww][Ee][Ee][Kk][Ll][Yy]|[Mm][Oo][Nn][Tt][Hh][Ll][Yy])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RunImmediatelyIfAfterStartDateTime</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If true, runs the task immediately if StartDateTime is in the past, else, runs at the next recurrence.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StartDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The start time for the force restart.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightBlockConsumerSpecificFeatures</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows IT admins to block experiences that are typically for consumers only, such as Start suggestions, Membership notifications, Post-OOBE app install and redirect tiles.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows IT admins to turn off all Windows Spotlight features</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightBlockOnActionCenter</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block suggestions from Microsoft that show after each OS clean install, upgrade or in an on-going basis to introduce users to what is new or changed</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightBlockTailoredExperiences</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personalized content in Windows spotlight based on users device usage.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightBlockThirdPartyNotifications</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block third party content delivered via Windows Spotlight</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightBlockWelcomeExperience</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block Windows Spotlight Windows welcome experience</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightBlockWindowsTips</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows IT admins to turn off the popup of Windows Tips.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsSpotlightConfigureOnLockScreen</span> </div> <div class="desc-html"><p>Specifies the type of Spotlight. Possible values are: notConfigured, disabled, enabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsStoreBlockAutoUpdate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to block automatic update of apps from Windows Store.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsStoreBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the user from using the Windows store.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsStoreEnablePrivateStoreOnly</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to enable Private Store Only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WirelessDisplayBlockProjectionToThisDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow other devices from discovering this PC for projection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WirelessDisplayBlockUserInputFromReceiver</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow user input from wireless display receiver.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WirelessDisplayRequirePinForPairing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require a PIN for new devices to initiate pairing.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationscepcertificatepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationscepcertificatepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Scep Certificate Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateStore</span> </div> <div class="desc-html"><p>Target store certificate. Possible values are: user, machine.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"machine"</code>, <code>"user"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr]|[Mm][Aa][Cc][Hh][Ii][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HashAlgorithm</span> </div> <div class="desc-html"><p>SCEP Hash Algorithm. Possible values are: sha1, sha2.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"sha1"</code>, <code>"sha2"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Hh][Aa]1|[Ss][Hh][Aa]2)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeySize</span> </div> <div class="desc-html"><p>SCEP Key Size. Possible values are: size1024, size2048, size4096.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"size1024"</code>, <code>"size2048"</code>, <code>"size4096"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Ii][Zz][Ee]1024|[Ss][Ii][Zz][Ee]2048|[Ss][Ii][Zz][Ee]4096)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyUsage</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScepServerUrls</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>SCEP Server Url(s).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectAlternativeNameFormatString</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom String that defines the AAD Attribute.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectNameFormatString</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom format to use with SubjectNameFormat = Custom. Example: CN={{UserName}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomSubjectAlternativeNames</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Custom Subject Alternative Name Settings. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtendedKeyUsages</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateValidityPeriodScale</span> </div> <div class="desc-html"><p>Scale for the Certificate Validity Period. Possible values are: days, months, years.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"days"</code>, <code>"months"</code>, <code>"years"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Aa][Yy][Ss]|[Mm][Oo][Nn][Tt][Hh][Ss]|[Yy][Ee][Aa][Rr][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertificateValidityPeriodValue</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Value for the Certificate Validity Period</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KeyStorageProvider</span> </div> <div class="desc-html"><p>Key Storage Provider (KSP). Possible values are: useTpmKspOtherwiseUseSoftwareKsp, useTpmKspOtherwiseFail, usePassportForWorkKspOtherwiseFail, useSoftwareKsp.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"usePassportForWorkKspOtherwiseFail"</code>, <code>"useSoftwareKsp"</code>, <code>"useTpmKspOtherwiseFail"</code>, <code>"useTpmKspOtherwiseUseSoftwareKsp"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Tt][Pp][Mm][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Uu][Ss][Ee][Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee][Kk][Ss][Pp]|[Uu][Ss][Ee][Tt][Pp][Mm][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Ff][Aa][Ii][Ll]|[Uu][Ss][Ee][Pp][Aa][Ss][Ss][Pp][Oo][Rr][Tt][Ff][Oo][Rr][Ww][Oo][Rr][Kk][Kk][Ss][Pp][Oo][Tt][Hh][Ee][Rr][Ww][Ii][Ss][Ee][Ff][Aa][Ii][Ll]|[Uu][Ss][Ee][Ss][Oo][Ff][Tt][Ww][Aa][Rr][Ee][Kk][Ss][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RenewalThresholdPercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Certificate renewal threshold percentage. Valid values 1 to 99</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectAlternativeNameType</span> </div> <div class="desc-html"><p>Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"customAzureADAttribute"</code>, <code>"domainNameService"</code>, <code>"emailAddress"</code>, <code>"none"</code>, <code>"universalResourceIdentifier"</code>, <code>"userPrincipalName"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ee][Mm][Aa][Ii][Ll][Aa][Dd][Dd][Rr][Ee][Ss][Ss]|[Uu][Ss][Ee][Rr][Pp][Rr][Ii][Nn][Cc][Ii][Pp][Aa][Ll][Nn][Aa][Mm][Ee]|[Cc][Uu][Ss][Tt][Oo][Mm][Aa][Zz][Uu][Rr][Ee][Aa][Dd][Aa][Tt][Tt][Rr][Ii][Bb][Uu][Tt][Ee]|[Dd][Oo][Mm][Aa][Ii][Nn][Nn][Aa][Mm][Ee][Ss][Ee][Rr][Vv][Ii][Cc][Ee]|[Uu][Nn][Ii][Vv][Ee][Rr][Ss][Aa][Ll][Rr][Ee][Ss][Oo][Uu][Rr][Cc][Ee][Ii][Dd][Ee][Nn][Tt][Ii][Ff][Ii][Ee][Rr])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectNameFormat</span> </div> <div class="desc-html"><p>Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"commonName"</code>, <code>"commonNameAsAadDeviceId"</code>, <code>"commonNameAsDurableDeviceId"</code>, <code>"commonNameAsEmail"</code>, <code>"commonNameAsIMEI"</code>, <code>"commonNameAsIntuneDeviceId"</code>, <code>"commonNameAsSerialNumber"</code>, <code>"commonNameIncludingEmail"</code>, <code>"custom"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Ii][Nn][Cc][Ll][Uu][Dd][Ii][Nn][Gg][Ee][Mm][Aa][Ii][Ll]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ee][Mm][Aa][Ii][Ll]|[Cc][Uu][Ss][Tt][Oo][Mm]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ii][Mm][Ee][Ii]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ss][Ee][Rr][Ii][Aa][Ll][Nn][Uu][Mm][Bb][Ee][Rr]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Aa][Aa][Dd][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Ii][Nn][Tt][Uu][Nn][Ee][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd]|[Cc][Oo][Mm][Mm][Oo][Nn][Nn][Aa][Mm][Ee][Aa][Ss][Dd][Uu][Rr][Aa][Bb][Ll][Ee][Dd][Ee][Vv][Ii][Cc][Ee][Ii][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RootCertificateDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Trusted Root Certificate DisplayName</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RootCertificateId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Trusted Root Certificate Id</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationsecureassessmentpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationsecureassessmentpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Secure Assessment Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowPrinting</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow the app from printing during the test.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowScreenCapture</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow screen capture capability during a test.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowTextSuggestion</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to allow text suggestions during the test.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AssessmentAppUserModelId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the application user model ID of the assessment app launched when a user signs in to a secure assessment with a local guest account. Important notice: this property must be set with localGuestAccountName in order to make the local guest account sign-in experience work properly for secure assessments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigurationAccount</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The account used to configure the Windows device for taking the test. The user can be a domain account (domain/user), an AAD account (usernametenant.com) or a local account (username).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigurationAccountType</span> </div> <div class="desc-html"><p>The account type used to by ConfigurationAccount. Possible values are: azureADAccount, domainAccount, localAccount, localGuestAccount.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"azureADAccount"</code>, <code>"domainAccount"</code>, <code>"localAccount"</code>, <code>"localGuestAccount"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Zz][Uu][Rr][Ee][Aa][Dd][Aa][Cc][Cc][Oo][Uu][Nn][Tt]|[Dd][Oo][Mm][Aa][Ii][Nn][Aa][Cc][Cc][Oo][Uu][Nn][Tt]|[Ll][Oo][Cc][Aa][Ll][Aa][Cc][Cc][Oo][Uu][Nn][Tt]|[Ll][Oo][Cc][Aa][Ll][Gg][Uu][Ee][Ss][Tt][Aa][Cc][Cc][Oo][Uu][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LaunchUri</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Url link to an assessment that's automatically loaded when the secure assessment browser is launched. It has to be a valid Url (https://msdn.microsoft.com/).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalGuestAccountName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the display text for the local guest account shown on the sign-in screen. Typically is the name of an assessment. When the user clicks the local guest account on the sign-in screen, an assessment app is launched with a specified assessment URL. Secure assessments can only be configured with local guest account sign-in on devices running Windows 10, version 1903 or later. Important notice: this property must be set with assessmentAppUserModelID in order to make the local guest account sign-in experience work properly for secure assessments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationsharedmultidevicepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationsharedmultidevicepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Shared Multi Device Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountManagerPolicy</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Specifies how accounts are managed on a shared PC. Only applies when disableAccountManager is false.</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AccountDeletionPolicy</span> </div> <div class="desc-html"><p>Configures when accounts are deleted. Possible values are: immediate, diskSpaceThreshold, diskSpaceThresholdOrInactiveThreshold.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"diskSpaceThreshold"</code>, <code>"diskSpaceThresholdOrInactiveThreshold"</code>, <code>"immediate"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Mm][Mm][Ee][Dd][Ii][Aa][Tt][Ee]|[Dd][Ii][Ss][Kk][Ss][Pp][Aa][Cc][Ee][Tt][Hh][Rr][Ee][Ss][Hh][Oo][Ll][Dd]|[Dd][Ii][Ss][Kk][Ss][Pp][Aa][Cc][Ee][Tt][Hh][Rr][Ee][Ss][Hh][Oo][Ll][Dd][Oo][Rr][Ii][Nn][Aa][Cc][Tt][Ii][Vv][Ee][Tt][Hh][Rr][Ee][Ss][Hh][Oo][Ll][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CacheAccountsAboveDiskFreePercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Sets the percentage of available disk space a PC should have before it stops deleting cached shared PC accounts. Only applies when AccountDeletionPolicy is DiskSpaceThreshold or DiskSpaceThresholdOrInactiveThreshold. Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InactiveThresholdDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies when the accounts will start being deleted when they have not been logged on during the specified period, given as number of days. Only applies when AccountDeletionPolicy is DiskSpaceThreshold or DiskSpaceThresholdOrInactiveThreshold.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveAccountsBelowDiskFreePercentage</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Sets the percentage of disk space remaining on a PC before cached accounts will be deleted to free disk space. Accounts that have been inactive the longest will be deleted first. Only applies when AccountDeletionPolicy is DiskSpaceThresholdOrInactiveThreshold. Valid values 0 to 100</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowedAccounts</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>Indicates which type of accounts are allowed to use on a shared PC. Possible values are: notConfigured, guest, domain.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowLocalStorage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether local storage is allowed on a shared PC.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableAccountManager</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables the account manager for shared PC mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableEduPolicies</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether the default shared PC education environment policies should be disabled. For Windows 10 RS2 and later, this policy will be applied without setting Enabled to true.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisablePowerPolicies</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether the default shared PC power policies should be disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableSignInOnResume</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disables the requirement to sign in whenever the device wakes up from sleep mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enables shared PC mode and applies the shared pc policies.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FastFirstSignIn</span> </div> <div class="desc-html"><p>Specifies whether to auto connect new non-admin Azure AD accounts to pre-configured candidate local accounts. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IdleTimeBeforeSleepInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the time in seconds that a device must sit idle before the PC goes to sleep. Setting this value to 0 prevents the sleep timeout from occurring.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskAppDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the display text for the account shown on the sign-in screen which launches the app specified by SetKioskAppUserModelId. Only applies when KioskAppUserModelId is set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">KioskAppUserModelId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the application user model ID of the app to use with assigned access.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocalStorage</span> </div> <div class="desc-html"><p>Specifies whether local storage is allowed on a shared PC. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaintenanceStartTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the daily start time of maintenance hour.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetAccountManager</span> </div> <div class="desc-html"><p>Disables the account manager for shared PC mode. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetEduPolicies</span> </div> <div class="desc-html"><p>Specifies whether the default shared PC education environment policies should be enabled/disabled/not configured. For Windows 10 RS2 and later, this policy will be applied without setting Enabled to true. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetPowerPolicies</span> </div> <div class="desc-html"><p>Specifies whether the default shared PC power policies should be enabled/disabled. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SignInOnResume</span> </div> <div class="desc-html"><p>Specifies the requirement to sign in whenever the device wakes up from sleep mode. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationtrustedcertificatepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationtrustedcertificatepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Trusted Certificate Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CertFileName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>File name to display in UI.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DestinationStore</span> </div> <div class="desc-html"><p>Destination store location for the Trusted Root Certificate. Possible values are: computerCertStoreRoot, computerCertStoreIntermediate, userCertStoreIntermediate.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"computerCertStoreIntermediate"</code>, <code>"computerCertStoreRoot"</code>, <code>"userCertStoreIntermediate"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Oo][Mm][Pp][Uu][Tt][Ee][Rr][Cc][Ee][Rr][Tt][Ss][Tt][Oo][Rr][Ee][Rr][Oo][Oo][Tt]|[Cc][Oo][Mm][Pp][Uu][Tt][Ee][Rr][Cc][Ee][Rr][Tt][Ss][Tt][Oo][Rr][Ee][Ii][Nn][Tt][Ee][Rr][Mm][Ee][Dd][Ii][Aa][Tt][Ee]|[Uu][Ss][Ee][Rr][Cc][Ee][Rr][Tt][Ss][Tt][Oo][Rr][Ee][Ii][Nn][Tt][Ee][Rr][Mm][Ee][Dd][Ii][Aa][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrustedRootCertificate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Trusted Root Certificate</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationvpnpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationvpnpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Vpn Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AssociatedApps</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Associated Apps. This collection can contain a maximum of 10000 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationMethod</span> </div> <div class="desc-html"><p>Authentication method. Possible values are: certificate, usernameAndPassword, customEapXml, derivedCredential.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"certificate"</code>, <code>"customEapXml"</code>, <code>"derivedCredential"</code>, <code>"usernameAndPassword"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ee][Rr][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ee]|[Uu][Ss][Ee][Rr][Nn][Aa][Mm][Ee][Aa][Nn][Dd][Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd]|[Cc][Uu][Ss][Tt][Oo][Mm][Ee][Aa][Pp][Xx][Mm][Ll]|[Dd][Ee][Rr][Ii][Vv][Ee][Dd][Cc][Rr][Ee][Dd][Ee][Nn][Tt][Ii][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionType</span> </div> <div class="desc-html"><p>Connection type. Possible values are: pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, checkPointCapsuleVpn, automatic, ikEv2, l2tp, pptp, citrix, paloAltoGlobalProtect, ciscoAnyConnect, unknownFutureValue, microsoftTunnel.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"checkPointCapsuleVpn"</code>, <code>"ciscoAnyConnect"</code>, <code>"citrix"</code>, <code>"dellSonicWallMobileConnect"</code>, <code>"f5EdgeClient"</code>, <code>"ikEv2"</code>, <code>"l2tp"</code>, <code>"microsoftTunnel"</code>, <code>"paloAltoGlobalProtect"</code>, <code>"pptp"</code>, <code>"pulseSecure"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Uu][Ll][Ss][Ee][Ss][Ee][Cc][Uu][Rr][Ee]|[Ff]5[Ee][Dd][Gg][Ee][Cc][Ll][Ii][Ee][Nn][Tt]|[Dd][Ee][Ll][Ll][Ss][Oo][Nn][Ii][Cc][Ww][Aa][Ll][Ll][Mm][Oo][Bb][Ii][Ll][Ee][Cc][Oo][Nn][Nn][Ee][Cc][Tt]|[Cc][Hh][Ee][Cc][Kk][Pp][Oo][Ii][Nn][Tt][Cc][Aa][Pp][Ss][Uu][Ll][Ee][Vv][Pp][Nn]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc]|[Ii][Kk][Ee][Vv]2|[Ll]2[Tt][Pp]|[Pp][Pp][Tt][Pp]|[Cc][Ii][Tt][Rr][Ii][Xx]|[Pp][Aa][Ll][Oo][Aa][Ll][Tt][Oo][Gg][Ll][Oo][Bb][Aa][Ll][Pp][Rr][Oo][Tt][Ee][Cc][Tt]|[Cc][Ii][Ss][Cc][Oo][Aa][Nn][Yy][Cc][Oo][Nn][Nn][Ee][Cc][Tt]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Tt][Uu][Nn][Nn][Ee][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CryptographySuite</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Cryptography Suite security settings for IKEv2 VPN in Windows10 and above</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationTransformConstants</span> </div> <div class="desc-html"><p>Authentication Transform Constants. Possible values are: md5_96, sha1_96, sha_256_128, aes128Gcm, aes192Gcm, aes256Gcm.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"aes128Gcm"</code>, <code>"aes192Gcm"</code>, <code>"aes256Gcm"</code>, <code>"md5_96"</code>, <code>"sha_256_128"</code>, <code>"sha1_96"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Mm][Dd]5_96|[Ss][Hh][Aa]1_96|[Ss][Hh][Aa]_256_128|[Aa][Ee][Ss]128[Gg][Cc][Mm]|[Aa][Ee][Ss]192[Gg][Cc][Mm]|[Aa][Ee][Ss]256[Gg][Cc][Mm])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CipherTransformConstants</span> </div> <div class="desc-html"><p>Cipher Transform Constants. Possible values are: aes256, des, tripleDes, aes128, aes128Gcm, aes256Gcm, aes192, aes192Gcm, chaCha20Poly1305.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"aes128"</code>, <code>"aes128Gcm"</code>, <code>"aes192"</code>, <code>"aes192Gcm"</code>, <code>"aes256"</code>, <code>"aes256Gcm"</code>, <code>"chaCha20Poly1305"</code>, <code>"des"</code>, <code>"tripleDes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ee][Ss]256|[Dd][Ee][Ss]|[Tt][Rr][Ii][Pp][Ll][Ee][Dd][Ee][Ss]|[Aa][Ee][Ss]128|[Aa][Ee][Ss]128[Gg][Cc][Mm]|[Aa][Ee][Ss]256[Gg][Cc][Mm]|[Aa][Ee][Ss]192|[Aa][Ee][Ss]192[Gg][Cc][Mm]|[Cc][Hh][Aa][Cc][Hh][Aa]20[Pp][Oo][Ll][Yy]1305)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DhGroup</span> </div> <div class="desc-html"><p>Diffie Hellman Group. Possible values are: group1, group2, group14, ecp256, ecp384, group24.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ecp256"</code>, <code>"ecp384"</code>, <code>"group1"</code>, <code>"group14"</code>, <code>"group2"</code>, <code>"group24"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Gg][Rr][Oo][Uu][Pp]1|[Gg][Rr][Oo][Uu][Pp]2|[Gg][Rr][Oo][Uu][Pp]14|[Ee][Cc][Pp]256|[Ee][Cc][Pp]384|[Gg][Rr][Oo][Uu][Pp]24)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionMethod</span> </div> <div class="desc-html"><p>Encryption Method. Possible values are: aes256, des, tripleDes, aes128, aes128Gcm, aes256Gcm, aes192, aes192Gcm, chaCha20Poly1305.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"aes128"</code>, <code>"aes128Gcm"</code>, <code>"aes192"</code>, <code>"aes192Gcm"</code>, <code>"aes256"</code>, <code>"aes256Gcm"</code>, <code>"chaCha20Poly1305"</code>, <code>"des"</code>, <code>"tripleDes"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ee][Ss]256|[Dd][Ee][Ss]|[Tt][Rr][Ii][Pp][Ll][Ee][Dd][Ee][Ss]|[Aa][Ee][Ss]128|[Aa][Ee][Ss]128[Gg][Cc][Mm]|[Aa][Ee][Ss]256[Gg][Cc][Mm]|[Aa][Ee][Ss]192|[Aa][Ee][Ss]192[Gg][Cc][Mm]|[Cc][Hh][Aa][Cc][Hh][Aa]20[Pp][Oo][Ll][Yy]1305)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IntegrityCheckMethod</span> </div> <div class="desc-html"><p>Integrity Check Method. Possible values are: sha2_256, sha1_96, sha1_160, sha2_384, sha2_512, md5.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"md5"</code>, <code>"sha1_160"</code>, <code>"sha1_96"</code>, <code>"sha2_256"</code>, <code>"sha2_384"</code>, <code>"sha2_512"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Hh][Aa]2_256|[Ss][Hh][Aa]1_96|[Ss][Hh][Aa]1_160|[Ss][Hh][Aa]2_384|[Ss][Hh][Aa]2_512|[Mm][Dd]5)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PfsGroup</span> </div> <div class="desc-html"><p>Perfect Forward Secrecy Group. Possible values are: pfs1, pfs2, pfs2048, ecp256, ecp384, pfsMM, pfs24.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"ecp256"</code>, <code>"ecp384"</code>, <code>"pfs1"</code>, <code>"pfs2"</code>, <code>"pfs2048"</code>, <code>"pfs24"</code>, <code>"pfsMM"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Ff][Ss]1|[Pp][Ff][Ss]2|[Pp][Ff][Ss]2048|[Ee][Cc][Pp]256|[Ee][Cc][Pp]384|[Pp][Ff][Ss][Mm][Mm]|[Pp][Ff][Ss]24)$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DnsRules</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>DNS rules. This collection can contain a maximum of 1000 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DnsSuffixes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify DNS suffixes to add to the DNS search list to properly route short names.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EapXml</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Extensible Authentication Protocol (EAP) XML. (UTF8 encoded byte array)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableAlwaysOn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Always On mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableConditionalAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable conditional access.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableDeviceTunnel</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable device tunnel.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableDnsRegistration</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable IP address registration with internal DNS.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableSingleSignOnWithAlternateCertificate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable single sign-on (SSO) with alternate certificate.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableSplitTunneling</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable split tunneling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftTunnelSiteId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>ID of the Microsoft Tunnel site associated with the VPN profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnlyAssociatedAppsCanUseConnection</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Only associated Apps can use connection (per-app VPN).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProfileTarget</span> </div> <div class="desc-html"><p>Profile target type. Possible values are: user, device, autoPilotDevice.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"autoPilotDevice"</code>, <code>"device"</code>, <code>"user"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr]|[Dd][Ee][Vv][Ii][Cc][Ee]|[Aa][Uu][Tt][Oo][Pp][Ii][Ll][Oo][Tt][Dd][Ee][Vv][Ii][Cc][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyServer</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Proxy Server.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">BypassProxyServerForLocalAddress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Bypass proxy server for local address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Address</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticConfigurationScriptUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Proxy's automatic configuration script url.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Port</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Port. Valid values 0 to 65535</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticallyDetectProxySettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Automatically detect proxy settings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the entity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.windows10VpnProxyServer"</code>, <code>"#microsoft.graph.windows81VpnProxyServer"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ww][Ii][Nn][Dd][Oo][Ww][Ss]10[Vv][Pp][Nn][Pp][Rr][Oo][Xx][Yy][Ss][Ee][Rr][Vv][Ee][Rr]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ww][Ii][Nn][Dd][Oo][Ww][Ss]81[Vv][Pp][Nn][Pp][Rr][Oo][Xx][Yy][Ss][Ee][Rr][Vv][Ee][Rr])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RememberUserCredentials</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Remember user credentials.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Routes</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Routes (optional for third-party providers). This collection can contain a maximum of 1000 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SingleSignOnEku</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Single sign-on Extended Key Usage (EKU).</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Extended Key Usage Name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ObjectIdentifier</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Extended Key Usage Object Identifier</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SingleSignOnIssuerHash</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Single sign-on issuer hash.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrafficRules</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Traffic rules. This collection can contain a maximum of 1000 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrustedNetworkDomains</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Trusted Network Domains</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsInformationProtectionDomain</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Windows Information Protection (WIP) domain to associate with this connection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectionName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Connection name displayed to the user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomXml</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Custom XML commands that configures the VPN connection. (UTF8 encoded byte array)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ServerCollection</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationwindowsteampolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationwindowsteampolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Windows Team Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AzureOperationalInsightsBlockTelemetry</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block Azure Operational Insights.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AzureOperationalInsightsWorkspaceId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Azure Operational Insights workspace id.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AzureOperationalInsightsWorkspaceKey</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Azure Operational Insights Workspace key.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAppBlockAutoLaunch</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to automatically launch the Connect app whenever a projection is initiated.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaintenanceWindowBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block setting a maintenance window for device updates.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaintenanceWindowDurationInHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Maintenance window duration for device updates. Valid values 0 to 5</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaintenanceWindowStartTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Maintenance window start time for device updates.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MiracastBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block wireless projection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MiracastChannel</span> </div> <div class="desc-html"><p>The channel. Possible values are: userDefined, one, two, three, four, five, six, seven, eight, nine, ten, eleven, thirtySix, forty, fortyFour, fortyEight, oneHundredFortyNine, oneHundredFiftyThree, oneHundredFiftySeven, oneHundredSixtyOne, oneHundredSixtyFive.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"eight"</code>, <code>"eleven"</code>, <code>"five"</code>, <code>"forty"</code>, <code>"fortyEight"</code>, <code>"fortyFour"</code>, <code>"four"</code>, <code>"nine"</code>, <code>"one"</code>, <code>"oneHundredFiftySeven"</code>, <code>"oneHundredFiftyThree"</code>, <code>"oneHundredFortyNine"</code>, <code>"oneHundredSixtyFive"</code>, <code>"oneHundredSixtyOne"</code>, <code>"seven"</code>, <code>"six"</code>, <code>"ten"</code>, <code>"thirtySix"</code>, <code>"three"</code>, <code>"two"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Oo][Nn][Ee]|[Tt][Ww][Oo]|[Tt][Hh][Rr][Ee][Ee]|[Ff][Oo][Uu][Rr]|[Ff][Ii][Vv][Ee]|[Ss][Ii][Xx]|[Ss][Ee][Vv][Ee][Nn]|[Ee][Ii][Gg][Hh][Tt]|[Nn][Ii][Nn][Ee]|[Tt][Ee][Nn]|[Ee][Ll][Ee][Vv][Ee][Nn]|[Tt][Hh][Ii][Rr][Tt][Yy][Ss][Ii][Xx]|[Ff][Oo][Rr][Tt][Yy]|[Ff][Oo][Rr][Tt][Yy][Ff][Oo][Uu][Rr]|[Ff][Oo][Rr][Tt][Yy][Ee][Ii][Gg][Hh][Tt]|[Oo][Nn][Ee][Hh][Uu][Nn][Dd][Rr][Ee][Dd][Ff][Oo][Rr][Tt][Yy][Nn][Ii][Nn][Ee]|[Oo][Nn][Ee][Hh][Uu][Nn][Dd][Rr][Ee][Dd][Ff][Ii][Ff][Tt][Yy][Tt][Hh][Rr][Ee][Ee]|[Oo][Nn][Ee][Hh][Uu][Nn][Dd][Rr][Ee][Dd][Ff][Ii][Ff][Tt][Yy][Ss][Ee][Vv][Ee][Nn]|[Oo][Nn][Ee][Hh][Uu][Nn][Dd][Rr][Ee][Dd][Ss][Ii][Xx][Tt][Yy][Oo][Nn][Ee]|[Oo][Nn][Ee][Hh][Uu][Nn][Dd][Rr][Ee][Dd][Ss][Ii][Xx][Tt][Yy][Ff][Ii][Vv][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MiracastRequirePin</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to require a pin for wireless projection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockMyMeetingsAndFiles</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to disable the 'My meetings and files' feature in the Start menu, which shows the signed-in user's meetings and files from Office 365.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockSessionResume</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to allow the ability to resume a session when the session times out.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsBlockSigninSuggestions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to disable auto-populating of the sign-in dialog with invitees from scheduled meetings.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsDefaultVolume</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the default volume value for a new session. Permitted values are 0-100. The default is 45. Valid values 0 to 100</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsScreenTimeoutInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the number of minutes until the Hub screen turns off.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsSessionTimeoutInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the number of minutes until the session times out.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SettingsSleepTimeoutInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the number of minutes until the Hub enters sleep mode.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WelcomeScreenBackgroundImageUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The welcome screen background image URL. The URL must use the HTTPS protocol and return a PNG image.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WelcomeScreenBlockAutomaticWakeUp</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not to Block the welcome screen from waking up automatically when someone enters the room.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WelcomeScreenMeetingInformation</span> </div> <div class="desc-html"><p>The welcome screen meeting information shown. Possible values are: userDefined, showOrganizerAndTimeOnly, showOrganizerAndTimeAndSubject.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"showOrganizerAndTimeAndSubject"</code>, <code>"showOrganizerAndTimeOnly"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ss][Hh][Oo][Ww][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Ee][Rr][Aa][Nn][Dd][Tt][Ii][Mm][Ee][Oo][Nn][Ll][Yy]|[Ss][Hh][Oo][Ww][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Ee][Rr][Aa][Nn][Dd][Tt][Ii][Mm][Ee][Aa][Nn][Dd][Ss][Uu][Bb][Jj][Ee][Cc][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SupportsScopeTags</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceconfigurationwirednetworkpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceconfigurationwirednetworkpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Configuration Wired Network Policy for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationBlockPeriodInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the duration for which automatic authentication attempts will be blocked from occurring after a failed authentication attempt.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationMethod</span> </div> <div class="desc-html"><p>Specify the authentication method. Possible values are: certificate, usernameAndPassword, derivedCredential. Possible values are: certificate, usernameAndPassword, derivedCredential, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"certificate"</code>, <code>"derivedCredential"</code>, <code>"unknownFutureValue"</code>, <code>"usernameAndPassword"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ee][Rr][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ee]|[Uu][Ss][Ee][Rr][Nn][Aa][Mm][Ee][Aa][Nn][Dd][Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd]|[Dd][Ee][Rr][Ii][Vv][Ee][Dd][Cc][Rr][Ee][Dd][Ee][Nn][Tt][Ii][Aa][Ll]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationPeriodInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of seconds for the client to wait after an authentication attempt before failing. Valid range 1-3600.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationRetryDelayPeriodInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of seconds between a failed authentication and the next authentication attempt. Valid range 1-3600.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AuthenticationType</span> </div> <div class="desc-html"><p>Specify whether to authenticate the user, the device, either, or to use guest authentication (none). If you're using certificate authentication, make sure the certificate type matches the authentication type. Possible values are: none, user, machine, machineOrUser, guest. Possible values are: none, user, machine, machineOrUser, guest, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"guest"</code>, <code>"machine"</code>, <code>"machineOrUser"</code>, <code>"none"</code>, <code>"unknownFutureValue"</code>, <code>"user"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Uu][Ss][Ee][Rr]|[Mm][Aa][Cc][Hh][Ii][Nn][Ee]|[Mm][Aa][Cc][Hh][Ii][Nn][Ee][Oo][Rr][Uu][Ss][Ee][Rr]|[Gg][Uu][Ee][Ss][Tt]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CacheCredentials</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, caches user credentials on the device so that users don't need to keep entering them each time they connect. When FALSE, do not cache credentials. Default value is FALSE.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableUserPromptForServerValidation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, prevents the user from being prompted to authorize new servers for trusted certification authorities when EAP type is selected as PEAP. When FALSE, does not prevent the user from being prompted. Default value is FALSE.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EapolStartPeriodInSeconds</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the number of seconds to wait before sending an EAPOL (Extensible Authentication Protocol over LAN) Start message. Valid range 1-3600.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EapType</span> </div> <div class="desc-html"><p>Extensible Authentication Protocol (EAP). Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, leap, eapSim, eapTtls, peap, eapFast, teap. Possible values are: eapTls, leap, eapSim, eapTtls, peap, eapFast, teap.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"eapFast"</code>, <code>"eapSim"</code>, <code>"eapTls"</code>, <code>"eapTtls"</code>, <code>"leap"</code>, <code>"peap"</code>, <code>"teap"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Aa][Pp][Tt][Ll][Ss]|[Ll][Ee][Aa][Pp]|[Ee][Aa][Pp][Ss][Ii][Mm]|[Ee][Aa][Pp][Tt][Tt][Ll][Ss]|[Pp][Ee][Aa][Pp]|[Ee][Aa][Pp][Ff][Aa][Ss][Tt]|[Tt][Ee][Aa][Pp])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enforce8021X</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, the automatic configuration service for wired networks requires the use of 802.1X for port authentication. When FALSE, 802.1X is not required. Default value is FALSE.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceFIPSCompliance</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, forces FIPS compliance. When FALSE, does not enable FIPS compliance. Default value is FALSE.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InnerAuthenticationProtocolForEAPTTLS</span> </div> <div class="desc-html"><p>Specify inner authentication protocol for EAP TTLS. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, microsoftChapVersionTwo. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, microsoftChapVersionTwo.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"challengeHandshakeAuthenticationProtocol"</code>, <code>"microsoftChap"</code>, <code>"microsoftChapVersionTwo"</code>, <code>"unencryptedPassword"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Ee][Nn][Cc][Rr][Yy][Pp][Tt][Ee][Dd][Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd]|[Cc][Hh][Aa][Ll][Ll][Ee][Nn][Gg][Ee][Hh][Aa][Nn][Dd][Ss][Hh][Aa][Kk][Ee][Aa][Uu][Tt][Hh][Ee][Nn][Tt][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Pp][Rr][Oo][Tt][Oo][Cc][Oo][Ll]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Cc][Hh][Aa][Pp]|[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt][Cc][Hh][Aa][Pp][Vv][Ee][Rr][Ss][Ii][Oo][Nn][Tt][Ww][Oo])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumAuthenticationFailures</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the maximum authentication failures allowed for a set of credentials. Valid range 1-100.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MaximumEAPOLStartMessages</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the maximum number of EAPOL (Extensible Authentication Protocol over LAN) Start messages to be sent before returning failure. Valid range 1-100.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OuterIdentityPrivacyTemporaryValue</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify the string to replace usernames for privacy when using EAP TTLS or PEAP.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PerformServerValidation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, enables verification of server's identity by validating the certificate when EAP type is selected as PEAP. When FALSE, the certificate is not validated. Default value is TRUE.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RequireCryptographicBinding</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, enables cryptographic binding when EAP type is selected as PEAP. When FALSE, does not enable cryptogrpahic binding. Default value is TRUE.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecondaryAuthenticationMethod</span> </div> <div class="desc-html"><p>Specify the secondary authentication method. Possible values are: certificate, usernameAndPassword, derivedCredential. Possible values are: certificate, usernameAndPassword, derivedCredential, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"certificate"</code>, <code>"derivedCredential"</code>, <code>"unknownFutureValue"</code>, <code>"usernameAndPassword"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Ee][Rr][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ee]|[Uu][Ss][Ee][Rr][Nn][Aa][Mm][Ee][Aa][Nn][Dd][Pp][Aa][Ss][Ss][Ww][Oo][Rr][Dd]|[Dd][Ee][Rr][Ii][Vv][Ee][Dd][Cc][Rr][Ee][Dd][Ee][Nn][Tt][Ii][Aa][Ll]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrustedServerCertificateNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify trusted server certificate names.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RootCertificatesForServerValidationIds</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify root certificates for server validation. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RootCertificatesForServerValidationDisplayNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specify root certificate display names for server validation. This collection can contain a maximum of 500 elements.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IdentityCertificateForClientAuthenticationId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify identity certificate for client authentication.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IdentityCertificateForClientAuthenticationDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify identity certificate display name for client authentication.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecondaryIdentityCertificateForClientAuthenticationId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify root certificate for client validation</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecondaryIdentityCertificateForClientAuthenticationDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify root certificate display name for client validation</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RootCertificateForClientValidationId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify root certificate for client validation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RootCertificateForClientValidationDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify root certificate display name for client validation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecondaryRootCertificateForClientValidationId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify secondary root certificate for client validation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SecondaryRootCertificateForClientValidationDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specify secondary root certificate display name for client validation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceenrollmentlimitrestriction"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceenrollmentlimitrestriction</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Intune device enrollment limit restrictions.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the device enrollment limit restriction.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the device enrollment limit restriction.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Limit</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum number of devices a user can enroll</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the restriction exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceenrollmentplatformrestriction"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceenrollmentplatformrestriction</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures the Intune device platform enrollment restrictions.</p> <p><strong>Be aware</strong>: To deploy a Android platform restriction policy, two individual configurations must exist:</p> <ul> <li>The first one contains the key for <code>AndroidRestriction</code></li> <li>The second one contains the key for <code>AndroidForWorkRestriction</code></li> </ul> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Identity of the device enrollment platform restriction.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the device enrollment platform restriction.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the device enrollment platform restriction.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AndroidForWorkRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Android for work restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AndroidRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Android restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IosRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Ios restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MacOSRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Mac restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MacRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Mac restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsHomeSkuRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Windows Home Sku restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsMobileRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Windows mobile restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WindowsRestriction</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Windows restrictions based on platform, platform operating system version, and device ownership.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">PlatformBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block the platform from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PersonalDeviceEnrollmentBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Block personally owned devices from enrolling.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMinimumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Min OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OsMaximumVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Max OS version supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedManufacturers</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Manufacturers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockedSkus</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Collection of blocked Skus.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceEnrollmentConfigurationType</span> </div> <div class="desc-html"><p>Support for Enrollment Configuration Type</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"platformRestrictions"</code>, <code>"singlePlatformRestriction"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Ll][Aa][Tt][Ff][Oo][Rr][Mm][Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ii][Oo][Nn][Ss]|[Ss][Ii][Nn][Gg][Ll][Ee][Pp][Ll][Aa][Tt][Ff][Oo][Rr][Mm][Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Priority is used when a user exists in multiple groups that are assigned enrollment configuration. Users are subject only to the configuration with the lowest priority value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.deviceenrollmentstatuspagewindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.deviceenrollmentstatuspagewindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Device Enrollment Status Page Configuration for Windows10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the device enrollment configuration</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the device enrollment configuration</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeviceResetOnInstallFailure</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or block device reset on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeviceUseOnInstallFailure</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the user to continue using the device on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowLogCollectionOnInstallFailure</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or block log collection on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowNonBlockingAppInstallation</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Install all required apps as non blocking apps during white glove</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockDeviceSetupRetryByUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the user to retry the setup on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomErrorMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Set custom error message to show upon installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableUserStatusTrackingAfterFirstUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Only show installation progress for first user post enrollment</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstallProgressTimeoutInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set installation progress timeout in minutes</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstallQualityUpdates</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allows quality updates installation during OOBE</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SelectedMobileAppIds</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Ids of selected applications to track the installation status. When this parameter is used, SelectedMobileAppNames is ignored</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SelectedMobileAppNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Names of selected applications to track the installation status. This parameter is ignored when SelectedMobileAppIds is also specified</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ShowInstallationProgress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Show or hide installation progress to user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TrackInstallProgressForAutopilotOnly</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Only show installation progress for Autopilot enrollment scenarios</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Priority is used when a user exists in multiple groups that are assigned enrollment configuration. Users are subject only to the configuration with the lowest priority value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.endpointdetectionandresponsepolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.endpointdetectionandresponsepolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Endpoint Detection and Response Policy for Windows 10.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the endpoint detection and response policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the endpoint detection and response policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the endpoint detection and response policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the endpoint detection and response policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SampleSharing</span> </div> <div class="desc-html"><p>Return or set Windows Defender Advanced Threat Protection Sample Sharing configuration parameter: 0 - none, 1 - All</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigurationType</span> </div> <div class="desc-html"><p>Microsoft Defender for Endpoint endpoint detection and response capabilities provide advanced attack detections that are near real-time and actionable. Security analysts can prioritize alerts effectively, gain visibility into the full scope of a breach, and take response actions to remediate threats.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AutoFromConnector"</code>, <code>"Offboard"</code>, <code>"Onboard"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Uu][Tt][Oo][Ff][Rr][Oo][Mm][Cc][Oo][Nn][Nn][Ee][Cc][Tt][Oo][Rr]|[Oo][Nn][Bb][Oo][Aa][Rr][Dd]|[Oo][Ff][Ff][Bb][Oo][Aa][Rr][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConfigurationBlob</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Set Windows Defender Advanced Threat Protection Onboarding blob and initiate onboarding to Windows Defender Advanced Threat Protection</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.exploitprotectionpolicywindows10settingcatalog"> <div class="definition-header"> <span class="def-name">microsoft.intune.exploitprotectionpolicywindows10settingcatalog</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Endpoint Protection Exploit Protection policy for a Windows 10 Device. Enables the IT admin to push out a configuration representing the desired system and application mitigation options to all the devices in the organization. The configuration is represented by an XML. For more information Exploit Protection, see</p> <ul> <li>Enable Exploit Protection on Devices and Import: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-exploit-protection">https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/enable-exploit-protection</a>,</li> <li>Export, and deploy Exploit Protection configurations: <a target="_blank" rel="noopener noreferrer" href="https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml">https://docs.microsoft.com/en-us/windows/threat-protection/windows-defender-exploit-guard/import-export-exploit-protection-emet-xml</a></li> </ul> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the endpoint protection policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the endpoint protection policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the endpoint protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExploitProtectionSettings</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Enables the IT admin to push out a configuration representing the desired system and application mitigation options to all the devices in the organization. The configuration is represented by an XML.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisallowExploitProtectionOverride</span> </div> <div class="desc-html"><p>Prevent users from making changes to the exploit protection settings area in the Windows Defender Security Center.values 0:disable, 1:enable</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the endpoint protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.policysets"> <div class="definition-header"> <span class="def-name">microsoft.intune.policysets</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Policy Sets</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>DisplayName of the PolicySet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the PolicySet.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GuidedDeploymentTags</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Tags of the guided deployment</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleScopeTags</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>RoleScopeTags of the PolicySet</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Items</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.roleassignment"> <div class="definition-header"> <span class="def-name">microsoft.intune.roleassignment</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Role Assignment.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display or friendly name of the role Assignment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Role Assignment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ResourceScopes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of ids of role scope member security groups. These are IDs from Azure Active Directory. Ignored if ScopeType is not 'ResourceScope'</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ResourceScopesDisplayNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of DisplayName of role scope member security groups. These are Displayname from Azure Active Directory. Ignored if ScopeType is not 'ResourceScope'</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScopeType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the type of scope for a Role Assignment. Default type 'ResourceScope' allows assignment of ResourceScopes. Possible values are: resourceScope, allDevices, allLicensedUsers, allDevicesAndLicensedUsers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Members</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of ids of role member security groups. These are IDs from Azure Active Directory.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MembersDisplayNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The list of Displaynames of role member security groups. These are Displaynamnes from Azure Active Directory.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleDefinition</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Role Definition Id.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RoleDefinitionDisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Role Definition Displayname.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Role exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.roledefinition"> <div class="definition-header"> <span class="def-name">microsoft.intune.roledefinition</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Role Definition.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display Name of the Role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsBuiltIn</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Type of Role. Set to True if it is built-in, or set to False if it is a custom role definition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">allowedResourceActions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of allowed resource actions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">notAllowedResourceActions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of not allowed resource actions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">roleScopeTagIds</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Id of the Scope Tags to assign</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the Role exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.settingcatalogasrrulespolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.settingcatalogasrrulespolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Intune Endpoint Protection Attack Surface Reduction rules policy for a Windows 10 Device. This resource returns ASR rules created using settings catalog settings.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Identity</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Identity of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the endpoint protection attack surface protection rules policy for Windows 10.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Assignments of the endpoint protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AttackSurfaceReductionOnlyExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Exclude files and paths from attack surface reduction rules</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAbuseOfExploitedVulnerableSignedDrivers</span> </div> <div class="desc-html"><p>This rule prevents an application from writing a vulnerable signed driver to disk.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAbuseOfExploitedVulnerableSignedDrivers_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAdobeReaderFromCreatingChildProcesses</span> </div> <div class="desc-html"><p>This rule prevents attacks by blocking Adobe Reader from creating processes.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAdobeReaderFromCreatingChildProcesses_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAllOfficeApplicationsFromCreatingChildProcesses</span> </div> <div class="desc-html"><p>This rule blocks Office apps from creating child processes. Office apps include Word, Excel, PowerPoint, OneNote, and Access.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAllOfficeApplicationsFromCreatingChildProcesses_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions (off: Off, block: Block, audit: Audit, warn: Warn)</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem</span> </div> <div class="desc-html"><p>This rule helps prevent credential stealing by locking down Local Security Authority Subsystem Service (LSASS).</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutableContentFromEmailClientAndWebmail</span> </div> <div class="desc-html"><p>This rule blocks the following file types from launching from email opened within the Microsoft Outlook application, or Outlook.com and other popular webmail providers.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutableContentFromEmailClientAndWebmail_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion</span> </div> <div class="desc-html"><p>This rule blocks executable files that don't meet a prevalence, age, or trusted list criteria, such as .exe, .dll, or .scr, from launching.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutionOfPotentiallyObfuscatedScripts</span> </div> <div class="desc-html"><p>This rule detects suspicious properties within an obfuscated script.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockExecutionOfPotentiallyObfuscatedScripts_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent</span> </div> <div class="desc-html"><p>This rule prevents scripts from launching potentially malicious downloaded content.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeApplicationsFromCreatingExecutableContent</span> </div> <div class="desc-html"><p>This rule prevents Office apps, including Word, Excel, and PowerPoint, from creating potentially malicious executable content, by blocking malicious code from being written to disk.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeApplicationsFromCreatingExecutableContent_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses</span> </div> <div class="desc-html"><p>This rule blocks code injection attempts from Office apps into other processes.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeCommunicationAppFromCreatingChildProcesses</span> </div> <div class="desc-html"><p>This rule prevents Outlook from creating child processes, while still allowing legitimate Outlook functions.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockOfficeCommunicationAppFromCreatingChildProcesses_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockPersistenceThroughWMIEventSubscription</span> </div> <div class="desc-html"><p>This rule prevents malware from abusing WMI to attain persistence on a device.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockProcessCreationsFromPSExecAndWMICommands</span> </div> <div class="desc-html"><p>This rule blocks processes created through PsExec and WMI from running.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockProcessCreationsFromPSExecAndWMICommands_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockRebootingMachineInSafeMode</span> </div> <div class="desc-html"><p>This rule prevents the execution of commands to restart machines in Safe Mode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockRebootingMachineInSafeMode_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockUntrustedUnsignedProcessesThatRunFromUSB</span> </div> <div class="desc-html"><p>With this rule, admins can prevent unsigned or untrusted executable files from running from USB removable drives, including SD cards.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockUntrustedUnsignedProcessesThatRunFromUSB_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockUseOfCopiedOrImpersonatedSystemTools</span> </div> <div class="desc-html"><p>This rule blocks the use of executable files that are identified as copies of Windows system tools. These files are either duplicates or impostors of the original system tools.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockUseOfCopiedOrImpersonatedSystemTools_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockWebShellCreationForServers</span> </div> <div class="desc-html"><p>This rule blocks webshell creation for servers.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockWebshellCreationForServers_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockWin32APICallsFromOfficeMacros</span> </div> <div class="desc-html"><p>This rule prevents VBA macros from calling Win32 APIs.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockWin32APICallsFromOfficeMacros_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseAdvancedProtectionAgainstRansomware</span> </div> <div class="desc-html"><p>This rule provides an extra layer of protection against ransomware.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"audit"</code>, <code>"block"</code>, <code>"off"</code>, <code>"warn"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Ff][Ff]|[Bb][Ll][Oo][Cc][Kk]|[Aa][Uu][Dd][Ii][Tt]|[Ww][Aa][Rr][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UseAdvancedProtectionAgainstRansomware_ASROnlyPerRuleExclusions</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>ASR Only Per Rule Exclusions</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ControlledFolderAccessProtectedFolders</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of additional folders that need to be protected</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ControlledFolderAccessAllowedApplications</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>List of apps that have access to protected folders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableControlledFolderAccess</span> </div> <div class="desc-html"><p>This rule enables Controlled folder access which protects your data by checking apps against a list of known, trusted apps.values 0:disable, 1:enable, 2:audit</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"0"</code>, <code>"1"</code>, <code>"2"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(0|1|2)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicyandroiddeviceadministrator"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicyandroiddeviceadministrator</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy Android Device Administrator Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect automatically.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect when network name is hidden.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Network name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>SSID.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiSecurityType</span> </div> <div class="desc-html"><p>Wi-Fi security type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wpa2Enterprise"</code>, <code>"wpaEnterprise"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee]|[Ww][Pp][Aa]2[Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicyandroidenterprisedeviceowner"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicyandroidenterprisedeviceowner</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy Android Enterprise Device Owner Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Disaply name of the Intune policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If the network is in range, automatically connect.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Don't show this Wi-Fi network on an end-user's device in the list of available networks. The SSID will not be broadcasted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Network name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSharedKey</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Pre shared key.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSharedKeyIsSet</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Pre shared key is set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyAutomaticConfigurationUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>URL of the automatic proxy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyExclusionList</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Exclusion list of the proxy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Address of the proxy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualPort</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Port of the proxy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxySettings</span> </div> <div class="desc-html"><p>Proxy setting type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"manual"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Service Set Identifier. The name of the Wi-Fi connection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiSecurityType</span> </div> <div class="desc-html"><p>Type of Wi-Fi profile.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wep"</code>, <code>"wpaEnterprise"</code>, <code>"wpaPersonal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Ee][Pp]|[Ww][Pp][Aa][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicyandroidenterpriseworkprofile"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicyandroidenterpriseworkprofile</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy Android Enterprise Work Profile Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect automatically.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect when network name is hidden.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Network name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>SSID.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiSecurityType</span> </div> <div class="desc-html"><p>Wi-Fi security.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wpa2Enterprise"</code>, <code>"wpaEnterprise"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee]|[Ww][Pp][Aa]2[Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicyandroidforwork"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicyandroidforwork</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy Android For Work Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect automatically</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect when network name is hidden</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Network name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>SSID</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiSecurityType</span> </div> <div class="desc-html"><p>Wi-Fi security</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wpa2Enterprise"</code>, <code>"wpaEnterprise"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee]|[Ww][Pp][Aa]2[Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicyandroidopensourceproject"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicyandroidopensourceproject</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy Android Open Source Project Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect automatically to the network.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Define if the network should be connected if hidden.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Define the network name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSharedKey</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Define the pre-shared key.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSharedKeyIsSet</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Define if the pre-shared key is set.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Define the SSID.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiSecurityType</span> </div> <div class="desc-html"><p>Define the Wifi security type.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wep"</code>, <code>"wpaEnterprise"</code>, <code>"wpaPersonal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Ee][Pp]|[Ww][Pp][Aa][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicyios"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicyios</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy for iOS Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect automatically</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect when network name is hidden</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisableMacAddressRandomization</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Disable the MAC address randomization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Network name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSharedKey</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Pre shared key</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyAutomaticConfigurationUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Proxy automatic configuration url</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Proxy manual address</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualPort</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Proxy manual port</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxySettings</span> </div> <div class="desc-html"><p>Proxy settings</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"manual"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>SSID</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiSecurityType</span> </div> <div class="desc-html"><p>Wi-Fi security</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wep"</code>, <code>"wpa2Enterprise"</code>, <code>"wpa2Personal"</code>, <code>"wpaEnterprise"</code>, <code>"wpaPersonal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Pp][Aa][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee]|[Ww][Ee][Pp]|[Ww][Pp][Aa]2[Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa]2[Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicymacos"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicymacos</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy for MacOS Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect automatically</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect when network name is hidden</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Network name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSharedKey</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Pre shared key</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyAutomaticConfigurationUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Proxy automatic configuration url</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Proxy manual address</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualPort</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Proxy manual port</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxySettings</span> </div> <div class="desc-html"><p>Proxy settings</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"manual"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>SSID</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WiFiSecurityType</span> </div> <div class="desc-html"><p>Wi-Fi security</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wep"</code>, <code>"wpa2Enterprise"</code>, <code>"wpa2Personal"</code>, <code>"wpaEnterprise"</code>, <code>"wpaPersonal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Pp][Aa][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee]|[Ww][Ee][Pp]|[Ww][Pp][Aa]2[Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa]2[Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.wificonfigurationpolicywindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.wificonfigurationpolicywindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Intune Wifi Configuration Policy for Windows10 Device.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Display name of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Id of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectAutomatically</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect automatically</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectToPreferredNetwork</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect to preferred network</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ConnectWhenNetworkNameIsHidden</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Connect when network name is hidden</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ForceFIPSCompliance</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Force FIPS compliance</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MeteredConnectionLimit</span> </div> <div class="desc-html"><p>Metered connection limit</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"fixed"</code>, <code>"unrestricted"</code>, <code>"variable"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Nn][Rr][Ee][Ss][Tt][Rr][Ii][Cc][Tt][Ee][Dd]|[Ff][Ii][Xx][Ee][Dd]|[Vv][Aa][Rr][Ii][Aa][Bb][Ll][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NetworkName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Network name</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PreSharedKey</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Pre shared key</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyAutomaticConfigurationUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Proxy automatic configuration url</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualAddress</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Proxy manual address</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxyManualPort</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Proxy manual port</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProxySetting</span> </div> <div class="desc-html"><p>Proxy setting</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"manual"</code>, <code>"none"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Mm][Aa][Nn][Uu][Aa][Ll]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ssid</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>SSID</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">WifiSecurityType</span> </div> <div class="desc-html"><p>Wi-Fi security</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"open"</code>, <code>"wep"</code>, <code>"wpa2Enterprise"</code>, <code>"wpa2Personal"</code>, <code>"wpaEnterprise"</code>, <code>"wpaPersonal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Oo][Pp][Ee][Nn]|[Ww][Pp][Aa][Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa][Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee]|[Ww][Ee][Pp]|[Ww][Pp][Aa]2[Pp][Ee][Rr][Ss][Oo][Nn][Aa][Ll]|[Ww][Pp][Aa]2[Ee][Nn][Tt][Ee][Rr][Pp][Rr][Ii][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.windowsautopilotdeploymentprofileazureadhybridjoined"> <div class="definition-header"> <span class="def-name">microsoft.intune.windowsautopilotdeploymentprofileazureadhybridjoined</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Windows Autopilot Deployment Profile Azure AD Hybrid Joined</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HybridAzureADJoinSkipConnectivityCheck</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Autopilot Hybrid Azure AD join flow will continue even if it does not establish domain controller connectivity during OOBE.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceNameTemplate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The template used to name the AutoPilot Device. This can be a custom text and can also contain either the serial number of the device, or a randomly generated number. The total length of the text generated by the template can be no more than 15 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceType</span> </div> <div class="desc-html"><p>The AutoPilot device type that this profile is applicable to. Possible values are: windowsPc, surfaceHub2.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"holoLens"</code>, <code>"surfaceHub2"</code>, <code>"surfaceHub2S"</code>, <code>"unknownFutureValue"</code>, <code>"virtualMachine"</code>, <code>"windowsPc"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ww][Ii][Nn][Dd][Oo][Ww][Ss][Pp][Cc]|[Ss][Uu][Rr][Ff][Aa][Cc][Ee][Hh][Uu][Bb]2|[Hh][Oo][Ll][Oo][Ll][Ee][Nn][Ss]|[Ss][Uu][Rr][Ff][Aa][Cc][Ee][Hh][Uu][Bb]2[Ss]|[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Mm][Aa][Cc][Hh][Ii][Nn][Ee]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableWhiteGlove</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Autopilot White Glove for the profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnrollmentStatusScreenSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Enrollment status screen setting</p> </div> <details class="nested-properties"> <summary>7 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeviceUseBeforeProfileAndAppInstallComplete</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or block user to use device before profile and app installation complete</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeviceUseOnInstallFailure</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the user to continue using the device on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowLogCollectionOnInstallFailure</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or block log collection on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockDeviceSetupRetryByUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the user to retry the setup on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomErrorMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Set custom error message to show upon installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideInstallationProgress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Show or hide installation progress to user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstallProgressTimeoutInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set installation progress timeout in minutes</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtractHardwareHash</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>HardwareHash Extraction for the profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Language</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Language configured on the device</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagementServiceAppId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>AzureAD management app ID used during client device-based enrollment discovery</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutOfBoxExperienceSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Out of box experience setting</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceUsageType</span> </div> <div class="desc-html"><p>AAD join authentication type. Possible values are: singleUser, shared.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"shared"</code>, <code>"singleUser"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Ii][Nn][Gg][Ll][Ee][Uu][Ss][Ee][Rr]|[Ss][Hh][Aa][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideEscapeLink</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set to true, then the user can't start over with different account, on company sign-in</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideEULA</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Show or hide EULA to user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HidePrivacySettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Show or hide privacy settings to user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SkipKeyboardSelectionPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set, then skip the keyboard selection page if Language and Region are set</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserType</span> </div> <div class="desc-html"><p>Type of user. Possible values are: administrator, standard.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"administrator"</code>, <code>"standard"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr]|[Ss][Tt][Aa][Nn][Dd][Aa][Rr][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.windowsautopilotdeploymentprofileazureadjoined"> <div class="definition-header"> <span class="def-name">microsoft.intune.windowsautopilotdeploymentprofileazureadjoined</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Windows Autopilot Deployment Profile Azure AD Joined</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Description of the profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceNameTemplate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The template used to name the AutoPilot Device. This can be a custom text and can also contain either the serial number of the device, or a randomly generated number. The total length of the text generated by the template can be no more than 15 characters.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceType</span> </div> <div class="desc-html"><p>The AutoPilot device type that this profile is applicable to. Possible values are: windowsPc, surfaceHub2.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"holoLens"</code>, <code>"surfaceHub2"</code>, <code>"surfaceHub2S"</code>, <code>"unknownFutureValue"</code>, <code>"virtualMachine"</code>, <code>"windowsPc"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ww][Ii][Nn][Dd][Oo][Ww][Ss][Pp][Cc]|[Ss][Uu][Rr][Ff][Aa][Cc][Ee][Hh][Uu][Bb]2|[Hh][Oo][Ll][Oo][Ll][Ee][Nn][Ss]|[Ss][Uu][Rr][Ff][Aa][Cc][Ee][Hh][Uu][Bb]2[Ss]|[Vv][Ii][Rr][Tt][Uu][Aa][Ll][Mm][Aa][Cc][Hh][Ii][Nn][Ee]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableWhiteGlove</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enable Autopilot White Glove for the profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnrollmentStatusScreenSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Enrollment status screen setting</p> </div> <details class="nested-properties"> <summary>7 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeviceUseBeforeProfileAndAppInstallComplete</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or block user to use device before profile and app installation complete</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowDeviceUseOnInstallFailure</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the user to continue using the device on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowLogCollectionOnInstallFailure</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow or block log collection on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockDeviceSetupRetryByUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Allow the user to retry the setup on installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CustomErrorMessage</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Set custom error message to show upon installation failure</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideInstallationProgress</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Show or hide installation progress to user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstallProgressTimeoutInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Set installation progress timeout in minutes</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExtractHardwareHash</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>HardwareHash Extraction for the profile</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Language</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Language configured on the device</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ManagementServiceAppId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>AzureAD management app ID used during client device-based enrollment discovery</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OutOfBoxExperienceSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Out of box experience setting</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DeviceUsageType</span> </div> <div class="desc-html"><p>AAD join authentication type. Possible values are: singleUser, shared.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"shared"</code>, <code>"singleUser"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Ii][Nn][Gg][Ll][Ee][Uu][Ss][Ee][Rr]|[Ss][Hh][Aa][Rr][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideEscapeLink</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set to true, then the user can't start over with different account, on company sign-in</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HideEULA</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Show or hide EULA to user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HidePrivacySettings</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Show or hide privacy settings to user</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SkipKeyboardSelectionPage</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If set, then skip the keyboard selection page if Language and Region are set</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserType</span> </div> <div class="desc-html"><p>Type of user. Possible values are: administrator, standard.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"administrator"</code>, <code>"standard"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Dd][Mm][Ii][Nn][Ii][Ss][Tt][Rr][Aa][Tt][Oo][Rr]|[Ss][Tt][Aa][Nn][Dd][Aa][Rr][Dd])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.windowsinformationprotectionpolicywindows10mdmenrolled"> <div class="definition-header"> <span class="def-name">microsoft.intune.windowsinformationprotectionpolicywindows10mdmenrolled</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Windows Information Protection Policy for Windows10 Mdm Enrolled</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Policy display name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AzureRightsManagementServicesAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to allow Azure RMS encryption for WIP</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DataRecoveryCertificate</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>Specifies a recovery certificate that can be used for data recovery of encrypted files. This is the same as the data recovery agent(DRA) certificate for encrypting file system(EFS)</p> </div> <details class="nested-properties"> <summary>4 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Certificate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Data recovery Certificate</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Data recovery Certificate description</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExpirationDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Data recovery Certificate expiration datetime</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Data recovery Certificate subject name</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnforcementLevel</span> </div> <div class="desc-html"><p>WIP enforcement level.See the Enum definition for supported values. Possible values are: noProtection, encryptAndAuditOnly, encryptAuditAndPrompt, encryptAuditAndBlock.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"encryptAndAuditOnly"</code>, <code>"encryptAuditAndBlock"</code>, <code>"encryptAuditAndPrompt"</code>, <code>"noProtection"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Pp][Rr][Oo][Tt][Ee][Cc][Tt][Ii][Oo][Nn]|[Ee][Nn][Cc][Rr][Yy][Pp][Tt][Aa][Nn][Dd][Aa][Uu][Dd][Ii][Tt][Oo][Nn][Ll][Yy]|[Ee][Nn][Cc][Rr][Yy][Pp][Tt][Aa][Uu][Dd][Ii][Tt][Aa][Nn][Dd][Pp][Rr][Oo][Mm][Pp][Tt]|[Ee][Nn][Cc][Rr][Yy][Pp][Tt][Aa][Uu][Dd][Ii][Tt][Aa][Nn][Dd][Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseDomain</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Primary enterprise domain</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseInternalProxyServers</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>This is the comma-separated list of internal proxy servers. For example, '157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59'. These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the EnterpriseProxiedDomains policy to force traffic to the matched domains through these proxies</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseIPRanges</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Sets the enterprise IP ranges that define the computers in the enterprise network. Data that comes from those computers will be considered part of the enterprise and protected. These locations will be considered a safe destination for enterprise data to be shared to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseIPRangesAreAuthoritative</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets. Default is false</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseNetworkDomainNames</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>This is the list of domains that comprise the boundaries of the enterprise. Data from one of these domains that is sent to a device will be considered enterprise data and protected These locations will be considered a safe destination for enterprise data to be shared to</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseProtectedDomainNames</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>List of enterprise domains to be protected</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseProxiedDomains</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Contains a list of Enterprise resource domains hosted in the cloud that need to be protected. Connections to these resources are considered enterprise data. If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). A proxy server used for this purpose must also be configured using the EnterpriseInternalProxyServers policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseProxyServers</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>This is a list of proxy servers. Any server not on this list is considered non-enterprise</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnterpriseProxyServersAreAuthoritative</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies. Default is false</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExemptApps</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Exempt applications can also access enterprise data, but the data handled by those applications are not protected. This is because some critical enterprise applications may have compatibility problems with encrypted data.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IconsVisible</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines whether overlays are added to icons for WIP protected files in Explorer and enterprise only app tiles in the Start menu. Starting in Windows 10, version 1703 this setting also configures the visibility of the WIP icon in the title bar of a WIP-protected app</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IndexingEncryptedStoresOrItemsBlocked</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This switch is for the Windows Search Indexer, to allow or disallow indexing of items</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NeutralDomainResources</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>List of domain names that can used for work or personal resource</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProtectedApps</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Protected applications can access enterprise data and the data handled by those applications are protected with encryption</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProtectionUnderLockConfigRequired</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether the protection under lock feature (also known as encrypt under pin) should be configured</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RevokeOnUnenrollDisabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>This policy controls whether to revoke the WIP keys when a device unenrolls from the management service. If set to 1 (Don't revoke keys), the keys will not be revoked and the user will continue to have access to protected files after unenrollment. If the keys are not revoked, there will be no revoked file cleanup subsequently.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RightsManagementServicesTemplateId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>TemplateID GUID to use for RMS encryption. The RMS template allows the IT admin to configure the details about who has access to RMS-protected file and how long they have access</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SmbAutoEncryptedFileExtensions</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Specifies a list of file extensions, so that files with these extensions are encrypted when copying from an SMB share within the corporate boundary</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The policy's description.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.windowsupdateforbusinessfeatureupdateprofilewindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.windowsupdateforbusinessfeatureupdateprofilewindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Windows Update For Business Feature Update Profile for Windows10</p> <h2>RolloutSettings</h2> <p>The RolloutSettings for this resource have the following constraints and notes:</p> <ul> <li>When creating a policy: <ul> <li>If only a start date is specified, then the start date must be at least today. <ul> <li>If the desired state date is before the current date, it will be adjusted to the current date.</li> </ul> </li> <li>If a start and end date is specified, the start date must be the current date + 2 days, and<br /> the end date must be at least one day after the start date. <ul> <li>If the start date is before the current date + 2 days, it will be adjusted to this date.</li> </ul> </li> </ul> </li> <li>When updating a policy: <ul> <li>If only a start date is specified, then the start date must either be the date from the current<br /> configuration or the current date (or later). <ul> <li>If the desired state date is before the current date, it will be adjusted to the current date.</li> </ul> </li> <li>If a start and end date is specified, the start date must be the current date + 2 days, and<br /> the end date must be at least one day after the start date. <ul> <li>If the start date is before the current date + 2 days, it will be adjusted to this date.</li> </ul> </li> </ul> </li> <li>When testing a policy: <ul> <li>If the policy is missing and the start and end date are before the current date, it will return true.</li> <li>If the start date is different but before the current start date or time, it will return true.</li> </ul> </li> </ul> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The display name of the profile.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the profile which is specified by the user.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureUpdateVersion</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The feature update version that will be deployed to the devices targeted by this profile. The version could be any supported version for example 1709, 1803 or 1809 and so on.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstallFeatureUpdatesOptional</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If true, the Windows 11 update will become optional</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstallLatestWindows10OnWindows11IneligibleDevice</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>If true, the latest Microsoft Windows 10 update will be installed on devices ineligible for Microsoft Windows 11. Cannot be changed after creation of the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RolloutSettings</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The windows update rollout settings, including offer start date time, offer end date time, and days between each set of offers. For 'as soon as possible' installation, set this setting to $null or do not configure it.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">OfferEndDateTimeInUTC</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The feature update's ending of release date and time to be set, update, and displayed for a feature Update profile for example: 2020-06-09T10:00:00Z.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OfferIntervalInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of day(s) between each set of offers to be set, updated, and displayed for a feature update profile, for example: if OfferStartDateTimeInUTC is 2020-06-09T10:00:00Z, and OfferIntervalInDays is 1, then the next two sets of offers will be made consecutively on 2020-06-10T10:00:00Z (next day at the same specified time) and 2020-06-11T10:00:00Z (next next day at the same specified time) with 1 day in between each set of offers.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OfferStartDateTimeInUTC</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The feature update's starting date and time to be set, update, and displayed for a feature Update profile for example: 2020-06-09T10:00:00Z.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.intune.windowsupdateforbusinessringupdateprofilewindows10"> <div class="definition-header"> <span class="def-name">microsoft.intune.windowsupdateforbusinessringupdateprofilewindows10</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>Intune Windows Update For Business Ring Update Profile for Windows 10</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Admin provided name of the device configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Id</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The unique identifier for an entity. Read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowWindows11Upgrade</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, allows eligible Windows 10 devices to upgrade to Windows 11. When FALSE, implies the device stays on the existing operating system. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutomaticUpdateMode</span> </div> <div class="desc-html"><p>The Automatic Update Mode. Possible values are: UserDefined, NotifyDownload, AutoInstallAtMaintenanceTime, AutoInstallAndRebootAtMaintenanceTime, AutoInstallAndRebootAtScheduledTime, AutoInstallAndRebootWithoutEndUserControl, WindowsDefault. UserDefined is the default value, no intent. Returned by default. Query parameters are not supported. Possible values are: userDefined, notifyDownload, autoInstallAtMaintenanceTime, autoInstallAndRebootAtMaintenanceTime, autoInstallAndRebootAtScheduledTime, autoInstallAndRebootWithoutEndUserControl, windowsDefault.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"autoInstallAndRebootAtMaintenanceTime"</code>, <code>"autoInstallAndRebootAtScheduledTime"</code>, <code>"autoInstallAndRebootWithoutEndUserControl"</code>, <code>"autoInstallAtMaintenanceTime"</code>, <code>"notifyDownload"</code>, <code>"userDefined"</code>, <code>"windowsDefault"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Nn][Oo][Tt][Ii][Ff][Yy][Dd][Oo][Ww][Nn][Ll][Oo][Aa][Dd]|[Aa][Uu][Tt][Oo][Ii][Nn][Ss][Tt][Aa][Ll][Ll][Aa][Tt][Mm][Aa][Ii][Nn][Tt][Ee][Nn][Aa][Nn][Cc][Ee][Tt][Ii][Mm][Ee]|[Aa][Uu][Tt][Oo][Ii][Nn][Ss][Tt][Aa][Ll][Ll][Aa][Nn][Dd][Rr][Ee][Bb][Oo][Oo][Tt][Aa][Tt][Mm][Aa][Ii][Nn][Tt][Ee][Nn][Aa][Nn][Cc][Ee][Tt][Ii][Mm][Ee]|[Aa][Uu][Tt][Oo][Ii][Nn][Ss][Tt][Aa][Ll][Ll][Aa][Nn][Dd][Rr][Ee][Bb][Oo][Oo][Tt][Aa][Tt][Ss][Cc][Hh][Ee][Dd][Uu][Ll][Ee][Dd][Tt][Ii][Mm][Ee]|[Aa][Uu][Tt][Oo][Ii][Nn][Ss][Tt][Aa][Ll][Ll][Aa][Nn][Dd][Rr][Ee][Bb][Oo][Oo][Tt][Ww][Ii][Tt][Hh][Oo][Uu][Tt][Ee][Nn][Dd][Uu][Ss][Ee][Rr][Cc][Oo][Nn][Tt][Rr][Oo][Ll]|[Ww][Ii][Nn][Dd][Oo][Ww][Ss][Dd][Ee][Ff][Aa][Uu][Ll][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AutoRestartNotificationDismissal</span> </div> <div class="desc-html"><p>Specify the method by which the auto-restart required notification is dismissed. Possible values are: NotConfigured, Automatic, User. Returned by default. Query parameters are not supported. Possible values are: notConfigured, automatic, user, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"automatic"</code>, <code>"notConfigured"</code>, <code>"unknownFutureValue"</code>, <code>"user"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Aa][Uu][Tt][Oo][Mm][Aa][Tt][Ii][Cc]|[Uu][Ss][Ee][Rr]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BusinessReadyUpdatesOnly</span> </div> <div class="desc-html"><p>Determines which branch devices will receive their updates from. Possible values are: UserDefined, All, BusinessReadyOnly, WindowsInsiderBuildFast, WindowsInsiderBuildSlow, WindowsInsiderBuildRelease. Returned by default. Query parameters are not supported. Possible values are: userDefined, all, businessReadyOnly, windowsInsiderBuildFast, windowsInsiderBuildSlow, windowsInsiderBuildRelease.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"all"</code>, <code>"businessReadyOnly"</code>, <code>"userDefined"</code>, <code>"windowsInsiderBuildFast"</code>, <code>"windowsInsiderBuildRelease"</code>, <code>"windowsInsiderBuildSlow"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Aa][Ll][Ll]|[Bb][Uu][Ss][Ii][Nn][Ee][Ss][Ss][Rr][Ee][Aa][Dd][Yy][Oo][Nn][Ll][Yy]|[Ww][Ii][Nn][Dd][Oo][Ww][Ss][Ii][Nn][Ss][Ii][Dd][Ee][Rr][Bb][Uu][Ii][Ll][Dd][Ff][Aa][Ss][Tt]|[Ww][Ii][Nn][Dd][Oo][Ww][Ss][Ii][Nn][Ss][Ii][Dd][Ee][Rr][Bb][Uu][Ii][Ll][Dd][Ss][Ll][Oo][Ww]|[Ww][Ii][Nn][Dd][Oo][Ww][Ss][Ii][Nn][Ss][Ii][Dd][Ee][Rr][Bb][Uu][Ii][Ll][Dd][Rr][Ee][Ll][Ee][Aa][Ss][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeadlineForFeatureUpdatesInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days before feature updates are installed automatically with valid range from 0 to 30 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeadlineForQualityUpdatesInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days before quality updates are installed automatically with valid range from 0 to 30 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeadlineGracePeriodInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days after deadline until restarts occur automatically with valid range from 0 to 7 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DeliveryOptimizationMode</span> </div> <div class="desc-html"><p>The Delivery Optimization Mode. Possible values are: UserDefined, HttpOnly, HttpWithPeeringNat, HttpWithPeeringPrivateGroup, HttpWithInternetPeering, SimpleDownload, BypassMode. UserDefined allows the user to set. Returned by default. Query parameters are not supported. Possible values are: userDefined, httpOnly, httpWithPeeringNat, httpWithPeeringPrivateGroup, httpWithInternetPeering, simpleDownload, bypassMode.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"bypassMode"</code>, <code>"httpOnly"</code>, <code>"httpWithInternetPeering"</code>, <code>"httpWithPeeringNat"</code>, <code>"httpWithPeeringPrivateGroup"</code>, <code>"simpleDownload"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Hh][Tt][Tt][Pp][Oo][Nn][Ll][Yy]|[Hh][Tt][Tt][Pp][Ww][Ii][Tt][Hh][Pp][Ee][Ee][Rr][Ii][Nn][Gg][Nn][Aa][Tt]|[Hh][Tt][Tt][Pp][Ww][Ii][Tt][Hh][Pp][Ee][Ee][Rr][Ii][Nn][Gg][Pp][Rr][Ii][Vv][Aa][Tt][Ee][Gg][Rr][Oo][Uu][Pp]|[Hh][Tt][Tt][Pp][Ww][Ii][Tt][Hh][Ii][Nn][Tt][Ee][Rr][Nn][Ee][Tt][Pp][Ee][Ee][Rr][Ii][Nn][Gg]|[Ss][Ii][Mm][Pp][Ll][Ee][Dd][Oo][Ww][Nn][Ll][Oo][Aa][Dd]|[Bb][Yy][Pp][Aa][Ss][Ss][Mm][Oo][Dd][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DriversExcluded</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, excludes Windows update Drivers. When FALSE, does not exclude Windows update Drivers. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EngagedRestartDeadlineInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Deadline in days before automatically scheduling and executing a pending restart outside of active hours, with valid range from 2 to 30 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EngagedRestartSnoozeScheduleInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days a user can snooze Engaged Restart reminder notifications with valid range from 1 to 3 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EngagedRestartTransitionScheduleInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Number of days before transitioning from Auto Restarts scheduled outside of active hours to Engaged Restart, which requires the user to schedule, with valid range from 0 to 30 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureUpdatesDeferralPeriodInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Defer Feature Updates by these many days with valid range from 0 to 30 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureUpdatesPaused</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, assigned devices are paused from receiving feature updates for up to 35 days from the time you pause the ring. When FALSE, does not pause Feature Updates. Returned by default. Query parameters are not supported.s</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureUpdatesPauseExpiryDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Feature Updates Pause Expiry datetime. This value is 35 days from the time admin paused or extended the pause for the ring. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureUpdatesPauseStartDate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Feature Updates Pause start date. This value is the time when the admin paused or extended the pause for the ring. Returned by default. Query parameters are not supported. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureUpdatesRollbackStartDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Feature Updates Rollback Start datetime.This value is the time when the admin rolled back the Feature update for the ring.Returned by default.Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FeatureUpdatesRollbackWindowInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The number of days after a Feature Update for which a rollback is valid with valid range from 2 to 60 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">InstallationSchedule</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The Installation Schedule. Possible values are: ActiveHoursStart, ActiveHoursEnd, ScheduledInstallDay, ScheduledInstallTime. Returned by default. Query parameters are not supported.</p> </div> <details class="nested-properties"> <summary>5 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveHoursEnd</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Active Hours End</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActiveHoursStart</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Active Hours Start</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScheduledInstallDay</span> </div> <div class="desc-html"><p>Scheduled Install Day in week. Possible values are: userDefined, everyday, sunday, monday, tuesday, wednesday, thursday, friday, saturday, noScheduledScan.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"everyday"</code>, <code>"friday"</code>, <code>"monday"</code>, <code>"noScheduledScan"</code>, <code>"saturday"</code>, <code>"sunday"</code>, <code>"thursday"</code>, <code>"tuesday"</code>, <code>"userDefined"</code>, <code>"wednesday"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ee][Vv][Ee][Rr][Yy][Dd][Aa][Yy]|[Ss][Uu][Nn][Dd][Aa][Yy]|[Mm][Oo][Nn][Dd][Aa][Yy]|[Tt][Uu][Ee][Ss][Dd][Aa][Yy]|[Ww][Ee][Dd][Nn][Ee][Ss][Dd][Aa][Yy]|[Tt][Hh][Uu][Rr][Ss][Dd][Aa][Yy]|[Ff][Rr][Ii][Dd][Aa][Yy]|[Ss][Aa][Tt][Uu][Rr][Dd][Aa][Yy]|[Nn][Oo][Ss][Cc][Hh][Ee][Dd][Uu][Ll][Ee][Dd][Ss][Cc][Aa][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScheduledInstallTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Scheduled Install Time during day</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">odataType</span> </div> <div class="desc-html"><p>The type of the entity.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"#microsoft.graph.windowsUpdateActiveHoursInstall"</code>, <code>"#microsoft.graph.windowsUpdateScheduledInstall"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^(#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ww][Ii][Nn][Dd][Oo][Ww][Ss][Uu][Pp][Dd][Aa][Tt][Ee][Aa][Cc][Tt][Ii][Vv][Ee][Hh][Oo][Uu][Rr][Ss][Ii][Nn][Ss][Tt][Aa][Ll][Ll]|#[Mm][Ii][Cc][Rr][Oo][Ss][Oo][Ff][Tt]\.[Gg][Rr][Aa][Pp][Hh]\.[Ww][Ii][Nn][Dd][Oo][Ww][Ss][Uu][Pp][Dd][Aa][Tt][Ee][Ss][Cc][Hh][Ee][Dd][Uu][Ll][Ee][Dd][Ii][Nn][Ss][Tt][Aa][Ll][Ll])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MicrosoftUpdateServiceAllowed</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, allows Microsoft Update Service. When FALSE, does not allow Microsoft Update Service. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PostponeRebootUntilAfterDeadline</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE the device should wait until deadline for rebooting outside of active hours. When FALSE the device should not wait until deadline for rebooting outside of active hours. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrereleaseFeatures</span> </div> <div class="desc-html"><p>The Pre-Release Features. Possible values are: UserDefined, SettingsOnly, SettingsAndExperimentations, NotAllowed. UserDefined is the default value, no intent. Returned by default. Query parameters are not supported. Possible values are: userDefined, settingsOnly, settingsAndExperimentations, notAllowed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"notAllowed"</code>, <code>"settingsAndExperimentations"</code>, <code>"settingsOnly"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ss][Ee][Tt][Tt][Ii][Nn][Gg][Ss][Oo][Nn][Ll][Yy]|[Ss][Ee][Tt][Tt][Ii][Nn][Gg][Ss][Aa][Nn][Dd][Ee][Xx][Pp][Ee][Rr][Ii][Mm][Ee][Nn][Tt][Aa][Tt][Ii][Oo][Nn][Ss]|[Nn][Oo][Tt][Aa][Ll][Ll][Oo][Ww][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QualityUpdatesDeferralPeriodInDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Defer Quality Updates by these many days with valid range from 0 to 30 days. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QualityUpdatesPaused</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, assigned devices are paused from receiving quality updates for up to 35 days from the time you pause the ring. When FALSE, does not pause Quality Updates. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QualityUpdatesPauseExpiryDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Quality Updates Pause Expiry datetime. This value is 35 days from the time admin paused or extended the pause for the ring. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QualityUpdatesPauseStartDate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Quality Updates Pause start date. This value is the time when the admin paused or extended the pause for the ring. Returned by default. Query parameters are not supported. This property is read-only.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">QualityUpdatesRollbackStartDateTime</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Quality Updates Rollback Start datetime. This value is the time when the admin rolled back the Quality update for the ring. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScheduleImminentRestartWarningInMinutes</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the period for auto-restart imminent warning notifications. Supported values: 15, 30 or 60 (minutes). Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ScheduleRestartWarningInHours</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specify the period for auto-restart warning reminder notifications. Supported values: 2, 4, 8, 12 or 24 (hours). Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SkipChecksBeforeRestart</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>When TRUE, skips all checks before restart: Battery level = 40%, User presence, Display Needed, Presentation mode, Full screen mode, phone call state, game mode etc. When FALSE, does not skip all checks before restart. Returned by default. Query parameters are not supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UpdateNotificationLevel</span> </div> <div class="desc-html"><p>Specifies what Windows Update notifications users see. Possible values are: NotConfigured, DefaultNotifications, RestartWarningsOnly, DisableAllNotifications. Returned by default. Query parameters are not supported. Possible values are: notConfigured, defaultNotifications, restartWarningsOnly, disableAllNotifications, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"defaultNotifications"</code>, <code>"disableAllNotifications"</code>, <code>"notConfigured"</code>, <code>"restartWarningsOnly"</code>, <code>"unknownFutureValue"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Dd][Ee][Ff][Aa][Uu][Ll][Tt][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss]|[Rr][Ee][Ss][Tt][Aa][Rr][Tt][Ww][Aa][Rr][Nn][Ii][Nn][Gg][Ss][Oo][Nn][Ll][Yy]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Aa][Ll][Ll][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UpdateWeeks</span> </div> <div class="desc-html"><p>Schedule the update installation on the weeks of the month. Possible values are: UserDefined, FirstWeek, SecondWeek, ThirdWeek, FourthWeek, EveryWeek. Returned by default. Query parameters are not supported. Possible values are: userDefined, firstWeek, secondWeek, thirdWeek, fourthWeek, everyWeek, unknownFutureValue.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"everyWeek"</code>, <code>"firstWeek"</code>, <code>"fourthWeek"</code>, <code>"secondWeek"</code>, <code>"thirdWeek"</code>, <code>"unknownFutureValue"</code>, <code>"userDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd]|[Ff][Ii][Rr][Ss][Tt][Ww][Ee][Ee][Kk]|[Ss][Ee][Cc][Oo][Nn][Dd][Ww][Ee][Ee][Kk]|[Tt][Hh][Ii][Rr][Dd][Ww][Ee][Ee][Kk]|[Ff][Oo][Uu][Rr][Tt][Hh][Ww][Ee][Ee][Kk]|[Ee][Vv][Ee][Rr][Yy][Ww][Ee][Ee][Kk]|[Uu][Nn][Kk][Nn][Oo][Ww][Nn][Ff][Uu][Tt][Uu][Rr][Ee][Vv][Aa][Ll][Uu][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserPauseAccess</span> </div> <div class="desc-html"><p>Specifies whether to enable end user's access to pause software updates. Possible values are: NotConfigured, Enabled, Disabled. Returned by default. Query parameters are not supported. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">UserWindowsUpdateScanAccess</span> </div> <div class="desc-html"><p>Specifies whether to disable user's access to scan Windows Update. Possible values are: NotConfigured, Enabled, Disabled. Returned by default. Query parameters are not supported. Possible values are: notConfigured, enabled, disabled.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"disabled"</code>, <code>"enabled"</code>, <code>"notConfigured"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Tt][Cc][Oo][Nn][Ff][Ii][Gg][Uu][Rr][Ee][Dd]|[Ee][Nn][Aa][Bb][Ll][Ee][Dd]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Admin provided description of the Device Configuration.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Assignments</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Represents the assignment to the Intune policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the policy exists, absent ensures it is removed.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.auditconfigurationpolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.auditconfigurationpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Audit ConfigurationPolicy in Security and Compliance Center.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Workload</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Workload associated with the policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Exchange"</code>, <code>"OneDriveForBusiness"</code>, <code>"SharePoint"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Xx][Cc][Hh][Aa][Nn][Gg][Ee]|[Ss][Hh][Aa][Rr][Ee][Pp][Oo][Ii][Nn][Tt]|[Oo][Nn][Ee][Dd][Rr][Ii][Vv][Ee][Ff][Oo][Rr][Bb][Uu][Ss][Ii][Nn][Ee][Ss][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.autosensitivitylabelpolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.autosensitivitylabelpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Auto Sensitivity label policy in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name for the sensitivity label. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this label policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplySensitivityLabel</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplySensitivityLabel parameter specifies the label to use for the auto label policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeSender</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeSender parameter specifies which senders to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeSenderException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeSenderException parameter specifies which senders to exclude in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeSenderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeSenderMemberOf parameter specifies the distribution groups, mail-enabled security groups, or dynamic distribution groups to include in the auto-labeling policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeSenderMemberOfException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>he ExchangeSenderMemberOf parameter specifies the distribution groups, mail-enabled security groups, or dynamic distribution groups to exclude from the auto-labeling policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeSender parameter specifies which senders to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This AddExchangeLocation parameter specifies new Exchange locations to be added to the policy without affecting the existing ones.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveExchangeLocation parameter removes locations on Exchange from the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Mode</span> </div> <div class="desc-html"><p>The Mode parameter specifies the action and notification level of the auto-labeling policy.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disable"</code>, <code>"Enable"</code>, <code>"TestWithNotifications"</code>, <code>"TestWithoutNotifications"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee]|[Tt][Ee][Ss][Tt][Ww][Ii][Tt][Hh][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss]|[Tt][Ee][Ss][Tt][Ww][Ii][Tt][Hh][Oo][Uu][Tt][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneDriveLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The OneDriveLocation parameter specifies the OneDrive for Business sites to include. You identify the site by its URL value, or you can use the value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddOneDriveLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddOneDriveLocation parameter specifies the OneDrive for Business sites to add to the list of included sites when you aren't using the value All for the OneDriveLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveOneDriveLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveOneDriveLocation parameter specifies the OneDrive for Business sites to remove from the list of included sites when you aren't using the value All for the OneDriveLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddOneDriveLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the OneDrive for Business sites to exclude when you use the value All for the OneDriveLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveOneDriveLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This RemoveOneDriveLocationException parameter specifies the OneDrive for Business sites to remove from the list of excluded sites when you use the value All for the OneDriveLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneDriveLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddOneDriveLocationException parameter specifies the OneDrive for Business sites to add to the list of excluded sites when you use the value All for the OneDriveLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Priority parameter specifies the priority of the policy. The highest priority policy will take action over lower priority policies if two policies are applicable for a file.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SharePointLocation parameter specifies the SharePoint Online sites to include. You identify the site by its URL value, or you can use the value All to include all sites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the SharePoint Online sites to exclude when you use the value All for the SharePointLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddSharePointLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddSharePointLocation parameter specifies the SharePoint Online sites to add to the list of included sites when you aren't using the value All for the SharePointLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveSharePointLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveSharePointLocationException parameter specifies the SharePoint Online sites to remove from the list of excluded sites when you use the value All for the SharePointLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddSharePointLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddSharePointLocation parameter specifies the SharePoint Online sites to add to the list of included sites when you aren't using the value All for the SharePointLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveSharePointLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveSharePointLocation parameter specifies the SharePoint Online sites to remove from the list of included sites when you aren't using the value All for the SharePointLocation parameter.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.autosensitivitylabelrule"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.autosensitivitylabelrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Auto Sensitivity Label Rule in Security and Compliance Center.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the Rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Policy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the associated Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Workload</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Workload the rule is associated with. Value can be: Exchange, SharePoint, OneDriveForBusiness</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Exchange"</code>, <code>"OneDriveForBusiness"</code>, <code>"SharePoint"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Xx][Cc][Hh][Aa][Nn][Gg][Ee]|[Ss][Hh][Aa][Rr][Ee][Pp][Oo][Ii][Nn][Tt]|[Oo][Nn][Ee][Dd][Rr][Ii][Vv][Ee][Ff][Oo][Rr][Bb][Uu][Ss][Ii][Nn][Ee][Ss][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessScope</span> </div> <div class="desc-html"><p>The AccessScope parameter specifies a condition for the auto-labeling policy rule that's based on the access scope of the content. The rule is applied to content that matches the specified access scope. Valid values are: InOrganization, NotInOrganization, None</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"InOrganization"</code>, <code>"None"</code>, <code>"NotInOrganization"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Tt][Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfRecipientAddressContainsWords</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AnyOfRecipientAddressContainsWords parameter specifies a condition for the auto-labeling policy rule that looks for words or phrases in recipient email addresses. You can specify multiple words or phrases separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfRecipientAddressMatchesPatterns</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentContainsSensitiveInformation</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The ContentContainsSensitiveInformation parameter specifies a condition for the rule that's based on a sensitive information type match in content. The rule is applied to content that contains the specified sensitive information type.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">SensitiveInformation</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Sensitive Information Content Types</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Groups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Groups of sensitive information types.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Operator</span> </div> <div class="desc-html"><p>Operator</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"And"</code>, <code>"Or"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Nn][Dd]|[Oo][Rr])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentExtensionMatchesWords</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ContentExtensionMatchesWords parameter specifies a condition for the auto-labeling policy rule that looks for words in file name extensions. You can specify multiple words separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Disabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Disabled parameter specifies whether the auto-labeling policy rule is enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentIsPasswordProtected</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DocumentIsPasswordProtected parameter specifies a condition for the auto-labeling policy rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentIsUnsupported</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DocumentIsUnsupported parameter specifies a condition for the auto-labeling policy rule that looks for files that can't be scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAccessScope</span> </div> <div class="desc-html"><p>The ExceptIfAccessScopeAccessScope parameter specifies an exception for the auto-labeling policy rule that's based on the access scope of the content. The rule isn't applied to content that matches the specified access scope. Valid values are: InOrganization, NotInOrganization, None</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"InOrganization"</code>, <code>"None"</code>, <code>"NotInOrganization"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Tt][Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfRecipientAddressContainsWords</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfRecipientAddressContainsWords parameter specifies an exception for the auto-labeling policy rule that looks for words or phrases in recipient email addresses. You can specify multiple words separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfRecipientAddressMatchesPatterns</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfRecipientAddressMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfContentContainsSensitiveInformation</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The ExceptIfContentContainsSensitiveInformation parameter specifies an exception for the auto-labeling policy rule that's based on a sensitive information type match in content. The rule isn't applied to content that contains the specified sensitive information type.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">SensitiveInformation</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Sensitive Information Content Types</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Groups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Groups of sensitive information types.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Operator</span> </div> <div class="desc-html"><p>Operator</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"And"</code>, <code>"Or"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Nn][Dd]|[Oo][Rr])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfContentExtensionMatchesWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the auto-labeling policy rule that looks for words in file name extensions. You can specify multiple words separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfDocumentIsPasswordProtected</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfDocumentIsPasswordProtected parameter specifies an exception for the auto-labeling policy rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfDocumentIsUnsupported</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfDocumentIsUnsupported parameter specifies an exception for the auto-labeling policy rule that looks for files that can't be scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFrom</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFrom parameter specifies an exception for the auto-labeling policy rule that looks for messages from specific senders. You can use any value that uniquely identifies the sender.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromAddressContainsWords</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfFromAddressContainsWords parameter specifies an exception for the auto-labeling policy rule that looks for words or phrases in the sender's email address. You can specify multiple words or phrases separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromAddressMatchesPatterns</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfFromAddressMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in the sender's email address by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromMemberOf parameter specifies an exception for the auto-labeling policy rule that looks for messages sent by group members. You identify the group members by their email addresses. You can enter multiple values separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHeaderMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The HeaderMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in a header field by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfProcessingLimitExceeded</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfProcessingLimitExceeded parameter specifies an exception for the auto-labeling policy rule that looks for files where scanning couldn't complete.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientDomainIs parameter specifies an exception for the auto-labeling policy rule that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderDomainIs parameter specifies an exception for the auto-labeling policy rule that looks for messages from senders with email address in the specified domains. You can specify multiple values separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderIPRanges</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderIpRanges parameter specifies an exception for the auto-labeling policy rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentTo parameter specifies an exception for the auto-labeling policy rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentToMemberOf parameter specifies an exception for the auto-labeling policy rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You identify the groups by email address. You can specify multiple values separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectMatchesPatterns</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ExceptIfSubjectMatchesPatterns parameter specifies an exception for the auto-labeling policy rule that looks for text patterns in the Subject field of messages by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromAddressContainsWords</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The FromAddressContainsWords parameter specifies a condition for the auto-labeling policy rule that looks for words or phrases in the sender's email address. You can specify multiple words or phrases separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromAddressMatchesPatterns</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The FromAddressMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in the sender's email address by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HeaderMatchesPatterns</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The HeaderMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in a header field by using regular expressions.</p> </div> <details class="nested-properties"> <summary>2 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the header pattern</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Values</span> <span class="type-badge">string[]</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Regular expressions for the pattern</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProcessingLimitExceeded</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ProcessingLimitExceeded parameter specifies a condition for the auto-labeling policy rule that looks for files where scanning couldn't complete. You can use this condition to create rules that work together to identify and process messages where the content couldn't be fully scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomainIs parameter specifies a condition for the auto-labeling policy rule that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportSeverityLevel</span> </div> <div class="desc-html"><p>The ReportSeverityLevel parameter specifies the severity level of the incident report for content detections based on the rule. Valid values are: None, Low, Medium, High</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Low"</code>, <code>"Medium"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RuleErrorAction</span> </div> <div class="desc-html"><p>The RuleErrorAction parameter specifies what to do if an error is encountered during the evaluation of the rule. Valid values are: Ignore, RetryThenBlock, <em>blank</em></p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>""</code>, <code>"Ignore"</code>, <code>"RetryThenBlock"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Gg][Nn][Oo][Rr][Ee]|[Rr][Ee][Tt][Rr][Yy][Tt][Hh][Ee][Nn][Bb][Ll][Oo][Cc][Kk]|)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderDomainIs parameter specifies a condition for the auto-labeling policy rule that looks for messages from senders with email address in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SenderIPRanges</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SenderIpRanges parameter specifies a condition for the auto-sensitivity policy rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentTo parameter specifies a condition for the auto-sensitivity policy rule that looks for recipients in messages. You can use any value that uniquely identifies the recipient.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentToMemberOf parameter specifies a condition for the auto-labeling policy rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You identify the groups by email address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectMatchesPatterns</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The SubjectMatchesPatterns parameter specifies a condition for the auto-labeling policy rule that looks for text patterns in the Subject field of messages by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.caseholdpolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.caseholdpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a eDiscovery Case Policy in Security and Compliance Center.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the case hold policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Case</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Case parameter specifies the eDiscovery case that you want to associate with the case hold policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether the policy is enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeLocation parameter specifies the mailboxes to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicFolderLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The PublicFolderLocation parameter specifies that you want to include all public folders in the case hold policy. You use the value All for this parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SharePointLocation parameter specifies the SharePoint Online and OneDrive for Business sites to include. You identify a site by its URL value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.caseholdrule"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.caseholdrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an eDiscovery Case Hold Rule in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies a unique name for the case hold rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Policy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Policy parameter specifies the case hold policy that contains the rule. You can use any value that uniquely identifies the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentMatchQuery</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ContentMatchQuery parameter specifies a content search filter. Use this parameter to create a query-based hold so only the content that matches the specified search query is placed on hold. This parameter uses a text search string or a query that's formatted by using the Keyword Query Language (KQL).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Disabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Disabled parameter specifies whether the case hold rule is enabled or disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Present ensures the rule exists, absent ensures it is removed</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.compliancecase"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.compliancecase</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an eDiscovery Case in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the compliance case.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The description of the case.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this case should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Status</span> </div> <div class="desc-html"><p>Status for the case. Can either be 'Active' or 'Closed'</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Active"</code>, <code>"Closed"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Cc][Tt][Ii][Vv][Ee]|[Cc][Ll][Oo][Ss][Ee][Dd])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.compliancesearch"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.compliancesearch</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an Compliance Search (eDiscovery) in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the complaiance tag.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Case</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Compliance Case (eDiscovery) that this Search is associated with</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AllowNotFoundExchangeLocationsEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The AllowNotFoundExchangeLocationsEnabled parameter specifies whether to include mailboxes other than regular user mailboxes in the compliance search.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentMatchQuery</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ContentMatchQuery parameter specifies a content search filter. This parameter uses a text search string or a query that's formatted by using the Keyword Query Language (KQL).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Description parameter specifies an optional description for the compliance search. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeLocation parameter specifies the mailboxes to include.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocationExclusion</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the mailboxes to exclude when you use the value All for the ExchangeLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HoldNames</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The HoldNames parameter specifies that the content locations that have been placed on hold in the specified eDiscovery case will be searched. You use the value All for this parameter. You also need to specify the name of an eDiscovery case by using the Case parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeUserAppContent</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IncludeUserAppContent parameter specifies that you want to search the cloud-based storage location for users who don't have a regular Office 365 user account in your organization. These types of users include users without an Exchange Online license who use Office applications, Office 365 guest users, and on-premises users whose identity is synchronized with your Office 365 organization.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Language</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Language parameter specifies the language for the compliance search. Valid input for this parameter is a supported culture code value from the Microsoft .NET Framework CultureInfo class. For example, da-DK for Danish or ja-JP for Japanese.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicFolderLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The PublicFolderLocation parameter specifies that you want to include all public folders in the search. You use the value All for this parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SharePointLocation parameter specifies the SharePoint Online sites to include. You identify the site by its URL value, or you can use the value All to include all sites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocationExclusion</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the SharePoint Online sites to exclude when you use the value All for the SharePointLocation parameter. You identify the site by its URL value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this search should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.compliancesearchaction"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.compliancesearchaction</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Compliance Search Action in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Action</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Action parameter specifies what type of action to define. Accepted values are Export, Retention and Purge.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Export"</code>, <code>"Preview"</code>, <code>"Purge"</code>, <code>"Retention"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Xx][Pp][Oo][Rr][Tt]|[Pp][Rr][Ee][Vv][Ii][Ee][Ww]|[Pp][Uu][Rr][Gg][Ee]|[Rr][Ee][Tt][Ee][Nn][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SearchName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The SearchName parameter specifies the name of the existing content search to associate with the content search action. You can specify multiple content searches separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FileTypeExclusionsForUnindexedItems</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FileTypeExclusionsForUnindexedItems specifies the file types to exclude because they can't be indexed. You can specify multiple values separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EnableDedupe</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EnableDedupe parameter eliminates duplication of messages when you export content search results.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeCredential</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IncludeCredential switch specifies whether to include the credential in the results.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncludeSharePointDocumentVersions</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IncludeSharePointDocumentVersions parameter specifies whether to export previous versions of the document when you use the Export switch.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PurgeType</span> </div> <div class="desc-html"><p>The PurgeType parameter specifies how to remove items when the action is Purge.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"HardDelete"</code>, <code>"SoftDelete"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ss][Oo][Ff][Tt][Dd][Ee][Ll][Ee][Tt][Ee]|[Hh][Aa][Rr][Dd][Dd][Ee][Ll][Ee][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetryOnError</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RetryOnError switch specifies whether to retry the action on any items that failed without re-running the entire action all over again.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ActionScope</span> </div> <div class="desc-html"><p>The ActionScope parameter specifies the items to include when the action is Export.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"BothIndexedAndUnindexedItems"</code>, <code>"IndexedItemsOnly"</code>, <code>"UnindexedItemsOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Dd][Ee][Xx][Ee][Dd][Ii][Tt][Ee][Mm][Ss][Oo][Nn][Ll][Yy]|[Uu][Nn][Ii][Nn][Dd][Ee][Xx][Ee][Dd][Ii][Tt][Ee][Mm][Ss][Oo][Nn][Ll][Yy]|[Bb][Oo][Tt][Hh][Ii][Nn][Dd][Ee][Xx][Ee][Dd][Aa][Nn][Dd][Uu][Nn][Ii][Nn][Dd][Ee][Xx][Ee][Dd][Ii][Tt][Ee][Mm][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this action should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.compliancetag"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.compliancetag</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Compliance Tag in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the complaiance tag.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EventType</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EventType parameter specifies the retention rule that's associated with the label.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IsRecordLabel</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The IsRecordLabel parameter specifies whether the label is a record label.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Notes</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Notes parameter specifies an optional note. If you specify a value that contains spaces, enclose the value in quotation marks, for example: 'This is a user note'</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Regulatory</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Regulatory description</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilePlanProperty</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The FilePlanProperty parameter specifies the file plan properties to include in the label.</p> </div> <details class="nested-properties"> <summary>6 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">FilePlanPropertyDepartment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>File plan department. Can get list by running Get-FilePlanPropertyDepartment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilePlanPropertyAuthority</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>File plan Authority. Can get list by running Get-FilePlanPropertyAuthority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilePlanPropertyCategory</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>File plan category. Can get a list by running Get-FilePlanPropertyCategory.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilePlanPropertyCitation</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>File plan citation. Can get a list by running Get-FilePlanPropertyCitation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilePlanPropertyReferenceId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>File plan reference id. Can get a list by running Get-FilePlanPropertyReferenceId.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FilePlanPropertySubCategory</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>File plan subcategory. Can get a list by running Get-FilePlanPropertySubCategory.</p> </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReviewerEmail</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ReviewerEmail parameter specifies the email address of a reviewer for Delete and KeepAndDelete retention actions. You can specify multiple email addresses separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetentionDuration</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RetentionDuration parameter specifies the hold duration for the retention rule. Valid values are: An integer - The hold duration in days, Unlimited - The content is held indefinitely.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetentionAction</span> </div> <div class="desc-html"><p>The RetentionAction parameter specifies the action for the label. Valid values are: Delete, Keep or KeepAndDelete.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Delete"</code>, <code>"Keep"</code>, <code>"KeepAndDelete"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ll][Ee][Tt][Ee]|[Kk][Ee][Ee][Pp]|[Kk][Ee][Ee][Pp][Aa][Nn][Dd][Dd][Ee][Ll][Ee][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetentionType</span> </div> <div class="desc-html"><p>The RetentionType parameter specifies whether the retention duration is calculated from the content creation date, tagged date, or last modification date. Valid values are: CreationAgeInDays, EventAgeInDays,ModificationAgeInDays, or TaggedAgeInDays.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"CreationAgeInDays"</code>, <code>"EventAgeInDays"</code>, <code>"ModificationAgeInDays"</code>, <code>"TaggedAgeInDays"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Rr][Ee][Aa][Tt][Ii][Oo][Nn][Aa][Gg][Ee][Ii][Nn][Dd][Aa][Yy][Ss]|[Ee][Vv][Ee][Nn][Tt][Aa][Gg][Ee][Ii][Nn][Dd][Aa][Yy][Ss]|[Mm][Oo][Dd][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Aa][Gg][Ee][Ii][Nn][Dd][Aa][Yy][Ss]|[Tt][Aa][Gg][Gg][Ee][Dd][Aa][Gg][Ee][Ii][Nn][Dd][Aa][Yy][Ss])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.deviceconditionalaccesspolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.deviceconditionalaccesspolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Device Conditional Access Policy in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The name of the Device Conditional Access Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether the policy is enabled.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.deviceconfigurationpolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.deviceconfigurationpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Device Configuration Policy in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The name of the Device Configuration Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Enabled parameter specifies whether the policy is enabled.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.dlpcompliancepolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.dlpcompliancepolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Data Loss Prevention Compliance Policy in Security and Compliance Center.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the DLP policy. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndpointDlpLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EndpointDLPLocation parameter specifies the user accounts to include in the DLP policy for Endpoint DLP when they are logged on to an onboarded device. You identify the account by name or email address. You can use the value All to include all user accounts.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EndpointDlpLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The EndpointDlpLocationException parameter specifies the user accounts to exclude from Endpoint DLP when you use the value All for the EndpointDlpLocation parameter. You identify the account by name or email address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnPremisesScannerDlpLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The OnPremisesScannerDlpLocation parameter specifies the on-premises file shares and SharePoint document libraries and folders to include in the DLP policy. You can use the value All to include all on-premises file shares and SharePoint document libraries and folders.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OnPremisesScannerDlpLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The OnPremisesScannerDlpLocationException parameter specifies the on-premises file shares and SharePoint document libraries and folders to exclude from the DLP policy if you use the value All for the OnPremisesScannerDlpLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerBIDlpLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The PowerBIDlpLocation parameter specifies the Power BI workspace IDs to include in the DLP policy. Only workspaces hosted in Premium Gen2 capacities are permitted. You can use the value All to include all supported workspaces.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PowerBIDlpLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The PowerBIDlpLocationException parameter specifies the Power BI workspace IDs to exclude from the DLP policy when you use the value All for the PowerBIDlpLocation parameter. Only workspaces hosted in Premium Gen2 capacities are permitted.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ThirdPartyAppDlpLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ThirdPartyAppDlpLocation parameter specifies the non-Microsoft cloud apps to include in the DLP policy. You can use the value All to include all connected apps.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ThirdPartyAppDlpLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ThirdPartyAppDlpLocationException parameter specifies the non-Microsoft cloud apps to exclude from the DLP policy when you use the value All for the ThirdPartyAppDlpLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeLocation parameter specifies Exchange Online mailboxes to include in the DLP policy. You can only use the value All for this parameter to include all mailboxes.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeSenderMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Exchange members to include.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeSenderMemberOfException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Exchange members to exclude.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Mode</span> </div> <div class="desc-html"><p>The Mode parameter specifies the action and notification level of the DLP policy. Valid values are: Enable, TestWithNotifications, TestWithoutNotifications, Disable and PendingDeletion.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disable"</code>, <code>"Enable"</code>, <code>"PendingDeletion"</code>, <code>"TestWithNotifications"</code>, <code>"TestWithoutNotifications"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Nn][Aa][Bb][Ll][Ee]|[Tt][Ee][Ss][Tt][Ww][Ii][Tt][Hh][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss]|[Tt][Ee][Ss][Tt][Ww][Ii][Tt][Hh][Oo][Uu][Tt][Nn][Oo][Tt][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Ss]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee]|[Pp][Ee][Nn][Dd][Ii][Nn][Gg][Dd][Ee][Ll][Ee][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneDriveLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The OneDriveLocation parameter specifies the OneDrive for Business sites to include. You identify the site by its URL value, or you can use the value All to include all sites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneDriveLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the OneDrive for Business sites to exclude when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Priority for the Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SharePointLocation parameter specifies the SharePoint Online sites to include. You identify the site by its URL value, or you can use the value All to include all sites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the SharePoint Online sites to exclude when you use the value All for the SharePointLocation parameter. You identify the site by its URL value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Teams locations to include</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Teams locations to exclude.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.dlpcompliancerule"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.dlpcompliancerule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Data Loss Prevention Compliance Rule in Security and Compliance Center.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the Rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Policy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Name of the associated DLP Compliance Policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AccessScope</span> </div> <div class="desc-html"><p>The AccessScope parameter specifies a condition for the DLP rule that's based on the access scope of the content. The rule is applied to content that matches the specified access scope.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"InOrganization"</code>, <code>"None"</code>, <code>"NotInOrganization"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Tt][Ii][Nn][Oo][Rr][Gg][Aa][Nn][Ii][Zz][Aa][Tt][Ii][Oo][Nn]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The BlockAccess parameter specifies an action for the DLP rule that blocks access to the source item when the conditions of the rule are met. $true: Blocks further access to the source item that matched the rule. The owner, author, and site owner can still access the item. $false: Allows access to the source item that matched the rule. This is the default value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">BlockAccessScope</span> </div> <div class="desc-html"><p>The BlockAccessScope parameter specifies the scope of the block access action.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"None"</code>, <code>"PerUser"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Ll][Ll]|[Pp][Ee][Rr][Uu][Ss][Ee][Rr]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedRule</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The AdvancedRule parameter uses complex rule syntax that supports multiple AND, OR, and NOT operators and nested groups</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentContainsSensitiveInformation</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The ContentContainsSensitiveInformation parameter specifies a condition for the rule that's based on a sensitive information type match in content. The rule is applied to content that contains the specified sensitive information type.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">SensitiveInformation</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Sensitive Information Content Types</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Groups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Groups of sensitive information types.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Operator</span> </div> <div class="desc-html"><p>Operator</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"And"</code>, <code>"Or"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Nn][Dd]|[Oo][Rr])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfContentContainsSensitiveInformation</span> <span class="type-badge">object</span> </div> <div class="desc-html"><p>The ExceptIfContentContainsSensitiveInformation parameter specifies an exception for the rule that's based on a sensitive information type match in content. The rule isn't applied to content that contains the specified sensitive information type.</p> </div> <details class="nested-properties"> <summary>3 nested properties</summary> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">SensitiveInformation</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Sensitive Information Content Types</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Groups</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>Groups of sensitive information types.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Operator</span> </div> <div class="desc-html"><p>Operator</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"And"</code>, <code>"Or"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Nn][Dd]|[Oo][Rr])$</span > </div> </div> </div> </details> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentPropertyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ContentPropertyContainsWords parameter specifies a condition for the DLP rule that's based on a property match in content. The rule is applied to content that contains the specified property.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Disabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The Disabled parameter specifies whether the DLP rule is disabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GenerateAlert</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The GenerateAlert parameter specifies an action for the DLP rule that notifies the specified users when the conditions of the rule are met.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">GenerateIncidentReport</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The GenerateIncidentReport parameter specifies an action for the DLP rule that sends an incident report to the specified users when the conditions of the rule are met.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">IncidentReportContent</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>The IncidentReportContent parameter specifies the content to include in the report when you use the GenerateIncidentReport parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyAllowOverride</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>The NotifyAllowOverride parameter specifies the notification override options when the conditions of the rule are met.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyEmailCustomText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The NotifyEmailCustomText parameter specifies the custom text in the email notification message that's sent to recipients when the conditions of the rule are met.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyPolicyTipCustomText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The NotifyPolicyTipCustomText parameter specifies the custom text in the Policy Tip notification message that's shown to recipients when the conditions of the rule are met. The maximum length is 256 characters. HTML tags and tokens (variables) aren't supported.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyUser</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The NotifyUser parameter specifies an action for the DLP rule that notifies the specified users when the conditions of the rule are met.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ReportSeverityLevel</span> </div> <div class="desc-html"><p>The ReportSeverityLevel parameter specifies the severity level of the incident report for content detections based on the rule.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Low"</code>, <code>"Medium"</code>, <code>"None"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Nn][Oo][Nn][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RuleErrorAction</span> </div> <div class="desc-html"><p>The RuleErrorAction parameter specifies what to do if an error is encountered during the evaluation of the rule.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Ignore"</code>, <code>"RetryThenBlock"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ii][Gg][Nn][Oo][Rr][Ee]|[Rr][Ee][Tt][Rr][Yy][Tt][Hh][Ee][Nn][Bb][Ll][Oo][Cc][Kk])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfRecipientAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfRecipientAddressContainsWords parameter specifies a condition for the DLP rule that looks for words or phrases in recipient email addresses.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AnyOfRecipientAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AnyOfRecipientAddressMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveRMSTemplate</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RemoveRMSTemplate parameter specifies an action for the DLP rule that removes Office 365 Message Encryption from messages and their attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">StopPolicyProcessing</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The StopPolicyProcessing parameter specifies an action that stops processing more DLP policy rules.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentIsUnsupported</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DocumentIsUnsupported parameter specifies a condition for the DLP rule that looks for files that can't be scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfDocumentIsUnsupported</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfDocumentIsUnsupported parameter specifies an exception for the DLP rule that looks for files that can't be scanned.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">HasSenderOverride</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SenderOverride parameter specifies a condition for the rule that looks for messages where the sender chose to override a DLP policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfHasSenderOverride</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfHasSenderOverride parameter specifies an exception for the rule that looks for messages where the sender chose to override a DLP policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ProcessingLimitExceeded</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ProcessingLimitExceeded parameter specifies a condition for the DLP rule that looks for files where scanning couldn't complete.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfProcessingLimitExceeded</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfProcessingLimitExceeded parameter specifies an exception for the DLP rule that looks for files where scanning couldn't complete.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentIsPasswordProtected</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The DocumentIsPasswordProtected parameter specifies a condition for the DLP rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfDocumentIsPasswordProtected</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ExceptIfDocumentIsPasswordProtected parameter specifies an exception for the DLP rule that looks for password protected files (because the contents of the file can't be inspected). Password detection only works for Office documents and .zip files.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">MessageTypeMatches</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The MessageTypeMatches parameter specifies a condition for the DLP rule that looks for types of SMIME message patterns.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromScope</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FromScope parameter specifies whether messages from inside or outside the organisation are in scope for the DLP rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromScope</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromScope parameter specifies whether messages from inside or outside the organisation are in scope for the DLP rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectContainsWords parameter specifies a condition for the DLP rule that looks for words or phrases in the Subject field of messages. You can specify multiple words or phrases separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in the Subject field of messages by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectOrBodyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectOrBodyContainsWords parameter specifies a condition for the rule that looks for words in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SubjectOrBodyMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SubjectOrBodyMatchesPatterns parameter specifies a condition for the rule that looks for text patterns in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentCharacterSetContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ContentCharacterSetContainsWords parameter specifies a condition for the rule that looks for character set names in messages. You can specify multiple values separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentNameMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The DocumentNameMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in the name of message attachments by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentNameMatchesWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The DocumentNameMatchesWords parameter specifies a condition for the DLP rule that looks for words or phrases in the name of message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfRecipientAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>he ExceptIfAnyOfRecipientAddressContainsWords parameter specifies an exception for the DLP rule that looks for words or phrases in recipient email addresses.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfAnyOfRecipientAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfAnyOfRecipientAddressMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in recipient email addresses by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfContentCharacterSetContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfContentCharacterSetContainsWords parameter specifies an exception for the rule that looks for character set names in messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfContentPropertyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfContentPropertyContainsWords parameter specifies an exception for the DLP rule that's based on a property match in content.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfDocumentNameMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfDocumentNameMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in the name of message attachments by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfDocumentNameMatchesWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfDocumentNameMatchesWords parameter specifies an exception for the DLP rule that looks for words or phrases in the name of message attachments.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromAddressContainsWords parameter specifies an exception for the DLP rule that looks for words or phrases in the sender's email address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfFromAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfFromAddressMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in the sender's email address by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromAddressContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FromAddressContainsWords parameter specifies a condition for the DLP rule that looks for words or phrases in the sender's email address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">FromAddressMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The FromAddressMatchesPatterns parameter specifies a condition for the DLP rule that looks for text patterns in the sender's email address by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfMessageTypeMatches</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfMessageTypeMatches parameter specifies an exception for the rule that looks for messages of the specified type.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RecipientDomainIs parameter specifies a condition for the DLP rule that looks for recipients with email addresses in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfRecipientDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfRecipientDomainIs parameter specifies an exception for the DLP rule that looks for recipients with email addresses in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderDomainIs</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderDomainIs parameter specifies an exception for the DLP rule that looks for messages from senders with email address in the specified domains.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSenderIPRanges</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSenderIpRanges parameter specifies an exception for the DLP rule that looks for senders whose IP addresses matches the specified value, or fall within the specified ranges.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSentTo</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSentTo parameter specifies an exception for the DLP rule that looks for recipients in messages. You identify the recipients by email address.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectContainsWords parameter specifies an exception for the DLP rule that looks for words or phrases in the Subject field of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectMatchesPatterns parameter specifies an exception for the DLP rule that looks for text patterns in the Subject field of messages by using regular expressions.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectOrBodyContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectOrBodyContainsWords parameter specifies an exception for the rule that looks for words in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfSubjectOrBodyMatchesPatterns</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfSubjectOrBodyMatchesPatterns parameter specifies an exception for the rule that looks for text patterns in the Subject field or body of messages.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DocumentContainsWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The DocumentContainsWords parameter specifies a condition for the DLP rule that looks for words in message attachments. Only supported attachment types are checked.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SentToMemberOf</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SentToMemberOf parameter specifies a condition for the DLP rule that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentIsNotLabeled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ContentIsNotLabeled parameter specifies if the content is labeled. A True or False condition.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SetHeader</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SetHeader The SetHeader parameter specifies an action for the DLP rule that adds or modifies a header field and value in the message header. You can specify multiple header name and value pairs separated by commas</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentExtensionMatchesWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ContentExtensionMatchesWords parameter specifies a condition for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExceptIfContentExtensionMatchesWords</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExceptIfContentExtensionMatchesWords parameter specifies an exception for the DLP rule that looks for words in file name extensions. You can specify multiple words separated by commas.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.fileplanpropertyauthority"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.fileplanpropertyauthority</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures an authority entry for Security and Compliance File Plans.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the Authority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this authority should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.fileplanpropertycategory"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.fileplanpropertycategory</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a category entry for Security and Compliance File Plans.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the category.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this category should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.fileplanpropertycitation"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.fileplanpropertycitation</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a citation entry for Security and Compliance File Plans.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the citation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CitationUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>URL of the citation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">CitationJurisdiction</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Jurisdiction of the citation.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this citation should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.fileplanpropertydepartment"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.fileplanpropertydepartment</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a department entry for Security and Compliance File Plans.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the department.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this department should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.fileplanpropertyreferenceid"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.fileplanpropertyreferenceid</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a reference ID entry for Security and Compliance File Plans.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the reference id.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this reference id should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.fileplanpropertysubcategory"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.fileplanpropertysubcategory</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a sub-category entry for Security and Compliance File Plans.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the sub-category.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Category</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Category parameter specifies the name of the parent category associated with the sub-category.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this category should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.labelpolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.labelpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Sensitivity label policy in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name for the sensitivity label. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this label policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedSettings</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The AdvancedSettings parameter enables client-specific features and capabilities on the sensitivity label. The settings that you configure with this parameter only affect apps that are designed for the setting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeLocation parameter specifies the mailboxes to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeLocationException parameter specifies the mailboxes to exclude when you use the value All for the ExchangeLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModernGroupLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ModernGroupLocation parameter specifies the Microsoft 365 Groups to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModernGroupLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ModernGroupLocationException parameter specifies the Microsoft 365 Groups to exclude when you're using the value All for the ModernGroupLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Labels</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Labels parameter specifies the sensitivity labels that are associated with the policy. You can use any value that uniquely identifies the label.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddExchangeLocation parameter specifies the mailboxes to add in the existing policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddExchangeLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddExchangeLocationException parameter specifies the mailboxes to add to exclusions when you use the value All for the ExchangeLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddModernGroupLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddModernGroupLocation parameter specifies the Microsoft 365 Groups to add to include the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddModernGroupLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddModernGroupLocationException parameter specifies the Microsoft 365 Groups to add to exclusions when you're using the value All for the ModernGroupLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AddLabels</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The AddLabels parameter specifies the sensitivity labels to add to the policy. You can use any value that uniquely identifies the label.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveExchangeLocation parameter specifies the mailboxes to remove from the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveExchangeLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveExchangeLocationException parameter specifies the mailboxes to remove when you use the value All for the ExchangeLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveModernGroupLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveModernGroupLocation parameter specifies the Microsoft 365 Groups to remove from the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveModernGroupLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveModernGroupLocationException parameter specifies the Microsoft 365 Groups to remove from excluded values when you're using the value All for the ModernGroupLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RemoveLabels</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The RemoveLabels parameter specifies the sensitivity labels that are removed from the policy. You can use any value that uniquely identifies the label.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.protectionalert"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.protectionalert</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Protection Alert in Security and Compliance Center.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>Specifies the unique name for the alert policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AlertBy</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies the scope for aggregated alert policies</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AlertFor</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AggregationType</span> </div> <div class="desc-html"><p>Specifies how the alert policy triggers alerts for multiple occurrences of monitored activity</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"AnomalousAggregation"</code>, <code>"CustomAggregation"</code>, <code>"None"</code>, <code>"SimpleAggregation"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Nn][Oo][Nn][Ee]|[Ss][Ii][Mm][Pp][Ll][Ee][Aa][Gg][Gg][Rr][Ee][Gg][Aa][Tt][Ii][Oo][Nn]|[Aa][Nn][Oo][Mm][Aa][Ll][Oo][Uu][Ss][Aa][Gg][Gg][Rr][Ee][Gg][Aa][Tt][Ii][Oo][Nn]|[Cc][Uu][Ss][Tt][Oo][Mm][Aa][Gg][Gg][Rr][Ee][Gg][Aa][Tt][Ii][Oo][Nn])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Category</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies a category for the alert policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies an optional comment</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Disabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Enables or disables the alert policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this alert should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Filter</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Filter parameter uses OPATH syntax to filter the results by the specified properties and values</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationCulture</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies the language or locale that's used for notifications. For example, da-DK for Danish</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotificationEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>NotificationEnabled true or false</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyUserOnFilterMatch</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Specifies whether to trigger an alert for a single event when the alert policy is configured for aggregated activity</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyUserSuppressionExpiryDate</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>Specifies whether to temporarily suspend notifications for the alert policy. Until the specified date-time, no notifications are sent for detected activities.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyUserThrottleThreshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the maximum number of notifications for the alert policy within the time period specified by the NotifyUserThrottleWindow parameter. Once the maximum number of notifications has been reached in the time period, no more notifications are sent for the alert.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyUserThrottleWindow</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the time interval in minutes that's used by the NotifyUserThrottleThreshold parameter</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">NotifyUser</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies the SMTP address of the user who receives notification messages for the alert policy. You can specify multiple values separated by commas</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Operation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Specifies the activities that are monitored by the alert policy</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyManagementScopedSensitiveInformationTypes</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>PrivacyManagementScopedSensitiveInformationTypes</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyManagementScopedSensitiveInformationTypesForCounting</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>PrivacyManagementScopedSensitiveInformationTypesForCounting</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PrivacyManagementScopedSensitiveInformationTypesThreshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>PrivacyManagementScopedSensitiveInformationTypesThreshold</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Severity</span> </div> <div class="desc-html"><p>specifies the severity of the detection</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"High"</code>, <code>"Informational"</code>, <code>"Low"</code>, <code>"Medium"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ll][Oo][Ww]|[Mm][Ee][Dd][Ii][Uu][Mm]|[Hh][Ii][Gg][Hh]|[Ii][Nn][Ff][Oo][Rr][Mm][Aa][Tt][Ii][Oo][Nn][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ThreatType</span> </div> <div class="desc-html"><p>Specifies the type of activities that are monitored by the alert policy</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Activity"</code>, <code>"MailFlow"</code>, <code>"Malicious"</code>, <code>"MaliciousUrlClick"</code>, <code>"Malware"</code>, <code>"Phish"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Cc][Tt][Ii][Vv][Ii][Tt][Yy]|[Mm][Aa][Ll][Ww][Aa][Rr][Ee]|[Pp][Hh][Ii][Ss][Hh]|[Mm][Aa][Ll][Ii][Cc][Ii][Oo][Uu][Ss]|[Mm][Aa][Ll][Ii][Cc][Ii][Oo][Uu][Ss][Uu][Rr][Ll][Cc][Ll][Ii][Cc][Kk]|[Mm][Aa][Ii][Ll][Ff][Ll][Oo][Ww])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Threshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the number of detections that trigger the alert policy within the time period specified by the TimeWindow parameter. A valid value is an integer that's greater than or equal to 3.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TimeWindow</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Specifies the time interval in minutes for number of detections specified by the Threshold parameter. A valid value is an integer that's greater than 60 (one hour).</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">VolumeThreshold</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>Volume Threshold</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.retentioncompliancepolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.retentioncompliancepolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Retention Compliance Policy in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the retention policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DynamicScopeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>Location of the dynamic scope for this policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Enabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>Determines if the policy is enabled or not.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExchangeLocation parameter specifies the mailboxes to include.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExchangeLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the mailboxes to remove from the list of excluded mailboxes when you use the value All for the ExchangeLocation parameter</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModernGroupLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ModernGroupLocation parameter specifies the Office 365 groups to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ModernGroupLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ModernGroupLocationException parameter specifies the Office 365 groups to exclude when you're using the value All for the ModernGroupLocation parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneDriveLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The OneDriveLocation parameter specifies the OneDrive for Business sites to include. You identify the site by its URL value, or you can use the value All to include all sites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">OneDriveLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the OneDrive for Business sites to exclude when you use the value All for the OneDriveLocation parameter. You identify the site by its URL value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">PublicFolderLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The PublicFolderLocation parameter specifies that you want to include all public folders in the retention policy. You use the value All for this parameter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RestrictiveRetention</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The RestrictiveRetention parameter specifies whether Preservation Lock is enabled for the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SharePointLocation parameter specifies the SharePoint Online sites to include. You identify the site by its URL value, or you can use the value All to include all sites.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SharePointLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the SharePoint Online sites to exclude when you use the value All for the SharePointLocation parameter. You identify the site by its URL value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SkypeLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The SkypeLocation parameter specifies the Skype for Business Online users to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SkypeLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter is reserved for internal Microsoft use.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsChannelLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The TeamsChannelLocation parameter specifies the Teams Channel to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsChannelLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the SharePoint Online sites to exclude when you use the value All for the TeamsChannelLocation parameter. You identify the site by its URL value.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsChatLocation</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The TeamsChatLocation parameter specifies the Teams Chat to include in the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">TeamsChatLocationException</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>This parameter specifies the SharePoint Online sites to exclude when you use the value All for the TeamsChatLocation parameter. You identify the site by its URL value.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.retentioncompliancerule"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.retentioncompliancerule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Retention Compliance Rule in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the retention rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Policy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Policy parameter specifies the policy to contain the rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExpirationDateOption</span> </div> <div class="desc-html"><p>The ExpirationDateOption parameter specifies whether the expiration date is calculated from the content creation date or last modification date. Valid values are: CreationAgeInDays and ModificationAgeInDays.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"CreationAgeInDays"</code>, <code>"ModificationAgeInDays"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Cc][Rr][Ee][Aa][Tt][Ii][Oo][Nn][Aa][Gg][Ee][Ii][Nn][Dd][Aa][Yy][Ss]|[Mm][Oo][Dd][Ii][Ff][Ii][Cc][Aa][Tt][Ii][Oo][Nn][Aa][Gg][Ee][Ii][Nn][Dd][Aa][Yy][Ss])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ExcludedItemClasses</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The ExcludedItemClasses parameter specifies the types of messages to exclude from the rule. You can use this parameter only to exclude items from a hold policy, which excludes the specified item class from being held. Using this parameter won't exclude items from deletion policies. Typically, you use this parameter to exclude voicemail messages, IM conversations, and other Skype for Business Online content from being held by a hold policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentMatchQuery</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ContentMatchQuery parameter specifies a content search filter.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetentionComplianceAction</span> </div> <div class="desc-html"><p>The RetentionComplianceAction parameter specifies the retention action for the rule. Valid values are: Delete, Keep and KeepAndDelete.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Delete"</code>, <code>"Keep"</code>, <code>"KeepAndDelete"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Ee][Ll][Ee][Tt][Ee]|[Kk][Ee][Ee][Pp]|[Kk][Ee][Ee][Pp][Aa][Nn][Dd][Dd][Ee][Ll][Ee][Tt][Ee])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetentionDuration</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The RetentionDuration parameter specifies the hold duration for the retention rule. Valid values are: An integer - The hold duration in days, Unlimited - The content is held indefinitely.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">RetentionDurationDisplayHint</span> </div> <div class="desc-html"><p>The RetentionDurationDisplayHint parameter specifies the units that are used to display the retention duration in the Security and Compliance Center. Valid values are: Days, Months or Years.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Days"</code>, <code>"Months"</code>, <code>"Years"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Dd][Aa][Yy][Ss]|[Mm][Oo][Nn][Tt][Hh][Ss]|[Yy][Ee][Aa][Rr][Ss])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.retentioneventtype"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.retentioneventtype</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Retention Event Type in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name of the retention event type.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.securityfilter"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.securityfilter</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Security Filter in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">FilterName</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The FilterName parameter specifies the name of the compliance security filter that you want to view. If the value contains spaces, enclose the value in quotation marks (").</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Action</span> </div> <div class="desc-html"><p>The Action parameter filters the results by the type of search action that a filter is applied to.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"All"</code>, <code>"Export"</code>, <code>"Preview"</code>, <code>"Purge"</code>, <code>"Search"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Xx][Pp][Oo][Rr][Tt]|[Pp][Rr][Ee][Vv][Ii][Ee][Ww]|[Pp][Uu][Rr][Gg][Ee]|[Ss][Ee][Aa][Rr][Cc][Hh]|[Aa][Ll][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Users</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The User parameter filters the results by the user who gets a filter applied to their searches. Acceptable values are : The alias or email address of a user, All or The name of a role group</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Description</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Description parameter specifies a description for the compliance security filter. The maximum length is 256 characters. If the value contains spaces, enclose the value in quotation marks (").</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Filters</span> <span class="type-badge">string[]</span> </div> <div class="desc-html"><p>The Filters parameter specifies the search criteria for the compliance security filter. The filters are applied to the users specified by the Users parameter. You can create three different types of filters: Mailbox filter, Mailbox content filter or Site and site content filter</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Region</span> </div> <div class="desc-html"><p>The Region parameter specifies the satellite location for multi-geo tenants to conduct eDiscovery searches in.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>""</code>, <code>"APC"</code>, <code>"AUS"</code>, <code>"CAN"</code>, <code>"EUR"</code>, <code>"FRA"</code>, <code>"GBR"</code>, <code>"IND"</code>, <code>"JPN"</code>, <code>"LAM"</code>, <code>"NAM"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Aa][Pp][Cc]|[Aa][Uu][Ss]|[Cc][Aa][Nn]|[Ee][Uu][Rr]|[Ff][Rr][Aa]|[Gg][Bb][Rr]|[Ii][Nn][Dd]|[Jj][Pp][Nn]|[Ll][Aa][Mm]|[Nn][Aa][Mm]|)$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this label policy should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.sensitivitylabel"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.sensitivitylabel</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures Sensitivity labels in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name for the sensitivity label. The maximum length is 64 characters. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">AdvancedSettings</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The AdvancedSettings parameter enables client-specific features and capabilities on the sensitivity label. The settings that you configure with this parameter only affect apps that are designed for the setting.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">DisplayName</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The DisplayName parameter specifies the display name for the sensitivity label. The display name appears in the Microsoft Office and is used by Outlook users to select the appropriate sensitivity label before they send a message.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">LocaleSettings</span> <span class="type-badge">object[]</span> </div> <div class="desc-html"><p>The LocaleSettings parameter specifies one or more localized label name or label Tooltips in different languages. Regions include all region codes supported in Office Client applications.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ParentId</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ParentId parameter specifies the parent label that you want this label to be under (a sublabel). You can use any value that uniquely identifies the parent sensitivity label for example name.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Priority</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The Priority parameter specifies a priority value for the sensitivity label that determines the order of label processing. A lower integer value indicates a higher priority.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Tooltip</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ToolTip parameter specifies the default tooltip and sensitivity label description that's seen by users. It the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingFooterAlignment</span> </div> <div class="desc-html"><p>The ApplyContentMarkingFooterAlignment parameter specifies the footer alignment.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Center"</code>, <code>"Left"</code>, <code>"Right"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ll][Ee][Ff][Tt]|[Cc][Ee][Nn][Tt][Ee][Rr]|[Rr][Ii][Gg][Hh][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingFooterEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ApplyContentMarkingFooterEnabled parameter specifies whether to enable or disable the sensitivity label.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingFooterFontColor</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyContentMarkingFooterFontColor parameter specifies the color of the footer text. This parameter accepts a hexadecimal color code value in the format #xxxxxx. The default value is #000000.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingFooterFontSize</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The ApplyContentMarkingFooterFontSize parameter specifies the font size (in points) of the footer text.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingFooterMargin</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The ApplyContentMarkingFooterMargin parameter specifies the size (in points) of the footer margin.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingFooterText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyContentMarkingFooterText parameter specifies the footer text. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingHeaderAlignment</span> </div> <div class="desc-html"><p>The ApplyContentMarkingHeaderAlignment parameter specifies the header alignment.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Center"</code>, <code>"Left"</code>, <code>"Right"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ll][Ee][Ff][Tt]|[Cc][Ee][Nn][Tt][Ee][Rr]|[Rr][Ii][Gg][Hh][Tt])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingHeaderEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ApplyContentMarkingHeaderEnabled parameter enables or disables the Apply Content Marking Header action for the label.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingHeaderFontColor</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyContentMarkingHeaderFontColor parameter specifies the color of the header text. This parameter accepts a hexadecimal color code value in the format #xxxxxx. The default value is #000000.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingHeaderFontSize</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The ApplyContentMarkingHeaderFontSize parameter specifies the font size (in points) of the header text.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingHeaderMargin</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The ApplyContentMarkingHeaderMargin parameter specifies the size (in points) of the header margin.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyContentMarkingHeaderText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyContentMarkingHeaderText parameter specifies the header text. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyWaterMarkingEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The ApplyWaterMarkingEnabled parameter enables or disables the Apply Watermarking Header action for the label.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyWaterMarkingFontColor</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyWaterMarkingFontColor parameter specifies the color of the watermark text. This parameter accepts a hexadecimal color code value in the format #xxxxxx.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyWaterMarkingFontSize</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The ApplyWaterMarkingFontSize parameter specifies the font size (in points) of the watermark text.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyWaterMarkingLayout</span> </div> <div class="desc-html"><p>The ApplyWaterMarkingAlignment parameter specifies the watermark alignment.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Diagonal"</code>, <code>"Horizontal"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Hh][Oo][Rr][Ii][Zz][Oo][Nn][Tt][Aa][Ll]|[Dd][Ii][Aa][Gg][Oo][Nn][Aa][Ll])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ApplyWaterMarkingText</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The ApplyWaterMarkingText parameter specifies the watermark text. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">ContentType</span> <span class="type-badge">array</span> </div> <div class="desc-html"><p>The ContentType parameter specifies where the sensitivity label can be applied.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionContentExpiredOnDateInDaysOrNever</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EncryptionContentExpiredOnDateInDaysOrNever parameter specifies when the encrypted content expires. Valid values are integer or never.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionDoNotForward</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EncryptionDoNotForward parameter specifies whether the Do Not Forward template is applied.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionEncryptOnly</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EncryptionEncryptOnly parameter specifies whether the encrypt-only template is applied.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EncryptionEnabled parameter specifies whether encryption in enabled.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionOfflineAccessDays</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The EncryptionOfflineAccessDays parameter specifies the number of days that offline access is allowed.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionPromptUser</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The EncryptionPromptUser parameter specifies whether to set the label with user defined permission in Word, Excel, and PowerPoint.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionProtectionType</span> </div> <div class="desc-html"><p>The EncryptionProtectionType parameter specifies the protection type for encryption.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"RemoveProtection"</code>, <code>"Template"</code>, <code>"UserDefined"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Tt][Ee][Mm][Pp][Ll][Aa][Tt][Ee]|[Rr][Ee][Mm][Oo][Vv][Ee][Pp][Rr][Oo][Tt][Ee][Cc][Tt][Ii][Oo][Nn]|[Uu][Ss][Ee][Rr][Dd][Ee][Ff][Ii][Nn][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionRightsDefinitions</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EncryptionRightsDefinitions parameter specifies the rights users have when accessing protected. This parameter uses the syntax Identity1:Rights1,Rights2;Identity2:Rights3,Rights4. For example, john@contoso.com:VIEW,EDIT;microsoft.com:VIEW.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">EncryptionRightsUrl</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The EncryptionRightsUrl parameter specifies the URL for hold your own key (HYOK) protection.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupProtectionAllowAccessToGuestUsers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SiteAndGroupProtectionAllowAccessToGuestUsers parameter enables or disables access to guest users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupProtectionAllowEmailFromGuestUsers</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SiteAndGroupProtectionAllowEmailFromGuestUsers parameter enables or disables email from guest users.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupProtectionAllowFullAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SiteAndGroupProtectionAllowFullAccess parameter enables or disables full access.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupProtectionAllowLimitedAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SiteAndGroupProtectionAllowLimitedAccess parameter enables or disables limited access.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupProtectionBlockAccess</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SiteAndGroupProtectionBlockAccess parameter blocks access.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupProtectionEnabled</span> <span class="type-badge">boolean</span> </div> <div class="desc-html"><p>The SiteAndGroupProtectionEnabled parameter enables or disables the Site and Group Protection action for the labels.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupProtectionPrivacy</span> </div> <div class="desc-html"><p>The SiteAndGroupProtectionPrivacy parameter specifies the privacy level for the label.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Private"</code>, <code>"Public"</code>, <code>"Unspecified"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Uu][Bb][Ll][Ii][Cc]|[Pp][Rr][Ii][Vv][Aa][Tt][Ee]|[Uu][Nn][Ss][Pp][Ee][Cc][Ii][Ff][Ii][Ee][Dd])$</span > </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SiteAndGroupExternalSharingControlType</span> </div> <div class="desc-html"><p>The SiteAndGroupExternalSharingControlType parameter specifies the external user sharing setting for the label.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Disabled"</code>, <code>"ExistingExternalUserSharingOnly"</code>, <code>"ExternalUserAndGuestSharing"</code>, <code>"ExternalUserSharingOnly"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Uu][Ss][Ee][Rr][Aa][Nn][Dd][Gg][Uu][Ee][Ss][Tt][Ss][Hh][Aa][Rr][Ii][Nn][Gg]|[Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Uu][Ss][Ee][Rr][Ss][Hh][Aa][Rr][Ii][Nn][Gg][Oo][Nn][Ll][Yy]|[Ee][Xx][Ii][Ss][Tt][Ii][Nn][Gg][Ee][Xx][Tt][Ee][Rr][Nn][Aa][Ll][Uu][Ss][Ee][Rr][Ss][Hh][Aa][Rr][Ii][Nn][Gg][Oo][Nn][Ll][Yy]|[Dd][Ii][Ss][Aa][Bb][Ll][Ee][Dd])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.supervisoryreviewpolicy"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.supervisoryreviewpolicy</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Supervision Policy in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name for the supervisory review policy. The name can't exceed 64 characters. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Reviewers</span> <span class="type-badge">string[]</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Reviewers parameter specifies the SMTP addresses of the reviewers for the supervisory review policy. You can specify multiple email addresses separated by commas.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Comment</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Comment parameter specifies an optional comment. If you specify a value that contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> <div class="definition-block" id="def-microsoft.securityandcompliance.supervisoryreviewrule"> <div class="definition-header"> <span class="def-name">microsoft.securityandcompliance.supervisoryreviewrule</span> <span class="type-badge" >object</span > </div> <div class="definition-body"> <div class="desc-html"><p>This resource configures a Supervision Review Rule in Security and Compliance.</p> </div> <div class="property-list"> <div class="property-item" > <div class="property-header"> <span class="property-name">Name</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Name parameter specifies the unique name for the supervisory review policy. The name can't exceed 64 characters. If the value contains spaces, enclose the value in quotation marks.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Policy</span> <span class="type-badge">string</span> <span class="required-badge" >required</span > </div> <div class="desc-html"><p>The Policy parameter specifies the supervisory review policy that's assigned to the rule. You can use any value that uniquely identifies the policy.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Condition</span> <span class="type-badge">string</span> </div> <div class="desc-html"><p>The Condition parameter specifies the conditions and exceptions for the rule.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">SamplingRate</span> <span class="type-badge">integer</span> </div> <div class="desc-html"><p>The SamplingRate parameter specifies the percentage of communications for review. If you want reviewers to review all detected items, use the value 100.</p> </div> </div> <div class="property-item" > <div class="property-header"> <span class="property-name">Ensure</span> </div> <div class="desc-html"><p>Specify if this rule should exist or not.</p> </div> <div class="property-meta"> <span class="meta-label">Examples:</span> <code>"Absent"</code>, <code>"Present"</code> </div> <div class="property-constraints"> <span class="constraint" >pattern=^([Pp][Rr][Ee][Ss][Ee][Nn][Tt]|[Aa][Bb][Ss][Ee][Nn][Tt])$</span > </div> </div> </div> </div> </div> </section> </article> <nav class="page-outline" id="page-outline" aria-label="Page outline"></nav> </div> </main> <footer class="site-footer"> <div class="container"> <p> Generated by <a href="https://github.com/lintel-rs/lintel">Lintel</a> Catalog Builder 0.0.16 </p> </div> </footer> <script src="/app.js"></script> </body> </html><script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script>