MemPolicyManager.psm1
|
#Region '.\Classes\AppConfiguration\Create\CreateEmMdmTargetedManagedAppConfiguration.ps1' -1 class CreateEmMdmTargetedManagedAppConfiguration { [string]${@odata.type} [string]$displayName [string]$description [string]$version [object[]]$customSettings [object]$deployedAppCount [bool]$isAssigned [string]$targetedAppManagementLevels [string]$appGroupType # Default constructor CreateEmMdmTargetedManagedAppConfiguration() { $this."@odata.type" = '' $this.displayName = '' $this.description = '' $this.version = '' $this.customSettings = @() $this.deployedAppCount = $null $this.isAssigned = $false $this.targetedAppManagementLevels = '' $this.appGroupType = '' } # Parameterized constructor CreateEmMdmTargetedManagedAppConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.displayName = $policy.displayName $this.description = $policy.description $this.version = $policy.version $this.customSettings = $policy.customSettings $this.deployedAppCount = $policy.deployedAppCount $this.isAssigned = $policy.isAssigned $this.targetedAppManagementLevels = $policy.targetedAppManagementLevels $this.appGroupType = $policy.appGroupType } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMdmTargetedManagedAppConfiguration" } } #EndRegion '.\Classes\AppConfiguration\Create\CreateEmMdmTargetedManagedAppConfiguration.ps1' 43 #Region '.\Classes\AppConfiguration\Get\GetEmMdmTargetedManagedAppConfiguration.ps1' -1 class GetEmMdmTargetedManagedAppConfiguration { [string]${@odata.type} [string]$displayName [string]$description [datetime]$createdDateTime [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [string]$id [string]$version [object[]]$customSettings [object]$deployedAppCount [bool]$isAssigned [string]$targetedAppManagementLevels [string]$appGroupType # Default constructor GetEmMdmTargetedManagedAppConfiguration() { $this."@odata.type" = '' $this.displayName = '' $this.description = '' $this.createdDateTime = [datetime]::MinValue $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.id = '' $this.version = '' $this.customSettings = @() $this.deployedAppCount = $null $this.isAssigned = $false $this.targetedAppManagementLevels = '' $this.appGroupType = '' } # Parameterized constructor GetEmMdmTargetedManagedAppConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.displayName = $policy.displayName $this.description = $policy.description $this.createdDateTime = $policy.createdDateTime $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.version = $policy.version $this.customSettings = $policy.customSettings $this.deployedAppCount = $policy.deployedAppCount $this.isAssigned = $policy.isAssigned $this.targetedAppManagementLevels = $policy.targetedAppManagementLevels $this.appGroupType = $policy.appGroupType } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmTargetedManagedAppConfiguration" } } #EndRegion '.\Classes\AppConfiguration\Get\GetEmMdmTargetedManagedAppConfiguration.ps1' 55 #Region '.\Classes\AppProtection\Get\GetEmMdmAndroidManagedAppProtection.ps1' -1 class GetEmMdmAndroidManagedAppProtection { [string]${@odata.type} [string]$displayName [string]$description [datetime]$createdDateTime [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [string]$id [string]$version [string]$periodOfflineBeforeAccessCheck [string]$periodOnlineBeforeAccessCheck [string]$allowedInboundDataTransferSources [string]$allowedOutboundDataTransferDestinations [bool]$organizationalCredentialsRequired [string]$allowedOutboundClipboardSharingLevel [bool]$dataBackupBlocked [bool]$deviceComplianceRequired [bool]$managedBrowserToOpenLinksRequired [bool]$saveAsBlocked [string]$periodOfflineBeforeWipeIsEnforced [bool]$pinRequired [object]$maximumPinRetries [bool]$simplePinBlocked [object]$minimumPinLength [string]$pinCharacterSet [string]$periodBeforePinReset [object[]]$allowedDataStorageLocations [bool]$contactSyncBlocked [bool]$printBlocked [bool]$fingerprintBlocked [bool]$disableAppPinIfDevicePinIsSet [string]$maximumRequiredOsVersion [string]$maximumWarningOsVersion [string]$maximumWipeOsVersion [string]$minimumRequiredOsVersion [string]$minimumWarningOsVersion [string]$minimumRequiredAppVersion [string]$minimumWarningAppVersion [string]$minimumWipeOsVersion [string]$minimumWipeAppVersion [string]$appActionIfDeviceComplianceRequired [string]$appActionIfMaximumPinRetriesExceeded [string]$pinRequiredInsteadOfBiometricTimeout [object]$allowedOutboundClipboardSharingExceptionLength [string]$notificationRestriction [object]$previousPinBlockCount [string]$managedBrowser [string]$maximumAllowedDeviceThreatLevel [string]$mobileThreatDefenseRemediationAction [string]$mobileThreatDefensePartnerPriority [bool]$blockDataIngestionIntoOrganizationDocuments [object[]]$allowedDataIngestionLocations [string]$appActionIfUnableToAuthenticateUser [string]$dialerRestrictionLevel [string]$gracePeriodToBlockAppsDuringOffClockHours [string]$protectedMessagingRedirectAppType [bool]$isAssigned [string]$targetedAppManagementLevels [string]$appGroupType [bool]$screenCaptureBlocked [bool]$disableAppEncryptionIfDeviceEncryptionIsEnabled [bool]$encryptAppData [object]$deployedAppCount [string]$minimumRequiredPatchVersion [string]$minimumWarningPatchVersion [object[]]$exemptedAppPackages [string]$minimumWipePatchVersion [string]$allowedAndroidDeviceManufacturers [string]$appActionIfAndroidDeviceManufacturerNotAllowed [string]$appActionIfAccountIsClockedOut [string]$appActionIfSamsungKnoxAttestationRequired [string]$requiredAndroidSafetyNetDeviceAttestationType [string]$appActionIfAndroidSafetyNetDeviceAttestationFailed [string]$requiredAndroidSafetyNetAppsVerificationType [string]$appActionIfAndroidSafetyNetAppsVerificationFailed [string]$customBrowserPackageId [string]$customBrowserDisplayName [string]$minimumRequiredCompanyPortalVersion [string]$minimumWarningCompanyPortalVersion [string]$minimumWipeCompanyPortalVersion [bool]$keyboardsRestricted [object[]]$approvedKeyboards [object[]]$allowedAndroidDeviceModels [string]$appActionIfAndroidDeviceModelNotAllowed [string]$customDialerAppPackageId [string]$customDialerAppDisplayName [bool]$biometricAuthenticationBlocked [string]$requiredAndroidSafetyNetEvaluationType [object]$blockAfterCompanyPortalUpdateDeferralInDays [object]$warnAfterCompanyPortalUpdateDeferralInDays [object]$wipeAfterCompanyPortalUpdateDeferralInDays [bool]$deviceLockRequired [string]$appActionIfDeviceLockNotSet [bool]$connectToVpnOnLaunch [string]$appActionIfDevicePasscodeComplexityLessThanLow [string]$appActionIfDevicePasscodeComplexityLessThanMedium [string]$appActionIfDevicePasscodeComplexityLessThanHigh [bool]$requireClass3Biometrics [bool]$requirePinAfterBiometricChange [bool]$fingerprintAndBiometricEnabled [string]$messagingRedirectAppPackageId [string]$messagingRedirectAppDisplayName # Default constructor GetEmMdmAndroidManagedAppProtection() { $this."@odata.type" = '' $this.displayName = '' $this.description = '' $this.createdDateTime = [datetime]::MinValue $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.id = '' $this.version = '' $this.periodOfflineBeforeAccessCheck = '' $this.periodOnlineBeforeAccessCheck = '' $this.allowedInboundDataTransferSources = '' $this.allowedOutboundDataTransferDestinations = '' $this.organizationalCredentialsRequired = $false $this.allowedOutboundClipboardSharingLevel = '' $this.dataBackupBlocked = $false $this.deviceComplianceRequired = $false $this.managedBrowserToOpenLinksRequired = $false $this.saveAsBlocked = $false $this.periodOfflineBeforeWipeIsEnforced = '' $this.pinRequired = $false $this.maximumPinRetries = $null $this.simplePinBlocked = $false $this.minimumPinLength = $null $this.pinCharacterSet = '' $this.periodBeforePinReset = '' $this.allowedDataStorageLocations = @() $this.contactSyncBlocked = $false $this.printBlocked = $false $this.fingerprintBlocked = $false $this.disableAppPinIfDevicePinIsSet = $false $this.maximumRequiredOsVersion = '' $this.maximumWarningOsVersion = '' $this.maximumWipeOsVersion = '' $this.minimumRequiredOsVersion = '' $this.minimumWarningOsVersion = '' $this.minimumRequiredAppVersion = '' $this.minimumWarningAppVersion = '' $this.minimumWipeOsVersion = '' $this.minimumWipeAppVersion = '' $this.appActionIfDeviceComplianceRequired = '' $this.appActionIfMaximumPinRetriesExceeded = '' $this.pinRequiredInsteadOfBiometricTimeout = '' $this.allowedOutboundClipboardSharingExceptionLength = $null $this.notificationRestriction = '' $this.previousPinBlockCount = $null $this.managedBrowser = '' $this.maximumAllowedDeviceThreatLevel = '' $this.mobileThreatDefenseRemediationAction = '' $this.mobileThreatDefensePartnerPriority = '' $this.blockDataIngestionIntoOrganizationDocuments = $false $this.allowedDataIngestionLocations = @() $this.appActionIfUnableToAuthenticateUser = '' $this.dialerRestrictionLevel = '' $this.gracePeriodToBlockAppsDuringOffClockHours = '' $this.protectedMessagingRedirectAppType = '' $this.isAssigned = $false $this.targetedAppManagementLevels = '' $this.appGroupType = '' $this.screenCaptureBlocked = $false $this.disableAppEncryptionIfDeviceEncryptionIsEnabled = $false $this.encryptAppData = $false $this.deployedAppCount = $null $this.minimumRequiredPatchVersion = '' $this.minimumWarningPatchVersion = '' $this.exemptedAppPackages = @() $this.minimumWipePatchVersion = '' $this.allowedAndroidDeviceManufacturers = '' $this.appActionIfAndroidDeviceManufacturerNotAllowed = '' $this.appActionIfAccountIsClockedOut = '' $this.appActionIfSamsungKnoxAttestationRequired = '' $this.requiredAndroidSafetyNetDeviceAttestationType = '' $this.appActionIfAndroidSafetyNetDeviceAttestationFailed = '' $this.requiredAndroidSafetyNetAppsVerificationType = '' $this.appActionIfAndroidSafetyNetAppsVerificationFailed = '' $this.customBrowserPackageId = '' $this.customBrowserDisplayName = '' $this.minimumRequiredCompanyPortalVersion = '' $this.minimumWarningCompanyPortalVersion = '' $this.minimumWipeCompanyPortalVersion = '' $this.keyboardsRestricted = $false $this.approvedKeyboards = @() $this.allowedAndroidDeviceModels = @() $this.appActionIfAndroidDeviceModelNotAllowed = '' $this.customDialerAppPackageId = '' $this.customDialerAppDisplayName = '' $this.biometricAuthenticationBlocked = $false $this.requiredAndroidSafetyNetEvaluationType = '' $this.blockAfterCompanyPortalUpdateDeferralInDays = $null $this.warnAfterCompanyPortalUpdateDeferralInDays = $null $this.wipeAfterCompanyPortalUpdateDeferralInDays = $null $this.deviceLockRequired = $false $this.appActionIfDeviceLockNotSet = '' $this.connectToVpnOnLaunch = $false $this.appActionIfDevicePasscodeComplexityLessThanLow = '' $this.appActionIfDevicePasscodeComplexityLessThanMedium = '' $this.appActionIfDevicePasscodeComplexityLessThanHigh = '' $this.requireClass3Biometrics = $false $this.requirePinAfterBiometricChange = $false $this.fingerprintAndBiometricEnabled = $false $this.messagingRedirectAppPackageId = '' $this.messagingRedirectAppDisplayName = '' } # Parameterized constructor GetEmMdmAndroidManagedAppProtection ($policy) { $this."@odata.type" = $policy."@odata.type" $this.displayName = $policy.displayName $this.description = $policy.description $this.createdDateTime = $policy.createdDateTime $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.version = $policy.version $this.periodOfflineBeforeAccessCheck = $policy.periodOfflineBeforeAccessCheck $this.periodOnlineBeforeAccessCheck = $policy.periodOnlineBeforeAccessCheck $this.allowedInboundDataTransferSources = $policy.allowedInboundDataTransferSources $this.allowedOutboundDataTransferDestinations = $policy.allowedOutboundDataTransferDestinations $this.organizationalCredentialsRequired = $policy.organizationalCredentialsRequired $this.allowedOutboundClipboardSharingLevel = $policy.allowedOutboundClipboardSharingLevel $this.dataBackupBlocked = $policy.dataBackupBlocked $this.deviceComplianceRequired = $policy.deviceComplianceRequired $this.managedBrowserToOpenLinksRequired = $policy.managedBrowserToOpenLinksRequired $this.saveAsBlocked = $policy.saveAsBlocked $this.periodOfflineBeforeWipeIsEnforced = $policy.periodOfflineBeforeWipeIsEnforced $this.pinRequired = $policy.pinRequired $this.maximumPinRetries = $policy.maximumPinRetries $this.simplePinBlocked = $policy.simplePinBlocked $this.minimumPinLength = $policy.minimumPinLength $this.pinCharacterSet = $policy.pinCharacterSet $this.periodBeforePinReset = $policy.periodBeforePinReset $this.allowedDataStorageLocations = $policy.allowedDataStorageLocations $this.contactSyncBlocked = $policy.contactSyncBlocked $this.printBlocked = $policy.printBlocked $this.fingerprintBlocked = $policy.fingerprintBlocked $this.disableAppPinIfDevicePinIsSet = $policy.disableAppPinIfDevicePinIsSet $this.maximumRequiredOsVersion = $policy.maximumRequiredOsVersion $this.maximumWarningOsVersion = $policy.maximumWarningOsVersion $this.maximumWipeOsVersion = $policy.maximumWipeOsVersion $this.minimumRequiredOsVersion = $policy.minimumRequiredOsVersion $this.minimumWarningOsVersion = $policy.minimumWarningOsVersion $this.minimumRequiredAppVersion = $policy.minimumRequiredAppVersion $this.minimumWarningAppVersion = $policy.minimumWarningAppVersion $this.minimumWipeOsVersion = $policy.minimumWipeOsVersion $this.minimumWipeAppVersion = $policy.minimumWipeAppVersion $this.appActionIfDeviceComplianceRequired = $policy.appActionIfDeviceComplianceRequired $this.appActionIfMaximumPinRetriesExceeded = $policy.appActionIfMaximumPinRetriesExceeded $this.pinRequiredInsteadOfBiometricTimeout = $policy.pinRequiredInsteadOfBiometricTimeout $this.allowedOutboundClipboardSharingExceptionLength = $policy.allowedOutboundClipboardSharingExceptionLength $this.notificationRestriction = $policy.notificationRestriction $this.previousPinBlockCount = $policy.previousPinBlockCount $this.managedBrowser = $policy.managedBrowser $this.maximumAllowedDeviceThreatLevel = $policy.maximumAllowedDeviceThreatLevel $this.mobileThreatDefenseRemediationAction = $policy.mobileThreatDefenseRemediationAction $this.mobileThreatDefensePartnerPriority = $policy.mobileThreatDefensePartnerPriority $this.blockDataIngestionIntoOrganizationDocuments = $policy.blockDataIngestionIntoOrganizationDocuments $this.allowedDataIngestionLocations = $policy.allowedDataIngestionLocations $this.appActionIfUnableToAuthenticateUser = $policy.appActionIfUnableToAuthenticateUser $this.dialerRestrictionLevel = $policy.dialerRestrictionLevel $this.gracePeriodToBlockAppsDuringOffClockHours = $policy.gracePeriodToBlockAppsDuringOffClockHours $this.protectedMessagingRedirectAppType = $policy.protectedMessagingRedirectAppType $this.isAssigned = $policy.isAssigned $this.targetedAppManagementLevels = $policy.targetedAppManagementLevels $this.appGroupType = $policy.appGroupType $this.screenCaptureBlocked = $policy.screenCaptureBlocked $this.disableAppEncryptionIfDeviceEncryptionIsEnabled = $policy.disableAppEncryptionIfDeviceEncryptionIsEnabled $this.encryptAppData = $policy.encryptAppData $this.deployedAppCount = $policy.deployedAppCount $this.minimumRequiredPatchVersion = $policy.minimumRequiredPatchVersion $this.minimumWarningPatchVersion = $policy.minimumWarningPatchVersion $this.exemptedAppPackages = $policy.exemptedAppPackages $this.minimumWipePatchVersion = $policy.minimumWipePatchVersion $this.allowedAndroidDeviceManufacturers = $policy.allowedAndroidDeviceManufacturers $this.appActionIfAndroidDeviceManufacturerNotAllowed = $policy.appActionIfAndroidDeviceManufacturerNotAllowed $this.appActionIfAccountIsClockedOut = $policy.appActionIfAccountIsClockedOut $this.appActionIfSamsungKnoxAttestationRequired = $policy.appActionIfSamsungKnoxAttestationRequired $this.requiredAndroidSafetyNetDeviceAttestationType = $policy.requiredAndroidSafetyNetDeviceAttestationType $this.appActionIfAndroidSafetyNetDeviceAttestationFailed = $policy.appActionIfAndroidSafetyNetDeviceAttestationFailed $this.requiredAndroidSafetyNetAppsVerificationType = $policy.requiredAndroidSafetyNetAppsVerificationType $this.appActionIfAndroidSafetyNetAppsVerificationFailed = $policy.appActionIfAndroidSafetyNetAppsVerificationFailed $this.customBrowserPackageId = $policy.customBrowserPackageId $this.customBrowserDisplayName = $policy.customBrowserDisplayName $this.minimumRequiredCompanyPortalVersion = $policy.minimumRequiredCompanyPortalVersion $this.minimumWarningCompanyPortalVersion = $policy.minimumWarningCompanyPortalVersion $this.minimumWipeCompanyPortalVersion = $policy.minimumWipeCompanyPortalVersion $this.keyboardsRestricted = $policy.keyboardsRestricted $this.approvedKeyboards = $policy.approvedKeyboards $this.allowedAndroidDeviceModels = $policy.allowedAndroidDeviceModels $this.appActionIfAndroidDeviceModelNotAllowed = $policy.appActionIfAndroidDeviceModelNotAllowed $this.customDialerAppPackageId = $policy.customDialerAppPackageId $this.customDialerAppDisplayName = $policy.customDialerAppDisplayName $this.biometricAuthenticationBlocked = $policy.biometricAuthenticationBlocked $this.requiredAndroidSafetyNetEvaluationType = $policy.requiredAndroidSafetyNetEvaluationType $this.blockAfterCompanyPortalUpdateDeferralInDays = $policy.blockAfterCompanyPortalUpdateDeferralInDays $this.warnAfterCompanyPortalUpdateDeferralInDays = $policy.warnAfterCompanyPortalUpdateDeferralInDays $this.wipeAfterCompanyPortalUpdateDeferralInDays = $policy.wipeAfterCompanyPortalUpdateDeferralInDays $this.deviceLockRequired = $policy.deviceLockRequired $this.appActionIfDeviceLockNotSet = $policy.appActionIfDeviceLockNotSet $this.connectToVpnOnLaunch = $policy.connectToVpnOnLaunch $this.appActionIfDevicePasscodeComplexityLessThanLow = $policy.appActionIfDevicePasscodeComplexityLessThanLow $this.appActionIfDevicePasscodeComplexityLessThanMedium = $policy.appActionIfDevicePasscodeComplexityLessThanMedium $this.appActionIfDevicePasscodeComplexityLessThanHigh = $policy.appActionIfDevicePasscodeComplexityLessThanHigh $this.requireClass3Biometrics = $policy.requireClass3Biometrics $this.requirePinAfterBiometricChange = $policy.requirePinAfterBiometricChange $this.fingerprintAndBiometricEnabled = $policy.fingerprintAndBiometricEnabled $this.messagingRedirectAppPackageId = $policy.messagingRedirectAppPackageId $this.messagingRedirectAppDisplayName = $policy.messagingRedirectAppDisplayName } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmAndroidManagedAppProtection" } } #EndRegion '.\Classes\AppProtection\Get\GetEmMdmAndroidManagedAppProtection.ps1' 319 #Region '.\Classes\AppProtection\Get\GetEmMdmIosManagedAppProtection.ps1' -1 class GetEmMdmIosManagedAppProtection { [string]${@odata.type} [string]$displayName [string]$description [datetime]$createdDateTime [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [string]$id [string]$version [string]$periodOfflineBeforeAccessCheck [string]$periodOnlineBeforeAccessCheck [string]$allowedInboundDataTransferSources [string]$allowedOutboundDataTransferDestinations [bool]$organizationalCredentialsRequired [string]$allowedOutboundClipboardSharingLevel [bool]$dataBackupBlocked [bool]$deviceComplianceRequired [bool]$managedBrowserToOpenLinksRequired [bool]$saveAsBlocked [string]$periodOfflineBeforeWipeIsEnforced [bool]$pinRequired [object]$maximumPinRetries [bool]$simplePinBlocked [object]$minimumPinLength [string]$pinCharacterSet [string]$periodBeforePinReset [object[]]$allowedDataStorageLocations [bool]$contactSyncBlocked [bool]$printBlocked [bool]$fingerprintBlocked [bool]$disableAppPinIfDevicePinIsSet [string]$maximumRequiredOsVersion [string]$maximumWarningOsVersion [string]$maximumWipeOsVersion [string]$minimumRequiredOsVersion [string]$minimumWarningOsVersion [string]$minimumRequiredAppVersion [string]$minimumWarningAppVersion [string]$minimumWipeOsVersion [string]$minimumWipeAppVersion [string]$appActionIfDeviceComplianceRequired [string]$appActionIfMaximumPinRetriesExceeded [string]$pinRequiredInsteadOfBiometricTimeout [object]$allowedOutboundClipboardSharingExceptionLength [string]$notificationRestriction [object]$previousPinBlockCount [string]$managedBrowser [string]$maximumAllowedDeviceThreatLevel [string]$mobileThreatDefenseRemediationAction [string]$mobileThreatDefensePartnerPriority [bool]$blockDataIngestionIntoOrganizationDocuments [object[]]$allowedDataIngestionLocations [string]$appActionIfUnableToAuthenticateUser [string]$dialerRestrictionLevel [string]$gracePeriodToBlockAppsDuringOffClockHours [string]$protectedMessagingRedirectAppType [bool]$isAssigned [string]$targetedAppManagementLevels [string]$appGroupType [string]$appDataEncryptionType [string]$minimumRequiredSdkVersion [object]$deployedAppCount [bool]$faceIdBlocked [bool]$allowWidgetContentSync [object[]]$exemptedAppProtocols [string]$minimumWipeSdkVersion [string]$allowedIosDeviceModels [string]$appActionIfIosDeviceModelNotAllowed [string]$appActionIfAccountIsClockedOut [bool]$thirdPartyKeyboardsBlocked [bool]$filterOpenInToOnlyManagedApps [bool]$disableProtectionOfManagedOutboundOpenInData [bool]$protectInboundDataFromUnknownSources [string]$customBrowserProtocol [string]$customDialerAppProtocol [object[]]$managedUniversalLinks [object[]]$exemptedUniversalLinks [string]$minimumWarningSdkVersion [string]$messagingRedirectAppUrlScheme # Default constructor GetEmMdmIosManagedAppProtection() { $this."@odata.type" = '' $this.displayName = '' $this.description = '' $this.createdDateTime = [datetime]::MinValue $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.id = '' $this.version = '' $this.periodOfflineBeforeAccessCheck = '' $this.periodOnlineBeforeAccessCheck = '' $this.allowedInboundDataTransferSources = '' $this.allowedOutboundDataTransferDestinations = '' $this.organizationalCredentialsRequired = $false $this.allowedOutboundClipboardSharingLevel = '' $this.dataBackupBlocked = $false $this.deviceComplianceRequired = $false $this.managedBrowserToOpenLinksRequired = $false $this.saveAsBlocked = $false $this.periodOfflineBeforeWipeIsEnforced = '' $this.pinRequired = $false $this.maximumPinRetries = $null $this.simplePinBlocked = $false $this.minimumPinLength = $null $this.pinCharacterSet = '' $this.periodBeforePinReset = '' $this.allowedDataStorageLocations = @() $this.contactSyncBlocked = $false $this.printBlocked = $false $this.fingerprintBlocked = $false $this.disableAppPinIfDevicePinIsSet = $false $this.maximumRequiredOsVersion = '' $this.maximumWarningOsVersion = '' $this.maximumWipeOsVersion = '' $this.minimumRequiredOsVersion = '' $this.minimumWarningOsVersion = '' $this.minimumRequiredAppVersion = '' $this.minimumWarningAppVersion = '' $this.minimumWipeOsVersion = '' $this.minimumWipeAppVersion = '' $this.appActionIfDeviceComplianceRequired = '' $this.appActionIfMaximumPinRetriesExceeded = '' $this.pinRequiredInsteadOfBiometricTimeout = '' $this.allowedOutboundClipboardSharingExceptionLength = $null $this.notificationRestriction = '' $this.previousPinBlockCount = $null $this.managedBrowser = '' $this.maximumAllowedDeviceThreatLevel = '' $this.mobileThreatDefenseRemediationAction = '' $this.mobileThreatDefensePartnerPriority = '' $this.blockDataIngestionIntoOrganizationDocuments = $false $this.allowedDataIngestionLocations = @() $this.appActionIfUnableToAuthenticateUser = '' $this.dialerRestrictionLevel = '' $this.gracePeriodToBlockAppsDuringOffClockHours = '' $this.protectedMessagingRedirectAppType = '' $this.isAssigned = $false $this.targetedAppManagementLevels = '' $this.appGroupType = '' $this.appDataEncryptionType = '' $this.minimumRequiredSdkVersion = '' $this.deployedAppCount = $null $this.faceIdBlocked = $false $this.allowWidgetContentSync = $false $this.exemptedAppProtocols = @() $this.minimumWipeSdkVersion = '' $this.allowedIosDeviceModels = '' $this.appActionIfIosDeviceModelNotAllowed = '' $this.appActionIfAccountIsClockedOut = '' $this.thirdPartyKeyboardsBlocked = $false $this.filterOpenInToOnlyManagedApps = $false $this.disableProtectionOfManagedOutboundOpenInData = $false $this.protectInboundDataFromUnknownSources = $false $this.customBrowserProtocol = '' $this.customDialerAppProtocol = '' $this.managedUniversalLinks = @() $this.exemptedUniversalLinks = @() $this.minimumWarningSdkVersion = '' $this.messagingRedirectAppUrlScheme = '' } # Parameterized constructor GetEmMdmIosManagedAppProtection ($policy) { $this."@odata.type" = $policy."@odata.type" $this.displayName = $policy.displayName $this.description = $policy.description $this.createdDateTime = $policy.createdDateTime $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.version = $policy.version $this.periodOfflineBeforeAccessCheck = $policy.periodOfflineBeforeAccessCheck $this.periodOnlineBeforeAccessCheck = $policy.periodOnlineBeforeAccessCheck $this.allowedInboundDataTransferSources = $policy.allowedInboundDataTransferSources $this.allowedOutboundDataTransferDestinations = $policy.allowedOutboundDataTransferDestinations $this.organizationalCredentialsRequired = $policy.organizationalCredentialsRequired $this.allowedOutboundClipboardSharingLevel = $policy.allowedOutboundClipboardSharingLevel $this.dataBackupBlocked = $policy.dataBackupBlocked $this.deviceComplianceRequired = $policy.deviceComplianceRequired $this.managedBrowserToOpenLinksRequired = $policy.managedBrowserToOpenLinksRequired $this.saveAsBlocked = $policy.saveAsBlocked $this.periodOfflineBeforeWipeIsEnforced = $policy.periodOfflineBeforeWipeIsEnforced $this.pinRequired = $policy.pinRequired $this.maximumPinRetries = $policy.maximumPinRetries $this.simplePinBlocked = $policy.simplePinBlocked $this.minimumPinLength = $policy.minimumPinLength $this.pinCharacterSet = $policy.pinCharacterSet $this.periodBeforePinReset = $policy.periodBeforePinReset $this.allowedDataStorageLocations = $policy.allowedDataStorageLocations $this.contactSyncBlocked = $policy.contactSyncBlocked $this.printBlocked = $policy.printBlocked $this.fingerprintBlocked = $policy.fingerprintBlocked $this.disableAppPinIfDevicePinIsSet = $policy.disableAppPinIfDevicePinIsSet $this.maximumRequiredOsVersion = $policy.maximumRequiredOsVersion $this.maximumWarningOsVersion = $policy.maximumWarningOsVersion $this.maximumWipeOsVersion = $policy.maximumWipeOsVersion $this.minimumRequiredOsVersion = $policy.minimumRequiredOsVersion $this.minimumWarningOsVersion = $policy.minimumWarningOsVersion $this.minimumRequiredAppVersion = $policy.minimumRequiredAppVersion $this.minimumWarningAppVersion = $policy.minimumWarningAppVersion $this.minimumWipeOsVersion = $policy.minimumWipeOsVersion $this.minimumWipeAppVersion = $policy.minimumWipeAppVersion $this.appActionIfDeviceComplianceRequired = $policy.appActionIfDeviceComplianceRequired $this.appActionIfMaximumPinRetriesExceeded = $policy.appActionIfMaximumPinRetriesExceeded $this.pinRequiredInsteadOfBiometricTimeout = $policy.pinRequiredInsteadOfBiometricTimeout $this.allowedOutboundClipboardSharingExceptionLength = $policy.allowedOutboundClipboardSharingExceptionLength $this.notificationRestriction = $policy.notificationRestriction $this.previousPinBlockCount = $policy.previousPinBlockCount $this.managedBrowser = $policy.managedBrowser $this.maximumAllowedDeviceThreatLevel = $policy.maximumAllowedDeviceThreatLevel $this.mobileThreatDefenseRemediationAction = $policy.mobileThreatDefenseRemediationAction $this.mobileThreatDefensePartnerPriority = $policy.mobileThreatDefensePartnerPriority $this.blockDataIngestionIntoOrganizationDocuments = $policy.blockDataIngestionIntoOrganizationDocuments $this.allowedDataIngestionLocations = $policy.allowedDataIngestionLocations $this.appActionIfUnableToAuthenticateUser = $policy.appActionIfUnableToAuthenticateUser $this.dialerRestrictionLevel = $policy.dialerRestrictionLevel $this.gracePeriodToBlockAppsDuringOffClockHours = $policy.gracePeriodToBlockAppsDuringOffClockHours $this.protectedMessagingRedirectAppType = $policy.protectedMessagingRedirectAppType $this.isAssigned = $policy.isAssigned $this.targetedAppManagementLevels = $policy.targetedAppManagementLevels $this.appGroupType = $policy.appGroupType $this.appDataEncryptionType = $policy.appDataEncryptionType $this.minimumRequiredSdkVersion = $policy.minimumRequiredSdkVersion $this.deployedAppCount = $policy.deployedAppCount $this.faceIdBlocked = $policy.faceIdBlocked $this.allowWidgetContentSync = $policy.allowWidgetContentSync $this.exemptedAppProtocols = $policy.exemptedAppProtocols $this.minimumWipeSdkVersion = $policy.minimumWipeSdkVersion $this.allowedIosDeviceModels = $policy.allowedIosDeviceModels $this.appActionIfIosDeviceModelNotAllowed = $policy.appActionIfIosDeviceModelNotAllowed $this.appActionIfAccountIsClockedOut = $policy.appActionIfAccountIsClockedOut $this.thirdPartyKeyboardsBlocked = $policy.thirdPartyKeyboardsBlocked $this.filterOpenInToOnlyManagedApps = $policy.filterOpenInToOnlyManagedApps $this.disableProtectionOfManagedOutboundOpenInData = $policy.disableProtectionOfManagedOutboundOpenInData $this.protectInboundDataFromUnknownSources = $policy.protectInboundDataFromUnknownSources $this.customBrowserProtocol = $policy.customBrowserProtocol $this.customDialerAppProtocol = $policy.customDialerAppProtocol $this.managedUniversalLinks = $policy.managedUniversalLinks $this.exemptedUniversalLinks = $policy.exemptedUniversalLinks $this.minimumWarningSdkVersion = $policy.minimumWarningSdkVersion $this.messagingRedirectAppUrlScheme = $policy.messagingRedirectAppUrlScheme } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmIosManagedAppProtection" } } #EndRegion '.\Classes\AppProtection\Get\GetEmMdmIosManagedAppProtection.ps1' 250 #Region '.\Classes\AppProtection\Get\GetEmMdmMdmWindowsInformationProtectionPolicy.ps1' -1 class GetEmMdmMdmWindowsInformationProtectionPolicy { [string]${@odata.type} [string]$displayName [string]$description [datetime]$createdDateTime [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [string]$id [string]$version [string]$enforcementLevel [string]$enterpriseDomain [object[]]$enterpriseProtectedDomainNames [bool]$protectionUnderLockConfigRequired [psobject]$dataRecoveryCertificate [bool]$revokeOnUnenrollDisabled [string]$rightsManagementServicesTemplateId [bool]$azureRightsManagementServicesAllowed [bool]$iconsVisible [object[]]$protectedApps [object[]]$exemptApps [object[]]$enterpriseNetworkDomainNames [object[]]$enterpriseProxiedDomains [object[]]$enterpriseIPRanges [bool]$enterpriseIPRangesAreAuthoritative [object[]]$enterpriseProxyServers [object[]]$enterpriseInternalProxyServers [bool]$enterpriseProxyServersAreAuthoritative [object[]]$neutralDomainResources [bool]$indexingEncryptedStoresOrItemsBlocked [object[]]$smbAutoEncryptedFileExtensions [bool]$isAssigned # Default constructor GetEmMdmMdmWindowsInformationProtectionPolicy() { $this."@odata.type" = '' $this.displayName = '' $this.description = '' $this.createdDateTime = [datetime]::MinValue $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.id = '' $this.version = '' $this.enforcementLevel = '' $this.enterpriseDomain = '' $this.enterpriseProtectedDomainNames = @() $this.protectionUnderLockConfigRequired = $false $this.dataRecoveryCertificate = $null $this.revokeOnUnenrollDisabled = $false $this.rightsManagementServicesTemplateId = '' $this.azureRightsManagementServicesAllowed = $false $this.iconsVisible = $false $this.protectedApps = @() $this.exemptApps = @() $this.enterpriseNetworkDomainNames = @() $this.enterpriseProxiedDomains = @() $this.enterpriseIPRanges = @() $this.enterpriseIPRangesAreAuthoritative = $false $this.enterpriseProxyServers = @() $this.enterpriseInternalProxyServers = @() $this.enterpriseProxyServersAreAuthoritative = $false $this.neutralDomainResources = @() $this.indexingEncryptedStoresOrItemsBlocked = $false $this.smbAutoEncryptedFileExtensions = @() $this.isAssigned = $false } # Parameterized constructor GetEmMdmMdmWindowsInformationProtectionPolicy ($policy) { $this."@odata.type" = $policy."@odata.type" $this.displayName = $policy.displayName $this.description = $policy.description $this.createdDateTime = $policy.createdDateTime $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.version = $policy.version $this.enforcementLevel = $policy.enforcementLevel $this.enterpriseDomain = $policy.enterpriseDomain $this.enterpriseProtectedDomainNames = $policy.enterpriseProtectedDomainNames $this.protectionUnderLockConfigRequired = $policy.protectionUnderLockConfigRequired $this.dataRecoveryCertificate = $policy.dataRecoveryCertificate $this.revokeOnUnenrollDisabled = $policy.revokeOnUnenrollDisabled $this.rightsManagementServicesTemplateId = $policy.rightsManagementServicesTemplateId $this.azureRightsManagementServicesAllowed = $policy.azureRightsManagementServicesAllowed $this.iconsVisible = $policy.iconsVisible $this.protectedApps = $policy.protectedApps $this.exemptApps = $policy.exemptApps $this.enterpriseNetworkDomainNames = $policy.enterpriseNetworkDomainNames $this.enterpriseProxiedDomains = $policy.enterpriseProxiedDomains $this.enterpriseIPRanges = $policy.enterpriseIPRanges $this.enterpriseIPRangesAreAuthoritative = $policy.enterpriseIPRangesAreAuthoritative $this.enterpriseProxyServers = $policy.enterpriseProxyServers $this.enterpriseInternalProxyServers = $policy.enterpriseInternalProxyServers $this.enterpriseProxyServersAreAuthoritative = $policy.enterpriseProxyServersAreAuthoritative $this.neutralDomainResources = $policy.neutralDomainResources $this.indexingEncryptedStoresOrItemsBlocked = $policy.indexingEncryptedStoresOrItemsBlocked $this.smbAutoEncryptedFileExtensions = $policy.smbAutoEncryptedFileExtensions $this.isAssigned = $policy.isAssigned } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmMdmWindowsInformationProtectionPolicy" } } #EndRegion '.\Classes\AppProtection\Get\GetEmMdmMdmWindowsInformationProtectionPolicy.ps1' 106 #Region '.\Classes\AppProtection\Get\GetEmMdmWindowsManagedAppProtection.ps1' -1 class GetEmMdmWindowsManagedAppProtection { [string]${@odata.type} [string]$displayName [string]$description [datetime]$createdDateTime [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [string]$id [string]$version [bool]$isAssigned [object]$deployedAppCount [bool]$printBlocked [string]$allowedInboundDataTransferSources [string]$allowedOutboundClipboardSharingLevel [string]$allowedOutboundDataTransferDestinations [string]$appActionIfUnableToAuthenticateUser [string]$maximumAllowedDeviceThreatLevel [string]$mobileThreatDefenseRemediationAction [string]$minimumRequiredSdkVersion [string]$minimumWipeSdkVersion [string]$minimumRequiredOsVersion [string]$minimumWarningOsVersion [string]$minimumWipeOsVersion [string]$minimumRequiredAppVersion [string]$minimumWarningAppVersion [string]$minimumWipeAppVersion [string]$maximumRequiredOsVersion [string]$maximumWarningOsVersion [string]$maximumWipeOsVersion [string]$periodOfflineBeforeWipeIsEnforced [string]$periodOfflineBeforeAccessCheck # Default constructor GetEmMdmWindowsManagedAppProtection() { $this."@odata.type" = '' $this.displayName = '' $this.description = '' $this.createdDateTime = [datetime]::MinValue $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.id = '' $this.version = '' $this.isAssigned = $false $this.deployedAppCount = $null $this.printBlocked = $false $this.allowedInboundDataTransferSources = '' $this.allowedOutboundClipboardSharingLevel = '' $this.allowedOutboundDataTransferDestinations = '' $this.appActionIfUnableToAuthenticateUser = '' $this.maximumAllowedDeviceThreatLevel = '' $this.mobileThreatDefenseRemediationAction = '' $this.minimumRequiredSdkVersion = '' $this.minimumWipeSdkVersion = '' $this.minimumRequiredOsVersion = '' $this.minimumWarningOsVersion = '' $this.minimumWipeOsVersion = '' $this.minimumRequiredAppVersion = '' $this.minimumWarningAppVersion = '' $this.minimumWipeAppVersion = '' $this.maximumRequiredOsVersion = '' $this.maximumWarningOsVersion = '' $this.maximumWipeOsVersion = '' $this.periodOfflineBeforeWipeIsEnforced = '' $this.periodOfflineBeforeAccessCheck = '' } # Parameterized constructor GetEmMdmWindowsManagedAppProtection ($policy) { $this."@odata.type" = $policy."@odata.type" $this.displayName = $policy.displayName $this.description = $policy.description $this.createdDateTime = $policy.createdDateTime $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.version = $policy.version $this.isAssigned = $policy.isAssigned $this.deployedAppCount = $policy.deployedAppCount $this.printBlocked = $policy.printBlocked $this.allowedInboundDataTransferSources = $policy.allowedInboundDataTransferSources $this.allowedOutboundClipboardSharingLevel = $policy.allowedOutboundClipboardSharingLevel $this.allowedOutboundDataTransferDestinations = $policy.allowedOutboundDataTransferDestinations $this.appActionIfUnableToAuthenticateUser = $policy.appActionIfUnableToAuthenticateUser $this.maximumAllowedDeviceThreatLevel = $policy.maximumAllowedDeviceThreatLevel $this.mobileThreatDefenseRemediationAction = $policy.mobileThreatDefenseRemediationAction $this.minimumRequiredSdkVersion = $policy.minimumRequiredSdkVersion $this.minimumWipeSdkVersion = $policy.minimumWipeSdkVersion $this.minimumRequiredOsVersion = $policy.minimumRequiredOsVersion $this.minimumWarningOsVersion = $policy.minimumWarningOsVersion $this.minimumWipeOsVersion = $policy.minimumWipeOsVersion $this.minimumRequiredAppVersion = $policy.minimumRequiredAppVersion $this.minimumWarningAppVersion = $policy.minimumWarningAppVersion $this.minimumWipeAppVersion = $policy.minimumWipeAppVersion $this.maximumRequiredOsVersion = $policy.maximumRequiredOsVersion $this.maximumWarningOsVersion = $policy.maximumWarningOsVersion $this.maximumWipeOsVersion = $policy.maximumWipeOsVersion $this.periodOfflineBeforeWipeIsEnforced = $policy.periodOfflineBeforeWipeIsEnforced $this.periodOfflineBeforeAccessCheck = $policy.periodOfflineBeforeAccessCheck } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmWindowsManagedAppProtection" } } #EndRegion '.\Classes\AppProtection\Get\GetEmMdmWindowsManagedAppProtection.ps1' 106 #Region '.\Classes\Auth\EmMdmAuthBase.ps1' -1 # Base authentication class class EmMdmAuthBase { EmMdmAuthBase() {} } # Client secret authentication class class EmMdmAuthClientSecret : EmMdmAuthBase { [string]$ClientSecretId [string]$ClientSecretTenantId [string]$ClientSecretValue EmMdmAuthClientSecret([string]$clientSecretId, [string]$clientSecretTenantId, [string]$clientSecretValue) : base() { $this.ClientSecretId = $clientSecretId $this.ClientSecretTenantId = $clientSecretTenantId $this.ClientSecretValue = $clientSecretValue } } # Certificate thumbprint authentication class class EmMdmAuthCertificateThumbprint : EmMdmAuthBase { [string]$CertificateThumbprintClientId [string]$CertificateThumbprintTenantId [string]$CertificateThumbprint EmMdmAuthCertificateThumbprint([string]$certificateThumbprintClientId, [string]$certificateThumbprintTenantId, [string]$certificateThumbprint) : base() { $this.CertificateThumbprintClientId = $certificateThumbprintClientId $this.CertificateThumbprintTenantId = $certificateThumbprintTenantId $this.CertificateThumbprint = $certificateThumbprint } } # Certificate name authentication class class EmMdmAuthCertificateName : EmMdmAuthBase { [string]$CertificateNameClientId [string]$CertificateNameTenantId [string]$CertificateName EmMdmAuthCertificateName([string]$certificateNameClientId, [string]$certificateNameTenantId, [string]$certificateName) : base() { $this.CertificateNameClientId = $certificateNameClientId $this.CertificateNameTenantId = $certificateNameTenantId $this.CertificateName = $certificateName } } # Managed identity authentication class class EmMdmAuthManagedIdentity : EmMdmAuthBase { [bool]$SystemAssignedIdentity EmMdmAuthManagedIdentity([bool]$systemAssignedIdentity) : base() { $this.SystemAssignedIdentity = $systemAssignedIdentity } } # Access token authentication class class EmMdmAuthAccessToken : EmMdmAuthBase { [SecureString]$AccessToken EmMdmAuthAccessToken([SecureString]$accessToken) : base() { $this.AccessToken = $accessToken } } # Environment variable authentication class class EmMdmAuthEnvironmentVariable : EmMdmAuthBase { EmMdmAuthEnvironmentVariable() : base() {} } # X509 certificate authentication class class EmMdmAuthX509Certificate : EmMdmAuthBase { [string]$ClientId [string]$CertificateSubjectName [string]$CertificateThumbprint [System.Security.Cryptography.X509Certificates.X509Certificate2]$Certificate [string]$TenantId EmMdmAuthX509Certificate([string]$clientId, [string]$certificateSubjectName, [string]$certificateThumbprint, [System.Security.Cryptography.X509Certificates.X509Certificate2]$certificate, [string]$tenantId) : base() { $this.ClientId = $clientId $this.CertificateSubjectName = $certificateSubjectName $this.CertificateThumbprint = $certificateThumbprint $this.Certificate = $certificate $this.TenantId = $tenantId } } #EndRegion '.\Classes\Auth\EmMdmAuthBase.ps1' 78 #Region '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidCompliancePolicyBeta.ps1' -1 class CreateEmMdmAndroidCompliancePolicyBeta { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$passwordRequired [object]$passwordMinimumLength [string]$passwordRequiredType [string]$requiredPasswordComplexity [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [bool]$securityPreventInstallAppsFromUnknownSources [bool]$securityDisableUsbDebugging [bool]$securityRequireVerifyApps [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$securityBlockJailbrokenDevices [bool]$securityBlockDeviceAdministratorManagedDevices [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$storageRequireEncryption [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [bool]$securityRequireGooglePlayServices [bool]$securityRequireUpToDateSecurityProviders [bool]$securityRequireCompanyPortalAppIntegrity [string]$conditionStatementId [object[]]$restrictedApps # Default constructor CreateEmMdmAndroidCompliancePolicyBeta() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.securityPreventInstallAppsFromUnknownSources = $false $this.securityDisableUsbDebugging = $false $this.securityRequireVerifyApps = $false $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.advancedThreatProtectionRequiredSecurityLevel = '' $this.securityBlockJailbrokenDevices = $false $this.securityBlockDeviceAdministratorManagedDevices = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.storageRequireEncryption = $false $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.securityRequireGooglePlayServices = $false $this.securityRequireUpToDateSecurityProviders = $false $this.securityRequireCompanyPortalAppIntegrity = $false $this.conditionStatementId = '' $this.restrictedApps = @() } # Parameterized constructor CreateEmMdmAndroidCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.securityPreventInstallAppsFromUnknownSources = $policy.securityPreventInstallAppsFromUnknownSources $this.securityDisableUsbDebugging = $policy.securityDisableUsbDebugging $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.securityBlockDeviceAdministratorManagedDevices = $policy.securityBlockDeviceAdministratorManagedDevices $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.securityRequireGooglePlayServices = $policy.securityRequireGooglePlayServices $this.securityRequireUpToDateSecurityProviders = $policy.securityRequireUpToDateSecurityProviders $this.securityRequireCompanyPortalAppIntegrity = $policy.securityRequireCompanyPortalAppIntegrity $this.conditionStatementId = $policy.conditionStatementId $this.restrictedApps = $policy.restrictedApps } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMdmAndroidCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidCompliancePolicyBeta.ps1' 109 #Region '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidDeviceOwnerCompliancePolicyBeta.ps1' -1 class CreateEmMdmAndroidDeviceOwnerCompliancePolicyBeta { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$passwordRequired [object]$passwordMinimumLength [object]$passwordMinimumLetterCharacters [object]$passwordMinimumLowerCaseCharacters [object]$passwordMinimumNonLetterCharacters [object]$passwordMinimumNumericCharacters [object]$passwordMinimumSymbolCharacters [object]$passwordMinimumUpperCaseCharacters [string]$passwordRequiredType [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordCountToBlock [bool]$storageRequireEncryption [bool]$securityRequireIntuneAppIntegrity [bool]$requireNoPendingSystemUpdates [string]$securityRequiredAndroidSafetyNetEvaluationType # Default constructor CreateEmMdmAndroidDeviceOwnerCompliancePolicyBeta() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.advancedThreatProtectionRequiredSecurityLevel = '' $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordMinimumLetterCharacters = $null $this.passwordMinimumLowerCaseCharacters = $null $this.passwordMinimumNonLetterCharacters = $null $this.passwordMinimumNumericCharacters = $null $this.passwordMinimumSymbolCharacters = $null $this.passwordMinimumUpperCaseCharacters = $null $this.passwordRequiredType = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordCountToBlock = $null $this.storageRequireEncryption = $false $this.securityRequireIntuneAppIntegrity = $false $this.requireNoPendingSystemUpdates = $false $this.securityRequiredAndroidSafetyNetEvaluationType = '' } # Parameterized constructor CreateEmMdmAndroidDeviceOwnerCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinimumLetterCharacters = $policy.passwordMinimumLetterCharacters $this.passwordMinimumLowerCaseCharacters = $policy.passwordMinimumLowerCaseCharacters $this.passwordMinimumNonLetterCharacters = $policy.passwordMinimumNonLetterCharacters $this.passwordMinimumNumericCharacters = $policy.passwordMinimumNumericCharacters $this.passwordMinimumSymbolCharacters = $policy.passwordMinimumSymbolCharacters $this.passwordMinimumUpperCaseCharacters = $policy.passwordMinimumUpperCaseCharacters $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordCountToBlock = $policy.passwordPreviousPasswordCountToBlock $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireIntuneAppIntegrity = $policy.securityRequireIntuneAppIntegrity $this.requireNoPendingSystemUpdates = $policy.requireNoPendingSystemUpdates $this.securityRequiredAndroidSafetyNetEvaluationType = $policy.securityRequiredAndroidSafetyNetEvaluationType } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMdmAndroidDeviceOwnerCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidDeviceOwnerCompliancePolicyBeta.ps1' 100 #Region '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidForWorkCompliancePolicyBeta.ps1' -1 class CreateEmMdmAndroidForWorkCompliancePolicyBeta { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$passwordRequired [object]$passwordMinimumLength [string]$passwordRequiredType [string]$requiredPasswordComplexity [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [object]$workProfilePasswordExpirationInDays [object]$workProfilePasswordMinimumLength [object]$workProfileInactiveBeforeScreenLockInMinutes [object]$workProfilePreviousPasswordBlockCount [string]$workProfilePasswordRequiredType [string]$workProfileRequiredPasswordComplexity [bool]$workProfileRequirePassword [bool]$securityPreventInstallAppsFromUnknownSources [bool]$securityDisableUsbDebugging [bool]$securityRequireVerifyApps [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [bool]$securityBlockJailbrokenDevices [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$storageRequireEncryption [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [bool]$securityRequireGooglePlayServices [bool]$securityRequireUpToDateSecurityProviders [bool]$securityRequireCompanyPortalAppIntegrity [string]$securityRequiredAndroidSafetyNetEvaluationType # Default constructor CreateEmMdmAndroidForWorkCompliancePolicyBeta() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.workProfilePasswordExpirationInDays = $null $this.workProfilePasswordMinimumLength = $null $this.workProfileInactiveBeforeScreenLockInMinutes = $null $this.workProfilePreviousPasswordBlockCount = $null $this.workProfilePasswordRequiredType = '' $this.workProfileRequiredPasswordComplexity = '' $this.workProfileRequirePassword = $false $this.securityPreventInstallAppsFromUnknownSources = $false $this.securityDisableUsbDebugging = $false $this.securityRequireVerifyApps = $false $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.securityBlockJailbrokenDevices = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.storageRequireEncryption = $false $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.securityRequireGooglePlayServices = $false $this.securityRequireUpToDateSecurityProviders = $false $this.securityRequireCompanyPortalAppIntegrity = $false $this.securityRequiredAndroidSafetyNetEvaluationType = '' } # Parameterized constructor CreateEmMdmAndroidForWorkCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.workProfilePasswordExpirationInDays = $policy.workProfilePasswordExpirationInDays $this.workProfilePasswordMinimumLength = $policy.workProfilePasswordMinimumLength $this.workProfileInactiveBeforeScreenLockInMinutes = $policy.workProfileInactiveBeforeScreenLockInMinutes $this.workProfilePreviousPasswordBlockCount = $policy.workProfilePreviousPasswordBlockCount $this.workProfilePasswordRequiredType = $policy.workProfilePasswordRequiredType $this.workProfileRequiredPasswordComplexity = $policy.workProfileRequiredPasswordComplexity $this.workProfileRequirePassword = $policy.workProfileRequirePassword $this.securityPreventInstallAppsFromUnknownSources = $policy.securityPreventInstallAppsFromUnknownSources $this.securityDisableUsbDebugging = $policy.securityDisableUsbDebugging $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.securityRequireGooglePlayServices = $policy.securityRequireGooglePlayServices $this.securityRequireUpToDateSecurityProviders = $policy.securityRequireUpToDateSecurityProviders $this.securityRequireCompanyPortalAppIntegrity = $policy.securityRequireCompanyPortalAppIntegrity $this.securityRequiredAndroidSafetyNetEvaluationType = $policy.securityRequiredAndroidSafetyNetEvaluationType } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMdmAndroidForWorkCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidForWorkCompliancePolicyBeta.ps1' 121 #Region '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidWorkProfileCompliancePolicyBeta.ps1' -1 class CreateEmMdmAndroidWorkProfileCompliancePolicyBeta { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$passwordRequired [object]$passwordMinimumLength [string]$passwordRequiredType [string]$requiredPasswordComplexity [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [object]$workProfilePasswordExpirationInDays [object]$workProfilePasswordMinimumLength [object]$workProfileInactiveBeforeScreenLockInMinutes [object]$workProfilePreviousPasswordBlockCount [string]$workProfilePasswordRequiredType [string]$workProfileRequiredPasswordComplexity [bool]$workProfileRequirePassword [bool]$securityPreventInstallAppsFromUnknownSources [bool]$securityDisableUsbDebugging [bool]$securityRequireVerifyApps [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$securityBlockJailbrokenDevices [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$storageRequireEncryption [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [bool]$securityRequireGooglePlayServices [bool]$securityRequireUpToDateSecurityProviders [bool]$securityRequireCompanyPortalAppIntegrity [string]$securityRequiredAndroidSafetyNetEvaluationType # Default constructor CreateEmMdmAndroidWorkProfileCompliancePolicyBeta() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.workProfilePasswordExpirationInDays = $null $this.workProfilePasswordMinimumLength = $null $this.workProfileInactiveBeforeScreenLockInMinutes = $null $this.workProfilePreviousPasswordBlockCount = $null $this.workProfilePasswordRequiredType = '' $this.workProfileRequiredPasswordComplexity = '' $this.workProfileRequirePassword = $false $this.securityPreventInstallAppsFromUnknownSources = $false $this.securityDisableUsbDebugging = $false $this.securityRequireVerifyApps = $false $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.advancedThreatProtectionRequiredSecurityLevel = '' $this.securityBlockJailbrokenDevices = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.storageRequireEncryption = $false $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.securityRequireGooglePlayServices = $false $this.securityRequireUpToDateSecurityProviders = $false $this.securityRequireCompanyPortalAppIntegrity = $false $this.securityRequiredAndroidSafetyNetEvaluationType = '' } # Parameterized constructor CreateEmMdmAndroidWorkProfileCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.workProfilePasswordExpirationInDays = $policy.workProfilePasswordExpirationInDays $this.workProfilePasswordMinimumLength = $policy.workProfilePasswordMinimumLength $this.workProfileInactiveBeforeScreenLockInMinutes = $policy.workProfileInactiveBeforeScreenLockInMinutes $this.workProfilePreviousPasswordBlockCount = $policy.workProfilePreviousPasswordBlockCount $this.workProfilePasswordRequiredType = $policy.workProfilePasswordRequiredType $this.workProfileRequiredPasswordComplexity = $policy.workProfileRequiredPasswordComplexity $this.workProfileRequirePassword = $policy.workProfileRequirePassword $this.securityPreventInstallAppsFromUnknownSources = $policy.securityPreventInstallAppsFromUnknownSources $this.securityDisableUsbDebugging = $policy.securityDisableUsbDebugging $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.securityRequireGooglePlayServices = $policy.securityRequireGooglePlayServices $this.securityRequireUpToDateSecurityProviders = $policy.securityRequireUpToDateSecurityProviders $this.securityRequireCompanyPortalAppIntegrity = $policy.securityRequireCompanyPortalAppIntegrity $this.securityRequiredAndroidSafetyNetEvaluationType = $policy.securityRequiredAndroidSafetyNetEvaluationType } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMdmAndroidWorkProfileCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Create\CreateEmMdmAndroidWorkProfileCompliancePolicyBeta.ps1' 124 #Region '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicyAndroidv1.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-androidcompliancepolicy?view=graph-rest-1.0#json-representation { "@odata.type": "#microsoft.graph.androidCompliancePolicy", "id": "String (identifier)", "createdDateTime": "String (timestamp)", "description": "String", "lastModifiedDateTime": "String (timestamp)", "displayName": "String", "version": 1024, "passwordRequired": true, "passwordMinimumLength": 1024, "passwordRequiredType": "String", "passwordMinutesOfInactivityBeforeLock": 1024, "passwordExpirationDays": 1024, "passwordPreviousPasswordBlockCount": 1024, "securityPreventInstallAppsFromUnknownSources": true, "securityDisableUsbDebugging": true, "securityRequireVerifyApps": true, "deviceThreatProtectionEnabled": true, "deviceThreatProtectionRequiredSecurityLevel": "String", "securityBlockJailbrokenDevices": true, "osMinimumVersion": "String", "osMaximumVersion": "String", "minAndroidSecurityPatchLevel": "String", "storageRequireEncryption": true, "securityRequireSafetyNetAttestationBasicIntegrity": true, "securityRequireSafetyNetAttestationCertifiedDevice": true, "securityRequireGooglePlayServices": true, "securityRequireUpToDateSecurityProviders": true, "securityRequireCompanyPortalAppIntegrity": true } #> class GetEmMdmCompliancePolicyAndroidv1 { [string]${@odata.type} [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [int]$version [bool]$passwordRequired [int]$passwordMinimumLength [string]$passwordRequiredType [int]$passwordMinutesOfInactivityBeforeLock [int]$passwordExpirationDays [int]$passwordPreviousPasswordBlockCount [bool]$securityPreventInstallAppsFromUnknownSources [bool]$securityDisableUsbDebugging [bool]$securityRequireVerifyApps [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [bool]$securityBlockJailbrokenDevices [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$storageRequireEncryption [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [bool]$securityRequireGooglePlayServices [bool]$securityRequireUpToDateSecurityProviders [bool]$securityRequireCompanyPortalAppIntegrity GetEmMdmCompliancePolicyAndroidv1 ($policy) { $this."@odata.type" = "#microsoft.graph.androidCompliancePolicy" $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.securityPreventInstallAppsFromUnknownSources = $policy.securityPreventInstallAppsFromUnknownSources $this.securityDisableUsbDebugging = $policy.securityDisableUsbDebugging $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.securityRequireGooglePlayServices = $policy.securityRequireGooglePlayServices $this.securityRequireUpToDateSecurityProviders = $policy.securityRequireUpToDateSecurityProviders $this.securityRequireCompanyPortalAppIntegrity = $policy.securityRequireCompanyPortalAppIntegrity } } #EndRegion '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicyAndroidv1.ps1' 95 #Region '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicyiOSv1.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-ioscompliancepolicy?view=graph-rest-1.0#json-representation { "@odata.type": "#microsoft.graph.iosCompliancePolicy", "id": "String (identifier)", "createdDateTime": "String (timestamp)", "description": "String", "lastModifiedDateTime": "String (timestamp)", "displayName": "String", "version": 1024, "passcodeBlockSimple": true, "passcodeExpirationDays": 1024, "passcodeMinimumLength": 1024, "passcodeMinutesOfInactivityBeforeLock": 1024, "passcodePreviousPasscodeBlockCount": 1024, "passcodeMinimumCharacterSetCount": 1024, "passcodeRequiredType": "String", "passcodeRequired": true, "osMinimumVersion": "String", "osMaximumVersion": "String", "securityBlockJailbrokenDevices": true, "deviceThreatProtectionEnabled": true, "deviceThreatProtectionRequiredSecurityLevel": "String", "managedEmailProfileRequired": true } #> class GetEmMdmCompliancePolicyiOSv1 { [string]${@odata.type} [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [int]$version [bool]$passcodeBlockSimple [int]$passcodeExpirationDays [int]$passcodeMinimumLength [int]$passcodeMinutesOfInactivityBeforeLock [int]$passcodePreviousPasscodeBlockCount [int]$passcodeMinimumCharacterSetCount [string]$passcodeRequiredType [bool]$passcodeRequired [string]$osMinimumVersion [string]$osMaximumVersion [bool]$securityBlockJailbrokenDevices [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [bool]$managedEmailProfileRequired GetEmMdmCompliancePolicyiOSv1 ($policy) { $this."@odata.type" = "#microsoft.graph.iosCompliancePolicy" $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passcodeBlockSimple = $policy.passcodeBlockSimple $this.passcodeExpirationDays = $policy.passcodeExpirationDays $this.passcodeMinimumLength = $policy.passcodeMinimumLength $this.passcodeMinutesOfInactivityBeforeLock = $policy.passcodeMinutesOfInactivityBeforeLock $this.passcodePreviousPasscodeBlockCount = $policy.passcodePreviousPasscodeBlockCount $this.passcodeMinimumCharacterSetCount = $policy.passcodeMinimumCharacterSetCount $this.passcodeRequiredType = $policy.passcodeRequiredType $this.passcodeRequired = $policy.passcodeRequired $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.managedEmailProfileRequired = $policy.managedEmailProfileRequired } } #EndRegion '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicyiOSv1.ps1' 74 #Region '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicymacOSv1.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-macoscompliancepolicy?view=graph-rest-1.0 { "@odata.type": "#microsoft.graph.macOSCompliancePolicy", "id": "String (identifier)", "createdDateTime": "String (timestamp)", "description": "String", "lastModifiedDateTime": "String (timestamp)", "displayName": "String", "version": 1024, "passwordRequired": true, "passwordBlockSimple": true, "passwordExpirationDays": 1024, "passwordMinimumLength": 1024, "passwordMinutesOfInactivityBeforeLock": 1024, "passwordPreviousPasswordBlockCount": 1024, "passwordMinimumCharacterSetCount": 1024, "passwordRequiredType": "String", "osMinimumVersion": "String", "osMaximumVersion": "String", "systemIntegrityProtectionEnabled": true, "deviceThreatProtectionEnabled": true, "deviceThreatProtectionRequiredSecurityLevel": "String", "storageRequireEncryption": true, "firewallEnabled": true, "firewallBlockAllIncoming": true, "firewallEnableStealthMode": true } #> class GetEmMdmCompliancePolicymacOSv1 { [string]${@odata.type} [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [int]$version [bool]$passwordRequired [bool]$passwordBlockSimple [int]$passwordExpirationDays [int]$passwordMinimumLength [int]$passwordMinutesOfInactivityBeforeLock [int]$passwordPreviousPasswordBlockCount [int]$passwordMinimumCharacterSetCount [string]$passwordRequiredType [string]$osMinimumVersion [string]$osMaximumVersion [bool]$systemIntegrityProtectionEnabled [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [bool]$storageRequireEncryption [bool]$firewallEnabled [bool]$firewallBlockAllIncoming [bool]$firewallEnableStealthMode GetEmMdmCompliancePolicymacOSv1 ($policy) { $this."@odata.type" = "#microsoft.graph.macOSCompliancePolicy" $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordRequiredType = $policy.passwordRequiredType $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.systemIntegrityProtectionEnabled = $policy.systemIntegrityProtectionEnabled $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.firewallEnabled = $policy.firewallEnabled $this.firewallBlockAllIncoming = $policy.firewallBlockAllIncoming $this.firewallEnableStealthMode = $policy.firewallEnableStealthMode } } #EndRegion '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicymacOSv1.ps1' 83 #Region '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicyWindows10v1.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-windows10compliancepolicy?view=graph-rest-1.0 { "@odata.type": "#microsoft.graph.windows10CompliancePolicy", "id": "String (identifier)", "createdDateTime": "String (timestamp)", "description": "String", "lastModifiedDateTime": "String (timestamp)", "displayName": "String", "version": 1024, "passwordRequired": true, "passwordBlockSimple": true, "passwordRequiredToUnlockFromIdle": true, "passwordMinutesOfInactivityBeforeLock": 1024, "passwordExpirationDays": 1024, "passwordMinimumLength": 1024, "passwordMinimumCharacterSetCount": 1024, "passwordRequiredType": "String", "passwordPreviousPasswordBlockCount": 1024, "requireHealthyDeviceReport": true, "osMinimumVersion": "String", "osMaximumVersion": "String", "mobileOsMinimumVersion": "String", "mobileOsMaximumVersion": "String", "earlyLaunchAntiMalwareDriverEnabled": true, "bitLockerEnabled": true, "secureBootEnabled": true, "codeIntegrityEnabled": true, "storageRequireEncryption": true } #> class GetEmMdmCompliancePolicyWindows10v1 { [string]${@odata.type} [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [int]$version [bool]$passwordRequired [bool]$passwordBlockSimple [bool]$passwordRequiredToUnlockFromIdle [int]$passwordMinutesOfInactivityBeforeLock [int]$passwordExpirationDays [int]$passwordMinimumLength [int]$passwordMinimumCharacterSetCount [string]$passwordRequiredType [int]$passwordPreviousPasswordBlockCount [bool]$requireHealthyDeviceReport [string]$osMinimumVersion [string]$osMaximumVersion [string]$mobileOsMinimumVersion [string]$mobileOsMaximumVersion [bool]$earlyLaunchAntiMalwareDriverEnabled [bool]$bitLockerEnabled [bool]$secureBootEnabled [bool]$codeIntegrityEnabled [bool]$storageRequireEncryption GetEmMdmCompliancePolicyWindows10v1 ($policy) { $this."@odata.type" = "#microsoft.graph.windows10CompliancePolicy" $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordRequiredToUnlockFromIdle = $policy.passwordRequiredToUnlockFromIdle $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.requireHealthyDeviceReport = $policy.requireHealthyDeviceReport $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.mobileOsMinimumVersion = $policy.mobileOsMinimumVersion $this.mobileOsMaximumVersion = $policy.mobileOsMaximumVersion $this.earlyLaunchAntiMalwareDriverEnabled = $policy.earlyLaunchAntiMalwareDriverEnabled $this.bitLockerEnabled = $policy.bitLockerEnabled $this.secureBootEnabled = $policy.secureBootEnabled $this.codeIntegrityEnabled = $policy.codeIntegrityEnabled $this.storageRequireEncryption = $policy.storageRequireEncryption } } #EndRegion '.\Classes\CompliancePolicy\Get\1.0\GetEmMdmCompliancePolicyWindows10v1.ps1' 89 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidCompliancePolicyBeta.ps1' -1 class GetEmMdmAndroidCompliancePolicyBeta { [string]${@odata.type} [object[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [object]$version [bool]$passwordRequired [object]$passwordMinimumLength [string]$passwordRequiredType [string]$requiredPasswordComplexity [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [bool]$securityPreventInstallAppsFromUnknownSources [bool]$securityDisableUsbDebugging [bool]$securityRequireVerifyApps [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$securityBlockJailbrokenDevices [bool]$securityBlockDeviceAdministratorManagedDevices [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$storageRequireEncryption [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [bool]$securityRequireGooglePlayServices [bool]$securityRequireUpToDateSecurityProviders [bool]$securityRequireCompanyPortalAppIntegrity [string]$conditionStatementId [object[]]$restrictedApps # Default constructor GetEmMdmAndroidCompliancePolicyBeta() { $this."@odata.type" = '' $this.roleScopeTagIds = @() $this.id = '' $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.displayName = '' $this.version = $null $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.securityPreventInstallAppsFromUnknownSources = $false $this.securityDisableUsbDebugging = $false $this.securityRequireVerifyApps = $false $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.advancedThreatProtectionRequiredSecurityLevel = '' $this.securityBlockJailbrokenDevices = $false $this.securityBlockDeviceAdministratorManagedDevices = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.storageRequireEncryption = $false $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.securityRequireGooglePlayServices = $false $this.securityRequireUpToDateSecurityProviders = $false $this.securityRequireCompanyPortalAppIntegrity = $false $this.conditionStatementId = '' $this.restrictedApps = @() } # Parameterized constructor GetEmMdmAndroidCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.securityPreventInstallAppsFromUnknownSources = $policy.securityPreventInstallAppsFromUnknownSources $this.securityDisableUsbDebugging = $policy.securityDisableUsbDebugging $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.securityBlockDeviceAdministratorManagedDevices = $policy.securityBlockDeviceAdministratorManagedDevices $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.securityRequireGooglePlayServices = $policy.securityRequireGooglePlayServices $this.securityRequireUpToDateSecurityProviders = $policy.securityRequireUpToDateSecurityProviders $this.securityRequireCompanyPortalAppIntegrity = $policy.securityRequireCompanyPortalAppIntegrity $this.conditionStatementId = $policy.conditionStatementId $this.restrictedApps = $policy.restrictedApps } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmAndroidCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidCompliancePolicyBeta.ps1' 121 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidDeviceOwnerCompliancePolicyBeta.ps1' -1 class GetEmMdmAndroidDeviceOwnerCompliancePolicyBeta { [string]${@odata.type} [object[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [object]$version [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$passwordRequired [object]$passwordMinimumLength [object]$passwordMinimumLetterCharacters [object]$passwordMinimumLowerCaseCharacters [object]$passwordMinimumNonLetterCharacters [object]$passwordMinimumNumericCharacters [object]$passwordMinimumSymbolCharacters [object]$passwordMinimumUpperCaseCharacters [string]$passwordRequiredType [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordCountToBlock [bool]$storageRequireEncryption [bool]$securityRequireIntuneAppIntegrity [bool]$requireNoPendingSystemUpdates [string]$securityRequiredAndroidSafetyNetEvaluationType # Default constructor GetEmMdmAndroidDeviceOwnerCompliancePolicyBeta() { $this."@odata.type" = '' $this.roleScopeTagIds = @() $this.id = '' $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.displayName = '' $this.version = $null $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.advancedThreatProtectionRequiredSecurityLevel = '' $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordMinimumLetterCharacters = $null $this.passwordMinimumLowerCaseCharacters = $null $this.passwordMinimumNonLetterCharacters = $null $this.passwordMinimumNumericCharacters = $null $this.passwordMinimumSymbolCharacters = $null $this.passwordMinimumUpperCaseCharacters = $null $this.passwordRequiredType = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordCountToBlock = $null $this.storageRequireEncryption = $false $this.securityRequireIntuneAppIntegrity = $false $this.requireNoPendingSystemUpdates = $false $this.securityRequiredAndroidSafetyNetEvaluationType = '' } # Parameterized constructor GetEmMdmAndroidDeviceOwnerCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinimumLetterCharacters = $policy.passwordMinimumLetterCharacters $this.passwordMinimumLowerCaseCharacters = $policy.passwordMinimumLowerCaseCharacters $this.passwordMinimumNonLetterCharacters = $policy.passwordMinimumNonLetterCharacters $this.passwordMinimumNumericCharacters = $policy.passwordMinimumNumericCharacters $this.passwordMinimumSymbolCharacters = $policy.passwordMinimumSymbolCharacters $this.passwordMinimumUpperCaseCharacters = $policy.passwordMinimumUpperCaseCharacters $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordCountToBlock = $policy.passwordPreviousPasswordCountToBlock $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireIntuneAppIntegrity = $policy.securityRequireIntuneAppIntegrity $this.requireNoPendingSystemUpdates = $policy.requireNoPendingSystemUpdates $this.securityRequiredAndroidSafetyNetEvaluationType = $policy.securityRequiredAndroidSafetyNetEvaluationType } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmAndroidDeviceOwnerCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidDeviceOwnerCompliancePolicyBeta.ps1' 112 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidForWorkCompliancePolicyBeta.ps1' -1 class GetEmMdmAndroidForWorkCompliancePolicyBeta { [string]${@odata.type} [object[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [object]$version [bool]$passwordRequired [object]$passwordMinimumLength [string]$passwordRequiredType [string]$requiredPasswordComplexity [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [object]$workProfilePasswordExpirationInDays [object]$workProfilePasswordMinimumLength [object]$workProfileInactiveBeforeScreenLockInMinutes [object]$workProfilePreviousPasswordBlockCount [string]$workProfilePasswordRequiredType [string]$workProfileRequiredPasswordComplexity [bool]$workProfileRequirePassword [bool]$securityPreventInstallAppsFromUnknownSources [bool]$securityDisableUsbDebugging [bool]$securityRequireVerifyApps [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [bool]$securityBlockJailbrokenDevices [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$storageRequireEncryption [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [bool]$securityRequireGooglePlayServices [bool]$securityRequireUpToDateSecurityProviders [bool]$securityRequireCompanyPortalAppIntegrity [string]$securityRequiredAndroidSafetyNetEvaluationType # Default constructor GetEmMdmAndroidForWorkCompliancePolicyBeta() { $this."@odata.type" = '' $this.roleScopeTagIds = @() $this.id = '' $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.displayName = '' $this.version = $null $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.workProfilePasswordExpirationInDays = $null $this.workProfilePasswordMinimumLength = $null $this.workProfileInactiveBeforeScreenLockInMinutes = $null $this.workProfilePreviousPasswordBlockCount = $null $this.workProfilePasswordRequiredType = '' $this.workProfileRequiredPasswordComplexity = '' $this.workProfileRequirePassword = $false $this.securityPreventInstallAppsFromUnknownSources = $false $this.securityDisableUsbDebugging = $false $this.securityRequireVerifyApps = $false $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.securityBlockJailbrokenDevices = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.storageRequireEncryption = $false $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.securityRequireGooglePlayServices = $false $this.securityRequireUpToDateSecurityProviders = $false $this.securityRequireCompanyPortalAppIntegrity = $false $this.securityRequiredAndroidSafetyNetEvaluationType = '' } # Parameterized constructor GetEmMdmAndroidForWorkCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.workProfilePasswordExpirationInDays = $policy.workProfilePasswordExpirationInDays $this.workProfilePasswordMinimumLength = $policy.workProfilePasswordMinimumLength $this.workProfileInactiveBeforeScreenLockInMinutes = $policy.workProfileInactiveBeforeScreenLockInMinutes $this.workProfilePreviousPasswordBlockCount = $policy.workProfilePreviousPasswordBlockCount $this.workProfilePasswordRequiredType = $policy.workProfilePasswordRequiredType $this.workProfileRequiredPasswordComplexity = $policy.workProfileRequiredPasswordComplexity $this.workProfileRequirePassword = $policy.workProfileRequirePassword $this.securityPreventInstallAppsFromUnknownSources = $policy.securityPreventInstallAppsFromUnknownSources $this.securityDisableUsbDebugging = $policy.securityDisableUsbDebugging $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.securityRequireGooglePlayServices = $policy.securityRequireGooglePlayServices $this.securityRequireUpToDateSecurityProviders = $policy.securityRequireUpToDateSecurityProviders $this.securityRequireCompanyPortalAppIntegrity = $policy.securityRequireCompanyPortalAppIntegrity $this.securityRequiredAndroidSafetyNetEvaluationType = $policy.securityRequiredAndroidSafetyNetEvaluationType } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmAndroidForWorkCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidForWorkCompliancePolicyBeta.ps1' 133 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidWorkProfileCompliancePolicyBeta.ps1' -1 class GetEmMdmAndroidWorkProfileCompliancePolicyBeta { [string]${@odata.type} [object[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [object]$version [bool]$passwordRequired [object]$passwordMinimumLength [string]$passwordRequiredType [string]$requiredPasswordComplexity [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordExpirationDays [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [object]$workProfilePasswordExpirationInDays [object]$workProfilePasswordMinimumLength [object]$workProfileInactiveBeforeScreenLockInMinutes [object]$workProfilePreviousPasswordBlockCount [string]$workProfilePasswordRequiredType [string]$workProfileRequiredPasswordComplexity [bool]$workProfileRequirePassword [bool]$securityPreventInstallAppsFromUnknownSources [bool]$securityDisableUsbDebugging [bool]$securityRequireVerifyApps [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$securityBlockJailbrokenDevices [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$storageRequireEncryption [bool]$securityRequireSafetyNetAttestationBasicIntegrity [bool]$securityRequireSafetyNetAttestationCertifiedDevice [bool]$securityRequireGooglePlayServices [bool]$securityRequireUpToDateSecurityProviders [bool]$securityRequireCompanyPortalAppIntegrity [string]$securityRequiredAndroidSafetyNetEvaluationType # Default constructor GetEmMdmAndroidWorkProfileCompliancePolicyBeta() { $this."@odata.type" = '' $this.roleScopeTagIds = @() $this.id = '' $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.displayName = '' $this.version = $null $this.passwordRequired = $false $this.passwordMinimumLength = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordExpirationDays = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.workProfilePasswordExpirationInDays = $null $this.workProfilePasswordMinimumLength = $null $this.workProfileInactiveBeforeScreenLockInMinutes = $null $this.workProfilePreviousPasswordBlockCount = $null $this.workProfilePasswordRequiredType = '' $this.workProfileRequiredPasswordComplexity = '' $this.workProfileRequirePassword = $false $this.securityPreventInstallAppsFromUnknownSources = $false $this.securityDisableUsbDebugging = $false $this.securityRequireVerifyApps = $false $this.deviceThreatProtectionEnabled = $false $this.deviceThreatProtectionRequiredSecurityLevel = '' $this.advancedThreatProtectionRequiredSecurityLevel = '' $this.securityBlockJailbrokenDevices = $false $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.storageRequireEncryption = $false $this.securityRequireSafetyNetAttestationBasicIntegrity = $false $this.securityRequireSafetyNetAttestationCertifiedDevice = $false $this.securityRequireGooglePlayServices = $false $this.securityRequireUpToDateSecurityProviders = $false $this.securityRequireCompanyPortalAppIntegrity = $false $this.securityRequiredAndroidSafetyNetEvaluationType = '' } # Parameterized constructor GetEmMdmAndroidWorkProfileCompliancePolicyBeta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.workProfilePasswordExpirationInDays = $policy.workProfilePasswordExpirationInDays $this.workProfilePasswordMinimumLength = $policy.workProfilePasswordMinimumLength $this.workProfileInactiveBeforeScreenLockInMinutes = $policy.workProfileInactiveBeforeScreenLockInMinutes $this.workProfilePreviousPasswordBlockCount = $policy.workProfilePreviousPasswordBlockCount $this.workProfilePasswordRequiredType = $policy.workProfilePasswordRequiredType $this.workProfileRequiredPasswordComplexity = $policy.workProfileRequiredPasswordComplexity $this.workProfileRequirePassword = $policy.workProfileRequirePassword $this.securityPreventInstallAppsFromUnknownSources = $policy.securityPreventInstallAppsFromUnknownSources $this.securityDisableUsbDebugging = $policy.securityDisableUsbDebugging $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.securityRequireSafetyNetAttestationBasicIntegrity = $policy.securityRequireSafetyNetAttestationBasicIntegrity $this.securityRequireSafetyNetAttestationCertifiedDevice = $policy.securityRequireSafetyNetAttestationCertifiedDevice $this.securityRequireGooglePlayServices = $policy.securityRequireGooglePlayServices $this.securityRequireUpToDateSecurityProviders = $policy.securityRequireUpToDateSecurityProviders $this.securityRequireCompanyPortalAppIntegrity = $policy.securityRequireCompanyPortalAppIntegrity $this.securityRequiredAndroidSafetyNetEvaluationType = $policy.securityRequiredAndroidSafetyNetEvaluationType } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmAndroidWorkProfileCompliancePolicyBeta" } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAndroidWorkProfileCompliancePolicyBeta.ps1' 136 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAospDeviceOwnerCompliancePolicyBeta.ps1' -1 class GetEmMdmAospDeviceOwnerCompliancePolicy { [string]${@odata.type} [object[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [object]$version [string]$osMinimumVersion [string]$osMaximumVersion [string]$minAndroidSecurityPatchLevel [bool]$securityBlockJailbrokenDevices [bool]$passwordRequired [string]$passwordRequiredType [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordMinimumLength [bool]$storageRequireEncryption # Default constructor GetEmMdmAospDeviceOwnerCompliancePolicy() { $this."@odata.type" = '' $this.roleScopeTagIds = @() $this.id = '' $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.displayName = '' $this.version = $null $this.osMinimumVersion = '' $this.osMaximumVersion = '' $this.minAndroidSecurityPatchLevel = '' $this.securityBlockJailbrokenDevices = $false $this.passwordRequired = $false $this.passwordRequiredType = '' $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordMinimumLength = $null $this.storageRequireEncryption = $false } # Parameterized constructor GetEmMdmAospDeviceOwnerCompliancePolicy ($policy) { $this."@odata.type" = $policy."@odata.type" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.minAndroidSecurityPatchLevel = $policy.minAndroidSecurityPatchLevel $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.passwordRequired = $policy.passwordRequired $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordMinimumLength = $policy.passwordMinimumLength $this.storageRequireEncryption = $policy.storageRequireEncryption } # Overriding the ToString method [string] ToString() { return "Class: GetEmMdmAospDeviceOwnerCompliancePolicy" } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmAospDeviceOwnerCompliancePolicyBeta.ps1' 67 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmCompliancePolicyiOSBeta.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-ioscompliancepolicy?view=graph-rest-beta#json-representation { "@odata.type": "#microsoft.graph.iosCompliancePolicy", "roleScopeTagIds": [ "String" ], "id": "String (identifier)", "createdDateTime": "String (timestamp)", "description": "String", "lastModifiedDateTime": "String (timestamp)", "displayName": "String", "version": 1024, "passcodeBlockSimple": true, "passcodeExpirationDays": 1024, "passcodeMinimumLength": 1024, "passcodeMinutesOfInactivityBeforeLock": 1024, "passcodeMinutesOfInactivityBeforeScreenTimeout": 1024, "passcodePreviousPasscodeBlockCount": 1024, "passcodeMinimumCharacterSetCount": 1024, "passcodeRequiredType": "String", "passcodeRequired": true, "osMinimumVersion": "String", "osMaximumVersion": "String", "osMinimumBuildVersion": "String", "osMaximumBuildVersion": "String", "securityBlockJailbrokenDevices": true, "deviceThreatProtectionEnabled": true, "deviceThreatProtectionRequiredSecurityLevel": "String", "advancedThreatProtectionRequiredSecurityLevel": "String", "managedEmailProfileRequired": true, "restrictedApps": [ { "@odata.type": "microsoft.graph.appListItem", "name": "String", "publisher": "String", "appStoreUrl": "String", "appId": "String" } ] } #> class GetEmMdmCompliancePolicyiOSBeta { [string]${@odata.type} [object[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [int]$version [bool]$passcodeBlockSimple [int]$passcodeExpirationDays [int]$passcodeMinimumLength [int]$passcodeMinutesOfInactivityBeforeLock [int]$passcodeMinutesOfInactivityBeforeScreenTimeout [int]$passcodePreviousPasscodeBlockCount [int]$passcodeMinimumCharacterSetCount [string]$passcodeRequiredType [bool]$passcodeRequired [string]$osMinimumVersion [string]$osMaximumVersion [string]$osMinimumBuildVersion [string]$osMaximumBuildVersion [bool]$securityBlockJailbrokenDevices [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$managedEmailProfileRequired [object[]]$restrictedApps GetEmMdmCompliancePolicyiOSBeta($policy) { $this."@odata.type" = "#microsoft.graph.iosCompliancePolicy" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passcodeBlockSimple = $policy.passcodeBlockSimple $this.passcodeExpirationDays = $policy.passcodeExpirationDays $this.passcodeMinimumLength = $policy.passcodeMinimumLength $this.passcodeMinutesOfInactivityBeforeLock = $policy.passcodeMinutesOfInactivityBeforeLock $this.passcodeMinutesOfInactivityBeforeScreenTimeout = $policy.passcodeMinutesOfInactivityBeforeScreenTimeout $this.passcodePreviousPasscodeBlockCount = $policy.passcodePreviousPasscodeBlockCount $this.passcodeMinimumCharacterSetCount = $policy.passcodeMinimumCharacterSetCount $this.passcodeRequiredType = $policy.passcodeRequiredType $this.passcodeRequired = $policy.passcodeRequired $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.osMinimumBuildVersion = $policy.osMinimumBuildVersion $this.osMaximumBuildVersion = $policy.osMaximumBuildVersion $this.securityBlockJailbrokenDevices = $policy.securityBlockJailbrokenDevices $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.managedEmailProfileRequired = $policy.managedEmailProfileRequired $this.restrictedApps = $policy.restrictedApps } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmCompliancePolicyiOSBeta.ps1' 102 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmCompliancePolicymacOSBeta.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-macoscompliancepolicy?view=graph-rest-beta#json-representation { "@odata.type": "#microsoft.graph.macOSCompliancePolicy", "roleScopeTagIds": [ "String" ], "id": "String (identifier)", "createdDateTime": "String (timestamp)", "description": "String", "lastModifiedDateTime": "String (timestamp)", "displayName": "String", "version": 1024, "passwordRequired": true, "passwordBlockSimple": true, "passwordExpirationDays": 1024, "passwordMinimumLength": 1024, "passwordMinutesOfInactivityBeforeLock": 1024, "passwordPreviousPasswordBlockCount": 1024, "passwordMinimumCharacterSetCount": 1024, "passwordRequiredType": "String", "osMinimumVersion": "String", "osMaximumVersion": "String", "osMinimumBuildVersion": "String", "osMaximumBuildVersion": "String", "systemIntegrityProtectionEnabled": true, "deviceThreatProtectionEnabled": true, "deviceThreatProtectionRequiredSecurityLevel": "String", "advancedThreatProtectionRequiredSecurityLevel": "String", "storageRequireEncryption": true, "gatekeeperAllowedAppSource": "String", "firewallEnabled": true, "firewallBlockAllIncoming": true, "firewallEnableStealthMode": true } #> class GetEmMdmCompliancePolicymacOSBeta { [string]${@odata.type} [object[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [int]$version [bool]$passwordRequired [bool]$passwordBlockSimple [int]$passwordExpirationDays [int]$passwordMinimumLength [int]$passwordMinutesOfInactivityBeforeLock [int]$passwordPreviousPasswordBlockCount [int]$passwordMinimumCharacterSetCount [string]$passwordRequiredType [string]$osMinimumVersion [string]$osMaximumVersion [string]$osMinimumBuildVersion [string]$osMaximumBuildVersion [bool]$systemIntegrityProtectionEnabled [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [string]$advancedThreatProtectionRequiredSecurityLevel [bool]$storageRequireEncryption [string]$gatekeeperAllowedAppSource [bool]$firewallEnabled [bool]$firewallBlockAllIncoming [bool]$firewallEnableStealthMode GetEmMdmCompliancePolicymacOSBeta($policy) { $this."@odata.type" = "#microsoft.graph.macOSCompliancePolicy" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordRequiredType = $policy.passwordRequiredType $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.osMinimumBuildVersion = $policy.osMinimumBuildVersion $this.osMaximumBuildVersion = $policy.osMaximumBuildVersion $this.systemIntegrityProtectionEnabled = $policy.systemIntegrityProtectionEnabled $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.advancedThreatProtectionRequiredSecurityLevel = $policy.advancedThreatProtectionRequiredSecurityLevel $this.storageRequireEncryption = $policy.storageRequireEncryption $this.gatekeeperAllowedAppSource = $policy.gatekeeperAllowedAppSource $this.firewallEnabled = $policy.firewallEnabled $this.firewallBlockAllIncoming = $policy.firewallBlockAllIncoming $this.firewallEnableStealthMode = $policy.firewallEnableStealthMode } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmCompliancePolicymacOSBeta.ps1' 100 #Region '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmCompliancePolicyWindows10Beta.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-windows10compliancepolicy?view=graph-rest-beta#json-representation { "@odata.type": "#microsoft.graph.windows10CompliancePolicy", "roleScopeTagIds": [ "String" ], "id": "String (identifier)", "createdDateTime": "String (timestamp)", "description": "String", "lastModifiedDateTime": "String (timestamp)", "displayName": "String", "version": 1024, "passwordRequired": true, "passwordBlockSimple": true, "passwordRequiredToUnlockFromIdle": true, "passwordMinutesOfInactivityBeforeLock": 1024, "passwordExpirationDays": 1024, "passwordMinimumLength": 1024, "passwordMinimumCharacterSetCount": 1024, "passwordRequiredType": "String", "passwordPreviousPasswordBlockCount": 1024, "requireHealthyDeviceReport": true, "osMinimumVersion": "String", "osMaximumVersion": "String", "mobileOsMinimumVersion": "String", "mobileOsMaximumVersion": "String", "earlyLaunchAntiMalwareDriverEnabled": true, "bitLockerEnabled": true, "secureBootEnabled": true, "codeIntegrityEnabled": true, "memoryIntegrityEnabled": true, "kernelDmaProtectionEnabled": true, "virtualizationBasedSecurityEnabled": true, "firmwareProtectionEnabled": true, "storageRequireEncryption": true, "activeFirewallRequired": true, "defenderEnabled": true, "defenderVersion": "String", "signatureOutOfDate": true, "rtpEnabled": true, "antivirusRequired": true, "antiSpywareRequired": true, "validOperatingSystemBuildRanges": [ { "@odata.type": "microsoft.graph.operatingSystemVersionRange", "description": "String", "lowestVersion": "String", "highestVersion": "String" } ], "deviceThreatProtectionEnabled": true, "deviceThreatProtectionRequiredSecurityLevel": "String", "configurationManagerComplianceRequired": true, "tpmRequired": true, "deviceCompliancePolicyScript": { "@odata.type": "microsoft.graph.deviceCompliancePolicyScript", "deviceComplianceScriptId": "String", "rulesContent": "binary" } } #> class GetEmMdmCompliancePolicyWindows10Beta { [string]${@odata.type} [string[]]$roleScopeTagIds [string]$id [datetime]$createdDateTime [string]$description [datetime]$lastModifiedDateTime [string]$displayName [int]$version [bool]$passwordRequired [bool]$passwordBlockSimple [bool]$passwordRequiredToUnlockFromIdle [int]$passwordMinutesOfInactivityBeforeLock [int]$passwordExpirationDays [int]$passwordMinimumLength [int]$passwordMinimumCharacterSetCount [string]$passwordRequiredType [int]$passwordPreviousPasswordBlockCount [bool]$requireHealthyDeviceReport [string]$osMinimumVersion [string]$osMaximumVersion [string]$mobileOsMinimumVersion [string]$mobileOsMaximumVersion [bool]$earlyLaunchAntiMalwareDriverEnabled [bool]$bitLockerEnabled [bool]$secureBootEnabled [bool]$codeIntegrityEnabled [bool]$storageRequireEncryption [bool]$memoryIntegrityEnabled [bool]$kernelDmaProtectionEnabled [bool]$virtualizationBasedSecurityEnabled [bool]$firmwareProtectionEnabled [bool]$activeFirewallRequired [bool]$defenderEnabled [string]$defenderVersion [bool]$signatureOutOfDate [bool]$rtpEnabled [bool]$antivirusRequired [bool]$antiSpywareRequired [object[]]$validOperatingSystemBuildRanges [bool]$deviceThreatProtectionEnabled [string]$deviceThreatProtectionRequiredSecurityLevel [bool]$configurationManagerComplianceRequired [bool]$tpmRequired [psobject]$deviceCompliancePolicyScript GetEmMdmCompliancePolicyWindows10Beta ($policy) { $this."@odata.type" = $policy."@odata.type" $this.roleScopeTagIds = $policy.roleScopeTagIds $this.id = $policy.id $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordRequired = $policy.passwordRequired $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordRequiredToUnlockFromIdle = $policy.passwordRequiredToUnlockFromIdle $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.requireHealthyDeviceReport = $policy.requireHealthyDeviceReport $this.osMinimumVersion = $policy.osMinimumVersion $this.osMaximumVersion = $policy.osMaximumVersion $this.mobileOsMinimumVersion = $policy.mobileOsMinimumVersion $this.mobileOsMaximumVersion = $policy.mobileOsMaximumVersion $this.earlyLaunchAntiMalwareDriverEnabled = $policy.earlyLaunchAntiMalwareDriverEnabled $this.bitLockerEnabled = $policy.bitLockerEnabled $this.secureBootEnabled = $policy.secureBootEnabled $this.codeIntegrityEnabled = $policy.codeIntegrityEnabled $this.storageRequireEncryption = $policy.storageRequireEncryption $this.memoryIntegrityEnabled = $policy.memoryIntegrityEnabled $this.kernelDmaProtectionEnabled = $policy.kernelDmaProtectionEnabled $this.virtualizationBasedSecurityEnabled = $policy.virtualizationBasedSecurityEnabled $this.firmwareProtectionEnabled = $policy.firmwareProtectionEnabled $this.activeFirewallRequired = $policy.activeFirewallRequired $this.defenderEnabled = $policy.defenderEnabled $this.defenderVersion = $policy.defenderVersion $this.signatureOutOfDate = $policy.signatureOutOfDate $this.rtpEnabled = $policy.rtpEnabled $this.antivirusRequired = $policy.antivirusRequired $this.antiSpywareRequired = $policy.antiSpywareRequired $this.validOperatingSystemBuildRanges = $policy.validOperatingSystemBuildRanges $this.deviceThreatProtectionEnabled = $policy.deviceThreatProtectionEnabled $this.deviceThreatProtectionRequiredSecurityLevel = $policy.deviceThreatProtectionRequiredSecurityLevel $this.configurationManagerComplianceRequired = $policy.configurationManagerComplianceRequired $this.tpmRequired = $policy.tpmRequired $this.deviceCompliancePolicyScript = $policy.deviceCompliancePolicyScript } } #EndRegion '.\Classes\CompliancePolicy\Get\Beta\GetEmMdmCompliancePolicyWindows10Beta.ps1' 156 #Region '.\Classes\DeviceConfiguration\Create\CreateEmAndroidWorkProfileGeneralDeviceConfiguration.ps1' -1 class CreateEmAndroidWorkProfileGeneralDeviceConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$passwordBlockFaceUnlock [bool]$passwordBlockFingerprintUnlock [bool]$passwordBlockIrisUnlock [bool]$passwordBlockTrustAgents [object]$passwordExpirationDays [object]$passwordMinimumLength [object]$passwordMinutesOfInactivityBeforeScreenTimeout [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [string]$passwordRequiredType [string]$requiredPasswordComplexity [bool]$workProfileAllowAppInstallsFromUnknownSources [string]$workProfileDataSharingType [bool]$workProfileBlockNotificationsWhileDeviceLocked [bool]$workProfileBlockAddingAccounts [bool]$workProfileBluetoothEnableContactSharing [bool]$workProfileBlockScreenCapture [bool]$workProfileBlockCrossProfileCallerId [bool]$workProfileBlockCamera [bool]$workProfileBlockCrossProfileContactsSearch [bool]$workProfileBlockCrossProfileCopyPaste [string]$workProfileDefaultAppPermissionPolicy [bool]$workProfilePasswordBlockFaceUnlock [bool]$workProfilePasswordBlockFingerprintUnlock [bool]$workProfilePasswordBlockIrisUnlock [bool]$workProfilePasswordBlockTrustAgents [object]$workProfilePasswordExpirationDays [object]$workProfilePasswordMinimumLength [object]$workProfilePasswordMinNumericCharacters [object]$workProfilePasswordMinNonLetterCharacters [object]$workProfilePasswordMinLetterCharacters [object]$workProfilePasswordMinLowerCaseCharacters [object]$workProfilePasswordMinUpperCaseCharacters [object]$workProfilePasswordMinSymbolCharacters [object]$workProfilePasswordMinutesOfInactivityBeforeScreenTimeout [object]$workProfilePasswordPreviousPasswordBlockCount [object]$workProfilePasswordSignInFailureCountBeforeFactoryReset [string]$workProfilePasswordRequiredType [string]$workProfileRequiredPasswordComplexity [bool]$workProfileRequirePassword [bool]$securityRequireVerifyApps [string]$vpnAlwaysOnPackageIdentifier [bool]$vpnEnableAlwaysOnLockdownMode [bool]$workProfileAllowWidgets [bool]$workProfileBlockPersonalAppInstallsFromUnknownSources [string]$workProfileAccountUse [object[]]$allowedGoogleAccountDomains [bool]$blockUnifiedPasswordForWorkProfile # Default constructor CreateEmAndroidWorkProfileGeneralDeviceConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.passwordBlockFaceUnlock = $false $this.passwordBlockFingerprintUnlock = $false $this.passwordBlockIrisUnlock = $false $this.passwordBlockTrustAgents = $false $this.passwordExpirationDays = $null $this.passwordMinimumLength = $null $this.passwordMinutesOfInactivityBeforeScreenTimeout = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.workProfileAllowAppInstallsFromUnknownSources = $false $this.workProfileDataSharingType = '' $this.workProfileBlockNotificationsWhileDeviceLocked = $false $this.workProfileBlockAddingAccounts = $false $this.workProfileBluetoothEnableContactSharing = $false $this.workProfileBlockScreenCapture = $false $this.workProfileBlockCrossProfileCallerId = $false $this.workProfileBlockCamera = $false $this.workProfileBlockCrossProfileContactsSearch = $false $this.workProfileBlockCrossProfileCopyPaste = $false $this.workProfileDefaultAppPermissionPolicy = '' $this.workProfilePasswordBlockFaceUnlock = $false $this.workProfilePasswordBlockFingerprintUnlock = $false $this.workProfilePasswordBlockIrisUnlock = $false $this.workProfilePasswordBlockTrustAgents = $false $this.workProfilePasswordExpirationDays = $null $this.workProfilePasswordMinimumLength = $null $this.workProfilePasswordMinNumericCharacters = $null $this.workProfilePasswordMinNonLetterCharacters = $null $this.workProfilePasswordMinLetterCharacters = $null $this.workProfilePasswordMinLowerCaseCharacters = $null $this.workProfilePasswordMinUpperCaseCharacters = $null $this.workProfilePasswordMinSymbolCharacters = $null $this.workProfilePasswordMinutesOfInactivityBeforeScreenTimeout = $null $this.workProfilePasswordPreviousPasswordBlockCount = $null $this.workProfilePasswordSignInFailureCountBeforeFactoryReset = $null $this.workProfilePasswordRequiredType = '' $this.workProfileRequiredPasswordComplexity = '' $this.workProfileRequirePassword = $false $this.securityRequireVerifyApps = $false $this.vpnAlwaysOnPackageIdentifier = '' $this.vpnEnableAlwaysOnLockdownMode = $false $this.workProfileAllowWidgets = $false $this.workProfileBlockPersonalAppInstallsFromUnknownSources = $false $this.workProfileAccountUse = '' $this.allowedGoogleAccountDomains = @() $this.blockUnifiedPasswordForWorkProfile = $false } # Parameterized constructor CreateEmAndroidWorkProfileGeneralDeviceConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordBlockFaceUnlock = $policy.passwordBlockFaceUnlock $this.passwordBlockFingerprintUnlock = $policy.passwordBlockFingerprintUnlock $this.passwordBlockIrisUnlock = $policy.passwordBlockIrisUnlock $this.passwordBlockTrustAgents = $policy.passwordBlockTrustAgents $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeScreenTimeout = $policy.passwordMinutesOfInactivityBeforeScreenTimeout $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.workProfileAllowAppInstallsFromUnknownSources = $policy.workProfileAllowAppInstallsFromUnknownSources $this.workProfileDataSharingType = $policy.workProfileDataSharingType $this.workProfileBlockNotificationsWhileDeviceLocked = $policy.workProfileBlockNotificationsWhileDeviceLocked $this.workProfileBlockAddingAccounts = $policy.workProfileBlockAddingAccounts $this.workProfileBluetoothEnableContactSharing = $policy.workProfileBluetoothEnableContactSharing $this.workProfileBlockScreenCapture = $policy.workProfileBlockScreenCapture $this.workProfileBlockCrossProfileCallerId = $policy.workProfileBlockCrossProfileCallerId $this.workProfileBlockCamera = $policy.workProfileBlockCamera $this.workProfileBlockCrossProfileContactsSearch = $policy.workProfileBlockCrossProfileContactsSearch $this.workProfileBlockCrossProfileCopyPaste = $policy.workProfileBlockCrossProfileCopyPaste $this.workProfileDefaultAppPermissionPolicy = $policy.workProfileDefaultAppPermissionPolicy $this.workProfilePasswordBlockFaceUnlock = $policy.workProfilePasswordBlockFaceUnlock $this.workProfilePasswordBlockFingerprintUnlock = $policy.workProfilePasswordBlockFingerprintUnlock $this.workProfilePasswordBlockIrisUnlock = $policy.workProfilePasswordBlockIrisUnlock $this.workProfilePasswordBlockTrustAgents = $policy.workProfilePasswordBlockTrustAgents $this.workProfilePasswordExpirationDays = $policy.workProfilePasswordExpirationDays $this.workProfilePasswordMinimumLength = $policy.workProfilePasswordMinimumLength $this.workProfilePasswordMinNumericCharacters = $policy.workProfilePasswordMinNumericCharacters $this.workProfilePasswordMinNonLetterCharacters = $policy.workProfilePasswordMinNonLetterCharacters $this.workProfilePasswordMinLetterCharacters = $policy.workProfilePasswordMinLetterCharacters $this.workProfilePasswordMinLowerCaseCharacters = $policy.workProfilePasswordMinLowerCaseCharacters $this.workProfilePasswordMinUpperCaseCharacters = $policy.workProfilePasswordMinUpperCaseCharacters $this.workProfilePasswordMinSymbolCharacters = $policy.workProfilePasswordMinSymbolCharacters $this.workProfilePasswordMinutesOfInactivityBeforeScreenTimeout = $policy.workProfilePasswordMinutesOfInactivityBeforeScreenTimeout $this.workProfilePasswordPreviousPasswordBlockCount = $policy.workProfilePasswordPreviousPasswordBlockCount $this.workProfilePasswordSignInFailureCountBeforeFactoryReset = $policy.workProfilePasswordSignInFailureCountBeforeFactoryReset $this.workProfilePasswordRequiredType = $policy.workProfilePasswordRequiredType $this.workProfileRequiredPasswordComplexity = $policy.workProfileRequiredPasswordComplexity $this.workProfileRequirePassword = $policy.workProfileRequirePassword $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.vpnAlwaysOnPackageIdentifier = $policy.vpnAlwaysOnPackageIdentifier $this.vpnEnableAlwaysOnLockdownMode = $policy.vpnEnableAlwaysOnLockdownMode $this.workProfileAllowWidgets = $policy.workProfileAllowWidgets $this.workProfileBlockPersonalAppInstallsFromUnknownSources = $policy.workProfileBlockPersonalAppInstallsFromUnknownSources $this.workProfileAccountUse = $policy.workProfileAccountUse $this.allowedGoogleAccountDomains = $policy.allowedGoogleAccountDomains $this.blockUnifiedPasswordForWorkProfile = $policy.blockUnifiedPasswordForWorkProfile } # Overriding the ToString method [string] ToString() { return "Class: CreateEmAndroidWorkProfileGeneralDeviceConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmAndroidWorkProfileGeneralDeviceConfiguration.ps1' 172 #Region '.\Classes\DeviceConfiguration\Create\CreateEmAndroidWorkProfileVpnConfiguration.ps1' -1 class CreateEmAndroidWorkProfileVpnConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$connectionName [string]$connectionType [string]$role [string]$realm [object[]]$servers [string]$fingerprint [object[]]$customData [object[]]$customKeyValueData [string]$authenticationMethod [psobject]$proxyServer [object[]]$targetedPackageIds [object[]]$targetedMobileApps [bool]$alwaysOn [bool]$alwaysOnLockdown [string]$microsoftTunnelSiteId [object[]]$proxyExclusionList # Default constructor CreateEmAndroidWorkProfileVpnConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.connectionName = '' $this.connectionType = '' $this.role = '' $this.realm = '' $this.servers = @() $this.fingerprint = '' $this.customData = @() $this.customKeyValueData = @() $this.authenticationMethod = '' $this.proxyServer = $null $this.targetedPackageIds = @() $this.targetedMobileApps = @() $this.alwaysOn = $false $this.alwaysOnLockdown = $false $this.microsoftTunnelSiteId = '' $this.proxyExclusionList = @() } # Parameterized constructor CreateEmAndroidWorkProfileVpnConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.connectionName = $policy.connectionName $this.connectionType = $policy.connectionType $this.role = $policy.role $this.realm = $policy.realm $this.servers = $policy.servers $this.fingerprint = $policy.fingerprint $this.customData = $policy.customData $this.customKeyValueData = $policy.customKeyValueData $this.authenticationMethod = $policy.authenticationMethod $this.proxyServer = $policy.proxyServer $this.targetedPackageIds = $policy.targetedPackageIds $this.targetedMobileApps = $policy.targetedMobileApps $this.alwaysOn = $policy.alwaysOn $this.alwaysOnLockdown = $policy.alwaysOnLockdown $this.microsoftTunnelSiteId = $policy.microsoftTunnelSiteId $this.proxyExclusionList = $policy.proxyExclusionList } # Overriding the ToString method [string] ToString() { return "Class: CreateEmAndroidWorkProfileVpnConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmAndroidWorkProfileVpnConfiguration.ps1' 76 #Region '.\Classes\DeviceConfiguration\Create\CreateEmIosUpdateConfiguration.ps1' -1 class CreateEmIosUpdateConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$isEnabled [string]$activeHoursStart [string]$activeHoursEnd [string]$desiredOsVersion [object[]]$scheduledInstallDays [object]$utcTimeOffsetInMinutes [object]$enforcedSoftwareUpdateDelayInDays [string]$updateScheduleType [object[]]$customUpdateTimeWindows # Default constructor CreateEmIosUpdateConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.isEnabled = $false $this.activeHoursStart = '' $this.activeHoursEnd = '' $this.desiredOsVersion = '' $this.scheduledInstallDays = @() $this.utcTimeOffsetInMinutes = $null $this.enforcedSoftwareUpdateDelayInDays = $null $this.updateScheduleType = '' $this.customUpdateTimeWindows = @() } # Parameterized constructor CreateEmIosUpdateConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.isEnabled = $policy.isEnabled $this.activeHoursStart = $policy.activeHoursStart $this.activeHoursEnd = $policy.activeHoursEnd $this.desiredOsVersion = $policy.desiredOsVersion $this.scheduledInstallDays = $policy.scheduledInstallDays $this.utcTimeOffsetInMinutes = $policy.utcTimeOffsetInMinutes $this.enforcedSoftwareUpdateDelayInDays = $policy.enforcedSoftwareUpdateDelayInDays $this.updateScheduleType = $policy.updateScheduleType $this.customUpdateTimeWindows = $policy.customUpdateTimeWindows } # Overriding the ToString method [string] ToString() { return "Class: CreateEmIosUpdateConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmIosUpdateConfiguration.ps1' 55 #Region '.\Classes\DeviceConfiguration\Create\CreateEmMacosCustomConfiguration.ps1' -1 class CreateEmMacOSCustomConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$payloadName [string]$payloadFileName [string]$payload [string]$deploymentChannel # Default constructor CreateEmMacOSCustomConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.payloadName = '' $this.payloadFileName = '' $this.payload = '' $this.deploymentChannel = '' } # Parameterized constructor CreateEmMacOSCustomConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.payloadName = $policy.payloadName $this.payloadFileName = $policy.payloadFileName $this.payload = $policy.payload $this.deploymentChannel = $policy.deploymentChannel } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMacOSCustomConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmMacosCustomConfiguration.ps1' 40 #Region '.\Classes\DeviceConfiguration\Create\CreateEmMacosDeviceFeaturesConfiguration.ps1' -1 class CreateEmMacOSDeviceFeaturesConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [object[]]$airPrintDestinations [object[]]$autoLaunchItems [bool]$adminShowHostInfo [string]$loginWindowText [bool]$authorizedUsersListHidden [bool]$authorizedUsersListHideLocalUsers [bool]$authorizedUsersListHideMobileAccounts [bool]$authorizedUsersListIncludeNetworkUsers [bool]$authorizedUsersListHideAdminUsers [bool]$authorizedUsersListShowOtherManagedUsers [bool]$shutDownDisabled [bool]$restartDisabled [bool]$sleepDisabled [bool]$consoleAccessDisabled [bool]$shutDownDisabledWhileLoggedIn [bool]$restartDisabledWhileLoggedIn [bool]$powerOffDisabledWhileLoggedIn [bool]$logOutDisabledWhileLoggedIn [bool]$screenLockDisableImmediate [object[]]$associatedDomains [object[]]$appAssociatedDomains [psobject]$singleSignOnExtension [psobject]$macOSSingleSignOnExtension [bool]$contentCachingEnabled [string]$contentCachingType [object]$contentCachingMaxSizeBytes [string]$contentCachingDataPath [bool]$contentCachingDisableConnectionSharing [bool]$contentCachingForceConnectionSharing [string]$contentCachingClientPolicy [object[]]$contentCachingClientListenRanges [string]$contentCachingPeerPolicy [object[]]$contentCachingPeerListenRanges [object[]]$contentCachingPeerFilterRanges [string]$contentCachingParentSelectionPolicy [object[]]$contentCachingParents [bool]$contentCachingLogClientIdentities [object[]]$contentCachingPublicRanges [bool]$contentCachingBlockDeletion [bool]$contentCachingShowAlerts [bool]$contentCachingKeepAwake [object]$contentCachingPort # Default constructor CreateEmMacOSDeviceFeaturesConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.airPrintDestinations = @() $this.autoLaunchItems = @() $this.adminShowHostInfo = $false $this.loginWindowText = '' $this.authorizedUsersListHidden = $false $this.authorizedUsersListHideLocalUsers = $false $this.authorizedUsersListHideMobileAccounts = $false $this.authorizedUsersListIncludeNetworkUsers = $false $this.authorizedUsersListHideAdminUsers = $false $this.authorizedUsersListShowOtherManagedUsers = $false $this.shutDownDisabled = $false $this.restartDisabled = $false $this.sleepDisabled = $false $this.consoleAccessDisabled = $false $this.shutDownDisabledWhileLoggedIn = $false $this.restartDisabledWhileLoggedIn = $false $this.powerOffDisabledWhileLoggedIn = $false $this.logOutDisabledWhileLoggedIn = $false $this.screenLockDisableImmediate = $false $this.associatedDomains = @() $this.appAssociatedDomains = @() $this.singleSignOnExtension = $null $this.macOSSingleSignOnExtension = $null $this.contentCachingEnabled = $false $this.contentCachingType = '' $this.contentCachingMaxSizeBytes = $null $this.contentCachingDataPath = '' $this.contentCachingDisableConnectionSharing = $false $this.contentCachingForceConnectionSharing = $false $this.contentCachingClientPolicy = '' $this.contentCachingClientListenRanges = @() $this.contentCachingPeerPolicy = '' $this.contentCachingPeerListenRanges = @() $this.contentCachingPeerFilterRanges = @() $this.contentCachingParentSelectionPolicy = '' $this.contentCachingParents = @() $this.contentCachingLogClientIdentities = $false $this.contentCachingPublicRanges = @() $this.contentCachingBlockDeletion = $false $this.contentCachingShowAlerts = $false $this.contentCachingKeepAwake = $false $this.contentCachingPort = $null } # Parameterized constructor CreateEmMacOSDeviceFeaturesConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.airPrintDestinations = $policy.airPrintDestinations $this.autoLaunchItems = $policy.autoLaunchItems $this.adminShowHostInfo = $policy.adminShowHostInfo $this.loginWindowText = $policy.loginWindowText $this.authorizedUsersListHidden = $policy.authorizedUsersListHidden $this.authorizedUsersListHideLocalUsers = $policy.authorizedUsersListHideLocalUsers $this.authorizedUsersListHideMobileAccounts = $policy.authorizedUsersListHideMobileAccounts $this.authorizedUsersListIncludeNetworkUsers = $policy.authorizedUsersListIncludeNetworkUsers $this.authorizedUsersListHideAdminUsers = $policy.authorizedUsersListHideAdminUsers $this.authorizedUsersListShowOtherManagedUsers = $policy.authorizedUsersListShowOtherManagedUsers $this.shutDownDisabled = $policy.shutDownDisabled $this.restartDisabled = $policy.restartDisabled $this.sleepDisabled = $policy.sleepDisabled $this.consoleAccessDisabled = $policy.consoleAccessDisabled $this.shutDownDisabledWhileLoggedIn = $policy.shutDownDisabledWhileLoggedIn $this.restartDisabledWhileLoggedIn = $policy.restartDisabledWhileLoggedIn $this.powerOffDisabledWhileLoggedIn = $policy.powerOffDisabledWhileLoggedIn $this.logOutDisabledWhileLoggedIn = $policy.logOutDisabledWhileLoggedIn $this.screenLockDisableImmediate = $policy.screenLockDisableImmediate $this.associatedDomains = $policy.associatedDomains $this.appAssociatedDomains = $policy.appAssociatedDomains $this.singleSignOnExtension = $policy.singleSignOnExtension $this.macOSSingleSignOnExtension = $policy.macOSSingleSignOnExtension $this.contentCachingEnabled = $policy.contentCachingEnabled $this.contentCachingType = $policy.contentCachingType $this.contentCachingMaxSizeBytes = $policy.contentCachingMaxSizeBytes $this.contentCachingDataPath = $policy.contentCachingDataPath $this.contentCachingDisableConnectionSharing = $policy.contentCachingDisableConnectionSharing $this.contentCachingForceConnectionSharing = $policy.contentCachingForceConnectionSharing $this.contentCachingClientPolicy = $policy.contentCachingClientPolicy $this.contentCachingClientListenRanges = $policy.contentCachingClientListenRanges $this.contentCachingPeerPolicy = $policy.contentCachingPeerPolicy $this.contentCachingPeerListenRanges = $policy.contentCachingPeerListenRanges $this.contentCachingPeerFilterRanges = $policy.contentCachingPeerFilterRanges $this.contentCachingParentSelectionPolicy = $policy.contentCachingParentSelectionPolicy $this.contentCachingParents = $policy.contentCachingParents $this.contentCachingLogClientIdentities = $policy.contentCachingLogClientIdentities $this.contentCachingPublicRanges = $policy.contentCachingPublicRanges $this.contentCachingBlockDeletion = $policy.contentCachingBlockDeletion $this.contentCachingShowAlerts = $policy.contentCachingShowAlerts $this.contentCachingKeepAwake = $policy.contentCachingKeepAwake $this.contentCachingPort = $policy.contentCachingPort } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMacOSDeviceFeaturesConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmMacosDeviceFeaturesConfiguration.ps1' 154 #Region '.\Classes\DeviceConfiguration\Create\CreateEmMacosEndpointProtectionConfiguration.ps1' -1 class CreateEmMacOSEndpointProtectionConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$gatekeeperAllowedAppSource [bool]$gatekeeperBlockOverride [bool]$firewallEnabled [bool]$firewallBlockAllIncoming [bool]$firewallEnableStealthMode [object[]]$firewallApplications [bool]$fileVaultEnabled [string]$fileVaultSelectedRecoveryKeyTypes [string]$fileVaultInstitutionalRecoveryKeyCertificate [string]$fileVaultInstitutionalRecoveryKeyCertificateFileName [string]$fileVaultPersonalRecoveryKeyHelpMessage [bool]$fileVaultAllowDeferralUntilSignOut [object]$fileVaultNumberOfTimesUserCanIgnore [bool]$fileVaultDisablePromptAtSignOut [object]$fileVaultPersonalRecoveryKeyRotationInMonths [bool]$fileVaultHidePersonalRecoveryKey [string]$advancedThreatProtectionRealTime [string]$advancedThreatProtectionCloudDelivered [string]$advancedThreatProtectionAutomaticSampleSubmission [string]$advancedThreatProtectionDiagnosticDataCollection [object[]]$advancedThreatProtectionExcludedFolders [object[]]$advancedThreatProtectionExcludedFiles [object[]]$advancedThreatProtectionExcludedExtensions [object[]]$advancedThreatProtectionExcludedProcesses # Default constructor CreateEmMacOSEndpointProtectionConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.gatekeeperAllowedAppSource = '' $this.gatekeeperBlockOverride = $false $this.firewallEnabled = $false $this.firewallBlockAllIncoming = $false $this.firewallEnableStealthMode = $false $this.firewallApplications = @() $this.fileVaultEnabled = $false $this.fileVaultSelectedRecoveryKeyTypes = '' $this.fileVaultInstitutionalRecoveryKeyCertificate = '' $this.fileVaultInstitutionalRecoveryKeyCertificateFileName = '' $this.fileVaultPersonalRecoveryKeyHelpMessage = '' $this.fileVaultAllowDeferralUntilSignOut = $false $this.fileVaultNumberOfTimesUserCanIgnore = $null $this.fileVaultDisablePromptAtSignOut = $false $this.fileVaultPersonalRecoveryKeyRotationInMonths = $null $this.fileVaultHidePersonalRecoveryKey = $false $this.advancedThreatProtectionRealTime = '' $this.advancedThreatProtectionCloudDelivered = '' $this.advancedThreatProtectionAutomaticSampleSubmission = '' $this.advancedThreatProtectionDiagnosticDataCollection = '' $this.advancedThreatProtectionExcludedFolders = @() $this.advancedThreatProtectionExcludedFiles = @() $this.advancedThreatProtectionExcludedExtensions = @() $this.advancedThreatProtectionExcludedProcesses = @() } # Parameterized constructor CreateEmMacOSEndpointProtectionConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.gatekeeperAllowedAppSource = $policy.gatekeeperAllowedAppSource $this.gatekeeperBlockOverride = $policy.gatekeeperBlockOverride $this.firewallEnabled = $policy.firewallEnabled $this.firewallBlockAllIncoming = $policy.firewallBlockAllIncoming $this.firewallEnableStealthMode = $policy.firewallEnableStealthMode $this.firewallApplications = $policy.firewallApplications $this.fileVaultEnabled = $policy.fileVaultEnabled $this.fileVaultSelectedRecoveryKeyTypes = $policy.fileVaultSelectedRecoveryKeyTypes $this.fileVaultInstitutionalRecoveryKeyCertificate = $policy.fileVaultInstitutionalRecoveryKeyCertificate $this.fileVaultInstitutionalRecoveryKeyCertificateFileName = $policy.fileVaultInstitutionalRecoveryKeyCertificateFileName $this.fileVaultPersonalRecoveryKeyHelpMessage = $policy.fileVaultPersonalRecoveryKeyHelpMessage $this.fileVaultAllowDeferralUntilSignOut = $policy.fileVaultAllowDeferralUntilSignOut $this.fileVaultNumberOfTimesUserCanIgnore = $policy.fileVaultNumberOfTimesUserCanIgnore $this.fileVaultDisablePromptAtSignOut = $policy.fileVaultDisablePromptAtSignOut $this.fileVaultPersonalRecoveryKeyRotationInMonths = $policy.fileVaultPersonalRecoveryKeyRotationInMonths $this.fileVaultHidePersonalRecoveryKey = $policy.fileVaultHidePersonalRecoveryKey $this.advancedThreatProtectionRealTime = $policy.advancedThreatProtectionRealTime $this.advancedThreatProtectionCloudDelivered = $policy.advancedThreatProtectionCloudDelivered $this.advancedThreatProtectionAutomaticSampleSubmission = $policy.advancedThreatProtectionAutomaticSampleSubmission $this.advancedThreatProtectionDiagnosticDataCollection = $policy.advancedThreatProtectionDiagnosticDataCollection $this.advancedThreatProtectionExcludedFolders = $policy.advancedThreatProtectionExcludedFolders $this.advancedThreatProtectionExcludedFiles = $policy.advancedThreatProtectionExcludedFiles $this.advancedThreatProtectionExcludedExtensions = $policy.advancedThreatProtectionExcludedExtensions $this.advancedThreatProtectionExcludedProcesses = $policy.advancedThreatProtectionExcludedProcesses } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMacOSEndpointProtectionConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmMacosEndpointProtectionConfiguration.ps1' 100 #Region '.\Classes\DeviceConfiguration\Create\CreateEmMacosExtensionsConfiguration.ps1' -1 class CreateEmMacOSExtensionsConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$kernelExtensionOverridesAllowed [object[]]$kernelExtensionAllowedTeamIdentifiers [object[]]$kernelExtensionsAllowed [bool]$systemExtensionsBlockOverride [object[]]$systemExtensionsAllowedTeamIdentifiers [object[]]$systemExtensionsAllowed [object[]]$systemExtensionsAllowedTypes # Default constructor CreateEmMacOSExtensionsConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.kernelExtensionOverridesAllowed = $false $this.kernelExtensionAllowedTeamIdentifiers = @() $this.kernelExtensionsAllowed = @() $this.systemExtensionsBlockOverride = $false $this.systemExtensionsAllowedTeamIdentifiers = @() $this.systemExtensionsAllowed = @() $this.systemExtensionsAllowedTypes = @() } # Parameterized constructor CreateEmMacOSExtensionsConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.kernelExtensionOverridesAllowed = $policy.kernelExtensionOverridesAllowed $this.kernelExtensionAllowedTeamIdentifiers = $policy.kernelExtensionAllowedTeamIdentifiers $this.kernelExtensionsAllowed = $policy.kernelExtensionsAllowed $this.systemExtensionsBlockOverride = $policy.systemExtensionsBlockOverride $this.systemExtensionsAllowedTeamIdentifiers = $policy.systemExtensionsAllowedTeamIdentifiers $this.systemExtensionsAllowed = $policy.systemExtensionsAllowed $this.systemExtensionsAllowedTypes = $policy.systemExtensionsAllowedTypes } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMacOSExtensionsConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmMacosExtensionsConfiguration.ps1' 49 #Region '.\Classes\DeviceConfiguration\Create\CreateEmMacosGeneralDeviceConfiguration.ps1' -1 class CreateEmMacOSGeneralDeviceConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [object[]]$compliantAppsList [string]$compliantAppListType [object[]]$emailInDomainSuffixes [bool]$passwordBlockSimple [object]$passwordExpirationDays [object]$passwordMinimumCharacterSetCount [object]$passwordMinimumLength [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordMinutesOfInactivityBeforeScreenTimeout [object]$passwordPreviousPasswordBlockCount [string]$passwordRequiredType [bool]$passwordRequired [object]$passwordMaximumAttemptCount [object]$passwordMinutesUntilFailedLoginReset [bool]$keychainBlockCloudSync [bool]$safariBlockAutofill [bool]$cameraBlocked [bool]$iTunesBlockMusicService [bool]$spotlightBlockInternetResults [bool]$keyboardBlockDictation [bool]$definitionLookupBlocked [bool]$appleWatchBlockAutoUnlock [bool]$iTunesBlockFileSharing [bool]$iCloudBlockDocumentSync [bool]$iCloudBlockMail [bool]$iCloudBlockAddressBook [bool]$iCloudBlockCalendar [bool]$iCloudBlockReminders [bool]$iCloudBlockBookmarks [bool]$iCloudBlockNotes [bool]$airDropBlocked [bool]$passwordBlockModification [bool]$passwordBlockFingerprintUnlock [bool]$passwordBlockAutoFill [bool]$passwordBlockProximityRequests [bool]$passwordBlockAirDropSharing [object]$softwareUpdatesEnforcedDelayInDays [string]$updateDelayPolicy [bool]$contentCachingBlocked [bool]$iCloudBlockPhotoLibrary [bool]$screenCaptureBlocked [bool]$classroomAppBlockRemoteScreenObservation [bool]$classroomAppForceUnpromptedScreenObservation [bool]$classroomForceAutomaticallyJoinClasses [bool]$classroomForceRequestPermissionToLeaveClasses [bool]$classroomForceUnpromptedAppAndDeviceLock [bool]$iCloudBlockActivityContinuation [object[]]$privacyAccessControls [bool]$addingGameCenterFriendsBlocked [bool]$gameCenterBlocked [bool]$multiplayerGamingBlocked [bool]$wallpaperModificationBlocked [bool]$eraseContentAndSettingsBlocked [object]$softwareUpdateMajorOSDeferredInstallDelayInDays [object]$softwareUpdateMinorOSDeferredInstallDelayInDays [object]$softwareUpdateNonOSDeferredInstallDelayInDays [object]$touchIdTimeoutInHours [bool]$iCloudPrivateRelayBlocked [bool]$iCloudDesktopAndDocumentsBlocked [bool]$activationLockWhenSupervisedAllowed # Default constructor CreateEmMacOSGeneralDeviceConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.compliantAppsList = @() $this.compliantAppListType = '' $this.emailInDomainSuffixes = @() $this.passwordBlockSimple = $false $this.passwordExpirationDays = $null $this.passwordMinimumCharacterSetCount = $null $this.passwordMinimumLength = $null $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordMinutesOfInactivityBeforeScreenTimeout = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordRequiredType = '' $this.passwordRequired = $false $this.passwordMaximumAttemptCount = $null $this.passwordMinutesUntilFailedLoginReset = $null $this.keychainBlockCloudSync = $false $this.safariBlockAutofill = $false $this.cameraBlocked = $false $this.iTunesBlockMusicService = $false $this.spotlightBlockInternetResults = $false $this.keyboardBlockDictation = $false $this.definitionLookupBlocked = $false $this.appleWatchBlockAutoUnlock = $false $this.iTunesBlockFileSharing = $false $this.iCloudBlockDocumentSync = $false $this.iCloudBlockMail = $false $this.iCloudBlockAddressBook = $false $this.iCloudBlockCalendar = $false $this.iCloudBlockReminders = $false $this.iCloudBlockBookmarks = $false $this.iCloudBlockNotes = $false $this.airDropBlocked = $false $this.passwordBlockModification = $false $this.passwordBlockFingerprintUnlock = $false $this.passwordBlockAutoFill = $false $this.passwordBlockProximityRequests = $false $this.passwordBlockAirDropSharing = $false $this.softwareUpdatesEnforcedDelayInDays = $null $this.updateDelayPolicy = '' $this.contentCachingBlocked = $false $this.iCloudBlockPhotoLibrary = $false $this.screenCaptureBlocked = $false $this.classroomAppBlockRemoteScreenObservation = $false $this.classroomAppForceUnpromptedScreenObservation = $false $this.classroomForceAutomaticallyJoinClasses = $false $this.classroomForceRequestPermissionToLeaveClasses = $false $this.classroomForceUnpromptedAppAndDeviceLock = $false $this.iCloudBlockActivityContinuation = $false $this.privacyAccessControls = @() $this.addingGameCenterFriendsBlocked = $false $this.gameCenterBlocked = $false $this.multiplayerGamingBlocked = $false $this.wallpaperModificationBlocked = $false $this.eraseContentAndSettingsBlocked = $false $this.softwareUpdateMajorOSDeferredInstallDelayInDays = $null $this.softwareUpdateMinorOSDeferredInstallDelayInDays = $null $this.softwareUpdateNonOSDeferredInstallDelayInDays = $null $this.touchIdTimeoutInHours = $null $this.iCloudPrivateRelayBlocked = $false $this.iCloudDesktopAndDocumentsBlocked = $false $this.activationLockWhenSupervisedAllowed = $false } # Parameterized constructor CreateEmMacOSGeneralDeviceConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.compliantAppsList = $policy.compliantAppsList $this.compliantAppListType = $policy.compliantAppListType $this.emailInDomainSuffixes = $policy.emailInDomainSuffixes $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordMinutesOfInactivityBeforeScreenTimeout = $policy.passwordMinutesOfInactivityBeforeScreenTimeout $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordRequired = $policy.passwordRequired $this.passwordMaximumAttemptCount = $policy.passwordMaximumAttemptCount $this.passwordMinutesUntilFailedLoginReset = $policy.passwordMinutesUntilFailedLoginReset $this.keychainBlockCloudSync = $policy.keychainBlockCloudSync $this.safariBlockAutofill = $policy.safariBlockAutofill $this.cameraBlocked = $policy.cameraBlocked $this.iTunesBlockMusicService = $policy.iTunesBlockMusicService $this.spotlightBlockInternetResults = $policy.spotlightBlockInternetResults $this.keyboardBlockDictation = $policy.keyboardBlockDictation $this.definitionLookupBlocked = $policy.definitionLookupBlocked $this.appleWatchBlockAutoUnlock = $policy.appleWatchBlockAutoUnlock $this.iTunesBlockFileSharing = $policy.iTunesBlockFileSharing $this.iCloudBlockDocumentSync = $policy.iCloudBlockDocumentSync $this.iCloudBlockMail = $policy.iCloudBlockMail $this.iCloudBlockAddressBook = $policy.iCloudBlockAddressBook $this.iCloudBlockCalendar = $policy.iCloudBlockCalendar $this.iCloudBlockReminders = $policy.iCloudBlockReminders $this.iCloudBlockBookmarks = $policy.iCloudBlockBookmarks $this.iCloudBlockNotes = $policy.iCloudBlockNotes $this.airDropBlocked = $policy.airDropBlocked $this.passwordBlockModification = $policy.passwordBlockModification $this.passwordBlockFingerprintUnlock = $policy.passwordBlockFingerprintUnlock $this.passwordBlockAutoFill = $policy.passwordBlockAutoFill $this.passwordBlockProximityRequests = $policy.passwordBlockProximityRequests $this.passwordBlockAirDropSharing = $policy.passwordBlockAirDropSharing $this.softwareUpdatesEnforcedDelayInDays = $policy.softwareUpdatesEnforcedDelayInDays $this.updateDelayPolicy = $policy.updateDelayPolicy $this.contentCachingBlocked = $policy.contentCachingBlocked $this.iCloudBlockPhotoLibrary = $policy.iCloudBlockPhotoLibrary $this.screenCaptureBlocked = $policy.screenCaptureBlocked $this.classroomAppBlockRemoteScreenObservation = $policy.classroomAppBlockRemoteScreenObservation $this.classroomAppForceUnpromptedScreenObservation = $policy.classroomAppForceUnpromptedScreenObservation $this.classroomForceAutomaticallyJoinClasses = $policy.classroomForceAutomaticallyJoinClasses $this.classroomForceRequestPermissionToLeaveClasses = $policy.classroomForceRequestPermissionToLeaveClasses $this.classroomForceUnpromptedAppAndDeviceLock = $policy.classroomForceUnpromptedAppAndDeviceLock $this.iCloudBlockActivityContinuation = $policy.iCloudBlockActivityContinuation $this.privacyAccessControls = $policy.privacyAccessControls $this.addingGameCenterFriendsBlocked = $policy.addingGameCenterFriendsBlocked $this.gameCenterBlocked = $policy.gameCenterBlocked $this.multiplayerGamingBlocked = $policy.multiplayerGamingBlocked $this.wallpaperModificationBlocked = $policy.wallpaperModificationBlocked $this.eraseContentAndSettingsBlocked = $policy.eraseContentAndSettingsBlocked $this.softwareUpdateMajorOSDeferredInstallDelayInDays = $policy.softwareUpdateMajorOSDeferredInstallDelayInDays $this.softwareUpdateMinorOSDeferredInstallDelayInDays = $policy.softwareUpdateMinorOSDeferredInstallDelayInDays $this.softwareUpdateNonOSDeferredInstallDelayInDays = $policy.softwareUpdateNonOSDeferredInstallDelayInDays $this.touchIdTimeoutInHours = $policy.touchIdTimeoutInHours $this.iCloudPrivateRelayBlocked = $policy.iCloudPrivateRelayBlocked $this.iCloudDesktopAndDocumentsBlocked = $policy.iCloudDesktopAndDocumentsBlocked $this.activationLockWhenSupervisedAllowed = $policy.activationLockWhenSupervisedAllowed } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMacOSGeneralDeviceConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmMacosGeneralDeviceConfiguration.ps1' 208 #Region '.\Classes\DeviceConfiguration\Create\CreateEmMacosSoftwareUpdateConfiguration.ps1' -1 class CreateEmMacOSSoftwareUpdateConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$criticalUpdateBehavior [string]$configDataUpdateBehavior [string]$firmwareUpdateBehavior [string]$allOtherUpdateBehavior [string]$updateScheduleType [object[]]$customUpdateTimeWindows [object]$updateTimeWindowUtcOffsetInMinutes [object]$maxUserDeferralsCount [string]$priority # Default constructor CreateEmMacOSSoftwareUpdateConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.criticalUpdateBehavior = '' $this.configDataUpdateBehavior = '' $this.firmwareUpdateBehavior = '' $this.allOtherUpdateBehavior = '' $this.updateScheduleType = '' $this.customUpdateTimeWindows = @() $this.updateTimeWindowUtcOffsetInMinutes = $null $this.maxUserDeferralsCount = $null $this.priority = '' } # Parameterized constructor CreateEmMacOSSoftwareUpdateConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.criticalUpdateBehavior = $policy.criticalUpdateBehavior $this.configDataUpdateBehavior = $policy.configDataUpdateBehavior $this.firmwareUpdateBehavior = $policy.firmwareUpdateBehavior $this.allOtherUpdateBehavior = $policy.allOtherUpdateBehavior $this.updateScheduleType = $policy.updateScheduleType $this.customUpdateTimeWindows = $policy.customUpdateTimeWindows $this.updateTimeWindowUtcOffsetInMinutes = $policy.updateTimeWindowUtcOffsetInMinutes $this.maxUserDeferralsCount = $policy.maxUserDeferralsCount $this.priority = $policy.priority } # Overriding the ToString method [string] ToString() { return "Class: CreateEmMacOSSoftwareUpdateConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmMacosSoftwareUpdateConfiguration.ps1' 55 #Region '.\Classes\DeviceConfiguration\Create\CreateEmWindows10CustomConfiguration.ps1' -1 class CreateEmWindows10CustomConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [object[]]$omaSettings # Default constructor CreateEmWindows10CustomConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.omaSettings = @() } # Parameterized constructor CreateEmWindows10CustomConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.omaSettings = $policy.omaSettings } # Overriding the ToString method [string] ToString() { return "Class: CreateEmWindows10CustomConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmWindows10CustomConfiguration.ps1' 31 #Region '.\Classes\DeviceConfiguration\Create\CreateEmWindows10EndpointProtectionConfiguration.ps1' -1 class CreateEmWindows10EndpointProtectionConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$dmaGuardDeviceEnumerationPolicy [object[]]$firewallRules [psobject]$userRightsAccessCredentialManagerAsTrustedCaller [psobject]$userRightsAllowAccessFromNetwork [psobject]$userRightsBlockAccessFromNetwork [psobject]$userRightsActAsPartOfTheOperatingSystem [psobject]$userRightsLocalLogOn [psobject]$userRightsDenyLocalLogOn [psobject]$userRightsBackupData [psobject]$userRightsChangeSystemTime [psobject]$userRightsCreateGlobalObjects [psobject]$userRightsCreatePageFile [psobject]$userRightsCreatePermanentSharedObjects [psobject]$userRightsCreateSymbolicLinks [psobject]$userRightsCreateToken [psobject]$userRightsDebugPrograms [psobject]$userRightsRemoteDesktopServicesLogOn [psobject]$userRightsDelegation [psobject]$userRightsGenerateSecurityAudits [psobject]$userRightsImpersonateClient [psobject]$userRightsIncreaseSchedulingPriority [psobject]$userRightsLoadUnloadDrivers [psobject]$userRightsLockMemory [psobject]$userRightsManageAuditingAndSecurityLogs [psobject]$userRightsManageVolumes [psobject]$userRightsModifyFirmwareEnvironment [psobject]$userRightsModifyObjectLabels [psobject]$userRightsProfileSingleProcess [psobject]$userRightsRemoteShutdown [psobject]$userRightsRestoreData [psobject]$userRightsTakeOwnership [bool]$xboxServicesEnableXboxGameSaveTask [string]$xboxServicesAccessoryManagementServiceStartupMode [string]$xboxServicesLiveAuthManagerServiceStartupMode [string]$xboxServicesLiveGameSaveServiceStartupMode [string]$xboxServicesLiveNetworkingServiceStartupMode [bool]$localSecurityOptionsBlockMicrosoftAccounts [bool]$localSecurityOptionsBlockRemoteLogonWithBlankPassword [bool]$localSecurityOptionsDisableAdministratorAccount [string]$localSecurityOptionsAdministratorAccountName [bool]$localSecurityOptionsDisableGuestAccount [string]$localSecurityOptionsGuestAccountName [bool]$localSecurityOptionsAllowUndockWithoutHavingToLogon [bool]$localSecurityOptionsBlockUsersInstallingPrinterDrivers [bool]$localSecurityOptionsBlockRemoteOpticalDriveAccess [string]$localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser [object]$localSecurityOptionsMachineInactivityLimit [object]$localSecurityOptionsMachineInactivityLimitInMinutes [bool]$localSecurityOptionsDoNotRequireCtrlAltDel [bool]$localSecurityOptionsHideLastSignedInUser [bool]$localSecurityOptionsHideUsernameAtSignIn [string]$localSecurityOptionsLogOnMessageTitle [string]$localSecurityOptionsLogOnMessageText [bool]$localSecurityOptionsAllowPKU2UAuthenticationRequests [bool]$localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool [string]$localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager [string]$localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients [string]$localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers [string]$lanManagerAuthenticationLevel [bool]$lanManagerWorkstationDisableInsecureGuestLogons [bool]$localSecurityOptionsClearVirtualMemoryPageFile [bool]$localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn [bool]$localSecurityOptionsAllowUIAccessApplicationElevation [bool]$localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations [bool]$localSecurityOptionsOnlyElevateSignedExecutables [string]$localSecurityOptionsAdministratorElevationPromptBehavior [string]$localSecurityOptionsStandardUserElevationPromptBehavior [bool]$localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation [bool]$localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation [bool]$localSecurityOptionsAllowUIAccessApplicationsForSecureLocations [bool]$localSecurityOptionsUseAdminApprovalMode [bool]$localSecurityOptionsUseAdminApprovalModeForAdministrators [string]$localSecurityOptionsInformationShownOnLockScreen [string]$localSecurityOptionsInformationDisplayedOnLockScreen [bool]$localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees [bool]$localSecurityOptionsClientDigitallySignCommunicationsAlways [bool]$localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers [bool]$localSecurityOptionsDisableServerDigitallySignCommunicationsAlways [bool]$localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees [bool]$localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares [bool]$localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts [bool]$localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares [bool]$localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange [string]$localSecurityOptionsSmartCardRemovalBehavior [bool]$defenderSecurityCenterDisableAppBrowserUI [bool]$defenderSecurityCenterDisableFamilyUI [bool]$defenderSecurityCenterDisableHealthUI [bool]$defenderSecurityCenterDisableNetworkUI [bool]$defenderSecurityCenterDisableVirusUI [bool]$defenderSecurityCenterDisableAccountUI [bool]$defenderSecurityCenterDisableClearTpmUI [bool]$defenderSecurityCenterDisableHardwareUI [bool]$defenderSecurityCenterDisableNotificationAreaUI [bool]$defenderSecurityCenterDisableRansomwareUI [bool]$defenderSecurityCenterDisableSecureBootUI [bool]$defenderSecurityCenterDisableTroubleshootingUI [bool]$defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI [string]$defenderSecurityCenterOrganizationDisplayName [string]$defenderSecurityCenterHelpEmail [string]$defenderSecurityCenterHelpPhone [string]$defenderSecurityCenterHelpURL [string]$defenderSecurityCenterNotificationsFromApp [string]$defenderSecurityCenterITContactDisplay [string]$windowsDefenderTamperProtection [bool]$firewallBlockStatefulFTP [object]$firewallIdleTimeoutForSecurityAssociationInSeconds [string]$firewallPreSharedKeyEncodingMethod [bool]$firewallIPSecExemptionsNone [bool]$firewallIPSecExemptionsAllowNeighborDiscovery [bool]$firewallIPSecExemptionsAllowICMP [bool]$firewallIPSecExemptionsAllowRouterDiscovery [bool]$firewallIPSecExemptionsAllowDHCP [string]$firewallCertificateRevocationListCheckMethod [bool]$firewallMergeKeyingModuleSettings [string]$firewallPacketQueueingMethod [psobject]$firewallProfileDomain [psobject]$firewallProfilePublic [psobject]$firewallProfilePrivate [string]$defenderAdobeReaderLaunchChildProcess [object[]]$defenderAttackSurfaceReductionExcludedPaths [string]$defenderOfficeAppsOtherProcessInjectionType [string]$defenderOfficeAppsOtherProcessInjection [string]$defenderOfficeCommunicationAppsLaunchChildProcess [string]$defenderOfficeAppsExecutableContentCreationOrLaunchType [string]$defenderOfficeAppsExecutableContentCreationOrLaunch [string]$defenderOfficeAppsLaunchChildProcessType [string]$defenderOfficeAppsLaunchChildProcess [string]$defenderOfficeMacroCodeAllowWin32ImportsType [string]$defenderOfficeMacroCodeAllowWin32Imports [string]$defenderScriptObfuscatedMacroCodeType [string]$defenderScriptObfuscatedMacroCode [string]$defenderScriptDownloadedPayloadExecutionType [string]$defenderScriptDownloadedPayloadExecution [string]$defenderPreventCredentialStealingType [string]$defenderProcessCreationType [string]$defenderProcessCreation [string]$defenderUntrustedUSBProcessType [string]$defenderUntrustedUSBProcess [string]$defenderUntrustedExecutableType [string]$defenderUntrustedExecutable [string]$defenderEmailContentExecutionType [string]$defenderEmailContentExecution [string]$defenderAdvancedRansomewareProtectionType [string]$defenderGuardMyFoldersType [object[]]$defenderGuardedFoldersAllowedAppPaths [object[]]$defenderAdditionalGuardedFolders [string]$defenderNetworkProtectionType [string]$defenderExploitProtectionXml [string]$defenderExploitProtectionXmlFileName [bool]$defenderSecurityCenterBlockExploitProtectionOverride [string]$defenderBlockPersistenceThroughWmiType [string]$appLockerApplicationControl [string]$deviceGuardLocalSystemAuthorityCredentialGuardSettings [bool]$deviceGuardEnableVirtualizationBasedSecurity [bool]$deviceGuardEnableSecureBootWithDMA [string]$deviceGuardSecureBootWithDMA [string]$deviceGuardLaunchSystemGuard [bool]$smartScreenEnableInShell [bool]$smartScreenBlockOverrideForFiles [bool]$applicationGuardEnabled [string]$applicationGuardEnabledOptions [string]$applicationGuardBlockFileTransfer [bool]$applicationGuardBlockNonEnterpriseContent [bool]$applicationGuardAllowPersistence [bool]$applicationGuardForceAuditing [string]$applicationGuardBlockClipboardSharing [bool]$applicationGuardAllowPrintToPDF [bool]$applicationGuardAllowPrintToXPS [bool]$applicationGuardAllowPrintToLocalPrinters [bool]$applicationGuardAllowPrintToNetworkPrinters [bool]$applicationGuardAllowVirtualGPU [bool]$applicationGuardAllowFileSaveOnHost [bool]$applicationGuardAllowCameraMicrophoneRedirection [object[]]$applicationGuardCertificateThumbprints [bool]$bitLockerAllowStandardUserEncryption [bool]$bitLockerDisableWarningForOtherDiskEncryption [bool]$bitLockerEnableStorageCardEncryptionOnMobile [bool]$bitLockerEncryptDevice [psobject]$bitLockerSystemDrivePolicy [psobject]$bitLockerFixedDrivePolicy [psobject]$bitLockerRemovableDrivePolicy [string]$bitLockerRecoveryPasswordRotation [bool]$defenderDisableScanArchiveFiles [bool]$defenderAllowScanArchiveFiles [bool]$defenderDisableBehaviorMonitoring [bool]$defenderAllowBehaviorMonitoring [bool]$defenderDisableCloudProtection [bool]$defenderAllowCloudProtection [bool]$defenderEnableScanIncomingMail [bool]$defenderEnableScanMappedNetworkDrivesDuringFullScan [bool]$defenderDisableScanRemovableDrivesDuringFullScan [bool]$defenderAllowScanRemovableDrivesDuringFullScan [bool]$defenderDisableScanDownloads [bool]$defenderAllowScanDownloads [bool]$defenderDisableIntrusionPreventionSystem [bool]$defenderAllowIntrusionPreventionSystem [bool]$defenderDisableOnAccessProtection [bool]$defenderAllowOnAccessProtection [bool]$defenderDisableRealTimeMonitoring [bool]$defenderAllowRealTimeMonitoring [bool]$defenderDisableScanNetworkFiles [bool]$defenderAllowScanNetworkFiles [bool]$defenderDisableScanScriptsLoadedInInternetExplorer [bool]$defenderAllowScanScriptsLoadedInInternetExplorer [bool]$defenderBlockEndUserAccess [bool]$defenderAllowEndUserAccess [object]$defenderScanMaxCpuPercentage [bool]$defenderCheckForSignaturesBeforeRunningScan [string]$defenderCloudBlockLevel [object]$defenderCloudExtendedTimeoutInSeconds [object]$defenderDaysBeforeDeletingQuarantinedMalware [bool]$defenderDisableCatchupFullScan [bool]$defenderDisableCatchupQuickScan [bool]$defenderEnableLowCpuPriority [object[]]$defenderFileExtensionsToExclude [object[]]$defenderFilesAndFoldersToExclude [object[]]$defenderProcessesToExclude [string]$defenderPotentiallyUnwantedAppAction [string]$defenderScanDirection [string]$defenderScanType [string]$defenderScheduledQuickScanTime [string]$defenderScheduledScanDay [string]$defenderScheduledScanTime [object]$defenderSignatureUpdateIntervalInHours [string]$defenderSubmitSamplesConsentType [psobject]$defenderDetectedMalwareActions # Default constructor CreateEmWindows10EndpointProtectionConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.dmaGuardDeviceEnumerationPolicy = '' $this.firewallRules = @() $this.userRightsAccessCredentialManagerAsTrustedCaller = $null $this.userRightsAllowAccessFromNetwork = $null $this.userRightsBlockAccessFromNetwork = $null $this.userRightsActAsPartOfTheOperatingSystem = $null $this.userRightsLocalLogOn = $null $this.userRightsDenyLocalLogOn = $null $this.userRightsBackupData = $null $this.userRightsChangeSystemTime = $null $this.userRightsCreateGlobalObjects = $null $this.userRightsCreatePageFile = $null $this.userRightsCreatePermanentSharedObjects = $null $this.userRightsCreateSymbolicLinks = $null $this.userRightsCreateToken = $null $this.userRightsDebugPrograms = $null $this.userRightsRemoteDesktopServicesLogOn = $null $this.userRightsDelegation = $null $this.userRightsGenerateSecurityAudits = $null $this.userRightsImpersonateClient = $null $this.userRightsIncreaseSchedulingPriority = $null $this.userRightsLoadUnloadDrivers = $null $this.userRightsLockMemory = $null $this.userRightsManageAuditingAndSecurityLogs = $null $this.userRightsManageVolumes = $null $this.userRightsModifyFirmwareEnvironment = $null $this.userRightsModifyObjectLabels = $null $this.userRightsProfileSingleProcess = $null $this.userRightsRemoteShutdown = $null $this.userRightsRestoreData = $null $this.userRightsTakeOwnership = $null $this.xboxServicesEnableXboxGameSaveTask = $false $this.xboxServicesAccessoryManagementServiceStartupMode = '' $this.xboxServicesLiveAuthManagerServiceStartupMode = '' $this.xboxServicesLiveGameSaveServiceStartupMode = '' $this.xboxServicesLiveNetworkingServiceStartupMode = '' $this.localSecurityOptionsBlockMicrosoftAccounts = $false $this.localSecurityOptionsBlockRemoteLogonWithBlankPassword = $false $this.localSecurityOptionsDisableAdministratorAccount = $false $this.localSecurityOptionsAdministratorAccountName = '' $this.localSecurityOptionsDisableGuestAccount = $false $this.localSecurityOptionsGuestAccountName = '' $this.localSecurityOptionsAllowUndockWithoutHavingToLogon = $false $this.localSecurityOptionsBlockUsersInstallingPrinterDrivers = $false $this.localSecurityOptionsBlockRemoteOpticalDriveAccess = $false $this.localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser = '' $this.localSecurityOptionsMachineInactivityLimit = $null $this.localSecurityOptionsMachineInactivityLimitInMinutes = $null $this.localSecurityOptionsDoNotRequireCtrlAltDel = $false $this.localSecurityOptionsHideLastSignedInUser = $false $this.localSecurityOptionsHideUsernameAtSignIn = $false $this.localSecurityOptionsLogOnMessageTitle = '' $this.localSecurityOptionsLogOnMessageText = '' $this.localSecurityOptionsAllowPKU2UAuthenticationRequests = $false $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool = $false $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager = '' $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients = '' $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers = '' $this.lanManagerAuthenticationLevel = '' $this.lanManagerWorkstationDisableInsecureGuestLogons = $false $this.localSecurityOptionsClearVirtualMemoryPageFile = $false $this.localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn = $false $this.localSecurityOptionsAllowUIAccessApplicationElevation = $false $this.localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations = $false $this.localSecurityOptionsOnlyElevateSignedExecutables = $false $this.localSecurityOptionsAdministratorElevationPromptBehavior = '' $this.localSecurityOptionsStandardUserElevationPromptBehavior = '' $this.localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation = $false $this.localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation = $false $this.localSecurityOptionsAllowUIAccessApplicationsForSecureLocations = $false $this.localSecurityOptionsUseAdminApprovalMode = $false $this.localSecurityOptionsUseAdminApprovalModeForAdministrators = $false $this.localSecurityOptionsInformationShownOnLockScreen = '' $this.localSecurityOptionsInformationDisplayedOnLockScreen = '' $this.localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees = $false $this.localSecurityOptionsClientDigitallySignCommunicationsAlways = $false $this.localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers = $false $this.localSecurityOptionsDisableServerDigitallySignCommunicationsAlways = $false $this.localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees = $false $this.localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares = $false $this.localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts = $false $this.localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares = $false $this.localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange = $false $this.localSecurityOptionsSmartCardRemovalBehavior = '' $this.defenderSecurityCenterDisableAppBrowserUI = $false $this.defenderSecurityCenterDisableFamilyUI = $false $this.defenderSecurityCenterDisableHealthUI = $false $this.defenderSecurityCenterDisableNetworkUI = $false $this.defenderSecurityCenterDisableVirusUI = $false $this.defenderSecurityCenterDisableAccountUI = $false $this.defenderSecurityCenterDisableClearTpmUI = $false $this.defenderSecurityCenterDisableHardwareUI = $false $this.defenderSecurityCenterDisableNotificationAreaUI = $false $this.defenderSecurityCenterDisableRansomwareUI = $false $this.defenderSecurityCenterDisableSecureBootUI = $false $this.defenderSecurityCenterDisableTroubleshootingUI = $false $this.defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI = $false $this.defenderSecurityCenterOrganizationDisplayName = '' $this.defenderSecurityCenterHelpEmail = '' $this.defenderSecurityCenterHelpPhone = '' $this.defenderSecurityCenterHelpURL = '' $this.defenderSecurityCenterNotificationsFromApp = '' $this.defenderSecurityCenterITContactDisplay = '' $this.windowsDefenderTamperProtection = '' $this.firewallBlockStatefulFTP = $false $this.firewallIdleTimeoutForSecurityAssociationInSeconds = $null $this.firewallPreSharedKeyEncodingMethod = '' $this.firewallIPSecExemptionsNone = $false $this.firewallIPSecExemptionsAllowNeighborDiscovery = $false $this.firewallIPSecExemptionsAllowICMP = $false $this.firewallIPSecExemptionsAllowRouterDiscovery = $false $this.firewallIPSecExemptionsAllowDHCP = $false $this.firewallCertificateRevocationListCheckMethod = '' $this.firewallMergeKeyingModuleSettings = $false $this.firewallPacketQueueingMethod = '' $this.firewallProfileDomain = $null $this.firewallProfilePublic = $null $this.firewallProfilePrivate = $null $this.defenderAdobeReaderLaunchChildProcess = '' $this.defenderAttackSurfaceReductionExcludedPaths = @() $this.defenderOfficeAppsOtherProcessInjectionType = '' $this.defenderOfficeAppsOtherProcessInjection = '' $this.defenderOfficeCommunicationAppsLaunchChildProcess = '' $this.defenderOfficeAppsExecutableContentCreationOrLaunchType = '' $this.defenderOfficeAppsExecutableContentCreationOrLaunch = '' $this.defenderOfficeAppsLaunchChildProcessType = '' $this.defenderOfficeAppsLaunchChildProcess = '' $this.defenderOfficeMacroCodeAllowWin32ImportsType = '' $this.defenderOfficeMacroCodeAllowWin32Imports = '' $this.defenderScriptObfuscatedMacroCodeType = '' $this.defenderScriptObfuscatedMacroCode = '' $this.defenderScriptDownloadedPayloadExecutionType = '' $this.defenderScriptDownloadedPayloadExecution = '' $this.defenderPreventCredentialStealingType = '' $this.defenderProcessCreationType = '' $this.defenderProcessCreation = '' $this.defenderUntrustedUSBProcessType = '' $this.defenderUntrustedUSBProcess = '' $this.defenderUntrustedExecutableType = '' $this.defenderUntrustedExecutable = '' $this.defenderEmailContentExecutionType = '' $this.defenderEmailContentExecution = '' $this.defenderAdvancedRansomewareProtectionType = '' $this.defenderGuardMyFoldersType = '' $this.defenderGuardedFoldersAllowedAppPaths = @() $this.defenderAdditionalGuardedFolders = @() $this.defenderNetworkProtectionType = '' $this.defenderExploitProtectionXml = '' $this.defenderExploitProtectionXmlFileName = '' $this.defenderSecurityCenterBlockExploitProtectionOverride = $false $this.defenderBlockPersistenceThroughWmiType = '' $this.appLockerApplicationControl = '' $this.deviceGuardLocalSystemAuthorityCredentialGuardSettings = '' $this.deviceGuardEnableVirtualizationBasedSecurity = $false $this.deviceGuardEnableSecureBootWithDMA = $false $this.deviceGuardSecureBootWithDMA = '' $this.deviceGuardLaunchSystemGuard = '' $this.smartScreenEnableInShell = $false $this.smartScreenBlockOverrideForFiles = $false $this.applicationGuardEnabled = $false $this.applicationGuardEnabledOptions = '' $this.applicationGuardBlockFileTransfer = '' $this.applicationGuardBlockNonEnterpriseContent = $false $this.applicationGuardAllowPersistence = $false $this.applicationGuardForceAuditing = $false $this.applicationGuardBlockClipboardSharing = '' $this.applicationGuardAllowPrintToPDF = $false $this.applicationGuardAllowPrintToXPS = $false $this.applicationGuardAllowPrintToLocalPrinters = $false $this.applicationGuardAllowPrintToNetworkPrinters = $false $this.applicationGuardAllowVirtualGPU = $false $this.applicationGuardAllowFileSaveOnHost = $false $this.applicationGuardAllowCameraMicrophoneRedirection = $false $this.applicationGuardCertificateThumbprints = @() $this.bitLockerAllowStandardUserEncryption = $false $this.bitLockerDisableWarningForOtherDiskEncryption = $false $this.bitLockerEnableStorageCardEncryptionOnMobile = $false $this.bitLockerEncryptDevice = $false $this.bitLockerSystemDrivePolicy = $null $this.bitLockerFixedDrivePolicy = $null $this.bitLockerRemovableDrivePolicy = $null $this.bitLockerRecoveryPasswordRotation = '' $this.defenderDisableScanArchiveFiles = $false $this.defenderAllowScanArchiveFiles = $false $this.defenderDisableBehaviorMonitoring = $false $this.defenderAllowBehaviorMonitoring = $false $this.defenderDisableCloudProtection = $false $this.defenderAllowCloudProtection = $false $this.defenderEnableScanIncomingMail = $false $this.defenderEnableScanMappedNetworkDrivesDuringFullScan = $false $this.defenderDisableScanRemovableDrivesDuringFullScan = $false $this.defenderAllowScanRemovableDrivesDuringFullScan = $false $this.defenderDisableScanDownloads = $false $this.defenderAllowScanDownloads = $false $this.defenderDisableIntrusionPreventionSystem = $false $this.defenderAllowIntrusionPreventionSystem = $false $this.defenderDisableOnAccessProtection = $false $this.defenderAllowOnAccessProtection = $false $this.defenderDisableRealTimeMonitoring = $false $this.defenderAllowRealTimeMonitoring = $false $this.defenderDisableScanNetworkFiles = $false $this.defenderAllowScanNetworkFiles = $false $this.defenderDisableScanScriptsLoadedInInternetExplorer = $false $this.defenderAllowScanScriptsLoadedInInternetExplorer = $false $this.defenderBlockEndUserAccess = $false $this.defenderAllowEndUserAccess = $false $this.defenderScanMaxCpuPercentage = $null $this.defenderCheckForSignaturesBeforeRunningScan = $false $this.defenderCloudBlockLevel = '' $this.defenderCloudExtendedTimeoutInSeconds = $null $this.defenderDaysBeforeDeletingQuarantinedMalware = $null $this.defenderDisableCatchupFullScan = $false $this.defenderDisableCatchupQuickScan = $false $this.defenderEnableLowCpuPriority = $false $this.defenderFileExtensionsToExclude = @() $this.defenderFilesAndFoldersToExclude = @() $this.defenderProcessesToExclude = @() $this.defenderPotentiallyUnwantedAppAction = '' $this.defenderScanDirection = '' $this.defenderScanType = '' $this.defenderScheduledQuickScanTime = '' $this.defenderScheduledScanDay = '' $this.defenderScheduledScanTime = '' $this.defenderSignatureUpdateIntervalInHours = $null $this.defenderSubmitSamplesConsentType = '' $this.defenderDetectedMalwareActions = $null } # Parameterized constructor CreateEmWindows10EndpointProtectionConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.dmaGuardDeviceEnumerationPolicy = $policy.dmaGuardDeviceEnumerationPolicy $this.firewallRules = $policy.firewallRules $this.userRightsAccessCredentialManagerAsTrustedCaller = $policy.userRightsAccessCredentialManagerAsTrustedCaller $this.userRightsAllowAccessFromNetwork = $policy.userRightsAllowAccessFromNetwork $this.userRightsBlockAccessFromNetwork = $policy.userRightsBlockAccessFromNetwork $this.userRightsActAsPartOfTheOperatingSystem = $policy.userRightsActAsPartOfTheOperatingSystem $this.userRightsLocalLogOn = $policy.userRightsLocalLogOn $this.userRightsDenyLocalLogOn = $policy.userRightsDenyLocalLogOn $this.userRightsBackupData = $policy.userRightsBackupData $this.userRightsChangeSystemTime = $policy.userRightsChangeSystemTime $this.userRightsCreateGlobalObjects = $policy.userRightsCreateGlobalObjects $this.userRightsCreatePageFile = $policy.userRightsCreatePageFile $this.userRightsCreatePermanentSharedObjects = $policy.userRightsCreatePermanentSharedObjects $this.userRightsCreateSymbolicLinks = $policy.userRightsCreateSymbolicLinks $this.userRightsCreateToken = $policy.userRightsCreateToken $this.userRightsDebugPrograms = $policy.userRightsDebugPrograms $this.userRightsRemoteDesktopServicesLogOn = $policy.userRightsRemoteDesktopServicesLogOn $this.userRightsDelegation = $policy.userRightsDelegation $this.userRightsGenerateSecurityAudits = $policy.userRightsGenerateSecurityAudits $this.userRightsImpersonateClient = $policy.userRightsImpersonateClient $this.userRightsIncreaseSchedulingPriority = $policy.userRightsIncreaseSchedulingPriority $this.userRightsLoadUnloadDrivers = $policy.userRightsLoadUnloadDrivers $this.userRightsLockMemory = $policy.userRightsLockMemory $this.userRightsManageAuditingAndSecurityLogs = $policy.userRightsManageAuditingAndSecurityLogs $this.userRightsManageVolumes = $policy.userRightsManageVolumes $this.userRightsModifyFirmwareEnvironment = $policy.userRightsModifyFirmwareEnvironment $this.userRightsModifyObjectLabels = $policy.userRightsModifyObjectLabels $this.userRightsProfileSingleProcess = $policy.userRightsProfileSingleProcess $this.userRightsRemoteShutdown = $policy.userRightsRemoteShutdown $this.userRightsRestoreData = $policy.userRightsRestoreData $this.userRightsTakeOwnership = $policy.userRightsTakeOwnership $this.xboxServicesEnableXboxGameSaveTask = $policy.xboxServicesEnableXboxGameSaveTask $this.xboxServicesAccessoryManagementServiceStartupMode = $policy.xboxServicesAccessoryManagementServiceStartupMode $this.xboxServicesLiveAuthManagerServiceStartupMode = $policy.xboxServicesLiveAuthManagerServiceStartupMode $this.xboxServicesLiveGameSaveServiceStartupMode = $policy.xboxServicesLiveGameSaveServiceStartupMode $this.xboxServicesLiveNetworkingServiceStartupMode = $policy.xboxServicesLiveNetworkingServiceStartupMode $this.localSecurityOptionsBlockMicrosoftAccounts = $policy.localSecurityOptionsBlockMicrosoftAccounts $this.localSecurityOptionsBlockRemoteLogonWithBlankPassword = $policy.localSecurityOptionsBlockRemoteLogonWithBlankPassword $this.localSecurityOptionsDisableAdministratorAccount = $policy.localSecurityOptionsDisableAdministratorAccount $this.localSecurityOptionsAdministratorAccountName = $policy.localSecurityOptionsAdministratorAccountName $this.localSecurityOptionsDisableGuestAccount = $policy.localSecurityOptionsDisableGuestAccount $this.localSecurityOptionsGuestAccountName = $policy.localSecurityOptionsGuestAccountName $this.localSecurityOptionsAllowUndockWithoutHavingToLogon = $policy.localSecurityOptionsAllowUndockWithoutHavingToLogon $this.localSecurityOptionsBlockUsersInstallingPrinterDrivers = $policy.localSecurityOptionsBlockUsersInstallingPrinterDrivers $this.localSecurityOptionsBlockRemoteOpticalDriveAccess = $policy.localSecurityOptionsBlockRemoteOpticalDriveAccess $this.localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser = $policy.localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser $this.localSecurityOptionsMachineInactivityLimit = $policy.localSecurityOptionsMachineInactivityLimit $this.localSecurityOptionsMachineInactivityLimitInMinutes = $policy.localSecurityOptionsMachineInactivityLimitInMinutes $this.localSecurityOptionsDoNotRequireCtrlAltDel = $policy.localSecurityOptionsDoNotRequireCtrlAltDel $this.localSecurityOptionsHideLastSignedInUser = $policy.localSecurityOptionsHideLastSignedInUser $this.localSecurityOptionsHideUsernameAtSignIn = $policy.localSecurityOptionsHideUsernameAtSignIn $this.localSecurityOptionsLogOnMessageTitle = $policy.localSecurityOptionsLogOnMessageTitle $this.localSecurityOptionsLogOnMessageText = $policy.localSecurityOptionsLogOnMessageText $this.localSecurityOptionsAllowPKU2UAuthenticationRequests = $policy.localSecurityOptionsAllowPKU2UAuthenticationRequests $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool = $policy.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager = $policy.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients = $policy.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers = $policy.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers $this.lanManagerAuthenticationLevel = $policy.lanManagerAuthenticationLevel $this.lanManagerWorkstationDisableInsecureGuestLogons = $policy.lanManagerWorkstationDisableInsecureGuestLogons $this.localSecurityOptionsClearVirtualMemoryPageFile = $policy.localSecurityOptionsClearVirtualMemoryPageFile $this.localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn = $policy.localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn $this.localSecurityOptionsAllowUIAccessApplicationElevation = $policy.localSecurityOptionsAllowUIAccessApplicationElevation $this.localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations = $policy.localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations $this.localSecurityOptionsOnlyElevateSignedExecutables = $policy.localSecurityOptionsOnlyElevateSignedExecutables $this.localSecurityOptionsAdministratorElevationPromptBehavior = $policy.localSecurityOptionsAdministratorElevationPromptBehavior $this.localSecurityOptionsStandardUserElevationPromptBehavior = $policy.localSecurityOptionsStandardUserElevationPromptBehavior $this.localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation = $policy.localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation $this.localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation = $policy.localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation $this.localSecurityOptionsAllowUIAccessApplicationsForSecureLocations = $policy.localSecurityOptionsAllowUIAccessApplicationsForSecureLocations $this.localSecurityOptionsUseAdminApprovalMode = $policy.localSecurityOptionsUseAdminApprovalMode $this.localSecurityOptionsUseAdminApprovalModeForAdministrators = $policy.localSecurityOptionsUseAdminApprovalModeForAdministrators $this.localSecurityOptionsInformationShownOnLockScreen = $policy.localSecurityOptionsInformationShownOnLockScreen $this.localSecurityOptionsInformationDisplayedOnLockScreen = $policy.localSecurityOptionsInformationDisplayedOnLockScreen $this.localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees = $policy.localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees $this.localSecurityOptionsClientDigitallySignCommunicationsAlways = $policy.localSecurityOptionsClientDigitallySignCommunicationsAlways $this.localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers = $policy.localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers $this.localSecurityOptionsDisableServerDigitallySignCommunicationsAlways = $policy.localSecurityOptionsDisableServerDigitallySignCommunicationsAlways $this.localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees = $policy.localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees $this.localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares = $policy.localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares $this.localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts = $policy.localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts $this.localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares = $policy.localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares $this.localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange = $policy.localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange $this.localSecurityOptionsSmartCardRemovalBehavior = $policy.localSecurityOptionsSmartCardRemovalBehavior $this.defenderSecurityCenterDisableAppBrowserUI = $policy.defenderSecurityCenterDisableAppBrowserUI $this.defenderSecurityCenterDisableFamilyUI = $policy.defenderSecurityCenterDisableFamilyUI $this.defenderSecurityCenterDisableHealthUI = $policy.defenderSecurityCenterDisableHealthUI $this.defenderSecurityCenterDisableNetworkUI = $policy.defenderSecurityCenterDisableNetworkUI $this.defenderSecurityCenterDisableVirusUI = $policy.defenderSecurityCenterDisableVirusUI $this.defenderSecurityCenterDisableAccountUI = $policy.defenderSecurityCenterDisableAccountUI $this.defenderSecurityCenterDisableClearTpmUI = $policy.defenderSecurityCenterDisableClearTpmUI $this.defenderSecurityCenterDisableHardwareUI = $policy.defenderSecurityCenterDisableHardwareUI $this.defenderSecurityCenterDisableNotificationAreaUI = $policy.defenderSecurityCenterDisableNotificationAreaUI $this.defenderSecurityCenterDisableRansomwareUI = $policy.defenderSecurityCenterDisableRansomwareUI $this.defenderSecurityCenterDisableSecureBootUI = $policy.defenderSecurityCenterDisableSecureBootUI $this.defenderSecurityCenterDisableTroubleshootingUI = $policy.defenderSecurityCenterDisableTroubleshootingUI $this.defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI = $policy.defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI $this.defenderSecurityCenterOrganizationDisplayName = $policy.defenderSecurityCenterOrganizationDisplayName $this.defenderSecurityCenterHelpEmail = $policy.defenderSecurityCenterHelpEmail $this.defenderSecurityCenterHelpPhone = $policy.defenderSecurityCenterHelpPhone $this.defenderSecurityCenterHelpURL = $policy.defenderSecurityCenterHelpURL $this.defenderSecurityCenterNotificationsFromApp = $policy.defenderSecurityCenterNotificationsFromApp $this.defenderSecurityCenterITContactDisplay = $policy.defenderSecurityCenterITContactDisplay $this.windowsDefenderTamperProtection = $policy.windowsDefenderTamperProtection $this.firewallBlockStatefulFTP = $policy.firewallBlockStatefulFTP $this.firewallIdleTimeoutForSecurityAssociationInSeconds = $policy.firewallIdleTimeoutForSecurityAssociationInSeconds $this.firewallPreSharedKeyEncodingMethod = $policy.firewallPreSharedKeyEncodingMethod $this.firewallIPSecExemptionsNone = $policy.firewallIPSecExemptionsNone $this.firewallIPSecExemptionsAllowNeighborDiscovery = $policy.firewallIPSecExemptionsAllowNeighborDiscovery $this.firewallIPSecExemptionsAllowICMP = $policy.firewallIPSecExemptionsAllowICMP $this.firewallIPSecExemptionsAllowRouterDiscovery = $policy.firewallIPSecExemptionsAllowRouterDiscovery $this.firewallIPSecExemptionsAllowDHCP = $policy.firewallIPSecExemptionsAllowDHCP $this.firewallCertificateRevocationListCheckMethod = $policy.firewallCertificateRevocationListCheckMethod $this.firewallMergeKeyingModuleSettings = $policy.firewallMergeKeyingModuleSettings $this.firewallPacketQueueingMethod = $policy.firewallPacketQueueingMethod $this.firewallProfileDomain = $policy.firewallProfileDomain $this.firewallProfilePublic = $policy.firewallProfilePublic $this.firewallProfilePrivate = $policy.firewallProfilePrivate $this.defenderAdobeReaderLaunchChildProcess = $policy.defenderAdobeReaderLaunchChildProcess $this.defenderAttackSurfaceReductionExcludedPaths = $policy.defenderAttackSurfaceReductionExcludedPaths $this.defenderOfficeAppsOtherProcessInjectionType = $policy.defenderOfficeAppsOtherProcessInjectionType $this.defenderOfficeAppsOtherProcessInjection = $policy.defenderOfficeAppsOtherProcessInjection $this.defenderOfficeCommunicationAppsLaunchChildProcess = $policy.defenderOfficeCommunicationAppsLaunchChildProcess $this.defenderOfficeAppsExecutableContentCreationOrLaunchType = $policy.defenderOfficeAppsExecutableContentCreationOrLaunchType $this.defenderOfficeAppsExecutableContentCreationOrLaunch = $policy.defenderOfficeAppsExecutableContentCreationOrLaunch $this.defenderOfficeAppsLaunchChildProcessType = $policy.defenderOfficeAppsLaunchChildProcessType $this.defenderOfficeAppsLaunchChildProcess = $policy.defenderOfficeAppsLaunchChildProcess $this.defenderOfficeMacroCodeAllowWin32ImportsType = $policy.defenderOfficeMacroCodeAllowWin32ImportsType $this.defenderOfficeMacroCodeAllowWin32Imports = $policy.defenderOfficeMacroCodeAllowWin32Imports $this.defenderScriptObfuscatedMacroCodeType = $policy.defenderScriptObfuscatedMacroCodeType $this.defenderScriptObfuscatedMacroCode = $policy.defenderScriptObfuscatedMacroCode $this.defenderScriptDownloadedPayloadExecutionType = $policy.defenderScriptDownloadedPayloadExecutionType $this.defenderScriptDownloadedPayloadExecution = $policy.defenderScriptDownloadedPayloadExecution $this.defenderPreventCredentialStealingType = $policy.defenderPreventCredentialStealingType $this.defenderProcessCreationType = $policy.defenderProcessCreationType $this.defenderProcessCreation = $policy.defenderProcessCreation $this.defenderUntrustedUSBProcessType = $policy.defenderUntrustedUSBProcessType $this.defenderUntrustedUSBProcess = $policy.defenderUntrustedUSBProcess $this.defenderUntrustedExecutableType = $policy.defenderUntrustedExecutableType $this.defenderUntrustedExecutable = $policy.defenderUntrustedExecutable $this.defenderEmailContentExecutionType = $policy.defenderEmailContentExecutionType $this.defenderEmailContentExecution = $policy.defenderEmailContentExecution $this.defenderAdvancedRansomewareProtectionType = $policy.defenderAdvancedRansomewareProtectionType $this.defenderGuardMyFoldersType = $policy.defenderGuardMyFoldersType $this.defenderGuardedFoldersAllowedAppPaths = $policy.defenderGuardedFoldersAllowedAppPaths $this.defenderAdditionalGuardedFolders = $policy.defenderAdditionalGuardedFolders $this.defenderNetworkProtectionType = $policy.defenderNetworkProtectionType $this.defenderExploitProtectionXml = $policy.defenderExploitProtectionXml $this.defenderExploitProtectionXmlFileName = $policy.defenderExploitProtectionXmlFileName $this.defenderSecurityCenterBlockExploitProtectionOverride = $policy.defenderSecurityCenterBlockExploitProtectionOverride $this.defenderBlockPersistenceThroughWmiType = $policy.defenderBlockPersistenceThroughWmiType $this.appLockerApplicationControl = $policy.appLockerApplicationControl $this.deviceGuardLocalSystemAuthorityCredentialGuardSettings = $policy.deviceGuardLocalSystemAuthorityCredentialGuardSettings $this.deviceGuardEnableVirtualizationBasedSecurity = $policy.deviceGuardEnableVirtualizationBasedSecurity $this.deviceGuardEnableSecureBootWithDMA = $policy.deviceGuardEnableSecureBootWithDMA $this.deviceGuardSecureBootWithDMA = $policy.deviceGuardSecureBootWithDMA $this.deviceGuardLaunchSystemGuard = $policy.deviceGuardLaunchSystemGuard $this.smartScreenEnableInShell = $policy.smartScreenEnableInShell $this.smartScreenBlockOverrideForFiles = $policy.smartScreenBlockOverrideForFiles $this.applicationGuardEnabled = $policy.applicationGuardEnabled $this.applicationGuardEnabledOptions = $policy.applicationGuardEnabledOptions $this.applicationGuardBlockFileTransfer = $policy.applicationGuardBlockFileTransfer $this.applicationGuardBlockNonEnterpriseContent = $policy.applicationGuardBlockNonEnterpriseContent $this.applicationGuardAllowPersistence = $policy.applicationGuardAllowPersistence $this.applicationGuardForceAuditing = $policy.applicationGuardForceAuditing $this.applicationGuardBlockClipboardSharing = $policy.applicationGuardBlockClipboardSharing $this.applicationGuardAllowPrintToPDF = $policy.applicationGuardAllowPrintToPDF $this.applicationGuardAllowPrintToXPS = $policy.applicationGuardAllowPrintToXPS $this.applicationGuardAllowPrintToLocalPrinters = $policy.applicationGuardAllowPrintToLocalPrinters $this.applicationGuardAllowPrintToNetworkPrinters = $policy.applicationGuardAllowPrintToNetworkPrinters $this.applicationGuardAllowVirtualGPU = $policy.applicationGuardAllowVirtualGPU $this.applicationGuardAllowFileSaveOnHost = $policy.applicationGuardAllowFileSaveOnHost $this.applicationGuardAllowCameraMicrophoneRedirection = $policy.applicationGuardAllowCameraMicrophoneRedirection $this.applicationGuardCertificateThumbprints = $policy.applicationGuardCertificateThumbprints $this.bitLockerAllowStandardUserEncryption = $policy.bitLockerAllowStandardUserEncryption $this.bitLockerDisableWarningForOtherDiskEncryption = $policy.bitLockerDisableWarningForOtherDiskEncryption $this.bitLockerEnableStorageCardEncryptionOnMobile = $policy.bitLockerEnableStorageCardEncryptionOnMobile $this.bitLockerEncryptDevice = $policy.bitLockerEncryptDevice $this.bitLockerSystemDrivePolicy = $policy.bitLockerSystemDrivePolicy $this.bitLockerFixedDrivePolicy = $policy.bitLockerFixedDrivePolicy $this.bitLockerRemovableDrivePolicy = $policy.bitLockerRemovableDrivePolicy $this.bitLockerRecoveryPasswordRotation = $policy.bitLockerRecoveryPasswordRotation $this.defenderDisableScanArchiveFiles = $policy.defenderDisableScanArchiveFiles $this.defenderAllowScanArchiveFiles = $policy.defenderAllowScanArchiveFiles $this.defenderDisableBehaviorMonitoring = $policy.defenderDisableBehaviorMonitoring $this.defenderAllowBehaviorMonitoring = $policy.defenderAllowBehaviorMonitoring $this.defenderDisableCloudProtection = $policy.defenderDisableCloudProtection $this.defenderAllowCloudProtection = $policy.defenderAllowCloudProtection $this.defenderEnableScanIncomingMail = $policy.defenderEnableScanIncomingMail $this.defenderEnableScanMappedNetworkDrivesDuringFullScan = $policy.defenderEnableScanMappedNetworkDrivesDuringFullScan $this.defenderDisableScanRemovableDrivesDuringFullScan = $policy.defenderDisableScanRemovableDrivesDuringFullScan $this.defenderAllowScanRemovableDrivesDuringFullScan = $policy.defenderAllowScanRemovableDrivesDuringFullScan $this.defenderDisableScanDownloads = $policy.defenderDisableScanDownloads $this.defenderAllowScanDownloads = $policy.defenderAllowScanDownloads $this.defenderDisableIntrusionPreventionSystem = $policy.defenderDisableIntrusionPreventionSystem $this.defenderAllowIntrusionPreventionSystem = $policy.defenderAllowIntrusionPreventionSystem $this.defenderDisableOnAccessProtection = $policy.defenderDisableOnAccessProtection $this.defenderAllowOnAccessProtection = $policy.defenderAllowOnAccessProtection $this.defenderDisableRealTimeMonitoring = $policy.defenderDisableRealTimeMonitoring $this.defenderAllowRealTimeMonitoring = $policy.defenderAllowRealTimeMonitoring $this.defenderDisableScanNetworkFiles = $policy.defenderDisableScanNetworkFiles $this.defenderAllowScanNetworkFiles = $policy.defenderAllowScanNetworkFiles $this.defenderDisableScanScriptsLoadedInInternetExplorer = $policy.defenderDisableScanScriptsLoadedInInternetExplorer $this.defenderAllowScanScriptsLoadedInInternetExplorer = $policy.defenderAllowScanScriptsLoadedInInternetExplorer $this.defenderBlockEndUserAccess = $policy.defenderBlockEndUserAccess $this.defenderAllowEndUserAccess = $policy.defenderAllowEndUserAccess $this.defenderScanMaxCpuPercentage = $policy.defenderScanMaxCpuPercentage $this.defenderCheckForSignaturesBeforeRunningScan = $policy.defenderCheckForSignaturesBeforeRunningScan $this.defenderCloudBlockLevel = $policy.defenderCloudBlockLevel $this.defenderCloudExtendedTimeoutInSeconds = $policy.defenderCloudExtendedTimeoutInSeconds $this.defenderDaysBeforeDeletingQuarantinedMalware = $policy.defenderDaysBeforeDeletingQuarantinedMalware $this.defenderDisableCatchupFullScan = $policy.defenderDisableCatchupFullScan $this.defenderDisableCatchupQuickScan = $policy.defenderDisableCatchupQuickScan $this.defenderEnableLowCpuPriority = $policy.defenderEnableLowCpuPriority $this.defenderFileExtensionsToExclude = $policy.defenderFileExtensionsToExclude $this.defenderFilesAndFoldersToExclude = $policy.defenderFilesAndFoldersToExclude $this.defenderProcessesToExclude = $policy.defenderProcessesToExclude $this.defenderPotentiallyUnwantedAppAction = $policy.defenderPotentiallyUnwantedAppAction $this.defenderScanDirection = $policy.defenderScanDirection $this.defenderScanType = $policy.defenderScanType $this.defenderScheduledQuickScanTime = $policy.defenderScheduledQuickScanTime $this.defenderScheduledScanDay = $policy.defenderScheduledScanDay $this.defenderScheduledScanTime = $policy.defenderScheduledScanTime $this.defenderSignatureUpdateIntervalInHours = $policy.defenderSignatureUpdateIntervalInHours $this.defenderSubmitSamplesConsentType = $policy.defenderSubmitSamplesConsentType $this.defenderDetectedMalwareActions = $policy.defenderDetectedMalwareActions } # Overriding the ToString method [string] ToString() { return "Class: CreateEmWindows10EndpointProtectionConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmWindows10EndpointProtectionConfiguration.ps1' 706 #Region '.\Classes\DeviceConfiguration\Create\CreateEmWindows10GeneralConfiguration.ps1' -1 class CreateEmWindows10GeneralConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [bool]$taskManagerBlockEndTask [object]$energySaverOnBatteryThresholdPercentage [object]$energySaverPluggedInThresholdPercentage [string]$powerLidCloseActionOnBattery [string]$powerLidCloseActionPluggedIn [string]$powerButtonActionOnBattery [string]$powerButtonActionPluggedIn [string]$powerSleepButtonActionOnBattery [string]$powerSleepButtonActionPluggedIn [string]$powerHybridSleepOnBattery [string]$powerHybridSleepPluggedIn [psobject]$windows10AppsForceUpdateSchedule [bool]$enableAutomaticRedeployment [string]$microsoftAccountSignInAssistantSettings [bool]$authenticationAllowSecondaryDevice [string]$authenticationWebSignIn [string]$authenticationPreferredAzureADTenantDomainName [bool]$cryptographyAllowFipsAlgorithmPolicy [object[]]$displayAppListWithGdiDPIScalingTurnedOn [object[]]$displayAppListWithGdiDPIScalingTurnedOff [string]$enterpriseCloudPrintDiscoveryEndPoint [string]$enterpriseCloudPrintOAuthAuthority [string]$enterpriseCloudPrintOAuthClientIdentifier [string]$enterpriseCloudPrintResourceIdentifier [object]$enterpriseCloudPrintDiscoveryMaxLimit [string]$enterpriseCloudPrintMopriaDiscoveryResourceIdentifier [string]$experienceDoNotSyncBrowserSettings [bool]$messagingBlockSync [bool]$messagingBlockMMS [bool]$messagingBlockRichCommunicationServices [object[]]$printerNames [string]$printerDefaultName [bool]$printerBlockAddition [bool]$searchBlockDiacritics [bool]$searchDisableAutoLanguageDetection [bool]$searchDisableIndexingEncryptedItems [bool]$searchEnableRemoteQueries [bool]$searchDisableUseLocation [bool]$searchDisableLocation [bool]$searchDisableIndexerBackoff [bool]$searchDisableIndexingRemovableDrive [bool]$searchEnableAutomaticIndexSizeManangement [bool]$searchBlockWebResults [string]$findMyFiles [bool]$securityBlockAzureADJoinedDevicesAutoEncryption [string]$diagnosticsDataSubmissionMode [bool]$oneDriveDisableFileSync [string]$systemTelemetryProxyServer [string]$edgeTelemetryForMicrosoft365Analytics [string]$inkWorkspaceAccess [string]$inkWorkspaceAccessState [bool]$inkWorkspaceBlockSuggestedApps [bool]$smartScreenEnableAppInstallControl [string]$smartScreenAppInstallControl [string]$personalizationDesktopImageUrl [string]$personalizationLockScreenImageUrl [object[]]$bluetoothAllowedServices [bool]$bluetoothBlockAdvertising [bool]$bluetoothBlockPromptedProximalConnections [bool]$bluetoothBlockDiscoverableMode [bool]$bluetoothBlockPrePairing [bool]$edgeBlockAutofill [bool]$edgeBlocked [string]$edgeCookiePolicy [bool]$edgeBlockDeveloperTools [bool]$edgeBlockSendingDoNotTrackHeader [bool]$edgeBlockExtensions [bool]$edgeBlockInPrivateBrowsing [bool]$edgeBlockJavaScript [bool]$edgeBlockPasswordManager [bool]$edgeBlockAddressBarDropdown [bool]$edgeBlockCompatibilityList [bool]$edgeClearBrowsingDataOnExit [bool]$edgeAllowStartPagesModification [bool]$edgeDisableFirstRunPage [bool]$edgeBlockLiveTileDataCollection [bool]$edgeSyncFavoritesWithInternetExplorer [string]$edgeFavoritesListLocation [bool]$edgeBlockEditFavorites [string]$edgeNewTabPageURL [psobject]$edgeHomeButtonConfiguration [bool]$edgeHomeButtonConfigurationEnabled [string]$edgeOpensWith [bool]$edgeBlockSideloadingExtensions [object[]]$edgeRequiredExtensionPackageFamilyNames [bool]$edgeBlockPrinting [string]$edgeFavoritesBarVisibility [bool]$edgeBlockSavingHistory [bool]$edgeBlockFullScreenMode [bool]$edgeBlockWebContentOnNewTabPage [bool]$edgeBlockTabPreloading [bool]$edgeBlockPrelaunch [string]$edgeShowMessageWhenOpeningInternetExplorerSites [bool]$edgePreventCertificateErrorOverride [string]$edgeKioskModeRestriction [object]$edgeKioskResetAfterIdleTimeInMinutes [bool]$cellularBlockDataWhenRoaming [bool]$cellularBlockVpn [bool]$cellularBlockVpnWhenRoaming [string]$cellularData [bool]$defenderRequireRealTimeMonitoring [bool]$defenderRequireBehaviorMonitoring [bool]$defenderRequireNetworkInspectionSystem [bool]$defenderScanDownloads [bool]$defenderScheduleScanEnableLowCpuPriority [bool]$defenderDisableCatchupQuickScan [bool]$defenderDisableCatchupFullScan [bool]$defenderScanScriptsLoadedInInternetExplorer [bool]$defenderBlockEndUserAccess [object]$defenderSignatureUpdateIntervalInHours [string]$defenderMonitorFileActivity [object]$defenderDaysBeforeDeletingQuarantinedMalware [object]$defenderScanMaxCpu [bool]$defenderScanArchiveFiles [bool]$defenderScanIncomingMail [bool]$defenderScanRemovableDrivesDuringFullScan [bool]$defenderScanMappedNetworkDrivesDuringFullScan [bool]$defenderScanNetworkFiles [bool]$defenderRequireCloudProtection [string]$defenderCloudBlockLevel [object]$defenderCloudExtendedTimeout [object]$defenderCloudExtendedTimeoutInSeconds [string]$defenderPromptForSampleSubmission [string]$defenderScheduledQuickScanTime [string]$defenderScanType [string]$defenderSystemScanSchedule [string]$defenderScheduledScanTime [string]$defenderPotentiallyUnwantedAppAction [string]$defenderPotentiallyUnwantedAppActionSetting [string]$defenderSubmitSamplesConsentType [bool]$defenderBlockOnAccessProtection [psobject]$defenderDetectedMalwareActions [object[]]$defenderFileExtensionsToExclude [object[]]$defenderFilesAndFoldersToExclude [object[]]$defenderProcessesToExclude [bool]$lockScreenAllowTimeoutConfiguration [bool]$lockScreenBlockActionCenterNotifications [bool]$lockScreenBlockCortana [bool]$lockScreenBlockToastNotifications [object]$lockScreenTimeoutInSeconds [string]$lockScreenActivateAppsWithVoice [bool]$passwordBlockSimple [object]$passwordExpirationDays [object]$passwordMinimumLength [object]$passwordMinutesOfInactivityBeforeScreenTimeout [object]$passwordMinimumCharacterSetCount [object]$passwordPreviousPasswordBlockCount [bool]$passwordRequired [bool]$passwordRequireWhenResumeFromIdleState [string]$passwordRequiredType [object]$passwordSignInFailureCountBeforeFactoryReset [object]$passwordMinimumAgeInDays [string]$privacyAdvertisingId [bool]$privacyAutoAcceptPairingAndConsentPrompts [bool]$privacyDisableLaunchExperience [bool]$privacyBlockInputPersonalization [bool]$privacyBlockPublishUserActivities [bool]$privacyBlockActivityFeed [string]$activateAppsWithVoice [bool]$startBlockUnpinningAppsFromTaskbar [string]$startMenuAppListVisibility [bool]$startMenuHideChangeAccountSettings [bool]$startMenuHideFrequentlyUsedApps [bool]$startMenuHideHibernate [bool]$startMenuHideLock [bool]$startMenuHidePowerButton [bool]$startMenuHideRecentJumpLists [bool]$startMenuHideRecentlyAddedApps [bool]$startMenuHideRestartOptions [bool]$startMenuHideShutDown [bool]$startMenuHideSignOut [bool]$startMenuHideSleep [bool]$startMenuHideSwitchAccount [bool]$startMenuHideUserTile [string]$startMenuLayoutEdgeAssetsXml [string]$startMenuLayoutXml [string]$startMenuMode [string]$startMenuPinnedFolderDocuments [string]$startMenuPinnedFolderDownloads [string]$startMenuPinnedFolderFileExplorer [string]$startMenuPinnedFolderHomeGroup [string]$startMenuPinnedFolderMusic [string]$startMenuPinnedFolderNetwork [string]$startMenuPinnedFolderPersonalFolder [string]$startMenuPinnedFolderPictures [string]$startMenuPinnedFolderSettings [string]$startMenuPinnedFolderVideos [bool]$settingsBlockSettingsApp [bool]$settingsBlockSystemPage [bool]$settingsBlockDevicesPage [bool]$settingsBlockNetworkInternetPage [bool]$settingsBlockPersonalizationPage [bool]$settingsBlockAccountsPage [bool]$settingsBlockTimeLanguagePage [bool]$settingsBlockEaseOfAccessPage [bool]$settingsBlockPrivacyPage [bool]$settingsBlockUpdateSecurityPage [bool]$settingsBlockAppsPage [bool]$settingsBlockGamingPage [bool]$windowsSpotlightBlockConsumerSpecificFeatures [bool]$windowsSpotlightBlocked [bool]$windowsSpotlightBlockOnActionCenter [bool]$windowsSpotlightBlockTailoredExperiences [bool]$windowsSpotlightBlockThirdPartyNotifications [bool]$windowsSpotlightBlockWelcomeExperience [bool]$windowsSpotlightBlockWindowsTips [string]$windowsSpotlightConfigureOnLockScreen [bool]$networkProxyApplySettingsDeviceWide [bool]$networkProxyDisableAutoDetect [string]$networkProxyAutomaticConfigurationUrl [psobject]$networkProxyServer [bool]$accountsBlockAddingNonMicrosoftAccountEmail [bool]$antiTheftModeBlocked [bool]$bluetoothBlocked [bool]$cameraBlocked [bool]$connectedDevicesServiceBlocked [bool]$certificatesBlockManualRootCertificateInstallation [bool]$copyPasteBlocked [bool]$cortanaBlocked [bool]$deviceManagementBlockFactoryResetOnMobile [bool]$deviceManagementBlockManualUnenroll [string]$safeSearchFilter [bool]$edgeBlockPopups [bool]$edgeBlockSearchSuggestions [bool]$edgeBlockSearchEngineCustomization [bool]$edgeBlockSendingIntranetTrafficToInternetExplorer [bool]$edgeSendIntranetTrafficToInternetExplorer [bool]$edgeRequireSmartScreen [string]$edgeEnterpriseModeSiteListLocation [string]$edgeFirstRunUrl [psobject]$edgeSearchEngine [object[]]$edgeHomepageUrls [bool]$edgeBlockAccessToAboutFlags [bool]$smartScreenBlockPromptOverride [bool]$smartScreenBlockPromptOverrideForFiles [bool]$webRtcBlockLocalhostIpAddress [bool]$internetSharingBlocked [bool]$settingsBlockAddProvisioningPackage [bool]$settingsBlockRemoveProvisioningPackage [bool]$settingsBlockChangeSystemTime [bool]$settingsBlockEditDeviceName [bool]$settingsBlockChangeRegion [bool]$settingsBlockChangeLanguage [bool]$settingsBlockChangePowerSleep [bool]$locationServicesBlocked [bool]$microsoftAccountBlocked [bool]$microsoftAccountBlockSettingsSync [bool]$nfcBlocked [bool]$resetProtectionModeBlocked [bool]$screenCaptureBlocked [bool]$storageBlockRemovableStorage [bool]$storageRequireMobileDeviceEncryption [bool]$usbBlocked [bool]$voiceRecordingBlocked [bool]$wiFiBlockAutomaticConnectHotspots [bool]$wiFiBlocked [bool]$wiFiBlockManualConfiguration [object]$wiFiScanInterval [bool]$wirelessDisplayBlockProjectionToThisDevice [bool]$wirelessDisplayBlockUserInputFromReceiver [bool]$wirelessDisplayRequirePinForPairing [bool]$windowsStoreBlocked [string]$appsAllowTrustedAppsSideloading [bool]$windowsStoreBlockAutoUpdate [string]$developerUnlockSetting [bool]$sharedUserAppDataAllowed [bool]$appsBlockWindowsStoreOriginatedApps [bool]$windowsStoreEnablePrivateStoreOnly [bool]$storageRestrictAppDataToSystemVolume [bool]$storageRestrictAppInstallToSystemVolume [bool]$gameDvrBlocked [bool]$experienceBlockDeviceDiscovery [bool]$experienceBlockErrorDialogWhenNoSIM [bool]$experienceBlockTaskSwitcher [bool]$logonBlockFastUserSwitching [bool]$tenantLockdownRequireNetworkDuringOutOfBoxExperience [bool]$appManagementMSIAllowUserControlOverInstall [bool]$appManagementMSIAlwaysInstallWithElevatedPrivileges [bool]$dataProtectionBlockDirectMemoryAccess [object[]]$appManagementPackageFamilyNamesToLaunchAfterLogOn [bool]$uninstallBuiltInApps [string]$configureTimeZone # Default constructor CreateEmWindows10GeneralConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.taskManagerBlockEndTask = $false $this.energySaverOnBatteryThresholdPercentage = $null $this.energySaverPluggedInThresholdPercentage = $null $this.powerLidCloseActionOnBattery = '' $this.powerLidCloseActionPluggedIn = '' $this.powerButtonActionOnBattery = '' $this.powerButtonActionPluggedIn = '' $this.powerSleepButtonActionOnBattery = '' $this.powerSleepButtonActionPluggedIn = '' $this.powerHybridSleepOnBattery = '' $this.powerHybridSleepPluggedIn = '' $this.windows10AppsForceUpdateSchedule = $null $this.enableAutomaticRedeployment = $false $this.microsoftAccountSignInAssistantSettings = '' $this.authenticationAllowSecondaryDevice = $false $this.authenticationWebSignIn = '' $this.authenticationPreferredAzureADTenantDomainName = '' $this.cryptographyAllowFipsAlgorithmPolicy = $false $this.displayAppListWithGdiDPIScalingTurnedOn = @() $this.displayAppListWithGdiDPIScalingTurnedOff = @() $this.enterpriseCloudPrintDiscoveryEndPoint = '' $this.enterpriseCloudPrintOAuthAuthority = '' $this.enterpriseCloudPrintOAuthClientIdentifier = '' $this.enterpriseCloudPrintResourceIdentifier = '' $this.enterpriseCloudPrintDiscoveryMaxLimit = $null $this.enterpriseCloudPrintMopriaDiscoveryResourceIdentifier = '' $this.experienceDoNotSyncBrowserSettings = '' $this.messagingBlockSync = $false $this.messagingBlockMMS = $false $this.messagingBlockRichCommunicationServices = $false $this.printerNames = @() $this.printerDefaultName = '' $this.printerBlockAddition = $false $this.searchBlockDiacritics = $false $this.searchDisableAutoLanguageDetection = $false $this.searchDisableIndexingEncryptedItems = $false $this.searchEnableRemoteQueries = $false $this.searchDisableUseLocation = $false $this.searchDisableLocation = $false $this.searchDisableIndexerBackoff = $false $this.searchDisableIndexingRemovableDrive = $false $this.searchEnableAutomaticIndexSizeManangement = $false $this.searchBlockWebResults = $false $this.findMyFiles = '' $this.securityBlockAzureADJoinedDevicesAutoEncryption = $false $this.diagnosticsDataSubmissionMode = '' $this.oneDriveDisableFileSync = $false $this.systemTelemetryProxyServer = '' $this.edgeTelemetryForMicrosoft365Analytics = '' $this.inkWorkspaceAccess = '' $this.inkWorkspaceAccessState = '' $this.inkWorkspaceBlockSuggestedApps = $false $this.smartScreenEnableAppInstallControl = $false $this.smartScreenAppInstallControl = '' $this.personalizationDesktopImageUrl = '' $this.personalizationLockScreenImageUrl = '' $this.bluetoothAllowedServices = @() $this.bluetoothBlockAdvertising = $false $this.bluetoothBlockPromptedProximalConnections = $false $this.bluetoothBlockDiscoverableMode = $false $this.bluetoothBlockPrePairing = $false $this.edgeBlockAutofill = $false $this.edgeBlocked = $false $this.edgeCookiePolicy = '' $this.edgeBlockDeveloperTools = $false $this.edgeBlockSendingDoNotTrackHeader = $false $this.edgeBlockExtensions = $false $this.edgeBlockInPrivateBrowsing = $false $this.edgeBlockJavaScript = $false $this.edgeBlockPasswordManager = $false $this.edgeBlockAddressBarDropdown = $false $this.edgeBlockCompatibilityList = $false $this.edgeClearBrowsingDataOnExit = $false $this.edgeAllowStartPagesModification = $false $this.edgeDisableFirstRunPage = $false $this.edgeBlockLiveTileDataCollection = $false $this.edgeSyncFavoritesWithInternetExplorer = $false $this.edgeFavoritesListLocation = '' $this.edgeBlockEditFavorites = $false $this.edgeNewTabPageURL = '' $this.edgeHomeButtonConfiguration = $null $this.edgeHomeButtonConfigurationEnabled = $false $this.edgeOpensWith = '' $this.edgeBlockSideloadingExtensions = $false $this.edgeRequiredExtensionPackageFamilyNames = @() $this.edgeBlockPrinting = $false $this.edgeFavoritesBarVisibility = '' $this.edgeBlockSavingHistory = $false $this.edgeBlockFullScreenMode = $false $this.edgeBlockWebContentOnNewTabPage = $false $this.edgeBlockTabPreloading = $false $this.edgeBlockPrelaunch = $false $this.edgeShowMessageWhenOpeningInternetExplorerSites = '' $this.edgePreventCertificateErrorOverride = $false $this.edgeKioskModeRestriction = '' $this.edgeKioskResetAfterIdleTimeInMinutes = $null $this.cellularBlockDataWhenRoaming = $false $this.cellularBlockVpn = $false $this.cellularBlockVpnWhenRoaming = $false $this.cellularData = '' $this.defenderRequireRealTimeMonitoring = $false $this.defenderRequireBehaviorMonitoring = $false $this.defenderRequireNetworkInspectionSystem = $false $this.defenderScanDownloads = $false $this.defenderScheduleScanEnableLowCpuPriority = $false $this.defenderDisableCatchupQuickScan = $false $this.defenderDisableCatchupFullScan = $false $this.defenderScanScriptsLoadedInInternetExplorer = $false $this.defenderBlockEndUserAccess = $false $this.defenderSignatureUpdateIntervalInHours = $null $this.defenderMonitorFileActivity = '' $this.defenderDaysBeforeDeletingQuarantinedMalware = $null $this.defenderScanMaxCpu = $null $this.defenderScanArchiveFiles = $false $this.defenderScanIncomingMail = $false $this.defenderScanRemovableDrivesDuringFullScan = $false $this.defenderScanMappedNetworkDrivesDuringFullScan = $false $this.defenderScanNetworkFiles = $false $this.defenderRequireCloudProtection = $false $this.defenderCloudBlockLevel = '' $this.defenderCloudExtendedTimeout = $null $this.defenderCloudExtendedTimeoutInSeconds = $null $this.defenderPromptForSampleSubmission = '' $this.defenderScheduledQuickScanTime = '' $this.defenderScanType = '' $this.defenderSystemScanSchedule = '' $this.defenderScheduledScanTime = '' $this.defenderPotentiallyUnwantedAppAction = '' $this.defenderPotentiallyUnwantedAppActionSetting = '' $this.defenderSubmitSamplesConsentType = '' $this.defenderBlockOnAccessProtection = $false $this.defenderDetectedMalwareActions = $null $this.defenderFileExtensionsToExclude = @() $this.defenderFilesAndFoldersToExclude = @() $this.defenderProcessesToExclude = @() $this.lockScreenAllowTimeoutConfiguration = $false $this.lockScreenBlockActionCenterNotifications = $false $this.lockScreenBlockCortana = $false $this.lockScreenBlockToastNotifications = $false $this.lockScreenTimeoutInSeconds = $null $this.lockScreenActivateAppsWithVoice = '' $this.passwordBlockSimple = $false $this.passwordExpirationDays = $null $this.passwordMinimumLength = $null $this.passwordMinutesOfInactivityBeforeScreenTimeout = $null $this.passwordMinimumCharacterSetCount = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordRequired = $false $this.passwordRequireWhenResumeFromIdleState = $false $this.passwordRequiredType = '' $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.passwordMinimumAgeInDays = $null $this.privacyAdvertisingId = '' $this.privacyAutoAcceptPairingAndConsentPrompts = $false $this.privacyDisableLaunchExperience = $false $this.privacyBlockInputPersonalization = $false $this.privacyBlockPublishUserActivities = $false $this.privacyBlockActivityFeed = $false $this.activateAppsWithVoice = '' $this.startBlockUnpinningAppsFromTaskbar = $false $this.startMenuAppListVisibility = '' $this.startMenuHideChangeAccountSettings = $false $this.startMenuHideFrequentlyUsedApps = $false $this.startMenuHideHibernate = $false $this.startMenuHideLock = $false $this.startMenuHidePowerButton = $false $this.startMenuHideRecentJumpLists = $false $this.startMenuHideRecentlyAddedApps = $false $this.startMenuHideRestartOptions = $false $this.startMenuHideShutDown = $false $this.startMenuHideSignOut = $false $this.startMenuHideSleep = $false $this.startMenuHideSwitchAccount = $false $this.startMenuHideUserTile = $false $this.startMenuLayoutEdgeAssetsXml = '' $this.startMenuLayoutXml = '' $this.startMenuMode = '' $this.startMenuPinnedFolderDocuments = '' $this.startMenuPinnedFolderDownloads = '' $this.startMenuPinnedFolderFileExplorer = '' $this.startMenuPinnedFolderHomeGroup = '' $this.startMenuPinnedFolderMusic = '' $this.startMenuPinnedFolderNetwork = '' $this.startMenuPinnedFolderPersonalFolder = '' $this.startMenuPinnedFolderPictures = '' $this.startMenuPinnedFolderSettings = '' $this.startMenuPinnedFolderVideos = '' $this.settingsBlockSettingsApp = $false $this.settingsBlockSystemPage = $false $this.settingsBlockDevicesPage = $false $this.settingsBlockNetworkInternetPage = $false $this.settingsBlockPersonalizationPage = $false $this.settingsBlockAccountsPage = $false $this.settingsBlockTimeLanguagePage = $false $this.settingsBlockEaseOfAccessPage = $false $this.settingsBlockPrivacyPage = $false $this.settingsBlockUpdateSecurityPage = $false $this.settingsBlockAppsPage = $false $this.settingsBlockGamingPage = $false $this.windowsSpotlightBlockConsumerSpecificFeatures = $false $this.windowsSpotlightBlocked = $false $this.windowsSpotlightBlockOnActionCenter = $false $this.windowsSpotlightBlockTailoredExperiences = $false $this.windowsSpotlightBlockThirdPartyNotifications = $false $this.windowsSpotlightBlockWelcomeExperience = $false $this.windowsSpotlightBlockWindowsTips = $false $this.windowsSpotlightConfigureOnLockScreen = '' $this.networkProxyApplySettingsDeviceWide = $false $this.networkProxyDisableAutoDetect = $false $this.networkProxyAutomaticConfigurationUrl = '' $this.networkProxyServer = $null $this.accountsBlockAddingNonMicrosoftAccountEmail = $false $this.antiTheftModeBlocked = $false $this.bluetoothBlocked = $false $this.cameraBlocked = $false $this.connectedDevicesServiceBlocked = $false $this.certificatesBlockManualRootCertificateInstallation = $false $this.copyPasteBlocked = $false $this.cortanaBlocked = $false $this.deviceManagementBlockFactoryResetOnMobile = $false $this.deviceManagementBlockManualUnenroll = $false $this.safeSearchFilter = '' $this.edgeBlockPopups = $false $this.edgeBlockSearchSuggestions = $false $this.edgeBlockSearchEngineCustomization = $false $this.edgeBlockSendingIntranetTrafficToInternetExplorer = $false $this.edgeSendIntranetTrafficToInternetExplorer = $false $this.edgeRequireSmartScreen = $false $this.edgeEnterpriseModeSiteListLocation = '' $this.edgeFirstRunUrl = '' $this.edgeSearchEngine = $null $this.edgeHomepageUrls = @() $this.edgeBlockAccessToAboutFlags = $false $this.smartScreenBlockPromptOverride = $false $this.smartScreenBlockPromptOverrideForFiles = $false $this.webRtcBlockLocalhostIpAddress = $false $this.internetSharingBlocked = $false $this.settingsBlockAddProvisioningPackage = $false $this.settingsBlockRemoveProvisioningPackage = $false $this.settingsBlockChangeSystemTime = $false $this.settingsBlockEditDeviceName = $false $this.settingsBlockChangeRegion = $false $this.settingsBlockChangeLanguage = $false $this.settingsBlockChangePowerSleep = $false $this.locationServicesBlocked = $false $this.microsoftAccountBlocked = $false $this.microsoftAccountBlockSettingsSync = $false $this.nfcBlocked = $false $this.resetProtectionModeBlocked = $false $this.screenCaptureBlocked = $false $this.storageBlockRemovableStorage = $false $this.storageRequireMobileDeviceEncryption = $false $this.usbBlocked = $false $this.voiceRecordingBlocked = $false $this.wiFiBlockAutomaticConnectHotspots = $false $this.wiFiBlocked = $false $this.wiFiBlockManualConfiguration = $false $this.wiFiScanInterval = $null $this.wirelessDisplayBlockProjectionToThisDevice = $false $this.wirelessDisplayBlockUserInputFromReceiver = $false $this.wirelessDisplayRequirePinForPairing = $false $this.windowsStoreBlocked = $false $this.appsAllowTrustedAppsSideloading = '' $this.windowsStoreBlockAutoUpdate = $false $this.developerUnlockSetting = '' $this.sharedUserAppDataAllowed = $false $this.appsBlockWindowsStoreOriginatedApps = $false $this.windowsStoreEnablePrivateStoreOnly = $false $this.storageRestrictAppDataToSystemVolume = $false $this.storageRestrictAppInstallToSystemVolume = $false $this.gameDvrBlocked = $false $this.experienceBlockDeviceDiscovery = $false $this.experienceBlockErrorDialogWhenNoSIM = $false $this.experienceBlockTaskSwitcher = $false $this.logonBlockFastUserSwitching = $false $this.tenantLockdownRequireNetworkDuringOutOfBoxExperience = $false $this.appManagementMSIAllowUserControlOverInstall = $false $this.appManagementMSIAlwaysInstallWithElevatedPrivileges = $false $this.dataProtectionBlockDirectMemoryAccess = $false $this.appManagementPackageFamilyNamesToLaunchAfterLogOn = @() $this.uninstallBuiltInApps = $false $this.configureTimeZone = '' } # Parameterized constructor CreateEmWindows10GeneralConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.taskManagerBlockEndTask = $policy.taskManagerBlockEndTask $this.energySaverOnBatteryThresholdPercentage = $policy.energySaverOnBatteryThresholdPercentage $this.energySaverPluggedInThresholdPercentage = $policy.energySaverPluggedInThresholdPercentage $this.powerLidCloseActionOnBattery = $policy.powerLidCloseActionOnBattery $this.powerLidCloseActionPluggedIn = $policy.powerLidCloseActionPluggedIn $this.powerButtonActionOnBattery = $policy.powerButtonActionOnBattery $this.powerButtonActionPluggedIn = $policy.powerButtonActionPluggedIn $this.powerSleepButtonActionOnBattery = $policy.powerSleepButtonActionOnBattery $this.powerSleepButtonActionPluggedIn = $policy.powerSleepButtonActionPluggedIn $this.powerHybridSleepOnBattery = $policy.powerHybridSleepOnBattery $this.powerHybridSleepPluggedIn = $policy.powerHybridSleepPluggedIn $this.windows10AppsForceUpdateSchedule = $policy.windows10AppsForceUpdateSchedule $this.enableAutomaticRedeployment = $policy.enableAutomaticRedeployment $this.microsoftAccountSignInAssistantSettings = $policy.microsoftAccountSignInAssistantSettings $this.authenticationAllowSecondaryDevice = $policy.authenticationAllowSecondaryDevice $this.authenticationWebSignIn = $policy.authenticationWebSignIn $this.authenticationPreferredAzureADTenantDomainName = $policy.authenticationPreferredAzureADTenantDomainName $this.cryptographyAllowFipsAlgorithmPolicy = $policy.cryptographyAllowFipsAlgorithmPolicy $this.displayAppListWithGdiDPIScalingTurnedOn = $policy.displayAppListWithGdiDPIScalingTurnedOn $this.displayAppListWithGdiDPIScalingTurnedOff = $policy.displayAppListWithGdiDPIScalingTurnedOff $this.enterpriseCloudPrintDiscoveryEndPoint = $policy.enterpriseCloudPrintDiscoveryEndPoint $this.enterpriseCloudPrintOAuthAuthority = $policy.enterpriseCloudPrintOAuthAuthority $this.enterpriseCloudPrintOAuthClientIdentifier = $policy.enterpriseCloudPrintOAuthClientIdentifier $this.enterpriseCloudPrintResourceIdentifier = $policy.enterpriseCloudPrintResourceIdentifier $this.enterpriseCloudPrintDiscoveryMaxLimit = $policy.enterpriseCloudPrintDiscoveryMaxLimit $this.enterpriseCloudPrintMopriaDiscoveryResourceIdentifier = $policy.enterpriseCloudPrintMopriaDiscoveryResourceIdentifier $this.experienceDoNotSyncBrowserSettings = $policy.experienceDoNotSyncBrowserSettings $this.messagingBlockSync = $policy.messagingBlockSync $this.messagingBlockMMS = $policy.messagingBlockMMS $this.messagingBlockRichCommunicationServices = $policy.messagingBlockRichCommunicationServices $this.printerNames = $policy.printerNames $this.printerDefaultName = $policy.printerDefaultName $this.printerBlockAddition = $policy.printerBlockAddition $this.searchBlockDiacritics = $policy.searchBlockDiacritics $this.searchDisableAutoLanguageDetection = $policy.searchDisableAutoLanguageDetection $this.searchDisableIndexingEncryptedItems = $policy.searchDisableIndexingEncryptedItems $this.searchEnableRemoteQueries = $policy.searchEnableRemoteQueries $this.searchDisableUseLocation = $policy.searchDisableUseLocation $this.searchDisableLocation = $policy.searchDisableLocation $this.searchDisableIndexerBackoff = $policy.searchDisableIndexerBackoff $this.searchDisableIndexingRemovableDrive = $policy.searchDisableIndexingRemovableDrive $this.searchEnableAutomaticIndexSizeManangement = $policy.searchEnableAutomaticIndexSizeManangement $this.searchBlockWebResults = $policy.searchBlockWebResults $this.findMyFiles = $policy.findMyFiles $this.securityBlockAzureADJoinedDevicesAutoEncryption = $policy.securityBlockAzureADJoinedDevicesAutoEncryption $this.diagnosticsDataSubmissionMode = $policy.diagnosticsDataSubmissionMode $this.oneDriveDisableFileSync = $policy.oneDriveDisableFileSync $this.systemTelemetryProxyServer = $policy.systemTelemetryProxyServer $this.edgeTelemetryForMicrosoft365Analytics = $policy.edgeTelemetryForMicrosoft365Analytics $this.inkWorkspaceAccess = $policy.inkWorkspaceAccess $this.inkWorkspaceAccessState = $policy.inkWorkspaceAccessState $this.inkWorkspaceBlockSuggestedApps = $policy.inkWorkspaceBlockSuggestedApps $this.smartScreenEnableAppInstallControl = $policy.smartScreenEnableAppInstallControl $this.smartScreenAppInstallControl = $policy.smartScreenAppInstallControl $this.personalizationDesktopImageUrl = $policy.personalizationDesktopImageUrl $this.personalizationLockScreenImageUrl = $policy.personalizationLockScreenImageUrl $this.bluetoothAllowedServices = $policy.bluetoothAllowedServices $this.bluetoothBlockAdvertising = $policy.bluetoothBlockAdvertising $this.bluetoothBlockPromptedProximalConnections = $policy.bluetoothBlockPromptedProximalConnections $this.bluetoothBlockDiscoverableMode = $policy.bluetoothBlockDiscoverableMode $this.bluetoothBlockPrePairing = $policy.bluetoothBlockPrePairing $this.edgeBlockAutofill = $policy.edgeBlockAutofill $this.edgeBlocked = $policy.edgeBlocked $this.edgeCookiePolicy = $policy.edgeCookiePolicy $this.edgeBlockDeveloperTools = $policy.edgeBlockDeveloperTools $this.edgeBlockSendingDoNotTrackHeader = $policy.edgeBlockSendingDoNotTrackHeader $this.edgeBlockExtensions = $policy.edgeBlockExtensions $this.edgeBlockInPrivateBrowsing = $policy.edgeBlockInPrivateBrowsing $this.edgeBlockJavaScript = $policy.edgeBlockJavaScript $this.edgeBlockPasswordManager = $policy.edgeBlockPasswordManager $this.edgeBlockAddressBarDropdown = $policy.edgeBlockAddressBarDropdown $this.edgeBlockCompatibilityList = $policy.edgeBlockCompatibilityList $this.edgeClearBrowsingDataOnExit = $policy.edgeClearBrowsingDataOnExit $this.edgeAllowStartPagesModification = $policy.edgeAllowStartPagesModification $this.edgeDisableFirstRunPage = $policy.edgeDisableFirstRunPage $this.edgeBlockLiveTileDataCollection = $policy.edgeBlockLiveTileDataCollection $this.edgeSyncFavoritesWithInternetExplorer = $policy.edgeSyncFavoritesWithInternetExplorer $this.edgeFavoritesListLocation = $policy.edgeFavoritesListLocation $this.edgeBlockEditFavorites = $policy.edgeBlockEditFavorites $this.edgeNewTabPageURL = $policy.edgeNewTabPageURL $this.edgeHomeButtonConfiguration = $policy.edgeHomeButtonConfiguration $this.edgeHomeButtonConfigurationEnabled = $policy.edgeHomeButtonConfigurationEnabled $this.edgeOpensWith = $policy.edgeOpensWith $this.edgeBlockSideloadingExtensions = $policy.edgeBlockSideloadingExtensions $this.edgeRequiredExtensionPackageFamilyNames = $policy.edgeRequiredExtensionPackageFamilyNames $this.edgeBlockPrinting = $policy.edgeBlockPrinting $this.edgeFavoritesBarVisibility = $policy.edgeFavoritesBarVisibility $this.edgeBlockSavingHistory = $policy.edgeBlockSavingHistory $this.edgeBlockFullScreenMode = $policy.edgeBlockFullScreenMode $this.edgeBlockWebContentOnNewTabPage = $policy.edgeBlockWebContentOnNewTabPage $this.edgeBlockTabPreloading = $policy.edgeBlockTabPreloading $this.edgeBlockPrelaunch = $policy.edgeBlockPrelaunch $this.edgeShowMessageWhenOpeningInternetExplorerSites = $policy.edgeShowMessageWhenOpeningInternetExplorerSites $this.edgePreventCertificateErrorOverride = $policy.edgePreventCertificateErrorOverride $this.edgeKioskModeRestriction = $policy.edgeKioskModeRestriction $this.edgeKioskResetAfterIdleTimeInMinutes = $policy.edgeKioskResetAfterIdleTimeInMinutes $this.cellularBlockDataWhenRoaming = $policy.cellularBlockDataWhenRoaming $this.cellularBlockVpn = $policy.cellularBlockVpn $this.cellularBlockVpnWhenRoaming = $policy.cellularBlockVpnWhenRoaming $this.cellularData = $policy.cellularData $this.defenderRequireRealTimeMonitoring = $policy.defenderRequireRealTimeMonitoring $this.defenderRequireBehaviorMonitoring = $policy.defenderRequireBehaviorMonitoring $this.defenderRequireNetworkInspectionSystem = $policy.defenderRequireNetworkInspectionSystem $this.defenderScanDownloads = $policy.defenderScanDownloads $this.defenderScheduleScanEnableLowCpuPriority = $policy.defenderScheduleScanEnableLowCpuPriority $this.defenderDisableCatchupQuickScan = $policy.defenderDisableCatchupQuickScan $this.defenderDisableCatchupFullScan = $policy.defenderDisableCatchupFullScan $this.defenderScanScriptsLoadedInInternetExplorer = $policy.defenderScanScriptsLoadedInInternetExplorer $this.defenderBlockEndUserAccess = $policy.defenderBlockEndUserAccess $this.defenderSignatureUpdateIntervalInHours = $policy.defenderSignatureUpdateIntervalInHours $this.defenderMonitorFileActivity = $policy.defenderMonitorFileActivity $this.defenderDaysBeforeDeletingQuarantinedMalware = $policy.defenderDaysBeforeDeletingQuarantinedMalware $this.defenderScanMaxCpu = $policy.defenderScanMaxCpu $this.defenderScanArchiveFiles = $policy.defenderScanArchiveFiles $this.defenderScanIncomingMail = $policy.defenderScanIncomingMail $this.defenderScanRemovableDrivesDuringFullScan = $policy.defenderScanRemovableDrivesDuringFullScan $this.defenderScanMappedNetworkDrivesDuringFullScan = $policy.defenderScanMappedNetworkDrivesDuringFullScan $this.defenderScanNetworkFiles = $policy.defenderScanNetworkFiles $this.defenderRequireCloudProtection = $policy.defenderRequireCloudProtection $this.defenderCloudBlockLevel = $policy.defenderCloudBlockLevel $this.defenderCloudExtendedTimeout = $policy.defenderCloudExtendedTimeout $this.defenderCloudExtendedTimeoutInSeconds = $policy.defenderCloudExtendedTimeoutInSeconds $this.defenderPromptForSampleSubmission = $policy.defenderPromptForSampleSubmission $this.defenderScheduledQuickScanTime = $policy.defenderScheduledQuickScanTime $this.defenderScanType = $policy.defenderScanType $this.defenderSystemScanSchedule = $policy.defenderSystemScanSchedule $this.defenderScheduledScanTime = $policy.defenderScheduledScanTime $this.defenderPotentiallyUnwantedAppAction = $policy.defenderPotentiallyUnwantedAppAction $this.defenderPotentiallyUnwantedAppActionSetting = $policy.defenderPotentiallyUnwantedAppActionSetting $this.defenderSubmitSamplesConsentType = $policy.defenderSubmitSamplesConsentType $this.defenderBlockOnAccessProtection = $policy.defenderBlockOnAccessProtection $this.defenderDetectedMalwareActions = $policy.defenderDetectedMalwareActions $this.defenderFileExtensionsToExclude = $policy.defenderFileExtensionsToExclude $this.defenderFilesAndFoldersToExclude = $policy.defenderFilesAndFoldersToExclude $this.defenderProcessesToExclude = $policy.defenderProcessesToExclude $this.lockScreenAllowTimeoutConfiguration = $policy.lockScreenAllowTimeoutConfiguration $this.lockScreenBlockActionCenterNotifications = $policy.lockScreenBlockActionCenterNotifications $this.lockScreenBlockCortana = $policy.lockScreenBlockCortana $this.lockScreenBlockToastNotifications = $policy.lockScreenBlockToastNotifications $this.lockScreenTimeoutInSeconds = $policy.lockScreenTimeoutInSeconds $this.lockScreenActivateAppsWithVoice = $policy.lockScreenActivateAppsWithVoice $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeScreenTimeout = $policy.passwordMinutesOfInactivityBeforeScreenTimeout $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordRequired = $policy.passwordRequired $this.passwordRequireWhenResumeFromIdleState = $policy.passwordRequireWhenResumeFromIdleState $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.passwordMinimumAgeInDays = $policy.passwordMinimumAgeInDays $this.privacyAdvertisingId = $policy.privacyAdvertisingId $this.privacyAutoAcceptPairingAndConsentPrompts = $policy.privacyAutoAcceptPairingAndConsentPrompts $this.privacyDisableLaunchExperience = $policy.privacyDisableLaunchExperience $this.privacyBlockInputPersonalization = $policy.privacyBlockInputPersonalization $this.privacyBlockPublishUserActivities = $policy.privacyBlockPublishUserActivities $this.privacyBlockActivityFeed = $policy.privacyBlockActivityFeed $this.activateAppsWithVoice = $policy.activateAppsWithVoice $this.startBlockUnpinningAppsFromTaskbar = $policy.startBlockUnpinningAppsFromTaskbar $this.startMenuAppListVisibility = $policy.startMenuAppListVisibility $this.startMenuHideChangeAccountSettings = $policy.startMenuHideChangeAccountSettings $this.startMenuHideFrequentlyUsedApps = $policy.startMenuHideFrequentlyUsedApps $this.startMenuHideHibernate = $policy.startMenuHideHibernate $this.startMenuHideLock = $policy.startMenuHideLock $this.startMenuHidePowerButton = $policy.startMenuHidePowerButton $this.startMenuHideRecentJumpLists = $policy.startMenuHideRecentJumpLists $this.startMenuHideRecentlyAddedApps = $policy.startMenuHideRecentlyAddedApps $this.startMenuHideRestartOptions = $policy.startMenuHideRestartOptions $this.startMenuHideShutDown = $policy.startMenuHideShutDown $this.startMenuHideSignOut = $policy.startMenuHideSignOut $this.startMenuHideSleep = $policy.startMenuHideSleep $this.startMenuHideSwitchAccount = $policy.startMenuHideSwitchAccount $this.startMenuHideUserTile = $policy.startMenuHideUserTile $this.startMenuLayoutEdgeAssetsXml = $policy.startMenuLayoutEdgeAssetsXml $this.startMenuLayoutXml = $policy.startMenuLayoutXml $this.startMenuMode = $policy.startMenuMode $this.startMenuPinnedFolderDocuments = $policy.startMenuPinnedFolderDocuments $this.startMenuPinnedFolderDownloads = $policy.startMenuPinnedFolderDownloads $this.startMenuPinnedFolderFileExplorer = $policy.startMenuPinnedFolderFileExplorer $this.startMenuPinnedFolderHomeGroup = $policy.startMenuPinnedFolderHomeGroup $this.startMenuPinnedFolderMusic = $policy.startMenuPinnedFolderMusic $this.startMenuPinnedFolderNetwork = $policy.startMenuPinnedFolderNetwork $this.startMenuPinnedFolderPersonalFolder = $policy.startMenuPinnedFolderPersonalFolder $this.startMenuPinnedFolderPictures = $policy.startMenuPinnedFolderPictures $this.startMenuPinnedFolderSettings = $policy.startMenuPinnedFolderSettings $this.startMenuPinnedFolderVideos = $policy.startMenuPinnedFolderVideos $this.settingsBlockSettingsApp = $policy.settingsBlockSettingsApp $this.settingsBlockSystemPage = $policy.settingsBlockSystemPage $this.settingsBlockDevicesPage = $policy.settingsBlockDevicesPage $this.settingsBlockNetworkInternetPage = $policy.settingsBlockNetworkInternetPage $this.settingsBlockPersonalizationPage = $policy.settingsBlockPersonalizationPage $this.settingsBlockAccountsPage = $policy.settingsBlockAccountsPage $this.settingsBlockTimeLanguagePage = $policy.settingsBlockTimeLanguagePage $this.settingsBlockEaseOfAccessPage = $policy.settingsBlockEaseOfAccessPage $this.settingsBlockPrivacyPage = $policy.settingsBlockPrivacyPage $this.settingsBlockUpdateSecurityPage = $policy.settingsBlockUpdateSecurityPage $this.settingsBlockAppsPage = $policy.settingsBlockAppsPage $this.settingsBlockGamingPage = $policy.settingsBlockGamingPage $this.windowsSpotlightBlockConsumerSpecificFeatures = $policy.windowsSpotlightBlockConsumerSpecificFeatures $this.windowsSpotlightBlocked = $policy.windowsSpotlightBlocked $this.windowsSpotlightBlockOnActionCenter = $policy.windowsSpotlightBlockOnActionCenter $this.windowsSpotlightBlockTailoredExperiences = $policy.windowsSpotlightBlockTailoredExperiences $this.windowsSpotlightBlockThirdPartyNotifications = $policy.windowsSpotlightBlockThirdPartyNotifications $this.windowsSpotlightBlockWelcomeExperience = $policy.windowsSpotlightBlockWelcomeExperience $this.windowsSpotlightBlockWindowsTips = $policy.windowsSpotlightBlockWindowsTips $this.windowsSpotlightConfigureOnLockScreen = $policy.windowsSpotlightConfigureOnLockScreen $this.networkProxyApplySettingsDeviceWide = $policy.networkProxyApplySettingsDeviceWide $this.networkProxyDisableAutoDetect = $policy.networkProxyDisableAutoDetect $this.networkProxyAutomaticConfigurationUrl = $policy.networkProxyAutomaticConfigurationUrl $this.networkProxyServer = $policy.networkProxyServer $this.accountsBlockAddingNonMicrosoftAccountEmail = $policy.accountsBlockAddingNonMicrosoftAccountEmail $this.antiTheftModeBlocked = $policy.antiTheftModeBlocked $this.bluetoothBlocked = $policy.bluetoothBlocked $this.cameraBlocked = $policy.cameraBlocked $this.connectedDevicesServiceBlocked = $policy.connectedDevicesServiceBlocked $this.certificatesBlockManualRootCertificateInstallation = $policy.certificatesBlockManualRootCertificateInstallation $this.copyPasteBlocked = $policy.copyPasteBlocked $this.cortanaBlocked = $policy.cortanaBlocked $this.deviceManagementBlockFactoryResetOnMobile = $policy.deviceManagementBlockFactoryResetOnMobile $this.deviceManagementBlockManualUnenroll = $policy.deviceManagementBlockManualUnenroll $this.safeSearchFilter = $policy.safeSearchFilter $this.edgeBlockPopups = $policy.edgeBlockPopups $this.edgeBlockSearchSuggestions = $policy.edgeBlockSearchSuggestions $this.edgeBlockSearchEngineCustomization = $policy.edgeBlockSearchEngineCustomization $this.edgeBlockSendingIntranetTrafficToInternetExplorer = $policy.edgeBlockSendingIntranetTrafficToInternetExplorer $this.edgeSendIntranetTrafficToInternetExplorer = $policy.edgeSendIntranetTrafficToInternetExplorer $this.edgeRequireSmartScreen = $policy.edgeRequireSmartScreen $this.edgeEnterpriseModeSiteListLocation = $policy.edgeEnterpriseModeSiteListLocation $this.edgeFirstRunUrl = $policy.edgeFirstRunUrl $this.edgeSearchEngine = $policy.edgeSearchEngine $this.edgeHomepageUrls = $policy.edgeHomepageUrls $this.edgeBlockAccessToAboutFlags = $policy.edgeBlockAccessToAboutFlags $this.smartScreenBlockPromptOverride = $policy.smartScreenBlockPromptOverride $this.smartScreenBlockPromptOverrideForFiles = $policy.smartScreenBlockPromptOverrideForFiles $this.webRtcBlockLocalhostIpAddress = $policy.webRtcBlockLocalhostIpAddress $this.internetSharingBlocked = $policy.internetSharingBlocked $this.settingsBlockAddProvisioningPackage = $policy.settingsBlockAddProvisioningPackage $this.settingsBlockRemoveProvisioningPackage = $policy.settingsBlockRemoveProvisioningPackage $this.settingsBlockChangeSystemTime = $policy.settingsBlockChangeSystemTime $this.settingsBlockEditDeviceName = $policy.settingsBlockEditDeviceName $this.settingsBlockChangeRegion = $policy.settingsBlockChangeRegion $this.settingsBlockChangeLanguage = $policy.settingsBlockChangeLanguage $this.settingsBlockChangePowerSleep = $policy.settingsBlockChangePowerSleep $this.locationServicesBlocked = $policy.locationServicesBlocked $this.microsoftAccountBlocked = $policy.microsoftAccountBlocked $this.microsoftAccountBlockSettingsSync = $policy.microsoftAccountBlockSettingsSync $this.nfcBlocked = $policy.nfcBlocked $this.resetProtectionModeBlocked = $policy.resetProtectionModeBlocked $this.screenCaptureBlocked = $policy.screenCaptureBlocked $this.storageBlockRemovableStorage = $policy.storageBlockRemovableStorage $this.storageRequireMobileDeviceEncryption = $policy.storageRequireMobileDeviceEncryption $this.usbBlocked = $policy.usbBlocked $this.voiceRecordingBlocked = $policy.voiceRecordingBlocked $this.wiFiBlockAutomaticConnectHotspots = $policy.wiFiBlockAutomaticConnectHotspots $this.wiFiBlocked = $policy.wiFiBlocked $this.wiFiBlockManualConfiguration = $policy.wiFiBlockManualConfiguration $this.wiFiScanInterval = $policy.wiFiScanInterval $this.wirelessDisplayBlockProjectionToThisDevice = $policy.wirelessDisplayBlockProjectionToThisDevice $this.wirelessDisplayBlockUserInputFromReceiver = $policy.wirelessDisplayBlockUserInputFromReceiver $this.wirelessDisplayRequirePinForPairing = $policy.wirelessDisplayRequirePinForPairing $this.windowsStoreBlocked = $policy.windowsStoreBlocked $this.appsAllowTrustedAppsSideloading = $policy.appsAllowTrustedAppsSideloading $this.windowsStoreBlockAutoUpdate = $policy.windowsStoreBlockAutoUpdate $this.developerUnlockSetting = $policy.developerUnlockSetting $this.sharedUserAppDataAllowed = $policy.sharedUserAppDataAllowed $this.appsBlockWindowsStoreOriginatedApps = $policy.appsBlockWindowsStoreOriginatedApps $this.windowsStoreEnablePrivateStoreOnly = $policy.windowsStoreEnablePrivateStoreOnly $this.storageRestrictAppDataToSystemVolume = $policy.storageRestrictAppDataToSystemVolume $this.storageRestrictAppInstallToSystemVolume = $policy.storageRestrictAppInstallToSystemVolume $this.gameDvrBlocked = $policy.gameDvrBlocked $this.experienceBlockDeviceDiscovery = $policy.experienceBlockDeviceDiscovery $this.experienceBlockErrorDialogWhenNoSIM = $policy.experienceBlockErrorDialogWhenNoSIM $this.experienceBlockTaskSwitcher = $policy.experienceBlockTaskSwitcher $this.logonBlockFastUserSwitching = $policy.logonBlockFastUserSwitching $this.tenantLockdownRequireNetworkDuringOutOfBoxExperience = $policy.tenantLockdownRequireNetworkDuringOutOfBoxExperience $this.appManagementMSIAllowUserControlOverInstall = $policy.appManagementMSIAllowUserControlOverInstall $this.appManagementMSIAlwaysInstallWithElevatedPrivileges = $policy.appManagementMSIAlwaysInstallWithElevatedPrivileges $this.dataProtectionBlockDirectMemoryAccess = $policy.dataProtectionBlockDirectMemoryAccess $this.appManagementPackageFamilyNamesToLaunchAfterLogOn = $policy.appManagementPackageFamilyNamesToLaunchAfterLogOn $this.uninstallBuiltInApps = $policy.uninstallBuiltInApps $this.configureTimeZone = $policy.configureTimeZone } # Overriding the ToString method [string] ToString() { return "Class: CreateEmWindows10GeneralConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmWindows10GeneralConfiguration.ps1' 874 #Region '.\Classes\DeviceConfiguration\Create\CreateEmWindows81ScepCertificateProfile.ps1' -1 class CreateEmWindows81SCEPCertificateProfile { [string]${@odata.type} [string]$description [string]$displayName [object]$version [object]$renewalThresholdPercentage [string]$keyStorageProvider [string]$subjectNameFormat [string]$subjectAlternativeNameType [object]$certificateValidityPeriodValue [string]$certificateValidityPeriodScale [object[]]$extendedKeyUsages [object[]]$customSubjectAlternativeNames [object[]]$scepServerUrls [string]$subjectNameFormatString [string]$keyUsage [string]$keySize [string]$hashAlgorithm [string]$subjectAlternativeNameFormatString [string]$certificateStore # Default constructor CreateEmWindows81SCEPCertificateProfile() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.renewalThresholdPercentage = $null $this.keyStorageProvider = '' $this.subjectNameFormat = '' $this.subjectAlternativeNameType = '' $this.certificateValidityPeriodValue = $null $this.certificateValidityPeriodScale = '' $this.extendedKeyUsages = @() $this.customSubjectAlternativeNames = @() $this.scepServerUrls = @() $this.subjectNameFormatString = '' $this.keyUsage = '' $this.keySize = '' $this.hashAlgorithm = '' $this.subjectAlternativeNameFormatString = '' $this.certificateStore = '' } # Parameterized constructor CreateEmWindows81SCEPCertificateProfile ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.renewalThresholdPercentage = $policy.renewalThresholdPercentage $this.keyStorageProvider = $policy.keyStorageProvider $this.subjectNameFormat = $policy.subjectNameFormat $this.subjectAlternativeNameType = $policy.subjectAlternativeNameType $this.certificateValidityPeriodValue = $policy.certificateValidityPeriodValue $this.certificateValidityPeriodScale = $policy.certificateValidityPeriodScale $this.extendedKeyUsages = $policy.extendedKeyUsages $this.customSubjectAlternativeNames = $policy.customSubjectAlternativeNames $this.scepServerUrls = $policy.scepServerUrls $this.subjectNameFormatString = $policy.subjectNameFormatString $this.keyUsage = $policy.keyUsage $this.keySize = $policy.keySize $this.hashAlgorithm = $policy.hashAlgorithm $this.subjectAlternativeNameFormatString = $policy.subjectAlternativeNameFormatString $this.certificateStore = $policy.certificateStore } # Overriding the ToString method [string] ToString() { return "Class: CreateEmWindows81SCEPCertificateProfile" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmWindows81ScepCertificateProfile.ps1' 73 #Region '.\Classes\DeviceConfiguration\Create\CreateEmWindows81TrustedRootCertificate.ps1' -1 class CreateEmWindows81TrustedRootCertificate { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$trustedRootCertificate [string]$certFileName [string]$destinationStore # Default constructor CreateEmWindows81TrustedRootCertificate() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.trustedRootCertificate = '' $this.certFileName = '' $this.destinationStore = '' } # Parameterized constructor CreateEmWindows81TrustedRootCertificate ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.trustedRootCertificate = $policy.trustedRootCertificate $this.certFileName = $policy.certFileName $this.destinationStore = $policy.destinationStore } # Overriding the ToString method [string] ToString() { return "Class: CreateEmWindows81TrustedRootCertificate" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmWindows81TrustedRootCertificate.ps1' 37 #Region '.\Classes\DeviceConfiguration\Create\CreateEmWindowsHealthMonitoringConfiguration.ps1' -1 class CreateEmWindowsHealthMonitoringConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$allowDeviceHealthMonitoring [string]$configDeviceHealthMonitoringScope [string]$configDeviceHealthMonitoringCustomScope # Default constructor CreateEmWindowsHealthMonitoringConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.allowDeviceHealthMonitoring = '' $this.configDeviceHealthMonitoringScope = '' $this.configDeviceHealthMonitoringCustomScope = '' } # Parameterized constructor CreateEmWindowsHealthMonitoringConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.allowDeviceHealthMonitoring = $policy.allowDeviceHealthMonitoring $this.configDeviceHealthMonitoringScope = $policy.configDeviceHealthMonitoringScope $this.configDeviceHealthMonitoringCustomScope = $policy.configDeviceHealthMonitoringCustomScope } # Overriding the ToString method [string] ToString() { return "Class: CreateEmWindowsHealthMonitoringConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmWindowsHealthMonitoringConfiguration.ps1' 37 #Region '.\Classes\DeviceConfiguration\Create\CreateEmWindowsUpdateForBusinessConfiguration.ps1' -1 class CreateEmWindowsUpdateForBusinessConfiguration { [string]${@odata.type} [string]$description [string]$displayName [object]$version [string]$deliveryOptimizationMode [string]$prereleaseFeatures [string]$automaticUpdateMode [bool]$microsoftUpdateServiceAllowed [bool]$driversExcluded [psobject]$installationSchedule [object]$qualityUpdatesDeferralPeriodInDays [object]$featureUpdatesDeferralPeriodInDays [bool]$qualityUpdatesPaused [bool]$featureUpdatesPaused [datetime]$qualityUpdatesPauseExpiryDateTime [datetime]$featureUpdatesPauseExpiryDateTime [string]$businessReadyUpdatesOnly [bool]$skipChecksBeforeRestart [string]$updateWeeks #[string]$qualityUpdatesPauseStartDate #[string]$featureUpdatesPauseStartDate [object]$featureUpdatesRollbackWindowInDays [bool]$qualityUpdatesWillBeRolledBack [bool]$featureUpdatesWillBeRolledBack [datetime]$qualityUpdatesRollbackStartDateTime [datetime]$featureUpdatesRollbackStartDateTime [object]$engagedRestartDeadlineInDays [object]$engagedRestartSnoozeScheduleInDays [object]$engagedRestartTransitionScheduleInDays [object]$deadlineForFeatureUpdatesInDays [object]$deadlineForQualityUpdatesInDays [object]$deadlineGracePeriodInDays [bool]$postponeRebootUntilAfterDeadline [string]$autoRestartNotificationDismissal [object]$scheduleRestartWarningInHours [object]$scheduleImminentRestartWarningInMinutes [string]$userPauseAccess [string]$userWindowsUpdateScanAccess [string]$updateNotificationLevel [bool]$allowWindows11Upgrade # Default constructor CreateEmWindowsUpdateForBusinessConfiguration() { $this."@odata.type" = '' $this.description = '' $this.displayName = '' $this.version = $null $this.deliveryOptimizationMode = '' $this.prereleaseFeatures = '' $this.automaticUpdateMode = '' $this.microsoftUpdateServiceAllowed = $false $this.driversExcluded = $false $this.installationSchedule = $null $this.qualityUpdatesDeferralPeriodInDays = $null $this.featureUpdatesDeferralPeriodInDays = $null $this.qualityUpdatesPaused = $false $this.featureUpdatesPaused = $false $this.qualityUpdatesPauseExpiryDateTime = [datetime]::MinValue $this.featureUpdatesPauseExpiryDateTime = [datetime]::MinValue $this.businessReadyUpdatesOnly = '' $this.skipChecksBeforeRestart = $false $this.updateWeeks = '' #$this.qualityUpdatesPauseStartDate = [datetime]::MinValue #$this.featureUpdatesPauseStartDate = [datetime]::MinValue $this.featureUpdatesRollbackWindowInDays = $null $this.qualityUpdatesWillBeRolledBack = $false $this.featureUpdatesWillBeRolledBack = $false $this.qualityUpdatesRollbackStartDateTime = [datetime]::MinValue $this.featureUpdatesRollbackStartDateTime = [datetime]::MinValue $this.engagedRestartDeadlineInDays = $null $this.engagedRestartSnoozeScheduleInDays = $null $this.engagedRestartTransitionScheduleInDays = $null $this.deadlineForFeatureUpdatesInDays = $null $this.deadlineForQualityUpdatesInDays = $null $this.deadlineGracePeriodInDays = $null $this.postponeRebootUntilAfterDeadline = $false $this.autoRestartNotificationDismissal = '' $this.scheduleRestartWarningInHours = $null $this.scheduleImminentRestartWarningInMinutes = $null $this.userPauseAccess = '' $this.userWindowsUpdateScanAccess = '' $this.updateNotificationLevel = '' $this.allowWindows11Upgrade = $false } # Parameterized constructor CreateEmWindowsUpdateForBusinessConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.deliveryOptimizationMode = $policy.deliveryOptimizationMode $this.prereleaseFeatures = $policy.prereleaseFeatures $this.automaticUpdateMode = $policy.automaticUpdateMode $this.microsoftUpdateServiceAllowed = $policy.microsoftUpdateServiceAllowed $this.driversExcluded = $policy.driversExcluded $this.installationSchedule = $policy.installationSchedule $this.qualityUpdatesDeferralPeriodInDays = $policy.qualityUpdatesDeferralPeriodInDays $this.featureUpdatesDeferralPeriodInDays = $policy.featureUpdatesDeferralPeriodInDays $this.qualityUpdatesPaused = $policy.qualityUpdatesPaused $this.featureUpdatesPaused = $policy.featureUpdatesPaused $this.qualityUpdatesPauseExpiryDateTime = $policy.qualityUpdatesPauseExpiryDateTime $this.featureUpdatesPauseExpiryDateTime = $policy.featureUpdatesPauseExpiryDateTime $this.businessReadyUpdatesOnly = $policy.businessReadyUpdatesOnly $this.skipChecksBeforeRestart = $policy.skipChecksBeforeRestart $this.updateWeeks = $policy.updateWeeks #$this.qualityUpdatesPauseStartDate = $policy.qualityUpdatesPauseStartDate #$this.featureUpdatesPauseStartDate = $policy.featureUpdatesPauseStartDate $this.featureUpdatesRollbackWindowInDays = $policy.featureUpdatesRollbackWindowInDays $this.qualityUpdatesWillBeRolledBack = $policy.qualityUpdatesWillBeRolledBack $this.featureUpdatesWillBeRolledBack = $policy.featureUpdatesWillBeRolledBack $this.qualityUpdatesRollbackStartDateTime = $policy.qualityUpdatesRollbackStartDateTime $this.featureUpdatesRollbackStartDateTime = $policy.featureUpdatesRollbackStartDateTime $this.engagedRestartDeadlineInDays = $policy.engagedRestartDeadlineInDays $this.engagedRestartSnoozeScheduleInDays = $policy.engagedRestartSnoozeScheduleInDays $this.engagedRestartTransitionScheduleInDays = $policy.engagedRestartTransitionScheduleInDays $this.deadlineForFeatureUpdatesInDays = $policy.deadlineForFeatureUpdatesInDays $this.deadlineForQualityUpdatesInDays = $policy.deadlineForQualityUpdatesInDays $this.deadlineGracePeriodInDays = $policy.deadlineGracePeriodInDays $this.postponeRebootUntilAfterDeadline = $policy.postponeRebootUntilAfterDeadline $this.autoRestartNotificationDismissal = $policy.autoRestartNotificationDismissal $this.scheduleRestartWarningInHours = $policy.scheduleRestartWarningInHours $this.scheduleImminentRestartWarningInMinutes = $policy.scheduleImminentRestartWarningInMinutes $this.userPauseAccess = $policy.userPauseAccess $this.userWindowsUpdateScanAccess = $policy.userWindowsUpdateScanAccess $this.updateNotificationLevel = $policy.updateNotificationLevel $this.allowWindows11Upgrade = $policy.allowWindows11Upgrade } # Overriding the ToString method [string] ToString() { return "Class: CreateEmWindowsUpdateForBusinessConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Create\CreateEmWindowsUpdateForBusinessConfiguration.ps1' 136 #Region '.\Classes\DeviceConfiguration\Get\GetEmAndroidWorkProfileGeneralDeviceConfiguration.ps1' -1 class GetEmAndroidWorkProfileGeneralDeviceConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [bool]$passwordBlockFaceUnlock [bool]$passwordBlockFingerprintUnlock [bool]$passwordBlockIrisUnlock [bool]$passwordBlockTrustAgents [object]$passwordExpirationDays [object]$passwordMinimumLength [object]$passwordMinutesOfInactivityBeforeScreenTimeout [object]$passwordPreviousPasswordBlockCount [object]$passwordSignInFailureCountBeforeFactoryReset [string]$passwordRequiredType [string]$requiredPasswordComplexity [bool]$workProfileAllowAppInstallsFromUnknownSources [string]$workProfileDataSharingType [bool]$workProfileBlockNotificationsWhileDeviceLocked [bool]$workProfileBlockAddingAccounts [bool]$workProfileBluetoothEnableContactSharing [bool]$workProfileBlockScreenCapture [bool]$workProfileBlockCrossProfileCallerId [bool]$workProfileBlockCamera [bool]$workProfileBlockCrossProfileContactsSearch [bool]$workProfileBlockCrossProfileCopyPaste [string]$workProfileDefaultAppPermissionPolicy [bool]$workProfilePasswordBlockFaceUnlock [bool]$workProfilePasswordBlockFingerprintUnlock [bool]$workProfilePasswordBlockIrisUnlock [bool]$workProfilePasswordBlockTrustAgents [object]$workProfilePasswordExpirationDays [object]$workProfilePasswordMinimumLength [object]$workProfilePasswordMinNumericCharacters [object]$workProfilePasswordMinNonLetterCharacters [object]$workProfilePasswordMinLetterCharacters [object]$workProfilePasswordMinLowerCaseCharacters [object]$workProfilePasswordMinUpperCaseCharacters [object]$workProfilePasswordMinSymbolCharacters [object]$workProfilePasswordMinutesOfInactivityBeforeScreenTimeout [object]$workProfilePasswordPreviousPasswordBlockCount [object]$workProfilePasswordSignInFailureCountBeforeFactoryReset [string]$workProfilePasswordRequiredType [string]$workProfileRequiredPasswordComplexity [bool]$workProfileRequirePassword [bool]$securityRequireVerifyApps [string]$vpnAlwaysOnPackageIdentifier [bool]$vpnEnableAlwaysOnLockdownMode [bool]$workProfileAllowWidgets [bool]$workProfileBlockPersonalAppInstallsFromUnknownSources [string]$workProfileAccountUse [object[]]$allowedGoogleAccountDomains [bool]$blockUnifiedPasswordForWorkProfile # Default constructor GetEmAndroidWorkProfileGeneralDeviceConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.passwordBlockFaceUnlock = $false $this.passwordBlockFingerprintUnlock = $false $this.passwordBlockIrisUnlock = $false $this.passwordBlockTrustAgents = $false $this.passwordExpirationDays = $null $this.passwordMinimumLength = $null $this.passwordMinutesOfInactivityBeforeScreenTimeout = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.passwordRequiredType = '' $this.requiredPasswordComplexity = '' $this.workProfileAllowAppInstallsFromUnknownSources = $false $this.workProfileDataSharingType = '' $this.workProfileBlockNotificationsWhileDeviceLocked = $false $this.workProfileBlockAddingAccounts = $false $this.workProfileBluetoothEnableContactSharing = $false $this.workProfileBlockScreenCapture = $false $this.workProfileBlockCrossProfileCallerId = $false $this.workProfileBlockCamera = $false $this.workProfileBlockCrossProfileContactsSearch = $false $this.workProfileBlockCrossProfileCopyPaste = $false $this.workProfileDefaultAppPermissionPolicy = '' $this.workProfilePasswordBlockFaceUnlock = $false $this.workProfilePasswordBlockFingerprintUnlock = $false $this.workProfilePasswordBlockIrisUnlock = $false $this.workProfilePasswordBlockTrustAgents = $false $this.workProfilePasswordExpirationDays = $null $this.workProfilePasswordMinimumLength = $null $this.workProfilePasswordMinNumericCharacters = $null $this.workProfilePasswordMinNonLetterCharacters = $null $this.workProfilePasswordMinLetterCharacters = $null $this.workProfilePasswordMinLowerCaseCharacters = $null $this.workProfilePasswordMinUpperCaseCharacters = $null $this.workProfilePasswordMinSymbolCharacters = $null $this.workProfilePasswordMinutesOfInactivityBeforeScreenTimeout = $null $this.workProfilePasswordPreviousPasswordBlockCount = $null $this.workProfilePasswordSignInFailureCountBeforeFactoryReset = $null $this.workProfilePasswordRequiredType = '' $this.workProfileRequiredPasswordComplexity = '' $this.workProfileRequirePassword = $false $this.securityRequireVerifyApps = $false $this.vpnAlwaysOnPackageIdentifier = '' $this.vpnEnableAlwaysOnLockdownMode = $false $this.workProfileAllowWidgets = $false $this.workProfileBlockPersonalAppInstallsFromUnknownSources = $false $this.workProfileAccountUse = '' $this.allowedGoogleAccountDomains = @() $this.blockUnifiedPasswordForWorkProfile = $false } # Parameterized constructor GetEmAndroidWorkProfileGeneralDeviceConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.passwordBlockFaceUnlock = $policy.passwordBlockFaceUnlock $this.passwordBlockFingerprintUnlock = $policy.passwordBlockFingerprintUnlock $this.passwordBlockIrisUnlock = $policy.passwordBlockIrisUnlock $this.passwordBlockTrustAgents = $policy.passwordBlockTrustAgents $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeScreenTimeout = $policy.passwordMinutesOfInactivityBeforeScreenTimeout $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.passwordRequiredType = $policy.passwordRequiredType $this.requiredPasswordComplexity = $policy.requiredPasswordComplexity $this.workProfileAllowAppInstallsFromUnknownSources = $policy.workProfileAllowAppInstallsFromUnknownSources $this.workProfileDataSharingType = $policy.workProfileDataSharingType $this.workProfileBlockNotificationsWhileDeviceLocked = $policy.workProfileBlockNotificationsWhileDeviceLocked $this.workProfileBlockAddingAccounts = $policy.workProfileBlockAddingAccounts $this.workProfileBluetoothEnableContactSharing = $policy.workProfileBluetoothEnableContactSharing $this.workProfileBlockScreenCapture = $policy.workProfileBlockScreenCapture $this.workProfileBlockCrossProfileCallerId = $policy.workProfileBlockCrossProfileCallerId $this.workProfileBlockCamera = $policy.workProfileBlockCamera $this.workProfileBlockCrossProfileContactsSearch = $policy.workProfileBlockCrossProfileContactsSearch $this.workProfileBlockCrossProfileCopyPaste = $policy.workProfileBlockCrossProfileCopyPaste $this.workProfileDefaultAppPermissionPolicy = $policy.workProfileDefaultAppPermissionPolicy $this.workProfilePasswordBlockFaceUnlock = $policy.workProfilePasswordBlockFaceUnlock $this.workProfilePasswordBlockFingerprintUnlock = $policy.workProfilePasswordBlockFingerprintUnlock $this.workProfilePasswordBlockIrisUnlock = $policy.workProfilePasswordBlockIrisUnlock $this.workProfilePasswordBlockTrustAgents = $policy.workProfilePasswordBlockTrustAgents $this.workProfilePasswordExpirationDays = $policy.workProfilePasswordExpirationDays $this.workProfilePasswordMinimumLength = $policy.workProfilePasswordMinimumLength $this.workProfilePasswordMinNumericCharacters = $policy.workProfilePasswordMinNumericCharacters $this.workProfilePasswordMinNonLetterCharacters = $policy.workProfilePasswordMinNonLetterCharacters $this.workProfilePasswordMinLetterCharacters = $policy.workProfilePasswordMinLetterCharacters $this.workProfilePasswordMinLowerCaseCharacters = $policy.workProfilePasswordMinLowerCaseCharacters $this.workProfilePasswordMinUpperCaseCharacters = $policy.workProfilePasswordMinUpperCaseCharacters $this.workProfilePasswordMinSymbolCharacters = $policy.workProfilePasswordMinSymbolCharacters $this.workProfilePasswordMinutesOfInactivityBeforeScreenTimeout = $policy.workProfilePasswordMinutesOfInactivityBeforeScreenTimeout $this.workProfilePasswordPreviousPasswordBlockCount = $policy.workProfilePasswordPreviousPasswordBlockCount $this.workProfilePasswordSignInFailureCountBeforeFactoryReset = $policy.workProfilePasswordSignInFailureCountBeforeFactoryReset $this.workProfilePasswordRequiredType = $policy.workProfilePasswordRequiredType $this.workProfileRequiredPasswordComplexity = $policy.workProfileRequiredPasswordComplexity $this.workProfileRequirePassword = $policy.workProfileRequirePassword $this.securityRequireVerifyApps = $policy.securityRequireVerifyApps $this.vpnAlwaysOnPackageIdentifier = $policy.vpnAlwaysOnPackageIdentifier $this.vpnEnableAlwaysOnLockdownMode = $policy.vpnEnableAlwaysOnLockdownMode $this.workProfileAllowWidgets = $policy.workProfileAllowWidgets $this.workProfileBlockPersonalAppInstallsFromUnknownSources = $policy.workProfileBlockPersonalAppInstallsFromUnknownSources $this.workProfileAccountUse = $policy.workProfileAccountUse $this.allowedGoogleAccountDomains = $policy.allowedGoogleAccountDomains $this.blockUnifiedPasswordForWorkProfile = $policy.blockUnifiedPasswordForWorkProfile } # Overriding the ToString method [string] ToString() { return "Class: GetEmAndroidWorkProfileGeneralDeviceConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmAndroidWorkProfileGeneralDeviceConfiguration.ps1' 196 #Region '.\Classes\DeviceConfiguration\Get\GetEmAndroidWorkProfileVpnConfiguration.ps1' -1 class GetEmAndroidWorkProfileVpnConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$connectionName [string]$connectionType [string]$role [string]$realm [object[]]$servers [string]$fingerprint [object[]]$customData [object[]]$customKeyValueData [string]$authenticationMethod [psobject]$proxyServer [object[]]$targetedPackageIds [object[]]$targetedMobileApps [bool]$alwaysOn [bool]$alwaysOnLockdown [string]$microsoftTunnelSiteId [object[]]$proxyExclusionList # Default constructor GetEmAndroidWorkProfileVpnConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.connectionName = '' $this.connectionType = '' $this.role = '' $this.realm = '' $this.servers = @() $this.fingerprint = '' $this.customData = @() $this.customKeyValueData = @() $this.authenticationMethod = '' $this.proxyServer = $null $this.targetedPackageIds = @() $this.targetedMobileApps = @() $this.alwaysOn = $false $this.alwaysOnLockdown = $false $this.microsoftTunnelSiteId = '' $this.proxyExclusionList = @() } # Parameterized constructor GetEmAndroidWorkProfileVpnConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.connectionName = $policy.connectionName $this.connectionType = $policy.connectionType $this.role = $policy.role $this.realm = $policy.realm $this.servers = $policy.servers $this.fingerprint = $policy.fingerprint $this.customData = $policy.customData $this.customKeyValueData = $policy.customKeyValueData $this.authenticationMethod = $policy.authenticationMethod $this.proxyServer = $policy.proxyServer $this.targetedPackageIds = $policy.targetedPackageIds $this.targetedMobileApps = $policy.targetedMobileApps $this.alwaysOn = $policy.alwaysOn $this.alwaysOnLockdown = $policy.alwaysOnLockdown $this.microsoftTunnelSiteId = $policy.microsoftTunnelSiteId $this.proxyExclusionList = $policy.proxyExclusionList } # Overriding the ToString method [string] ToString() { return "Class: GetEmAndroidWorkProfileVpnConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmAndroidWorkProfileVpnConfiguration.ps1' 100 #Region '.\Classes\DeviceConfiguration\Get\GetEmIosupdateconfiguration.ps1' -1 class GetEmIosUpdateConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [bool]$isEnabled [string]$activeHoursStart [string]$activeHoursEnd [string]$desiredOsVersion [object[]]$scheduledInstallDays [object]$utcTimeOffsetInMinutes [object]$enforcedSoftwareUpdateDelayInDays [string]$updateScheduleType [object[]]$customUpdateTimeWindows # Default constructor GetEmIosUpdateConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.isEnabled = $false $this.activeHoursStart = '' $this.activeHoursEnd = '' $this.desiredOsVersion = '' $this.scheduledInstallDays = @() $this.utcTimeOffsetInMinutes = $null $this.enforcedSoftwareUpdateDelayInDays = $null $this.updateScheduleType = '' $this.customUpdateTimeWindows = @() } # Parameterized constructor GetEmIosUpdateConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.isEnabled = $policy.isEnabled $this.activeHoursStart = $policy.activeHoursStart $this.activeHoursEnd = $policy.activeHoursEnd $this.desiredOsVersion = $policy.desiredOsVersion $this.scheduledInstallDays = $policy.scheduledInstallDays $this.utcTimeOffsetInMinutes = $policy.utcTimeOffsetInMinutes $this.enforcedSoftwareUpdateDelayInDays = $policy.enforcedSoftwareUpdateDelayInDays $this.updateScheduleType = $policy.updateScheduleType $this.customUpdateTimeWindows = $policy.customUpdateTimeWindows } # Overriding the ToString method [string] ToString() { return "Class: GetEmIosUpdateConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmIosupdateconfiguration.ps1' 79 #Region '.\Classes\DeviceConfiguration\Get\GetEmMacOSCustomConfiguration.ps1' -1 class GetEmMacOSCustomConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$payloadName [string]$payloadFileName [string]$payload [string]$deploymentChannel # Default constructor GetEmMacOSCustomConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.payloadName = '' $this.payloadFileName = '' $this.payload = '' $this.deploymentChannel = '' } # Parameterized constructor GetEmMacOSCustomConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.payloadName = $policy.payloadName $this.payloadFileName = $policy.payloadFileName $this.payload = $policy.payload $this.deploymentChannel = $policy.deploymentChannel } # Overriding the ToString method [string] ToString() { return "Class: GetEmMacOSCustomConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmMacOSCustomConfiguration.ps1' 64 #Region '.\Classes\DeviceConfiguration\Get\GetEmMacOSDeviceFeaturesConfiguration.ps1' -1 class GetEmMacOSDeviceFeaturesConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [object[]]$airPrintDestinations [object[]]$autoLaunchItems [bool]$adminShowHostInfo [string]$loginWindowText [bool]$authorizedUsersListHidden [bool]$authorizedUsersListHideLocalUsers [bool]$authorizedUsersListHideMobileAccounts [bool]$authorizedUsersListIncludeNetworkUsers [bool]$authorizedUsersListHideAdminUsers [bool]$authorizedUsersListShowOtherManagedUsers [bool]$shutDownDisabled [bool]$restartDisabled [bool]$sleepDisabled [bool]$consoleAccessDisabled [bool]$shutDownDisabledWhileLoggedIn [bool]$restartDisabledWhileLoggedIn [bool]$powerOffDisabledWhileLoggedIn [bool]$logOutDisabledWhileLoggedIn [bool]$screenLockDisableImmediate [object[]]$associatedDomains [object[]]$appAssociatedDomains [psobject]$singleSignOnExtension [psobject]$macOSSingleSignOnExtension [bool]$contentCachingEnabled [string]$contentCachingType [object]$contentCachingMaxSizeBytes [string]$contentCachingDataPath [bool]$contentCachingDisableConnectionSharing [bool]$contentCachingForceConnectionSharing [string]$contentCachingClientPolicy [object[]]$contentCachingClientListenRanges [string]$contentCachingPeerPolicy [object[]]$contentCachingPeerListenRanges [object[]]$contentCachingPeerFilterRanges [string]$contentCachingParentSelectionPolicy [object[]]$contentCachingParents [bool]$contentCachingLogClientIdentities [object[]]$contentCachingPublicRanges [bool]$contentCachingBlockDeletion [bool]$contentCachingShowAlerts [bool]$contentCachingKeepAwake [object]$contentCachingPort # Default constructor GetEmMacOSDeviceFeaturesConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.airPrintDestinations = @() $this.autoLaunchItems = @() $this.adminShowHostInfo = $false $this.loginWindowText = '' $this.authorizedUsersListHidden = $false $this.authorizedUsersListHideLocalUsers = $false $this.authorizedUsersListHideMobileAccounts = $false $this.authorizedUsersListIncludeNetworkUsers = $false $this.authorizedUsersListHideAdminUsers = $false $this.authorizedUsersListShowOtherManagedUsers = $false $this.shutDownDisabled = $false $this.restartDisabled = $false $this.sleepDisabled = $false $this.consoleAccessDisabled = $false $this.shutDownDisabledWhileLoggedIn = $false $this.restartDisabledWhileLoggedIn = $false $this.powerOffDisabledWhileLoggedIn = $false $this.logOutDisabledWhileLoggedIn = $false $this.screenLockDisableImmediate = $false $this.associatedDomains = @() $this.appAssociatedDomains = @() $this.singleSignOnExtension = $null $this.macOSSingleSignOnExtension = $null $this.contentCachingEnabled = $false $this.contentCachingType = '' $this.contentCachingMaxSizeBytes = $null $this.contentCachingDataPath = '' $this.contentCachingDisableConnectionSharing = $false $this.contentCachingForceConnectionSharing = $false $this.contentCachingClientPolicy = '' $this.contentCachingClientListenRanges = @() $this.contentCachingPeerPolicy = '' $this.contentCachingPeerListenRanges = @() $this.contentCachingPeerFilterRanges = @() $this.contentCachingParentSelectionPolicy = '' $this.contentCachingParents = @() $this.contentCachingLogClientIdentities = $false $this.contentCachingPublicRanges = @() $this.contentCachingBlockDeletion = $false $this.contentCachingShowAlerts = $false $this.contentCachingKeepAwake = $false $this.contentCachingPort = $null } # Parameterized constructor GetEmMacOSDeviceFeaturesConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.airPrintDestinations = $policy.airPrintDestinations $this.autoLaunchItems = $policy.autoLaunchItems $this.adminShowHostInfo = $policy.adminShowHostInfo $this.loginWindowText = $policy.loginWindowText $this.authorizedUsersListHidden = $policy.authorizedUsersListHidden $this.authorizedUsersListHideLocalUsers = $policy.authorizedUsersListHideLocalUsers $this.authorizedUsersListHideMobileAccounts = $policy.authorizedUsersListHideMobileAccounts $this.authorizedUsersListIncludeNetworkUsers = $policy.authorizedUsersListIncludeNetworkUsers $this.authorizedUsersListHideAdminUsers = $policy.authorizedUsersListHideAdminUsers $this.authorizedUsersListShowOtherManagedUsers = $policy.authorizedUsersListShowOtherManagedUsers $this.shutDownDisabled = $policy.shutDownDisabled $this.restartDisabled = $policy.restartDisabled $this.sleepDisabled = $policy.sleepDisabled $this.consoleAccessDisabled = $policy.consoleAccessDisabled $this.shutDownDisabledWhileLoggedIn = $policy.shutDownDisabledWhileLoggedIn $this.restartDisabledWhileLoggedIn = $policy.restartDisabledWhileLoggedIn $this.powerOffDisabledWhileLoggedIn = $policy.powerOffDisabledWhileLoggedIn $this.logOutDisabledWhileLoggedIn = $policy.logOutDisabledWhileLoggedIn $this.screenLockDisableImmediate = $policy.screenLockDisableImmediate $this.associatedDomains = $policy.associatedDomains $this.appAssociatedDomains = $policy.appAssociatedDomains $this.singleSignOnExtension = $policy.singleSignOnExtension $this.macOSSingleSignOnExtension = $policy.macOSSingleSignOnExtension $this.contentCachingEnabled = $policy.contentCachingEnabled $this.contentCachingType = $policy.contentCachingType $this.contentCachingMaxSizeBytes = $policy.contentCachingMaxSizeBytes $this.contentCachingDataPath = $policy.contentCachingDataPath $this.contentCachingDisableConnectionSharing = $policy.contentCachingDisableConnectionSharing $this.contentCachingForceConnectionSharing = $policy.contentCachingForceConnectionSharing $this.contentCachingClientPolicy = $policy.contentCachingClientPolicy $this.contentCachingClientListenRanges = $policy.contentCachingClientListenRanges $this.contentCachingPeerPolicy = $policy.contentCachingPeerPolicy $this.contentCachingPeerListenRanges = $policy.contentCachingPeerListenRanges $this.contentCachingPeerFilterRanges = $policy.contentCachingPeerFilterRanges $this.contentCachingParentSelectionPolicy = $policy.contentCachingParentSelectionPolicy $this.contentCachingParents = $policy.contentCachingParents $this.contentCachingLogClientIdentities = $policy.contentCachingLogClientIdentities $this.contentCachingPublicRanges = $policy.contentCachingPublicRanges $this.contentCachingBlockDeletion = $policy.contentCachingBlockDeletion $this.contentCachingShowAlerts = $policy.contentCachingShowAlerts $this.contentCachingKeepAwake = $policy.contentCachingKeepAwake $this.contentCachingPort = $policy.contentCachingPort } # Overriding the ToString method [string] ToString() { return "Class: GetEmMacOSDeviceFeaturesConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmMacOSDeviceFeaturesConfiguration.ps1' 178 #Region '.\Classes\DeviceConfiguration\Get\GetEmMacOSEndpointProtectionConfiguration.ps1' -1 class GetEmMacOSEndpointProtectionConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$gatekeeperAllowedAppSource [bool]$gatekeeperBlockOverride [bool]$firewallEnabled [bool]$firewallBlockAllIncoming [bool]$firewallEnableStealthMode [object[]]$firewallApplications [bool]$fileVaultEnabled [string]$fileVaultSelectedRecoveryKeyTypes [string]$fileVaultInstitutionalRecoveryKeyCertificate [string]$fileVaultInstitutionalRecoveryKeyCertificateFileName [string]$fileVaultPersonalRecoveryKeyHelpMessage [bool]$fileVaultAllowDeferralUntilSignOut [object]$fileVaultNumberOfTimesUserCanIgnore [bool]$fileVaultDisablePromptAtSignOut [object]$fileVaultPersonalRecoveryKeyRotationInMonths [bool]$fileVaultHidePersonalRecoveryKey [string]$advancedThreatProtectionRealTime [string]$advancedThreatProtectionCloudDelivered [string]$advancedThreatProtectionAutomaticSampleSubmission [string]$advancedThreatProtectionDiagnosticDataCollection [object[]]$advancedThreatProtectionExcludedFolders [object[]]$advancedThreatProtectionExcludedFiles [object[]]$advancedThreatProtectionExcludedExtensions [object[]]$advancedThreatProtectionExcludedProcesses # Default constructor GetEmMacOSEndpointProtectionConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.gatekeeperAllowedAppSource = '' $this.gatekeeperBlockOverride = $false $this.firewallEnabled = $false $this.firewallBlockAllIncoming = $false $this.firewallEnableStealthMode = $false $this.firewallApplications = @() $this.fileVaultEnabled = $false $this.fileVaultSelectedRecoveryKeyTypes = '' $this.fileVaultInstitutionalRecoveryKeyCertificate = '' $this.fileVaultInstitutionalRecoveryKeyCertificateFileName = '' $this.fileVaultPersonalRecoveryKeyHelpMessage = '' $this.fileVaultAllowDeferralUntilSignOut = $false $this.fileVaultNumberOfTimesUserCanIgnore = $null $this.fileVaultDisablePromptAtSignOut = $false $this.fileVaultPersonalRecoveryKeyRotationInMonths = $null $this.fileVaultHidePersonalRecoveryKey = $false $this.advancedThreatProtectionRealTime = '' $this.advancedThreatProtectionCloudDelivered = '' $this.advancedThreatProtectionAutomaticSampleSubmission = '' $this.advancedThreatProtectionDiagnosticDataCollection = '' $this.advancedThreatProtectionExcludedFolders = @() $this.advancedThreatProtectionExcludedFiles = @() $this.advancedThreatProtectionExcludedExtensions = @() $this.advancedThreatProtectionExcludedProcesses = @() } # Parameterized constructor GetEmMacOSEndpointProtectionConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.gatekeeperAllowedAppSource = $policy.gatekeeperAllowedAppSource $this.gatekeeperBlockOverride = $policy.gatekeeperBlockOverride $this.firewallEnabled = $policy.firewallEnabled $this.firewallBlockAllIncoming = $policy.firewallBlockAllIncoming $this.firewallEnableStealthMode = $policy.firewallEnableStealthMode $this.firewallApplications = $policy.firewallApplications $this.fileVaultEnabled = $policy.fileVaultEnabled $this.fileVaultSelectedRecoveryKeyTypes = $policy.fileVaultSelectedRecoveryKeyTypes $this.fileVaultInstitutionalRecoveryKeyCertificate = $policy.fileVaultInstitutionalRecoveryKeyCertificate $this.fileVaultInstitutionalRecoveryKeyCertificateFileName = $policy.fileVaultInstitutionalRecoveryKeyCertificateFileName $this.fileVaultPersonalRecoveryKeyHelpMessage = $policy.fileVaultPersonalRecoveryKeyHelpMessage $this.fileVaultAllowDeferralUntilSignOut = $policy.fileVaultAllowDeferralUntilSignOut $this.fileVaultNumberOfTimesUserCanIgnore = $policy.fileVaultNumberOfTimesUserCanIgnore $this.fileVaultDisablePromptAtSignOut = $policy.fileVaultDisablePromptAtSignOut $this.fileVaultPersonalRecoveryKeyRotationInMonths = $policy.fileVaultPersonalRecoveryKeyRotationInMonths $this.fileVaultHidePersonalRecoveryKey = $policy.fileVaultHidePersonalRecoveryKey $this.advancedThreatProtectionRealTime = $policy.advancedThreatProtectionRealTime $this.advancedThreatProtectionCloudDelivered = $policy.advancedThreatProtectionCloudDelivered $this.advancedThreatProtectionAutomaticSampleSubmission = $policy.advancedThreatProtectionAutomaticSampleSubmission $this.advancedThreatProtectionDiagnosticDataCollection = $policy.advancedThreatProtectionDiagnosticDataCollection $this.advancedThreatProtectionExcludedFolders = $policy.advancedThreatProtectionExcludedFolders $this.advancedThreatProtectionExcludedFiles = $policy.advancedThreatProtectionExcludedFiles $this.advancedThreatProtectionExcludedExtensions = $policy.advancedThreatProtectionExcludedExtensions $this.advancedThreatProtectionExcludedProcesses = $policy.advancedThreatProtectionExcludedProcesses } # Overriding the ToString method [string] ToString() { return "Class: GetEmMacOSEndpointProtectionConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmMacOSEndpointProtectionConfiguration.ps1' 124 #Region '.\Classes\DeviceConfiguration\Get\GetEmMacOSExtensionsConfiguration.ps1' -1 class GetEmMacOSExtensionsConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [bool]$kernelExtensionOverridesAllowed [object[]]$kernelExtensionAllowedTeamIdentifiers [object[]]$kernelExtensionsAllowed [bool]$systemExtensionsBlockOverride [object[]]$systemExtensionsAllowedTeamIdentifiers [object[]]$systemExtensionsAllowed [object[]]$systemExtensionsAllowedTypes # Default constructor GetEmMacOSExtensionsConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.kernelExtensionOverridesAllowed = $false $this.kernelExtensionAllowedTeamIdentifiers = @() $this.kernelExtensionsAllowed = @() $this.systemExtensionsBlockOverride = $false $this.systemExtensionsAllowedTeamIdentifiers = @() $this.systemExtensionsAllowed = @() $this.systemExtensionsAllowedTypes = @() } # Parameterized constructor GetEmMacOSExtensionsConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.kernelExtensionOverridesAllowed = $policy.kernelExtensionOverridesAllowed $this.kernelExtensionAllowedTeamIdentifiers = $policy.kernelExtensionAllowedTeamIdentifiers $this.kernelExtensionsAllowed = $policy.kernelExtensionsAllowed $this.systemExtensionsBlockOverride = $policy.systemExtensionsBlockOverride $this.systemExtensionsAllowedTeamIdentifiers = $policy.systemExtensionsAllowedTeamIdentifiers $this.systemExtensionsAllowed = $policy.systemExtensionsAllowed $this.systemExtensionsAllowedTypes = $policy.systemExtensionsAllowedTypes } # Overriding the ToString method [string] ToString() { return "Class: GetEmMacOSExtensionsConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmMacOSExtensionsConfiguration.ps1' 73 #Region '.\Classes\DeviceConfiguration\Get\GetEmMacOSGeneralDeviceConfiguration.ps1' -1 class GetEmMacOSGeneralDeviceConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [object[]]$compliantAppsList [string]$compliantAppListType [object[]]$emailInDomainSuffixes [bool]$passwordBlockSimple [object]$passwordExpirationDays [object]$passwordMinimumCharacterSetCount [object]$passwordMinimumLength [object]$passwordMinutesOfInactivityBeforeLock [object]$passwordMinutesOfInactivityBeforeScreenTimeout [object]$passwordPreviousPasswordBlockCount [string]$passwordRequiredType [bool]$passwordRequired [object]$passwordMaximumAttemptCount [object]$passwordMinutesUntilFailedLoginReset [bool]$keychainBlockCloudSync [bool]$safariBlockAutofill [bool]$cameraBlocked [bool]$iTunesBlockMusicService [bool]$spotlightBlockInternetResults [bool]$keyboardBlockDictation [bool]$definitionLookupBlocked [bool]$appleWatchBlockAutoUnlock [bool]$iTunesBlockFileSharing [bool]$iCloudBlockDocumentSync [bool]$iCloudBlockMail [bool]$iCloudBlockAddressBook [bool]$iCloudBlockCalendar [bool]$iCloudBlockReminders [bool]$iCloudBlockBookmarks [bool]$iCloudBlockNotes [bool]$airDropBlocked [bool]$passwordBlockModification [bool]$passwordBlockFingerprintUnlock [bool]$passwordBlockAutoFill [bool]$passwordBlockProximityRequests [bool]$passwordBlockAirDropSharing [object]$softwareUpdatesEnforcedDelayInDays [string]$updateDelayPolicy [bool]$contentCachingBlocked [bool]$iCloudBlockPhotoLibrary [bool]$screenCaptureBlocked [bool]$classroomAppBlockRemoteScreenObservation [bool]$classroomAppForceUnpromptedScreenObservation [bool]$classroomForceAutomaticallyJoinClasses [bool]$classroomForceRequestPermissionToLeaveClasses [bool]$classroomForceUnpromptedAppAndDeviceLock [bool]$iCloudBlockActivityContinuation [object[]]$privacyAccessControls [bool]$addingGameCenterFriendsBlocked [bool]$gameCenterBlocked [bool]$multiplayerGamingBlocked [bool]$wallpaperModificationBlocked [bool]$eraseContentAndSettingsBlocked [object]$softwareUpdateMajorOSDeferredInstallDelayInDays [object]$softwareUpdateMinorOSDeferredInstallDelayInDays [object]$softwareUpdateNonOSDeferredInstallDelayInDays [object]$touchIdTimeoutInHours [bool]$iCloudPrivateRelayBlocked [bool]$iCloudDesktopAndDocumentsBlocked [bool]$activationLockWhenSupervisedAllowed # Default constructor GetEmMacOSGeneralDeviceConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.compliantAppsList = @() $this.compliantAppListType = '' $this.emailInDomainSuffixes = @() $this.passwordBlockSimple = $false $this.passwordExpirationDays = $null $this.passwordMinimumCharacterSetCount = $null $this.passwordMinimumLength = $null $this.passwordMinutesOfInactivityBeforeLock = $null $this.passwordMinutesOfInactivityBeforeScreenTimeout = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordRequiredType = '' $this.passwordRequired = $false $this.passwordMaximumAttemptCount = $null $this.passwordMinutesUntilFailedLoginReset = $null $this.keychainBlockCloudSync = $false $this.safariBlockAutofill = $false $this.cameraBlocked = $false $this.iTunesBlockMusicService = $false $this.spotlightBlockInternetResults = $false $this.keyboardBlockDictation = $false $this.definitionLookupBlocked = $false $this.appleWatchBlockAutoUnlock = $false $this.iTunesBlockFileSharing = $false $this.iCloudBlockDocumentSync = $false $this.iCloudBlockMail = $false $this.iCloudBlockAddressBook = $false $this.iCloudBlockCalendar = $false $this.iCloudBlockReminders = $false $this.iCloudBlockBookmarks = $false $this.iCloudBlockNotes = $false $this.airDropBlocked = $false $this.passwordBlockModification = $false $this.passwordBlockFingerprintUnlock = $false $this.passwordBlockAutoFill = $false $this.passwordBlockProximityRequests = $false $this.passwordBlockAirDropSharing = $false $this.softwareUpdatesEnforcedDelayInDays = $null $this.updateDelayPolicy = '' $this.contentCachingBlocked = $false $this.iCloudBlockPhotoLibrary = $false $this.screenCaptureBlocked = $false $this.classroomAppBlockRemoteScreenObservation = $false $this.classroomAppForceUnpromptedScreenObservation = $false $this.classroomForceAutomaticallyJoinClasses = $false $this.classroomForceRequestPermissionToLeaveClasses = $false $this.classroomForceUnpromptedAppAndDeviceLock = $false $this.iCloudBlockActivityContinuation = $false $this.privacyAccessControls = @() $this.addingGameCenterFriendsBlocked = $false $this.gameCenterBlocked = $false $this.multiplayerGamingBlocked = $false $this.wallpaperModificationBlocked = $false $this.eraseContentAndSettingsBlocked = $false $this.softwareUpdateMajorOSDeferredInstallDelayInDays = $null $this.softwareUpdateMinorOSDeferredInstallDelayInDays = $null $this.softwareUpdateNonOSDeferredInstallDelayInDays = $null $this.touchIdTimeoutInHours = $null $this.iCloudPrivateRelayBlocked = $false $this.iCloudDesktopAndDocumentsBlocked = $false $this.activationLockWhenSupervisedAllowed = $false } # Parameterized constructor GetEmMacOSGeneralDeviceConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.compliantAppsList = $policy.compliantAppsList $this.compliantAppListType = $policy.compliantAppListType $this.emailInDomainSuffixes = $policy.emailInDomainSuffixes $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeLock = $policy.passwordMinutesOfInactivityBeforeLock $this.passwordMinutesOfInactivityBeforeScreenTimeout = $policy.passwordMinutesOfInactivityBeforeScreenTimeout $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordRequired = $policy.passwordRequired $this.passwordMaximumAttemptCount = $policy.passwordMaximumAttemptCount $this.passwordMinutesUntilFailedLoginReset = $policy.passwordMinutesUntilFailedLoginReset $this.keychainBlockCloudSync = $policy.keychainBlockCloudSync $this.safariBlockAutofill = $policy.safariBlockAutofill $this.cameraBlocked = $policy.cameraBlocked $this.iTunesBlockMusicService = $policy.iTunesBlockMusicService $this.spotlightBlockInternetResults = $policy.spotlightBlockInternetResults $this.keyboardBlockDictation = $policy.keyboardBlockDictation $this.definitionLookupBlocked = $policy.definitionLookupBlocked $this.appleWatchBlockAutoUnlock = $policy.appleWatchBlockAutoUnlock $this.iTunesBlockFileSharing = $policy.iTunesBlockFileSharing $this.iCloudBlockDocumentSync = $policy.iCloudBlockDocumentSync $this.iCloudBlockMail = $policy.iCloudBlockMail $this.iCloudBlockAddressBook = $policy.iCloudBlockAddressBook $this.iCloudBlockCalendar = $policy.iCloudBlockCalendar $this.iCloudBlockReminders = $policy.iCloudBlockReminders $this.iCloudBlockBookmarks = $policy.iCloudBlockBookmarks $this.iCloudBlockNotes = $policy.iCloudBlockNotes $this.airDropBlocked = $policy.airDropBlocked $this.passwordBlockModification = $policy.passwordBlockModification $this.passwordBlockFingerprintUnlock = $policy.passwordBlockFingerprintUnlock $this.passwordBlockAutoFill = $policy.passwordBlockAutoFill $this.passwordBlockProximityRequests = $policy.passwordBlockProximityRequests $this.passwordBlockAirDropSharing = $policy.passwordBlockAirDropSharing $this.softwareUpdatesEnforcedDelayInDays = $policy.softwareUpdatesEnforcedDelayInDays $this.updateDelayPolicy = $policy.updateDelayPolicy $this.contentCachingBlocked = $policy.contentCachingBlocked $this.iCloudBlockPhotoLibrary = $policy.iCloudBlockPhotoLibrary $this.screenCaptureBlocked = $policy.screenCaptureBlocked $this.classroomAppBlockRemoteScreenObservation = $policy.classroomAppBlockRemoteScreenObservation $this.classroomAppForceUnpromptedScreenObservation = $policy.classroomAppForceUnpromptedScreenObservation $this.classroomForceAutomaticallyJoinClasses = $policy.classroomForceAutomaticallyJoinClasses $this.classroomForceRequestPermissionToLeaveClasses = $policy.classroomForceRequestPermissionToLeaveClasses $this.classroomForceUnpromptedAppAndDeviceLock = $policy.classroomForceUnpromptedAppAndDeviceLock $this.iCloudBlockActivityContinuation = $policy.iCloudBlockActivityContinuation $this.privacyAccessControls = $policy.privacyAccessControls $this.addingGameCenterFriendsBlocked = $policy.addingGameCenterFriendsBlocked $this.gameCenterBlocked = $policy.gameCenterBlocked $this.multiplayerGamingBlocked = $policy.multiplayerGamingBlocked $this.wallpaperModificationBlocked = $policy.wallpaperModificationBlocked $this.eraseContentAndSettingsBlocked = $policy.eraseContentAndSettingsBlocked $this.softwareUpdateMajorOSDeferredInstallDelayInDays = $policy.softwareUpdateMajorOSDeferredInstallDelayInDays $this.softwareUpdateMinorOSDeferredInstallDelayInDays = $policy.softwareUpdateMinorOSDeferredInstallDelayInDays $this.softwareUpdateNonOSDeferredInstallDelayInDays = $policy.softwareUpdateNonOSDeferredInstallDelayInDays $this.touchIdTimeoutInHours = $policy.touchIdTimeoutInHours $this.iCloudPrivateRelayBlocked = $policy.iCloudPrivateRelayBlocked $this.iCloudDesktopAndDocumentsBlocked = $policy.iCloudDesktopAndDocumentsBlocked $this.activationLockWhenSupervisedAllowed = $policy.activationLockWhenSupervisedAllowed } # Overriding the ToString method [string] ToString() { return "Class: GetEmMacOSGeneralDeviceConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmMacOSGeneralDeviceConfiguration.ps1' 232 #Region '.\Classes\DeviceConfiguration\Get\GetEmMacOSSoftwareUpdateConfiguration.ps1' -1 class GetEmMacOSSoftwareUpdateConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$criticalUpdateBehavior [string]$configDataUpdateBehavior [string]$firmwareUpdateBehavior [string]$allOtherUpdateBehavior [string]$updateScheduleType [object[]]$customUpdateTimeWindows [object]$updateTimeWindowUtcOffsetInMinutes [object]$maxUserDeferralsCount [string]$priority # Default constructor GetEmMacOSSoftwareUpdateConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.criticalUpdateBehavior = '' $this.configDataUpdateBehavior = '' $this.firmwareUpdateBehavior = '' $this.allOtherUpdateBehavior = '' $this.updateScheduleType = '' $this.customUpdateTimeWindows = @() $this.updateTimeWindowUtcOffsetInMinutes = $null $this.maxUserDeferralsCount = $null $this.priority = '' } # Parameterized constructor GetEmMacOSSoftwareUpdateConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.criticalUpdateBehavior = $policy.criticalUpdateBehavior $this.configDataUpdateBehavior = $policy.configDataUpdateBehavior $this.firmwareUpdateBehavior = $policy.firmwareUpdateBehavior $this.allOtherUpdateBehavior = $policy.allOtherUpdateBehavior $this.updateScheduleType = $policy.updateScheduleType $this.customUpdateTimeWindows = $policy.customUpdateTimeWindows $this.updateTimeWindowUtcOffsetInMinutes = $policy.updateTimeWindowUtcOffsetInMinutes $this.maxUserDeferralsCount = $policy.maxUserDeferralsCount $this.priority = $policy.priority } # Overriding the ToString method [string] ToString() { return "Class: GetEmMacOSSoftwareUpdateConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmMacOSSoftwareUpdateConfiguration.ps1' 79 #Region '.\Classes\DeviceConfiguration\Get\GetEmWindows10CustomConfiguration.ps1' -1 class GetEmWindows10CustomConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [object[]]$omaSettings # Default constructor GetEmWindows10CustomConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.omaSettings = @() } # Parameterized constructor GetEmWindows10CustomConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.omaSettings = $policy.omaSettings } # Overriding the ToString method [string] ToString() { return "Class: GetEmWindows10CustomConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmWindows10CustomConfiguration.ps1' 55 #Region '.\Classes\DeviceConfiguration\Get\GetEmWindows10EndpointProtectionConfiguration.ps1' -1 class GetEmWindows10EndpointProtectionConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$dmaGuardDeviceEnumerationPolicy [object[]]$firewallRules [psobject]$userRightsAccessCredentialManagerAsTrustedCaller [psobject]$userRightsAllowAccessFromNetwork [psobject]$userRightsBlockAccessFromNetwork [psobject]$userRightsActAsPartOfTheOperatingSystem [psobject]$userRightsLocalLogOn [psobject]$userRightsDenyLocalLogOn [psobject]$userRightsBackupData [psobject]$userRightsChangeSystemTime [psobject]$userRightsCreateGlobalObjects [psobject]$userRightsCreatePageFile [psobject]$userRightsCreatePermanentSharedObjects [psobject]$userRightsCreateSymbolicLinks [psobject]$userRightsCreateToken [psobject]$userRightsDebugPrograms [psobject]$userRightsRemoteDesktopServicesLogOn [psobject]$userRightsDelegation [psobject]$userRightsGenerateSecurityAudits [psobject]$userRightsImpersonateClient [psobject]$userRightsIncreaseSchedulingPriority [psobject]$userRightsLoadUnloadDrivers [psobject]$userRightsLockMemory [psobject]$userRightsManageAuditingAndSecurityLogs [psobject]$userRightsManageVolumes [psobject]$userRightsModifyFirmwareEnvironment [psobject]$userRightsModifyObjectLabels [psobject]$userRightsProfileSingleProcess [psobject]$userRightsRemoteShutdown [psobject]$userRightsRestoreData [psobject]$userRightsTakeOwnership [bool]$xboxServicesEnableXboxGameSaveTask [string]$xboxServicesAccessoryManagementServiceStartupMode [string]$xboxServicesLiveAuthManagerServiceStartupMode [string]$xboxServicesLiveGameSaveServiceStartupMode [string]$xboxServicesLiveNetworkingServiceStartupMode [bool]$localSecurityOptionsBlockMicrosoftAccounts [bool]$localSecurityOptionsBlockRemoteLogonWithBlankPassword [bool]$localSecurityOptionsDisableAdministratorAccount [string]$localSecurityOptionsAdministratorAccountName [bool]$localSecurityOptionsDisableGuestAccount [string]$localSecurityOptionsGuestAccountName [bool]$localSecurityOptionsAllowUndockWithoutHavingToLogon [bool]$localSecurityOptionsBlockUsersInstallingPrinterDrivers [bool]$localSecurityOptionsBlockRemoteOpticalDriveAccess [string]$localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser [object]$localSecurityOptionsMachineInactivityLimit [object]$localSecurityOptionsMachineInactivityLimitInMinutes [bool]$localSecurityOptionsDoNotRequireCtrlAltDel [bool]$localSecurityOptionsHideLastSignedInUser [bool]$localSecurityOptionsHideUsernameAtSignIn [string]$localSecurityOptionsLogOnMessageTitle [string]$localSecurityOptionsLogOnMessageText [bool]$localSecurityOptionsAllowPKU2UAuthenticationRequests [bool]$localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool [string]$localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager [string]$localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients [string]$localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers [string]$lanManagerAuthenticationLevel [bool]$lanManagerWorkstationDisableInsecureGuestLogons [bool]$localSecurityOptionsClearVirtualMemoryPageFile [bool]$localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn [bool]$localSecurityOptionsAllowUIAccessApplicationElevation [bool]$localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations [bool]$localSecurityOptionsOnlyElevateSignedExecutables [string]$localSecurityOptionsAdministratorElevationPromptBehavior [string]$localSecurityOptionsStandardUserElevationPromptBehavior [bool]$localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation [bool]$localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation [bool]$localSecurityOptionsAllowUIAccessApplicationsForSecureLocations [bool]$localSecurityOptionsUseAdminApprovalMode [bool]$localSecurityOptionsUseAdminApprovalModeForAdministrators [string]$localSecurityOptionsInformationShownOnLockScreen [string]$localSecurityOptionsInformationDisplayedOnLockScreen [bool]$localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees [bool]$localSecurityOptionsClientDigitallySignCommunicationsAlways [bool]$localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers [bool]$localSecurityOptionsDisableServerDigitallySignCommunicationsAlways [bool]$localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees [bool]$localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares [bool]$localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts [bool]$localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares [bool]$localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange [string]$localSecurityOptionsSmartCardRemovalBehavior [bool]$defenderSecurityCenterDisableAppBrowserUI [bool]$defenderSecurityCenterDisableFamilyUI [bool]$defenderSecurityCenterDisableHealthUI [bool]$defenderSecurityCenterDisableNetworkUI [bool]$defenderSecurityCenterDisableVirusUI [bool]$defenderSecurityCenterDisableAccountUI [bool]$defenderSecurityCenterDisableClearTpmUI [bool]$defenderSecurityCenterDisableHardwareUI [bool]$defenderSecurityCenterDisableNotificationAreaUI [bool]$defenderSecurityCenterDisableRansomwareUI [bool]$defenderSecurityCenterDisableSecureBootUI [bool]$defenderSecurityCenterDisableTroubleshootingUI [bool]$defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI [string]$defenderSecurityCenterOrganizationDisplayName [string]$defenderSecurityCenterHelpEmail [string]$defenderSecurityCenterHelpPhone [string]$defenderSecurityCenterHelpURL [string]$defenderSecurityCenterNotificationsFromApp [string]$defenderSecurityCenterITContactDisplay [string]$windowsDefenderTamperProtection [bool]$firewallBlockStatefulFTP [object]$firewallIdleTimeoutForSecurityAssociationInSeconds [string]$firewallPreSharedKeyEncodingMethod [bool]$firewallIPSecExemptionsNone [bool]$firewallIPSecExemptionsAllowNeighborDiscovery [bool]$firewallIPSecExemptionsAllowICMP [bool]$firewallIPSecExemptionsAllowRouterDiscovery [bool]$firewallIPSecExemptionsAllowDHCP [string]$firewallCertificateRevocationListCheckMethod [bool]$firewallMergeKeyingModuleSettings [string]$firewallPacketQueueingMethod [psobject]$firewallProfileDomain [psobject]$firewallProfilePublic [psobject]$firewallProfilePrivate [string]$defenderAdobeReaderLaunchChildProcess [object[]]$defenderAttackSurfaceReductionExcludedPaths [string]$defenderOfficeAppsOtherProcessInjectionType [string]$defenderOfficeAppsOtherProcessInjection [string]$defenderOfficeCommunicationAppsLaunchChildProcess [string]$defenderOfficeAppsExecutableContentCreationOrLaunchType [string]$defenderOfficeAppsExecutableContentCreationOrLaunch [string]$defenderOfficeAppsLaunchChildProcessType [string]$defenderOfficeAppsLaunchChildProcess [string]$defenderOfficeMacroCodeAllowWin32ImportsType [string]$defenderOfficeMacroCodeAllowWin32Imports [string]$defenderScriptObfuscatedMacroCodeType [string]$defenderScriptObfuscatedMacroCode [string]$defenderScriptDownloadedPayloadExecutionType [string]$defenderScriptDownloadedPayloadExecution [string]$defenderPreventCredentialStealingType [string]$defenderProcessCreationType [string]$defenderProcessCreation [string]$defenderUntrustedUSBProcessType [string]$defenderUntrustedUSBProcess [string]$defenderUntrustedExecutableType [string]$defenderUntrustedExecutable [string]$defenderEmailContentExecutionType [string]$defenderEmailContentExecution [string]$defenderAdvancedRansomewareProtectionType [string]$defenderGuardMyFoldersType [object[]]$defenderGuardedFoldersAllowedAppPaths [object[]]$defenderAdditionalGuardedFolders [string]$defenderNetworkProtectionType [string]$defenderExploitProtectionXml [string]$defenderExploitProtectionXmlFileName [bool]$defenderSecurityCenterBlockExploitProtectionOverride [string]$defenderBlockPersistenceThroughWmiType [string]$appLockerApplicationControl [string]$deviceGuardLocalSystemAuthorityCredentialGuardSettings [bool]$deviceGuardEnableVirtualizationBasedSecurity [bool]$deviceGuardEnableSecureBootWithDMA [string]$deviceGuardSecureBootWithDMA [string]$deviceGuardLaunchSystemGuard [bool]$smartScreenEnableInShell [bool]$smartScreenBlockOverrideForFiles [bool]$applicationGuardEnabled [string]$applicationGuardEnabledOptions [string]$applicationGuardBlockFileTransfer [bool]$applicationGuardBlockNonEnterpriseContent [bool]$applicationGuardAllowPersistence [bool]$applicationGuardForceAuditing [string]$applicationGuardBlockClipboardSharing [bool]$applicationGuardAllowPrintToPDF [bool]$applicationGuardAllowPrintToXPS [bool]$applicationGuardAllowPrintToLocalPrinters [bool]$applicationGuardAllowPrintToNetworkPrinters [bool]$applicationGuardAllowVirtualGPU [bool]$applicationGuardAllowFileSaveOnHost [bool]$applicationGuardAllowCameraMicrophoneRedirection [object[]]$applicationGuardCertificateThumbprints [bool]$bitLockerAllowStandardUserEncryption [bool]$bitLockerDisableWarningForOtherDiskEncryption [bool]$bitLockerEnableStorageCardEncryptionOnMobile [bool]$bitLockerEncryptDevice [psobject]$bitLockerSystemDrivePolicy [psobject]$bitLockerFixedDrivePolicy [psobject]$bitLockerRemovableDrivePolicy [string]$bitLockerRecoveryPasswordRotation [bool]$defenderDisableScanArchiveFiles [bool]$defenderAllowScanArchiveFiles [bool]$defenderDisableBehaviorMonitoring [bool]$defenderAllowBehaviorMonitoring [bool]$defenderDisableCloudProtection [bool]$defenderAllowCloudProtection [bool]$defenderEnableScanIncomingMail [bool]$defenderEnableScanMappedNetworkDrivesDuringFullScan [bool]$defenderDisableScanRemovableDrivesDuringFullScan [bool]$defenderAllowScanRemovableDrivesDuringFullScan [bool]$defenderDisableScanDownloads [bool]$defenderAllowScanDownloads [bool]$defenderDisableIntrusionPreventionSystem [bool]$defenderAllowIntrusionPreventionSystem [bool]$defenderDisableOnAccessProtection [bool]$defenderAllowOnAccessProtection [bool]$defenderDisableRealTimeMonitoring [bool]$defenderAllowRealTimeMonitoring [bool]$defenderDisableScanNetworkFiles [bool]$defenderAllowScanNetworkFiles [bool]$defenderDisableScanScriptsLoadedInInternetExplorer [bool]$defenderAllowScanScriptsLoadedInInternetExplorer [bool]$defenderBlockEndUserAccess [bool]$defenderAllowEndUserAccess [object]$defenderScanMaxCpuPercentage [bool]$defenderCheckForSignaturesBeforeRunningScan [string]$defenderCloudBlockLevel [object]$defenderCloudExtendedTimeoutInSeconds [object]$defenderDaysBeforeDeletingQuarantinedMalware [bool]$defenderDisableCatchupFullScan [bool]$defenderDisableCatchupQuickScan [bool]$defenderEnableLowCpuPriority [object[]]$defenderFileExtensionsToExclude [object[]]$defenderFilesAndFoldersToExclude [object[]]$defenderProcessesToExclude [string]$defenderPotentiallyUnwantedAppAction [string]$defenderScanDirection [string]$defenderScanType [string]$defenderScheduledQuickScanTime [string]$defenderScheduledScanDay [string]$defenderScheduledScanTime [object]$defenderSignatureUpdateIntervalInHours [string]$defenderSubmitSamplesConsentType [psobject]$defenderDetectedMalwareActions # Default constructor GetEmWindows10EndpointProtectionConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.dmaGuardDeviceEnumerationPolicy = '' $this.firewallRules = @() $this.userRightsAccessCredentialManagerAsTrustedCaller = $null $this.userRightsAllowAccessFromNetwork = $null $this.userRightsBlockAccessFromNetwork = $null $this.userRightsActAsPartOfTheOperatingSystem = $null $this.userRightsLocalLogOn = $null $this.userRightsDenyLocalLogOn = $null $this.userRightsBackupData = $null $this.userRightsChangeSystemTime = $null $this.userRightsCreateGlobalObjects = $null $this.userRightsCreatePageFile = $null $this.userRightsCreatePermanentSharedObjects = $null $this.userRightsCreateSymbolicLinks = $null $this.userRightsCreateToken = $null $this.userRightsDebugPrograms = $null $this.userRightsRemoteDesktopServicesLogOn = $null $this.userRightsDelegation = $null $this.userRightsGenerateSecurityAudits = $null $this.userRightsImpersonateClient = $null $this.userRightsIncreaseSchedulingPriority = $null $this.userRightsLoadUnloadDrivers = $null $this.userRightsLockMemory = $null $this.userRightsManageAuditingAndSecurityLogs = $null $this.userRightsManageVolumes = $null $this.userRightsModifyFirmwareEnvironment = $null $this.userRightsModifyObjectLabels = $null $this.userRightsProfileSingleProcess = $null $this.userRightsRemoteShutdown = $null $this.userRightsRestoreData = $null $this.userRightsTakeOwnership = $null $this.xboxServicesEnableXboxGameSaveTask = $false $this.xboxServicesAccessoryManagementServiceStartupMode = '' $this.xboxServicesLiveAuthManagerServiceStartupMode = '' $this.xboxServicesLiveGameSaveServiceStartupMode = '' $this.xboxServicesLiveNetworkingServiceStartupMode = '' $this.localSecurityOptionsBlockMicrosoftAccounts = $false $this.localSecurityOptionsBlockRemoteLogonWithBlankPassword = $false $this.localSecurityOptionsDisableAdministratorAccount = $false $this.localSecurityOptionsAdministratorAccountName = '' $this.localSecurityOptionsDisableGuestAccount = $false $this.localSecurityOptionsGuestAccountName = '' $this.localSecurityOptionsAllowUndockWithoutHavingToLogon = $false $this.localSecurityOptionsBlockUsersInstallingPrinterDrivers = $false $this.localSecurityOptionsBlockRemoteOpticalDriveAccess = $false $this.localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser = '' $this.localSecurityOptionsMachineInactivityLimit = $null $this.localSecurityOptionsMachineInactivityLimitInMinutes = $null $this.localSecurityOptionsDoNotRequireCtrlAltDel = $false $this.localSecurityOptionsHideLastSignedInUser = $false $this.localSecurityOptionsHideUsernameAtSignIn = $false $this.localSecurityOptionsLogOnMessageTitle = '' $this.localSecurityOptionsLogOnMessageText = '' $this.localSecurityOptionsAllowPKU2UAuthenticationRequests = $false $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool = $false $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager = '' $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients = '' $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers = '' $this.lanManagerAuthenticationLevel = '' $this.lanManagerWorkstationDisableInsecureGuestLogons = $false $this.localSecurityOptionsClearVirtualMemoryPageFile = $false $this.localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn = $false $this.localSecurityOptionsAllowUIAccessApplicationElevation = $false $this.localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations = $false $this.localSecurityOptionsOnlyElevateSignedExecutables = $false $this.localSecurityOptionsAdministratorElevationPromptBehavior = '' $this.localSecurityOptionsStandardUserElevationPromptBehavior = '' $this.localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation = $false $this.localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation = $false $this.localSecurityOptionsAllowUIAccessApplicationsForSecureLocations = $false $this.localSecurityOptionsUseAdminApprovalMode = $false $this.localSecurityOptionsUseAdminApprovalModeForAdministrators = $false $this.localSecurityOptionsInformationShownOnLockScreen = '' $this.localSecurityOptionsInformationDisplayedOnLockScreen = '' $this.localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees = $false $this.localSecurityOptionsClientDigitallySignCommunicationsAlways = $false $this.localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers = $false $this.localSecurityOptionsDisableServerDigitallySignCommunicationsAlways = $false $this.localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees = $false $this.localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares = $false $this.localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts = $false $this.localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares = $false $this.localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange = $false $this.localSecurityOptionsSmartCardRemovalBehavior = '' $this.defenderSecurityCenterDisableAppBrowserUI = $false $this.defenderSecurityCenterDisableFamilyUI = $false $this.defenderSecurityCenterDisableHealthUI = $false $this.defenderSecurityCenterDisableNetworkUI = $false $this.defenderSecurityCenterDisableVirusUI = $false $this.defenderSecurityCenterDisableAccountUI = $false $this.defenderSecurityCenterDisableClearTpmUI = $false $this.defenderSecurityCenterDisableHardwareUI = $false $this.defenderSecurityCenterDisableNotificationAreaUI = $false $this.defenderSecurityCenterDisableRansomwareUI = $false $this.defenderSecurityCenterDisableSecureBootUI = $false $this.defenderSecurityCenterDisableTroubleshootingUI = $false $this.defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI = $false $this.defenderSecurityCenterOrganizationDisplayName = '' $this.defenderSecurityCenterHelpEmail = '' $this.defenderSecurityCenterHelpPhone = '' $this.defenderSecurityCenterHelpURL = '' $this.defenderSecurityCenterNotificationsFromApp = '' $this.defenderSecurityCenterITContactDisplay = '' $this.windowsDefenderTamperProtection = '' $this.firewallBlockStatefulFTP = $false $this.firewallIdleTimeoutForSecurityAssociationInSeconds = $null $this.firewallPreSharedKeyEncodingMethod = '' $this.firewallIPSecExemptionsNone = $false $this.firewallIPSecExemptionsAllowNeighborDiscovery = $false $this.firewallIPSecExemptionsAllowICMP = $false $this.firewallIPSecExemptionsAllowRouterDiscovery = $false $this.firewallIPSecExemptionsAllowDHCP = $false $this.firewallCertificateRevocationListCheckMethod = '' $this.firewallMergeKeyingModuleSettings = $false $this.firewallPacketQueueingMethod = '' $this.firewallProfileDomain = $null $this.firewallProfilePublic = $null $this.firewallProfilePrivate = $null $this.defenderAdobeReaderLaunchChildProcess = '' $this.defenderAttackSurfaceReductionExcludedPaths = @() $this.defenderOfficeAppsOtherProcessInjectionType = '' $this.defenderOfficeAppsOtherProcessInjection = '' $this.defenderOfficeCommunicationAppsLaunchChildProcess = '' $this.defenderOfficeAppsExecutableContentCreationOrLaunchType = '' $this.defenderOfficeAppsExecutableContentCreationOrLaunch = '' $this.defenderOfficeAppsLaunchChildProcessType = '' $this.defenderOfficeAppsLaunchChildProcess = '' $this.defenderOfficeMacroCodeAllowWin32ImportsType = '' $this.defenderOfficeMacroCodeAllowWin32Imports = '' $this.defenderScriptObfuscatedMacroCodeType = '' $this.defenderScriptObfuscatedMacroCode = '' $this.defenderScriptDownloadedPayloadExecutionType = '' $this.defenderScriptDownloadedPayloadExecution = '' $this.defenderPreventCredentialStealingType = '' $this.defenderProcessCreationType = '' $this.defenderProcessCreation = '' $this.defenderUntrustedUSBProcessType = '' $this.defenderUntrustedUSBProcess = '' $this.defenderUntrustedExecutableType = '' $this.defenderUntrustedExecutable = '' $this.defenderEmailContentExecutionType = '' $this.defenderEmailContentExecution = '' $this.defenderAdvancedRansomewareProtectionType = '' $this.defenderGuardMyFoldersType = '' $this.defenderGuardedFoldersAllowedAppPaths = @() $this.defenderAdditionalGuardedFolders = @() $this.defenderNetworkProtectionType = '' $this.defenderExploitProtectionXml = '' $this.defenderExploitProtectionXmlFileName = '' $this.defenderSecurityCenterBlockExploitProtectionOverride = $false $this.defenderBlockPersistenceThroughWmiType = '' $this.appLockerApplicationControl = '' $this.deviceGuardLocalSystemAuthorityCredentialGuardSettings = '' $this.deviceGuardEnableVirtualizationBasedSecurity = $false $this.deviceGuardEnableSecureBootWithDMA = $false $this.deviceGuardSecureBootWithDMA = '' $this.deviceGuardLaunchSystemGuard = '' $this.smartScreenEnableInShell = $false $this.smartScreenBlockOverrideForFiles = $false $this.applicationGuardEnabled = $false $this.applicationGuardEnabledOptions = '' $this.applicationGuardBlockFileTransfer = '' $this.applicationGuardBlockNonEnterpriseContent = $false $this.applicationGuardAllowPersistence = $false $this.applicationGuardForceAuditing = $false $this.applicationGuardBlockClipboardSharing = '' $this.applicationGuardAllowPrintToPDF = $false $this.applicationGuardAllowPrintToXPS = $false $this.applicationGuardAllowPrintToLocalPrinters = $false $this.applicationGuardAllowPrintToNetworkPrinters = $false $this.applicationGuardAllowVirtualGPU = $false $this.applicationGuardAllowFileSaveOnHost = $false $this.applicationGuardAllowCameraMicrophoneRedirection = $false $this.applicationGuardCertificateThumbprints = @() $this.bitLockerAllowStandardUserEncryption = $false $this.bitLockerDisableWarningForOtherDiskEncryption = $false $this.bitLockerEnableStorageCardEncryptionOnMobile = $false $this.bitLockerEncryptDevice = $false $this.bitLockerSystemDrivePolicy = $null $this.bitLockerFixedDrivePolicy = $null $this.bitLockerRemovableDrivePolicy = $null $this.bitLockerRecoveryPasswordRotation = '' $this.defenderDisableScanArchiveFiles = $false $this.defenderAllowScanArchiveFiles = $false $this.defenderDisableBehaviorMonitoring = $false $this.defenderAllowBehaviorMonitoring = $false $this.defenderDisableCloudProtection = $false $this.defenderAllowCloudProtection = $false $this.defenderEnableScanIncomingMail = $false $this.defenderEnableScanMappedNetworkDrivesDuringFullScan = $false $this.defenderDisableScanRemovableDrivesDuringFullScan = $false $this.defenderAllowScanRemovableDrivesDuringFullScan = $false $this.defenderDisableScanDownloads = $false $this.defenderAllowScanDownloads = $false $this.defenderDisableIntrusionPreventionSystem = $false $this.defenderAllowIntrusionPreventionSystem = $false $this.defenderDisableOnAccessProtection = $false $this.defenderAllowOnAccessProtection = $false $this.defenderDisableRealTimeMonitoring = $false $this.defenderAllowRealTimeMonitoring = $false $this.defenderDisableScanNetworkFiles = $false $this.defenderAllowScanNetworkFiles = $false $this.defenderDisableScanScriptsLoadedInInternetExplorer = $false $this.defenderAllowScanScriptsLoadedInInternetExplorer = $false $this.defenderBlockEndUserAccess = $false $this.defenderAllowEndUserAccess = $false $this.defenderScanMaxCpuPercentage = $null $this.defenderCheckForSignaturesBeforeRunningScan = $false $this.defenderCloudBlockLevel = '' $this.defenderCloudExtendedTimeoutInSeconds = $null $this.defenderDaysBeforeDeletingQuarantinedMalware = $null $this.defenderDisableCatchupFullScan = $false $this.defenderDisableCatchupQuickScan = $false $this.defenderEnableLowCpuPriority = $false $this.defenderFileExtensionsToExclude = @() $this.defenderFilesAndFoldersToExclude = @() $this.defenderProcessesToExclude = @() $this.defenderPotentiallyUnwantedAppAction = '' $this.defenderScanDirection = '' $this.defenderScanType = '' $this.defenderScheduledQuickScanTime = '' $this.defenderScheduledScanDay = '' $this.defenderScheduledScanTime = '' $this.defenderSignatureUpdateIntervalInHours = $null $this.defenderSubmitSamplesConsentType = '' $this.defenderDetectedMalwareActions = $null } # Parameterized constructor GetEmWindows10EndpointProtectionConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.dmaGuardDeviceEnumerationPolicy = $policy.dmaGuardDeviceEnumerationPolicy $this.firewallRules = $policy.firewallRules $this.userRightsAccessCredentialManagerAsTrustedCaller = $policy.userRightsAccessCredentialManagerAsTrustedCaller $this.userRightsAllowAccessFromNetwork = $policy.userRightsAllowAccessFromNetwork $this.userRightsBlockAccessFromNetwork = $policy.userRightsBlockAccessFromNetwork $this.userRightsActAsPartOfTheOperatingSystem = $policy.userRightsActAsPartOfTheOperatingSystem $this.userRightsLocalLogOn = $policy.userRightsLocalLogOn $this.userRightsDenyLocalLogOn = $policy.userRightsDenyLocalLogOn $this.userRightsBackupData = $policy.userRightsBackupData $this.userRightsChangeSystemTime = $policy.userRightsChangeSystemTime $this.userRightsCreateGlobalObjects = $policy.userRightsCreateGlobalObjects $this.userRightsCreatePageFile = $policy.userRightsCreatePageFile $this.userRightsCreatePermanentSharedObjects = $policy.userRightsCreatePermanentSharedObjects $this.userRightsCreateSymbolicLinks = $policy.userRightsCreateSymbolicLinks $this.userRightsCreateToken = $policy.userRightsCreateToken $this.userRightsDebugPrograms = $policy.userRightsDebugPrograms $this.userRightsRemoteDesktopServicesLogOn = $policy.userRightsRemoteDesktopServicesLogOn $this.userRightsDelegation = $policy.userRightsDelegation $this.userRightsGenerateSecurityAudits = $policy.userRightsGenerateSecurityAudits $this.userRightsImpersonateClient = $policy.userRightsImpersonateClient $this.userRightsIncreaseSchedulingPriority = $policy.userRightsIncreaseSchedulingPriority $this.userRightsLoadUnloadDrivers = $policy.userRightsLoadUnloadDrivers $this.userRightsLockMemory = $policy.userRightsLockMemory $this.userRightsManageAuditingAndSecurityLogs = $policy.userRightsManageAuditingAndSecurityLogs $this.userRightsManageVolumes = $policy.userRightsManageVolumes $this.userRightsModifyFirmwareEnvironment = $policy.userRightsModifyFirmwareEnvironment $this.userRightsModifyObjectLabels = $policy.userRightsModifyObjectLabels $this.userRightsProfileSingleProcess = $policy.userRightsProfileSingleProcess $this.userRightsRemoteShutdown = $policy.userRightsRemoteShutdown $this.userRightsRestoreData = $policy.userRightsRestoreData $this.userRightsTakeOwnership = $policy.userRightsTakeOwnership $this.xboxServicesEnableXboxGameSaveTask = $policy.xboxServicesEnableXboxGameSaveTask $this.xboxServicesAccessoryManagementServiceStartupMode = $policy.xboxServicesAccessoryManagementServiceStartupMode $this.xboxServicesLiveAuthManagerServiceStartupMode = $policy.xboxServicesLiveAuthManagerServiceStartupMode $this.xboxServicesLiveGameSaveServiceStartupMode = $policy.xboxServicesLiveGameSaveServiceStartupMode $this.xboxServicesLiveNetworkingServiceStartupMode = $policy.xboxServicesLiveNetworkingServiceStartupMode $this.localSecurityOptionsBlockMicrosoftAccounts = $policy.localSecurityOptionsBlockMicrosoftAccounts $this.localSecurityOptionsBlockRemoteLogonWithBlankPassword = $policy.localSecurityOptionsBlockRemoteLogonWithBlankPassword $this.localSecurityOptionsDisableAdministratorAccount = $policy.localSecurityOptionsDisableAdministratorAccount $this.localSecurityOptionsAdministratorAccountName = $policy.localSecurityOptionsAdministratorAccountName $this.localSecurityOptionsDisableGuestAccount = $policy.localSecurityOptionsDisableGuestAccount $this.localSecurityOptionsGuestAccountName = $policy.localSecurityOptionsGuestAccountName $this.localSecurityOptionsAllowUndockWithoutHavingToLogon = $policy.localSecurityOptionsAllowUndockWithoutHavingToLogon $this.localSecurityOptionsBlockUsersInstallingPrinterDrivers = $policy.localSecurityOptionsBlockUsersInstallingPrinterDrivers $this.localSecurityOptionsBlockRemoteOpticalDriveAccess = $policy.localSecurityOptionsBlockRemoteOpticalDriveAccess $this.localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser = $policy.localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser $this.localSecurityOptionsMachineInactivityLimit = $policy.localSecurityOptionsMachineInactivityLimit $this.localSecurityOptionsMachineInactivityLimitInMinutes = $policy.localSecurityOptionsMachineInactivityLimitInMinutes $this.localSecurityOptionsDoNotRequireCtrlAltDel = $policy.localSecurityOptionsDoNotRequireCtrlAltDel $this.localSecurityOptionsHideLastSignedInUser = $policy.localSecurityOptionsHideLastSignedInUser $this.localSecurityOptionsHideUsernameAtSignIn = $policy.localSecurityOptionsHideUsernameAtSignIn $this.localSecurityOptionsLogOnMessageTitle = $policy.localSecurityOptionsLogOnMessageTitle $this.localSecurityOptionsLogOnMessageText = $policy.localSecurityOptionsLogOnMessageText $this.localSecurityOptionsAllowPKU2UAuthenticationRequests = $policy.localSecurityOptionsAllowPKU2UAuthenticationRequests $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool = $policy.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool $this.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager = $policy.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients = $policy.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients $this.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers = $policy.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers $this.lanManagerAuthenticationLevel = $policy.lanManagerAuthenticationLevel $this.lanManagerWorkstationDisableInsecureGuestLogons = $policy.lanManagerWorkstationDisableInsecureGuestLogons $this.localSecurityOptionsClearVirtualMemoryPageFile = $policy.localSecurityOptionsClearVirtualMemoryPageFile $this.localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn = $policy.localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn $this.localSecurityOptionsAllowUIAccessApplicationElevation = $policy.localSecurityOptionsAllowUIAccessApplicationElevation $this.localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations = $policy.localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations $this.localSecurityOptionsOnlyElevateSignedExecutables = $policy.localSecurityOptionsOnlyElevateSignedExecutables $this.localSecurityOptionsAdministratorElevationPromptBehavior = $policy.localSecurityOptionsAdministratorElevationPromptBehavior $this.localSecurityOptionsStandardUserElevationPromptBehavior = $policy.localSecurityOptionsStandardUserElevationPromptBehavior $this.localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation = $policy.localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation $this.localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation = $policy.localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation $this.localSecurityOptionsAllowUIAccessApplicationsForSecureLocations = $policy.localSecurityOptionsAllowUIAccessApplicationsForSecureLocations $this.localSecurityOptionsUseAdminApprovalMode = $policy.localSecurityOptionsUseAdminApprovalMode $this.localSecurityOptionsUseAdminApprovalModeForAdministrators = $policy.localSecurityOptionsUseAdminApprovalModeForAdministrators $this.localSecurityOptionsInformationShownOnLockScreen = $policy.localSecurityOptionsInformationShownOnLockScreen $this.localSecurityOptionsInformationDisplayedOnLockScreen = $policy.localSecurityOptionsInformationDisplayedOnLockScreen $this.localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees = $policy.localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees $this.localSecurityOptionsClientDigitallySignCommunicationsAlways = $policy.localSecurityOptionsClientDigitallySignCommunicationsAlways $this.localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers = $policy.localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers $this.localSecurityOptionsDisableServerDigitallySignCommunicationsAlways = $policy.localSecurityOptionsDisableServerDigitallySignCommunicationsAlways $this.localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees = $policy.localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees $this.localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares = $policy.localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares $this.localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts = $policy.localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts $this.localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares = $policy.localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares $this.localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange = $policy.localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange $this.localSecurityOptionsSmartCardRemovalBehavior = $policy.localSecurityOptionsSmartCardRemovalBehavior $this.defenderSecurityCenterDisableAppBrowserUI = $policy.defenderSecurityCenterDisableAppBrowserUI $this.defenderSecurityCenterDisableFamilyUI = $policy.defenderSecurityCenterDisableFamilyUI $this.defenderSecurityCenterDisableHealthUI = $policy.defenderSecurityCenterDisableHealthUI $this.defenderSecurityCenterDisableNetworkUI = $policy.defenderSecurityCenterDisableNetworkUI $this.defenderSecurityCenterDisableVirusUI = $policy.defenderSecurityCenterDisableVirusUI $this.defenderSecurityCenterDisableAccountUI = $policy.defenderSecurityCenterDisableAccountUI $this.defenderSecurityCenterDisableClearTpmUI = $policy.defenderSecurityCenterDisableClearTpmUI $this.defenderSecurityCenterDisableHardwareUI = $policy.defenderSecurityCenterDisableHardwareUI $this.defenderSecurityCenterDisableNotificationAreaUI = $policy.defenderSecurityCenterDisableNotificationAreaUI $this.defenderSecurityCenterDisableRansomwareUI = $policy.defenderSecurityCenterDisableRansomwareUI $this.defenderSecurityCenterDisableSecureBootUI = $policy.defenderSecurityCenterDisableSecureBootUI $this.defenderSecurityCenterDisableTroubleshootingUI = $policy.defenderSecurityCenterDisableTroubleshootingUI $this.defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI = $policy.defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI $this.defenderSecurityCenterOrganizationDisplayName = $policy.defenderSecurityCenterOrganizationDisplayName $this.defenderSecurityCenterHelpEmail = $policy.defenderSecurityCenterHelpEmail $this.defenderSecurityCenterHelpPhone = $policy.defenderSecurityCenterHelpPhone $this.defenderSecurityCenterHelpURL = $policy.defenderSecurityCenterHelpURL $this.defenderSecurityCenterNotificationsFromApp = $policy.defenderSecurityCenterNotificationsFromApp $this.defenderSecurityCenterITContactDisplay = $policy.defenderSecurityCenterITContactDisplay $this.windowsDefenderTamperProtection = $policy.windowsDefenderTamperProtection $this.firewallBlockStatefulFTP = $policy.firewallBlockStatefulFTP $this.firewallIdleTimeoutForSecurityAssociationInSeconds = $policy.firewallIdleTimeoutForSecurityAssociationInSeconds $this.firewallPreSharedKeyEncodingMethod = $policy.firewallPreSharedKeyEncodingMethod $this.firewallIPSecExemptionsNone = $policy.firewallIPSecExemptionsNone $this.firewallIPSecExemptionsAllowNeighborDiscovery = $policy.firewallIPSecExemptionsAllowNeighborDiscovery $this.firewallIPSecExemptionsAllowICMP = $policy.firewallIPSecExemptionsAllowICMP $this.firewallIPSecExemptionsAllowRouterDiscovery = $policy.firewallIPSecExemptionsAllowRouterDiscovery $this.firewallIPSecExemptionsAllowDHCP = $policy.firewallIPSecExemptionsAllowDHCP $this.firewallCertificateRevocationListCheckMethod = $policy.firewallCertificateRevocationListCheckMethod $this.firewallMergeKeyingModuleSettings = $policy.firewallMergeKeyingModuleSettings $this.firewallPacketQueueingMethod = $policy.firewallPacketQueueingMethod $this.firewallProfileDomain = $policy.firewallProfileDomain $this.firewallProfilePublic = $policy.firewallProfilePublic $this.firewallProfilePrivate = $policy.firewallProfilePrivate $this.defenderAdobeReaderLaunchChildProcess = $policy.defenderAdobeReaderLaunchChildProcess $this.defenderAttackSurfaceReductionExcludedPaths = $policy.defenderAttackSurfaceReductionExcludedPaths $this.defenderOfficeAppsOtherProcessInjectionType = $policy.defenderOfficeAppsOtherProcessInjectionType $this.defenderOfficeAppsOtherProcessInjection = $policy.defenderOfficeAppsOtherProcessInjection $this.defenderOfficeCommunicationAppsLaunchChildProcess = $policy.defenderOfficeCommunicationAppsLaunchChildProcess $this.defenderOfficeAppsExecutableContentCreationOrLaunchType = $policy.defenderOfficeAppsExecutableContentCreationOrLaunchType $this.defenderOfficeAppsExecutableContentCreationOrLaunch = $policy.defenderOfficeAppsExecutableContentCreationOrLaunch $this.defenderOfficeAppsLaunchChildProcessType = $policy.defenderOfficeAppsLaunchChildProcessType $this.defenderOfficeAppsLaunchChildProcess = $policy.defenderOfficeAppsLaunchChildProcess $this.defenderOfficeMacroCodeAllowWin32ImportsType = $policy.defenderOfficeMacroCodeAllowWin32ImportsType $this.defenderOfficeMacroCodeAllowWin32Imports = $policy.defenderOfficeMacroCodeAllowWin32Imports $this.defenderScriptObfuscatedMacroCodeType = $policy.defenderScriptObfuscatedMacroCodeType $this.defenderScriptObfuscatedMacroCode = $policy.defenderScriptObfuscatedMacroCode $this.defenderScriptDownloadedPayloadExecutionType = $policy.defenderScriptDownloadedPayloadExecutionType $this.defenderScriptDownloadedPayloadExecution = $policy.defenderScriptDownloadedPayloadExecution $this.defenderPreventCredentialStealingType = $policy.defenderPreventCredentialStealingType $this.defenderProcessCreationType = $policy.defenderProcessCreationType $this.defenderProcessCreation = $policy.defenderProcessCreation $this.defenderUntrustedUSBProcessType = $policy.defenderUntrustedUSBProcessType $this.defenderUntrustedUSBProcess = $policy.defenderUntrustedUSBProcess $this.defenderUntrustedExecutableType = $policy.defenderUntrustedExecutableType $this.defenderUntrustedExecutable = $policy.defenderUntrustedExecutable $this.defenderEmailContentExecutionType = $policy.defenderEmailContentExecutionType $this.defenderEmailContentExecution = $policy.defenderEmailContentExecution $this.defenderAdvancedRansomewareProtectionType = $policy.defenderAdvancedRansomewareProtectionType $this.defenderGuardMyFoldersType = $policy.defenderGuardMyFoldersType $this.defenderGuardedFoldersAllowedAppPaths = $policy.defenderGuardedFoldersAllowedAppPaths $this.defenderAdditionalGuardedFolders = $policy.defenderAdditionalGuardedFolders $this.defenderNetworkProtectionType = $policy.defenderNetworkProtectionType $this.defenderExploitProtectionXml = $policy.defenderExploitProtectionXml $this.defenderExploitProtectionXmlFileName = $policy.defenderExploitProtectionXmlFileName $this.defenderSecurityCenterBlockExploitProtectionOverride = $policy.defenderSecurityCenterBlockExploitProtectionOverride $this.defenderBlockPersistenceThroughWmiType = $policy.defenderBlockPersistenceThroughWmiType $this.appLockerApplicationControl = $policy.appLockerApplicationControl $this.deviceGuardLocalSystemAuthorityCredentialGuardSettings = $policy.deviceGuardLocalSystemAuthorityCredentialGuardSettings $this.deviceGuardEnableVirtualizationBasedSecurity = $policy.deviceGuardEnableVirtualizationBasedSecurity $this.deviceGuardEnableSecureBootWithDMA = $policy.deviceGuardEnableSecureBootWithDMA $this.deviceGuardSecureBootWithDMA = $policy.deviceGuardSecureBootWithDMA $this.deviceGuardLaunchSystemGuard = $policy.deviceGuardLaunchSystemGuard $this.smartScreenEnableInShell = $policy.smartScreenEnableInShell $this.smartScreenBlockOverrideForFiles = $policy.smartScreenBlockOverrideForFiles $this.applicationGuardEnabled = $policy.applicationGuardEnabled $this.applicationGuardEnabledOptions = $policy.applicationGuardEnabledOptions $this.applicationGuardBlockFileTransfer = $policy.applicationGuardBlockFileTransfer $this.applicationGuardBlockNonEnterpriseContent = $policy.applicationGuardBlockNonEnterpriseContent $this.applicationGuardAllowPersistence = $policy.applicationGuardAllowPersistence $this.applicationGuardForceAuditing = $policy.applicationGuardForceAuditing $this.applicationGuardBlockClipboardSharing = $policy.applicationGuardBlockClipboardSharing $this.applicationGuardAllowPrintToPDF = $policy.applicationGuardAllowPrintToPDF $this.applicationGuardAllowPrintToXPS = $policy.applicationGuardAllowPrintToXPS $this.applicationGuardAllowPrintToLocalPrinters = $policy.applicationGuardAllowPrintToLocalPrinters $this.applicationGuardAllowPrintToNetworkPrinters = $policy.applicationGuardAllowPrintToNetworkPrinters $this.applicationGuardAllowVirtualGPU = $policy.applicationGuardAllowVirtualGPU $this.applicationGuardAllowFileSaveOnHost = $policy.applicationGuardAllowFileSaveOnHost $this.applicationGuardAllowCameraMicrophoneRedirection = $policy.applicationGuardAllowCameraMicrophoneRedirection $this.applicationGuardCertificateThumbprints = $policy.applicationGuardCertificateThumbprints $this.bitLockerAllowStandardUserEncryption = $policy.bitLockerAllowStandardUserEncryption $this.bitLockerDisableWarningForOtherDiskEncryption = $policy.bitLockerDisableWarningForOtherDiskEncryption $this.bitLockerEnableStorageCardEncryptionOnMobile = $policy.bitLockerEnableStorageCardEncryptionOnMobile $this.bitLockerEncryptDevice = $policy.bitLockerEncryptDevice $this.bitLockerSystemDrivePolicy = $policy.bitLockerSystemDrivePolicy $this.bitLockerFixedDrivePolicy = $policy.bitLockerFixedDrivePolicy $this.bitLockerRemovableDrivePolicy = $policy.bitLockerRemovableDrivePolicy $this.bitLockerRecoveryPasswordRotation = $policy.bitLockerRecoveryPasswordRotation $this.defenderDisableScanArchiveFiles = $policy.defenderDisableScanArchiveFiles $this.defenderAllowScanArchiveFiles = $policy.defenderAllowScanArchiveFiles $this.defenderDisableBehaviorMonitoring = $policy.defenderDisableBehaviorMonitoring $this.defenderAllowBehaviorMonitoring = $policy.defenderAllowBehaviorMonitoring $this.defenderDisableCloudProtection = $policy.defenderDisableCloudProtection $this.defenderAllowCloudProtection = $policy.defenderAllowCloudProtection $this.defenderEnableScanIncomingMail = $policy.defenderEnableScanIncomingMail $this.defenderEnableScanMappedNetworkDrivesDuringFullScan = $policy.defenderEnableScanMappedNetworkDrivesDuringFullScan $this.defenderDisableScanRemovableDrivesDuringFullScan = $policy.defenderDisableScanRemovableDrivesDuringFullScan $this.defenderAllowScanRemovableDrivesDuringFullScan = $policy.defenderAllowScanRemovableDrivesDuringFullScan $this.defenderDisableScanDownloads = $policy.defenderDisableScanDownloads $this.defenderAllowScanDownloads = $policy.defenderAllowScanDownloads $this.defenderDisableIntrusionPreventionSystem = $policy.defenderDisableIntrusionPreventionSystem $this.defenderAllowIntrusionPreventionSystem = $policy.defenderAllowIntrusionPreventionSystem $this.defenderDisableOnAccessProtection = $policy.defenderDisableOnAccessProtection $this.defenderAllowOnAccessProtection = $policy.defenderAllowOnAccessProtection $this.defenderDisableRealTimeMonitoring = $policy.defenderDisableRealTimeMonitoring $this.defenderAllowRealTimeMonitoring = $policy.defenderAllowRealTimeMonitoring $this.defenderDisableScanNetworkFiles = $policy.defenderDisableScanNetworkFiles $this.defenderAllowScanNetworkFiles = $policy.defenderAllowScanNetworkFiles $this.defenderDisableScanScriptsLoadedInInternetExplorer = $policy.defenderDisableScanScriptsLoadedInInternetExplorer $this.defenderAllowScanScriptsLoadedInInternetExplorer = $policy.defenderAllowScanScriptsLoadedInInternetExplorer $this.defenderBlockEndUserAccess = $policy.defenderBlockEndUserAccess $this.defenderAllowEndUserAccess = $policy.defenderAllowEndUserAccess $this.defenderScanMaxCpuPercentage = $policy.defenderScanMaxCpuPercentage $this.defenderCheckForSignaturesBeforeRunningScan = $policy.defenderCheckForSignaturesBeforeRunningScan $this.defenderCloudBlockLevel = $policy.defenderCloudBlockLevel $this.defenderCloudExtendedTimeoutInSeconds = $policy.defenderCloudExtendedTimeoutInSeconds $this.defenderDaysBeforeDeletingQuarantinedMalware = $policy.defenderDaysBeforeDeletingQuarantinedMalware $this.defenderDisableCatchupFullScan = $policy.defenderDisableCatchupFullScan $this.defenderDisableCatchupQuickScan = $policy.defenderDisableCatchupQuickScan $this.defenderEnableLowCpuPriority = $policy.defenderEnableLowCpuPriority $this.defenderFileExtensionsToExclude = $policy.defenderFileExtensionsToExclude $this.defenderFilesAndFoldersToExclude = $policy.defenderFilesAndFoldersToExclude $this.defenderProcessesToExclude = $policy.defenderProcessesToExclude $this.defenderPotentiallyUnwantedAppAction = $policy.defenderPotentiallyUnwantedAppAction $this.defenderScanDirection = $policy.defenderScanDirection $this.defenderScanType = $policy.defenderScanType $this.defenderScheduledQuickScanTime = $policy.defenderScheduledQuickScanTime $this.defenderScheduledScanDay = $policy.defenderScheduledScanDay $this.defenderScheduledScanTime = $policy.defenderScheduledScanTime $this.defenderSignatureUpdateIntervalInHours = $policy.defenderSignatureUpdateIntervalInHours $this.defenderSubmitSamplesConsentType = $policy.defenderSubmitSamplesConsentType $this.defenderDetectedMalwareActions = $policy.defenderDetectedMalwareActions } # Overriding the ToString method [string] ToString() { return "Class: GetEmWindows10EndpointProtectionConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmWindows10EndpointProtectionConfiguration.ps1' 730 #Region '.\Classes\DeviceConfiguration\Get\GetEmWindows10GeneralConfiguration.ps1' -1 class GetEmWindows10GeneralConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [bool]$taskManagerBlockEndTask [object]$energySaverOnBatteryThresholdPercentage [object]$energySaverPluggedInThresholdPercentage [string]$powerLidCloseActionOnBattery [string]$powerLidCloseActionPluggedIn [string]$powerButtonActionOnBattery [string]$powerButtonActionPluggedIn [string]$powerSleepButtonActionOnBattery [string]$powerSleepButtonActionPluggedIn [string]$powerHybridSleepOnBattery [string]$powerHybridSleepPluggedIn [psobject]$windows10AppsForceUpdateSchedule [bool]$enableAutomaticRedeployment [string]$microsoftAccountSignInAssistantSettings [bool]$authenticationAllowSecondaryDevice [string]$authenticationWebSignIn [string]$authenticationPreferredAzureADTenantDomainName [bool]$cryptographyAllowFipsAlgorithmPolicy [object[]]$displayAppListWithGdiDPIScalingTurnedOn [object[]]$displayAppListWithGdiDPIScalingTurnedOff [string]$enterpriseCloudPrintDiscoveryEndPoint [string]$enterpriseCloudPrintOAuthAuthority [string]$enterpriseCloudPrintOAuthClientIdentifier [string]$enterpriseCloudPrintResourceIdentifier [object]$enterpriseCloudPrintDiscoveryMaxLimit [string]$enterpriseCloudPrintMopriaDiscoveryResourceIdentifier [string]$experienceDoNotSyncBrowserSettings [bool]$messagingBlockSync [bool]$messagingBlockMMS [bool]$messagingBlockRichCommunicationServices [object[]]$printerNames [string]$printerDefaultName [bool]$printerBlockAddition [bool]$searchBlockDiacritics [bool]$searchDisableAutoLanguageDetection [bool]$searchDisableIndexingEncryptedItems [bool]$searchEnableRemoteQueries [bool]$searchDisableUseLocation [bool]$searchDisableLocation [bool]$searchDisableIndexerBackoff [bool]$searchDisableIndexingRemovableDrive [bool]$searchEnableAutomaticIndexSizeManangement [bool]$searchBlockWebResults [string]$findMyFiles [bool]$securityBlockAzureADJoinedDevicesAutoEncryption [string]$diagnosticsDataSubmissionMode [bool]$oneDriveDisableFileSync [string]$systemTelemetryProxyServer [string]$edgeTelemetryForMicrosoft365Analytics [string]$inkWorkspaceAccess [string]$inkWorkspaceAccessState [bool]$inkWorkspaceBlockSuggestedApps [bool]$smartScreenEnableAppInstallControl [string]$smartScreenAppInstallControl [string]$personalizationDesktopImageUrl [string]$personalizationLockScreenImageUrl [object[]]$bluetoothAllowedServices [bool]$bluetoothBlockAdvertising [bool]$bluetoothBlockPromptedProximalConnections [bool]$bluetoothBlockDiscoverableMode [bool]$bluetoothBlockPrePairing [bool]$edgeBlockAutofill [bool]$edgeBlocked [string]$edgeCookiePolicy [bool]$edgeBlockDeveloperTools [bool]$edgeBlockSendingDoNotTrackHeader [bool]$edgeBlockExtensions [bool]$edgeBlockInPrivateBrowsing [bool]$edgeBlockJavaScript [bool]$edgeBlockPasswordManager [bool]$edgeBlockAddressBarDropdown [bool]$edgeBlockCompatibilityList [bool]$edgeClearBrowsingDataOnExit [bool]$edgeAllowStartPagesModification [bool]$edgeDisableFirstRunPage [bool]$edgeBlockLiveTileDataCollection [bool]$edgeSyncFavoritesWithInternetExplorer [string]$edgeFavoritesListLocation [bool]$edgeBlockEditFavorites [string]$edgeNewTabPageURL [psobject]$edgeHomeButtonConfiguration [bool]$edgeHomeButtonConfigurationEnabled [string]$edgeOpensWith [bool]$edgeBlockSideloadingExtensions [object[]]$edgeRequiredExtensionPackageFamilyNames [bool]$edgeBlockPrinting [string]$edgeFavoritesBarVisibility [bool]$edgeBlockSavingHistory [bool]$edgeBlockFullScreenMode [bool]$edgeBlockWebContentOnNewTabPage [bool]$edgeBlockTabPreloading [bool]$edgeBlockPrelaunch [string]$edgeShowMessageWhenOpeningInternetExplorerSites [bool]$edgePreventCertificateErrorOverride [string]$edgeKioskModeRestriction [object]$edgeKioskResetAfterIdleTimeInMinutes [bool]$cellularBlockDataWhenRoaming [bool]$cellularBlockVpn [bool]$cellularBlockVpnWhenRoaming [string]$cellularData [bool]$defenderRequireRealTimeMonitoring [bool]$defenderRequireBehaviorMonitoring [bool]$defenderRequireNetworkInspectionSystem [bool]$defenderScanDownloads [bool]$defenderScheduleScanEnableLowCpuPriority [bool]$defenderDisableCatchupQuickScan [bool]$defenderDisableCatchupFullScan [bool]$defenderScanScriptsLoadedInInternetExplorer [bool]$defenderBlockEndUserAccess [object]$defenderSignatureUpdateIntervalInHours [string]$defenderMonitorFileActivity [object]$defenderDaysBeforeDeletingQuarantinedMalware [object]$defenderScanMaxCpu [bool]$defenderScanArchiveFiles [bool]$defenderScanIncomingMail [bool]$defenderScanRemovableDrivesDuringFullScan [bool]$defenderScanMappedNetworkDrivesDuringFullScan [bool]$defenderScanNetworkFiles [bool]$defenderRequireCloudProtection [string]$defenderCloudBlockLevel [object]$defenderCloudExtendedTimeout [object]$defenderCloudExtendedTimeoutInSeconds [string]$defenderPromptForSampleSubmission [string]$defenderScheduledQuickScanTime [string]$defenderScanType [string]$defenderSystemScanSchedule [string]$defenderScheduledScanTime [string]$defenderPotentiallyUnwantedAppAction [string]$defenderPotentiallyUnwantedAppActionSetting [string]$defenderSubmitSamplesConsentType [bool]$defenderBlockOnAccessProtection [psobject]$defenderDetectedMalwareActions [object[]]$defenderFileExtensionsToExclude [object[]]$defenderFilesAndFoldersToExclude [object[]]$defenderProcessesToExclude [bool]$lockScreenAllowTimeoutConfiguration [bool]$lockScreenBlockActionCenterNotifications [bool]$lockScreenBlockCortana [bool]$lockScreenBlockToastNotifications [object]$lockScreenTimeoutInSeconds [string]$lockScreenActivateAppsWithVoice [bool]$passwordBlockSimple [object]$passwordExpirationDays [object]$passwordMinimumLength [object]$passwordMinutesOfInactivityBeforeScreenTimeout [object]$passwordMinimumCharacterSetCount [object]$passwordPreviousPasswordBlockCount [bool]$passwordRequired [bool]$passwordRequireWhenResumeFromIdleState [string]$passwordRequiredType [object]$passwordSignInFailureCountBeforeFactoryReset [object]$passwordMinimumAgeInDays [string]$privacyAdvertisingId [bool]$privacyAutoAcceptPairingAndConsentPrompts [bool]$privacyDisableLaunchExperience [bool]$privacyBlockInputPersonalization [bool]$privacyBlockPublishUserActivities [bool]$privacyBlockActivityFeed [string]$activateAppsWithVoice [bool]$startBlockUnpinningAppsFromTaskbar [string]$startMenuAppListVisibility [bool]$startMenuHideChangeAccountSettings [bool]$startMenuHideFrequentlyUsedApps [bool]$startMenuHideHibernate [bool]$startMenuHideLock [bool]$startMenuHidePowerButton [bool]$startMenuHideRecentJumpLists [bool]$startMenuHideRecentlyAddedApps [bool]$startMenuHideRestartOptions [bool]$startMenuHideShutDown [bool]$startMenuHideSignOut [bool]$startMenuHideSleep [bool]$startMenuHideSwitchAccount [bool]$startMenuHideUserTile [string]$startMenuLayoutEdgeAssetsXml [string]$startMenuLayoutXml [string]$startMenuMode [string]$startMenuPinnedFolderDocuments [string]$startMenuPinnedFolderDownloads [string]$startMenuPinnedFolderFileExplorer [string]$startMenuPinnedFolderHomeGroup [string]$startMenuPinnedFolderMusic [string]$startMenuPinnedFolderNetwork [string]$startMenuPinnedFolderPersonalFolder [string]$startMenuPinnedFolderPictures [string]$startMenuPinnedFolderSettings [string]$startMenuPinnedFolderVideos [bool]$settingsBlockSettingsApp [bool]$settingsBlockSystemPage [bool]$settingsBlockDevicesPage [bool]$settingsBlockNetworkInternetPage [bool]$settingsBlockPersonalizationPage [bool]$settingsBlockAccountsPage [bool]$settingsBlockTimeLanguagePage [bool]$settingsBlockEaseOfAccessPage [bool]$settingsBlockPrivacyPage [bool]$settingsBlockUpdateSecurityPage [bool]$settingsBlockAppsPage [bool]$settingsBlockGamingPage [bool]$windowsSpotlightBlockConsumerSpecificFeatures [bool]$windowsSpotlightBlocked [bool]$windowsSpotlightBlockOnActionCenter [bool]$windowsSpotlightBlockTailoredExperiences [bool]$windowsSpotlightBlockThirdPartyNotifications [bool]$windowsSpotlightBlockWelcomeExperience [bool]$windowsSpotlightBlockWindowsTips [string]$windowsSpotlightConfigureOnLockScreen [bool]$networkProxyApplySettingsDeviceWide [bool]$networkProxyDisableAutoDetect [string]$networkProxyAutomaticConfigurationUrl [psobject]$networkProxyServer [bool]$accountsBlockAddingNonMicrosoftAccountEmail [bool]$antiTheftModeBlocked [bool]$bluetoothBlocked [bool]$cameraBlocked [bool]$connectedDevicesServiceBlocked [bool]$certificatesBlockManualRootCertificateInstallation [bool]$copyPasteBlocked [bool]$cortanaBlocked [bool]$deviceManagementBlockFactoryResetOnMobile [bool]$deviceManagementBlockManualUnenroll [string]$safeSearchFilter [bool]$edgeBlockPopups [bool]$edgeBlockSearchSuggestions [bool]$edgeBlockSearchEngineCustomization [bool]$edgeBlockSendingIntranetTrafficToInternetExplorer [bool]$edgeSendIntranetTrafficToInternetExplorer [bool]$edgeRequireSmartScreen [string]$edgeEnterpriseModeSiteListLocation [string]$edgeFirstRunUrl [psobject]$edgeSearchEngine [object[]]$edgeHomepageUrls [bool]$edgeBlockAccessToAboutFlags [bool]$smartScreenBlockPromptOverride [bool]$smartScreenBlockPromptOverrideForFiles [bool]$webRtcBlockLocalhostIpAddress [bool]$internetSharingBlocked [bool]$settingsBlockAddProvisioningPackage [bool]$settingsBlockRemoveProvisioningPackage [bool]$settingsBlockChangeSystemTime [bool]$settingsBlockEditDeviceName [bool]$settingsBlockChangeRegion [bool]$settingsBlockChangeLanguage [bool]$settingsBlockChangePowerSleep [bool]$locationServicesBlocked [bool]$microsoftAccountBlocked [bool]$microsoftAccountBlockSettingsSync [bool]$nfcBlocked [bool]$resetProtectionModeBlocked [bool]$screenCaptureBlocked [bool]$storageBlockRemovableStorage [bool]$storageRequireMobileDeviceEncryption [bool]$usbBlocked [bool]$voiceRecordingBlocked [bool]$wiFiBlockAutomaticConnectHotspots [bool]$wiFiBlocked [bool]$wiFiBlockManualConfiguration [object]$wiFiScanInterval [bool]$wirelessDisplayBlockProjectionToThisDevice [bool]$wirelessDisplayBlockUserInputFromReceiver [bool]$wirelessDisplayRequirePinForPairing [bool]$windowsStoreBlocked [string]$appsAllowTrustedAppsSideloading [bool]$windowsStoreBlockAutoUpdate [string]$developerUnlockSetting [bool]$sharedUserAppDataAllowed [bool]$appsBlockWindowsStoreOriginatedApps [bool]$windowsStoreEnablePrivateStoreOnly [bool]$storageRestrictAppDataToSystemVolume [bool]$storageRestrictAppInstallToSystemVolume [bool]$gameDvrBlocked [bool]$experienceBlockDeviceDiscovery [bool]$experienceBlockErrorDialogWhenNoSIM [bool]$experienceBlockTaskSwitcher [bool]$logonBlockFastUserSwitching [bool]$tenantLockdownRequireNetworkDuringOutOfBoxExperience [bool]$appManagementMSIAllowUserControlOverInstall [bool]$appManagementMSIAlwaysInstallWithElevatedPrivileges [bool]$dataProtectionBlockDirectMemoryAccess [object[]]$appManagementPackageFamilyNamesToLaunchAfterLogOn [bool]$uninstallBuiltInApps [string]$configureTimeZone # Default constructor GetEmWindows10GeneralConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.taskManagerBlockEndTask = $false $this.energySaverOnBatteryThresholdPercentage = $null $this.energySaverPluggedInThresholdPercentage = $null $this.powerLidCloseActionOnBattery = '' $this.powerLidCloseActionPluggedIn = '' $this.powerButtonActionOnBattery = '' $this.powerButtonActionPluggedIn = '' $this.powerSleepButtonActionOnBattery = '' $this.powerSleepButtonActionPluggedIn = '' $this.powerHybridSleepOnBattery = '' $this.powerHybridSleepPluggedIn = '' $this.windows10AppsForceUpdateSchedule = $null $this.enableAutomaticRedeployment = $false $this.microsoftAccountSignInAssistantSettings = '' $this.authenticationAllowSecondaryDevice = $false $this.authenticationWebSignIn = '' $this.authenticationPreferredAzureADTenantDomainName = '' $this.cryptographyAllowFipsAlgorithmPolicy = $false $this.displayAppListWithGdiDPIScalingTurnedOn = @() $this.displayAppListWithGdiDPIScalingTurnedOff = @() $this.enterpriseCloudPrintDiscoveryEndPoint = '' $this.enterpriseCloudPrintOAuthAuthority = '' $this.enterpriseCloudPrintOAuthClientIdentifier = '' $this.enterpriseCloudPrintResourceIdentifier = '' $this.enterpriseCloudPrintDiscoveryMaxLimit = $null $this.enterpriseCloudPrintMopriaDiscoveryResourceIdentifier = '' $this.experienceDoNotSyncBrowserSettings = '' $this.messagingBlockSync = $false $this.messagingBlockMMS = $false $this.messagingBlockRichCommunicationServices = $false $this.printerNames = @() $this.printerDefaultName = '' $this.printerBlockAddition = $false $this.searchBlockDiacritics = $false $this.searchDisableAutoLanguageDetection = $false $this.searchDisableIndexingEncryptedItems = $false $this.searchEnableRemoteQueries = $false $this.searchDisableUseLocation = $false $this.searchDisableLocation = $false $this.searchDisableIndexerBackoff = $false $this.searchDisableIndexingRemovableDrive = $false $this.searchEnableAutomaticIndexSizeManangement = $false $this.searchBlockWebResults = $false $this.findMyFiles = '' $this.securityBlockAzureADJoinedDevicesAutoEncryption = $false $this.diagnosticsDataSubmissionMode = '' $this.oneDriveDisableFileSync = $false $this.systemTelemetryProxyServer = '' $this.edgeTelemetryForMicrosoft365Analytics = '' $this.inkWorkspaceAccess = '' $this.inkWorkspaceAccessState = '' $this.inkWorkspaceBlockSuggestedApps = $false $this.smartScreenEnableAppInstallControl = $false $this.smartScreenAppInstallControl = '' $this.personalizationDesktopImageUrl = '' $this.personalizationLockScreenImageUrl = '' $this.bluetoothAllowedServices = @() $this.bluetoothBlockAdvertising = $false $this.bluetoothBlockPromptedProximalConnections = $false $this.bluetoothBlockDiscoverableMode = $false $this.bluetoothBlockPrePairing = $false $this.edgeBlockAutofill = $false $this.edgeBlocked = $false $this.edgeCookiePolicy = '' $this.edgeBlockDeveloperTools = $false $this.edgeBlockSendingDoNotTrackHeader = $false $this.edgeBlockExtensions = $false $this.edgeBlockInPrivateBrowsing = $false $this.edgeBlockJavaScript = $false $this.edgeBlockPasswordManager = $false $this.edgeBlockAddressBarDropdown = $false $this.edgeBlockCompatibilityList = $false $this.edgeClearBrowsingDataOnExit = $false $this.edgeAllowStartPagesModification = $false $this.edgeDisableFirstRunPage = $false $this.edgeBlockLiveTileDataCollection = $false $this.edgeSyncFavoritesWithInternetExplorer = $false $this.edgeFavoritesListLocation = '' $this.edgeBlockEditFavorites = $false $this.edgeNewTabPageURL = '' $this.edgeHomeButtonConfiguration = $null $this.edgeHomeButtonConfigurationEnabled = $false $this.edgeOpensWith = '' $this.edgeBlockSideloadingExtensions = $false $this.edgeRequiredExtensionPackageFamilyNames = @() $this.edgeBlockPrinting = $false $this.edgeFavoritesBarVisibility = '' $this.edgeBlockSavingHistory = $false $this.edgeBlockFullScreenMode = $false $this.edgeBlockWebContentOnNewTabPage = $false $this.edgeBlockTabPreloading = $false $this.edgeBlockPrelaunch = $false $this.edgeShowMessageWhenOpeningInternetExplorerSites = '' $this.edgePreventCertificateErrorOverride = $false $this.edgeKioskModeRestriction = '' $this.edgeKioskResetAfterIdleTimeInMinutes = $null $this.cellularBlockDataWhenRoaming = $false $this.cellularBlockVpn = $false $this.cellularBlockVpnWhenRoaming = $false $this.cellularData = '' $this.defenderRequireRealTimeMonitoring = $false $this.defenderRequireBehaviorMonitoring = $false $this.defenderRequireNetworkInspectionSystem = $false $this.defenderScanDownloads = $false $this.defenderScheduleScanEnableLowCpuPriority = $false $this.defenderDisableCatchupQuickScan = $false $this.defenderDisableCatchupFullScan = $false $this.defenderScanScriptsLoadedInInternetExplorer = $false $this.defenderBlockEndUserAccess = $false $this.defenderSignatureUpdateIntervalInHours = $null $this.defenderMonitorFileActivity = '' $this.defenderDaysBeforeDeletingQuarantinedMalware = $null $this.defenderScanMaxCpu = $null $this.defenderScanArchiveFiles = $false $this.defenderScanIncomingMail = $false $this.defenderScanRemovableDrivesDuringFullScan = $false $this.defenderScanMappedNetworkDrivesDuringFullScan = $false $this.defenderScanNetworkFiles = $false $this.defenderRequireCloudProtection = $false $this.defenderCloudBlockLevel = '' $this.defenderCloudExtendedTimeout = $null $this.defenderCloudExtendedTimeoutInSeconds = $null $this.defenderPromptForSampleSubmission = '' $this.defenderScheduledQuickScanTime = '' $this.defenderScanType = '' $this.defenderSystemScanSchedule = '' $this.defenderScheduledScanTime = '' $this.defenderPotentiallyUnwantedAppAction = '' $this.defenderPotentiallyUnwantedAppActionSetting = '' $this.defenderSubmitSamplesConsentType = '' $this.defenderBlockOnAccessProtection = $false $this.defenderDetectedMalwareActions = $null $this.defenderFileExtensionsToExclude = @() $this.defenderFilesAndFoldersToExclude = @() $this.defenderProcessesToExclude = @() $this.lockScreenAllowTimeoutConfiguration = $false $this.lockScreenBlockActionCenterNotifications = $false $this.lockScreenBlockCortana = $false $this.lockScreenBlockToastNotifications = $false $this.lockScreenTimeoutInSeconds = $null $this.lockScreenActivateAppsWithVoice = '' $this.passwordBlockSimple = $false $this.passwordExpirationDays = $null $this.passwordMinimumLength = $null $this.passwordMinutesOfInactivityBeforeScreenTimeout = $null $this.passwordMinimumCharacterSetCount = $null $this.passwordPreviousPasswordBlockCount = $null $this.passwordRequired = $false $this.passwordRequireWhenResumeFromIdleState = $false $this.passwordRequiredType = '' $this.passwordSignInFailureCountBeforeFactoryReset = $null $this.passwordMinimumAgeInDays = $null $this.privacyAdvertisingId = '' $this.privacyAutoAcceptPairingAndConsentPrompts = $false $this.privacyDisableLaunchExperience = $false $this.privacyBlockInputPersonalization = $false $this.privacyBlockPublishUserActivities = $false $this.privacyBlockActivityFeed = $false $this.activateAppsWithVoice = '' $this.startBlockUnpinningAppsFromTaskbar = $false $this.startMenuAppListVisibility = '' $this.startMenuHideChangeAccountSettings = $false $this.startMenuHideFrequentlyUsedApps = $false $this.startMenuHideHibernate = $false $this.startMenuHideLock = $false $this.startMenuHidePowerButton = $false $this.startMenuHideRecentJumpLists = $false $this.startMenuHideRecentlyAddedApps = $false $this.startMenuHideRestartOptions = $false $this.startMenuHideShutDown = $false $this.startMenuHideSignOut = $false $this.startMenuHideSleep = $false $this.startMenuHideSwitchAccount = $false $this.startMenuHideUserTile = $false $this.startMenuLayoutEdgeAssetsXml = '' $this.startMenuLayoutXml = '' $this.startMenuMode = '' $this.startMenuPinnedFolderDocuments = '' $this.startMenuPinnedFolderDownloads = '' $this.startMenuPinnedFolderFileExplorer = '' $this.startMenuPinnedFolderHomeGroup = '' $this.startMenuPinnedFolderMusic = '' $this.startMenuPinnedFolderNetwork = '' $this.startMenuPinnedFolderPersonalFolder = '' $this.startMenuPinnedFolderPictures = '' $this.startMenuPinnedFolderSettings = '' $this.startMenuPinnedFolderVideos = '' $this.settingsBlockSettingsApp = $false $this.settingsBlockSystemPage = $false $this.settingsBlockDevicesPage = $false $this.settingsBlockNetworkInternetPage = $false $this.settingsBlockPersonalizationPage = $false $this.settingsBlockAccountsPage = $false $this.settingsBlockTimeLanguagePage = $false $this.settingsBlockEaseOfAccessPage = $false $this.settingsBlockPrivacyPage = $false $this.settingsBlockUpdateSecurityPage = $false $this.settingsBlockAppsPage = $false $this.settingsBlockGamingPage = $false $this.windowsSpotlightBlockConsumerSpecificFeatures = $false $this.windowsSpotlightBlocked = $false $this.windowsSpotlightBlockOnActionCenter = $false $this.windowsSpotlightBlockTailoredExperiences = $false $this.windowsSpotlightBlockThirdPartyNotifications = $false $this.windowsSpotlightBlockWelcomeExperience = $false $this.windowsSpotlightBlockWindowsTips = $false $this.windowsSpotlightConfigureOnLockScreen = '' $this.networkProxyApplySettingsDeviceWide = $false $this.networkProxyDisableAutoDetect = $false $this.networkProxyAutomaticConfigurationUrl = '' $this.networkProxyServer = $null $this.accountsBlockAddingNonMicrosoftAccountEmail = $false $this.antiTheftModeBlocked = $false $this.bluetoothBlocked = $false $this.cameraBlocked = $false $this.connectedDevicesServiceBlocked = $false $this.certificatesBlockManualRootCertificateInstallation = $false $this.copyPasteBlocked = $false $this.cortanaBlocked = $false $this.deviceManagementBlockFactoryResetOnMobile = $false $this.deviceManagementBlockManualUnenroll = $false $this.safeSearchFilter = '' $this.edgeBlockPopups = $false $this.edgeBlockSearchSuggestions = $false $this.edgeBlockSearchEngineCustomization = $false $this.edgeBlockSendingIntranetTrafficToInternetExplorer = $false $this.edgeSendIntranetTrafficToInternetExplorer = $false $this.edgeRequireSmartScreen = $false $this.edgeEnterpriseModeSiteListLocation = '' $this.edgeFirstRunUrl = '' $this.edgeSearchEngine = $null $this.edgeHomepageUrls = @() $this.edgeBlockAccessToAboutFlags = $false $this.smartScreenBlockPromptOverride = $false $this.smartScreenBlockPromptOverrideForFiles = $false $this.webRtcBlockLocalhostIpAddress = $false $this.internetSharingBlocked = $false $this.settingsBlockAddProvisioningPackage = $false $this.settingsBlockRemoveProvisioningPackage = $false $this.settingsBlockChangeSystemTime = $false $this.settingsBlockEditDeviceName = $false $this.settingsBlockChangeRegion = $false $this.settingsBlockChangeLanguage = $false $this.settingsBlockChangePowerSleep = $false $this.locationServicesBlocked = $false $this.microsoftAccountBlocked = $false $this.microsoftAccountBlockSettingsSync = $false $this.nfcBlocked = $false $this.resetProtectionModeBlocked = $false $this.screenCaptureBlocked = $false $this.storageBlockRemovableStorage = $false $this.storageRequireMobileDeviceEncryption = $false $this.usbBlocked = $false $this.voiceRecordingBlocked = $false $this.wiFiBlockAutomaticConnectHotspots = $false $this.wiFiBlocked = $false $this.wiFiBlockManualConfiguration = $false $this.wiFiScanInterval = $null $this.wirelessDisplayBlockProjectionToThisDevice = $false $this.wirelessDisplayBlockUserInputFromReceiver = $false $this.wirelessDisplayRequirePinForPairing = $false $this.windowsStoreBlocked = $false $this.appsAllowTrustedAppsSideloading = '' $this.windowsStoreBlockAutoUpdate = $false $this.developerUnlockSetting = '' $this.sharedUserAppDataAllowed = $false $this.appsBlockWindowsStoreOriginatedApps = $false $this.windowsStoreEnablePrivateStoreOnly = $false $this.storageRestrictAppDataToSystemVolume = $false $this.storageRestrictAppInstallToSystemVolume = $false $this.gameDvrBlocked = $false $this.experienceBlockDeviceDiscovery = $false $this.experienceBlockErrorDialogWhenNoSIM = $false $this.experienceBlockTaskSwitcher = $false $this.logonBlockFastUserSwitching = $false $this.tenantLockdownRequireNetworkDuringOutOfBoxExperience = $false $this.appManagementMSIAllowUserControlOverInstall = $false $this.appManagementMSIAlwaysInstallWithElevatedPrivileges = $false $this.dataProtectionBlockDirectMemoryAccess = $false $this.appManagementPackageFamilyNamesToLaunchAfterLogOn = @() $this.uninstallBuiltInApps = $false $this.configureTimeZone = '' } # Parameterized constructor GetEmWindows10GeneralConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.taskManagerBlockEndTask = $policy.taskManagerBlockEndTask $this.energySaverOnBatteryThresholdPercentage = $policy.energySaverOnBatteryThresholdPercentage $this.energySaverPluggedInThresholdPercentage = $policy.energySaverPluggedInThresholdPercentage $this.powerLidCloseActionOnBattery = $policy.powerLidCloseActionOnBattery $this.powerLidCloseActionPluggedIn = $policy.powerLidCloseActionPluggedIn $this.powerButtonActionOnBattery = $policy.powerButtonActionOnBattery $this.powerButtonActionPluggedIn = $policy.powerButtonActionPluggedIn $this.powerSleepButtonActionOnBattery = $policy.powerSleepButtonActionOnBattery $this.powerSleepButtonActionPluggedIn = $policy.powerSleepButtonActionPluggedIn $this.powerHybridSleepOnBattery = $policy.powerHybridSleepOnBattery $this.powerHybridSleepPluggedIn = $policy.powerHybridSleepPluggedIn $this.windows10AppsForceUpdateSchedule = $policy.windows10AppsForceUpdateSchedule $this.enableAutomaticRedeployment = $policy.enableAutomaticRedeployment $this.microsoftAccountSignInAssistantSettings = $policy.microsoftAccountSignInAssistantSettings $this.authenticationAllowSecondaryDevice = $policy.authenticationAllowSecondaryDevice $this.authenticationWebSignIn = $policy.authenticationWebSignIn $this.authenticationPreferredAzureADTenantDomainName = $policy.authenticationPreferredAzureADTenantDomainName $this.cryptographyAllowFipsAlgorithmPolicy = $policy.cryptographyAllowFipsAlgorithmPolicy $this.displayAppListWithGdiDPIScalingTurnedOn = $policy.displayAppListWithGdiDPIScalingTurnedOn $this.displayAppListWithGdiDPIScalingTurnedOff = $policy.displayAppListWithGdiDPIScalingTurnedOff $this.enterpriseCloudPrintDiscoveryEndPoint = $policy.enterpriseCloudPrintDiscoveryEndPoint $this.enterpriseCloudPrintOAuthAuthority = $policy.enterpriseCloudPrintOAuthAuthority $this.enterpriseCloudPrintOAuthClientIdentifier = $policy.enterpriseCloudPrintOAuthClientIdentifier $this.enterpriseCloudPrintResourceIdentifier = $policy.enterpriseCloudPrintResourceIdentifier $this.enterpriseCloudPrintDiscoveryMaxLimit = $policy.enterpriseCloudPrintDiscoveryMaxLimit $this.enterpriseCloudPrintMopriaDiscoveryResourceIdentifier = $policy.enterpriseCloudPrintMopriaDiscoveryResourceIdentifier $this.experienceDoNotSyncBrowserSettings = $policy.experienceDoNotSyncBrowserSettings $this.messagingBlockSync = $policy.messagingBlockSync $this.messagingBlockMMS = $policy.messagingBlockMMS $this.messagingBlockRichCommunicationServices = $policy.messagingBlockRichCommunicationServices $this.printerNames = $policy.printerNames $this.printerDefaultName = $policy.printerDefaultName $this.printerBlockAddition = $policy.printerBlockAddition $this.searchBlockDiacritics = $policy.searchBlockDiacritics $this.searchDisableAutoLanguageDetection = $policy.searchDisableAutoLanguageDetection $this.searchDisableIndexingEncryptedItems = $policy.searchDisableIndexingEncryptedItems $this.searchEnableRemoteQueries = $policy.searchEnableRemoteQueries $this.searchDisableUseLocation = $policy.searchDisableUseLocation $this.searchDisableLocation = $policy.searchDisableLocation $this.searchDisableIndexerBackoff = $policy.searchDisableIndexerBackoff $this.searchDisableIndexingRemovableDrive = $policy.searchDisableIndexingRemovableDrive $this.searchEnableAutomaticIndexSizeManangement = $policy.searchEnableAutomaticIndexSizeManangement $this.searchBlockWebResults = $policy.searchBlockWebResults $this.findMyFiles = $policy.findMyFiles $this.securityBlockAzureADJoinedDevicesAutoEncryption = $policy.securityBlockAzureADJoinedDevicesAutoEncryption $this.diagnosticsDataSubmissionMode = $policy.diagnosticsDataSubmissionMode $this.oneDriveDisableFileSync = $policy.oneDriveDisableFileSync $this.systemTelemetryProxyServer = $policy.systemTelemetryProxyServer $this.edgeTelemetryForMicrosoft365Analytics = $policy.edgeTelemetryForMicrosoft365Analytics $this.inkWorkspaceAccess = $policy.inkWorkspaceAccess $this.inkWorkspaceAccessState = $policy.inkWorkspaceAccessState $this.inkWorkspaceBlockSuggestedApps = $policy.inkWorkspaceBlockSuggestedApps $this.smartScreenEnableAppInstallControl = $policy.smartScreenEnableAppInstallControl $this.smartScreenAppInstallControl = $policy.smartScreenAppInstallControl $this.personalizationDesktopImageUrl = $policy.personalizationDesktopImageUrl $this.personalizationLockScreenImageUrl = $policy.personalizationLockScreenImageUrl $this.bluetoothAllowedServices = $policy.bluetoothAllowedServices $this.bluetoothBlockAdvertising = $policy.bluetoothBlockAdvertising $this.bluetoothBlockPromptedProximalConnections = $policy.bluetoothBlockPromptedProximalConnections $this.bluetoothBlockDiscoverableMode = $policy.bluetoothBlockDiscoverableMode $this.bluetoothBlockPrePairing = $policy.bluetoothBlockPrePairing $this.edgeBlockAutofill = $policy.edgeBlockAutofill $this.edgeBlocked = $policy.edgeBlocked $this.edgeCookiePolicy = $policy.edgeCookiePolicy $this.edgeBlockDeveloperTools = $policy.edgeBlockDeveloperTools $this.edgeBlockSendingDoNotTrackHeader = $policy.edgeBlockSendingDoNotTrackHeader $this.edgeBlockExtensions = $policy.edgeBlockExtensions $this.edgeBlockInPrivateBrowsing = $policy.edgeBlockInPrivateBrowsing $this.edgeBlockJavaScript = $policy.edgeBlockJavaScript $this.edgeBlockPasswordManager = $policy.edgeBlockPasswordManager $this.edgeBlockAddressBarDropdown = $policy.edgeBlockAddressBarDropdown $this.edgeBlockCompatibilityList = $policy.edgeBlockCompatibilityList $this.edgeClearBrowsingDataOnExit = $policy.edgeClearBrowsingDataOnExit $this.edgeAllowStartPagesModification = $policy.edgeAllowStartPagesModification $this.edgeDisableFirstRunPage = $policy.edgeDisableFirstRunPage $this.edgeBlockLiveTileDataCollection = $policy.edgeBlockLiveTileDataCollection $this.edgeSyncFavoritesWithInternetExplorer = $policy.edgeSyncFavoritesWithInternetExplorer $this.edgeFavoritesListLocation = $policy.edgeFavoritesListLocation $this.edgeBlockEditFavorites = $policy.edgeBlockEditFavorites $this.edgeNewTabPageURL = $policy.edgeNewTabPageURL $this.edgeHomeButtonConfiguration = $policy.edgeHomeButtonConfiguration $this.edgeHomeButtonConfigurationEnabled = $policy.edgeHomeButtonConfigurationEnabled $this.edgeOpensWith = $policy.edgeOpensWith $this.edgeBlockSideloadingExtensions = $policy.edgeBlockSideloadingExtensions $this.edgeRequiredExtensionPackageFamilyNames = $policy.edgeRequiredExtensionPackageFamilyNames $this.edgeBlockPrinting = $policy.edgeBlockPrinting $this.edgeFavoritesBarVisibility = $policy.edgeFavoritesBarVisibility $this.edgeBlockSavingHistory = $policy.edgeBlockSavingHistory $this.edgeBlockFullScreenMode = $policy.edgeBlockFullScreenMode $this.edgeBlockWebContentOnNewTabPage = $policy.edgeBlockWebContentOnNewTabPage $this.edgeBlockTabPreloading = $policy.edgeBlockTabPreloading $this.edgeBlockPrelaunch = $policy.edgeBlockPrelaunch $this.edgeShowMessageWhenOpeningInternetExplorerSites = $policy.edgeShowMessageWhenOpeningInternetExplorerSites $this.edgePreventCertificateErrorOverride = $policy.edgePreventCertificateErrorOverride $this.edgeKioskModeRestriction = $policy.edgeKioskModeRestriction $this.edgeKioskResetAfterIdleTimeInMinutes = $policy.edgeKioskResetAfterIdleTimeInMinutes $this.cellularBlockDataWhenRoaming = $policy.cellularBlockDataWhenRoaming $this.cellularBlockVpn = $policy.cellularBlockVpn $this.cellularBlockVpnWhenRoaming = $policy.cellularBlockVpnWhenRoaming $this.cellularData = $policy.cellularData $this.defenderRequireRealTimeMonitoring = $policy.defenderRequireRealTimeMonitoring $this.defenderRequireBehaviorMonitoring = $policy.defenderRequireBehaviorMonitoring $this.defenderRequireNetworkInspectionSystem = $policy.defenderRequireNetworkInspectionSystem $this.defenderScanDownloads = $policy.defenderScanDownloads $this.defenderScheduleScanEnableLowCpuPriority = $policy.defenderScheduleScanEnableLowCpuPriority $this.defenderDisableCatchupQuickScan = $policy.defenderDisableCatchupQuickScan $this.defenderDisableCatchupFullScan = $policy.defenderDisableCatchupFullScan $this.defenderScanScriptsLoadedInInternetExplorer = $policy.defenderScanScriptsLoadedInInternetExplorer $this.defenderBlockEndUserAccess = $policy.defenderBlockEndUserAccess $this.defenderSignatureUpdateIntervalInHours = $policy.defenderSignatureUpdateIntervalInHours $this.defenderMonitorFileActivity = $policy.defenderMonitorFileActivity $this.defenderDaysBeforeDeletingQuarantinedMalware = $policy.defenderDaysBeforeDeletingQuarantinedMalware $this.defenderScanMaxCpu = $policy.defenderScanMaxCpu $this.defenderScanArchiveFiles = $policy.defenderScanArchiveFiles $this.defenderScanIncomingMail = $policy.defenderScanIncomingMail $this.defenderScanRemovableDrivesDuringFullScan = $policy.defenderScanRemovableDrivesDuringFullScan $this.defenderScanMappedNetworkDrivesDuringFullScan = $policy.defenderScanMappedNetworkDrivesDuringFullScan $this.defenderScanNetworkFiles = $policy.defenderScanNetworkFiles $this.defenderRequireCloudProtection = $policy.defenderRequireCloudProtection $this.defenderCloudBlockLevel = $policy.defenderCloudBlockLevel $this.defenderCloudExtendedTimeout = $policy.defenderCloudExtendedTimeout $this.defenderCloudExtendedTimeoutInSeconds = $policy.defenderCloudExtendedTimeoutInSeconds $this.defenderPromptForSampleSubmission = $policy.defenderPromptForSampleSubmission $this.defenderScheduledQuickScanTime = $policy.defenderScheduledQuickScanTime $this.defenderScanType = $policy.defenderScanType $this.defenderSystemScanSchedule = $policy.defenderSystemScanSchedule $this.defenderScheduledScanTime = $policy.defenderScheduledScanTime $this.defenderPotentiallyUnwantedAppAction = $policy.defenderPotentiallyUnwantedAppAction $this.defenderPotentiallyUnwantedAppActionSetting = $policy.defenderPotentiallyUnwantedAppActionSetting $this.defenderSubmitSamplesConsentType = $policy.defenderSubmitSamplesConsentType $this.defenderBlockOnAccessProtection = $policy.defenderBlockOnAccessProtection $this.defenderDetectedMalwareActions = $policy.defenderDetectedMalwareActions $this.defenderFileExtensionsToExclude = $policy.defenderFileExtensionsToExclude $this.defenderFilesAndFoldersToExclude = $policy.defenderFilesAndFoldersToExclude $this.defenderProcessesToExclude = $policy.defenderProcessesToExclude $this.lockScreenAllowTimeoutConfiguration = $policy.lockScreenAllowTimeoutConfiguration $this.lockScreenBlockActionCenterNotifications = $policy.lockScreenBlockActionCenterNotifications $this.lockScreenBlockCortana = $policy.lockScreenBlockCortana $this.lockScreenBlockToastNotifications = $policy.lockScreenBlockToastNotifications $this.lockScreenTimeoutInSeconds = $policy.lockScreenTimeoutInSeconds $this.lockScreenActivateAppsWithVoice = $policy.lockScreenActivateAppsWithVoice $this.passwordBlockSimple = $policy.passwordBlockSimple $this.passwordExpirationDays = $policy.passwordExpirationDays $this.passwordMinimumLength = $policy.passwordMinimumLength $this.passwordMinutesOfInactivityBeforeScreenTimeout = $policy.passwordMinutesOfInactivityBeforeScreenTimeout $this.passwordMinimumCharacterSetCount = $policy.passwordMinimumCharacterSetCount $this.passwordPreviousPasswordBlockCount = $policy.passwordPreviousPasswordBlockCount $this.passwordRequired = $policy.passwordRequired $this.passwordRequireWhenResumeFromIdleState = $policy.passwordRequireWhenResumeFromIdleState $this.passwordRequiredType = $policy.passwordRequiredType $this.passwordSignInFailureCountBeforeFactoryReset = $policy.passwordSignInFailureCountBeforeFactoryReset $this.passwordMinimumAgeInDays = $policy.passwordMinimumAgeInDays $this.privacyAdvertisingId = $policy.privacyAdvertisingId $this.privacyAutoAcceptPairingAndConsentPrompts = $policy.privacyAutoAcceptPairingAndConsentPrompts $this.privacyDisableLaunchExperience = $policy.privacyDisableLaunchExperience $this.privacyBlockInputPersonalization = $policy.privacyBlockInputPersonalization $this.privacyBlockPublishUserActivities = $policy.privacyBlockPublishUserActivities $this.privacyBlockActivityFeed = $policy.privacyBlockActivityFeed $this.activateAppsWithVoice = $policy.activateAppsWithVoice $this.startBlockUnpinningAppsFromTaskbar = $policy.startBlockUnpinningAppsFromTaskbar $this.startMenuAppListVisibility = $policy.startMenuAppListVisibility $this.startMenuHideChangeAccountSettings = $policy.startMenuHideChangeAccountSettings $this.startMenuHideFrequentlyUsedApps = $policy.startMenuHideFrequentlyUsedApps $this.startMenuHideHibernate = $policy.startMenuHideHibernate $this.startMenuHideLock = $policy.startMenuHideLock $this.startMenuHidePowerButton = $policy.startMenuHidePowerButton $this.startMenuHideRecentJumpLists = $policy.startMenuHideRecentJumpLists $this.startMenuHideRecentlyAddedApps = $policy.startMenuHideRecentlyAddedApps $this.startMenuHideRestartOptions = $policy.startMenuHideRestartOptions $this.startMenuHideShutDown = $policy.startMenuHideShutDown $this.startMenuHideSignOut = $policy.startMenuHideSignOut $this.startMenuHideSleep = $policy.startMenuHideSleep $this.startMenuHideSwitchAccount = $policy.startMenuHideSwitchAccount $this.startMenuHideUserTile = $policy.startMenuHideUserTile $this.startMenuLayoutEdgeAssetsXml = $policy.startMenuLayoutEdgeAssetsXml $this.startMenuLayoutXml = $policy.startMenuLayoutXml $this.startMenuMode = $policy.startMenuMode $this.startMenuPinnedFolderDocuments = $policy.startMenuPinnedFolderDocuments $this.startMenuPinnedFolderDownloads = $policy.startMenuPinnedFolderDownloads $this.startMenuPinnedFolderFileExplorer = $policy.startMenuPinnedFolderFileExplorer $this.startMenuPinnedFolderHomeGroup = $policy.startMenuPinnedFolderHomeGroup $this.startMenuPinnedFolderMusic = $policy.startMenuPinnedFolderMusic $this.startMenuPinnedFolderNetwork = $policy.startMenuPinnedFolderNetwork $this.startMenuPinnedFolderPersonalFolder = $policy.startMenuPinnedFolderPersonalFolder $this.startMenuPinnedFolderPictures = $policy.startMenuPinnedFolderPictures $this.startMenuPinnedFolderSettings = $policy.startMenuPinnedFolderSettings $this.startMenuPinnedFolderVideos = $policy.startMenuPinnedFolderVideos $this.settingsBlockSettingsApp = $policy.settingsBlockSettingsApp $this.settingsBlockSystemPage = $policy.settingsBlockSystemPage $this.settingsBlockDevicesPage = $policy.settingsBlockDevicesPage $this.settingsBlockNetworkInternetPage = $policy.settingsBlockNetworkInternetPage $this.settingsBlockPersonalizationPage = $policy.settingsBlockPersonalizationPage $this.settingsBlockAccountsPage = $policy.settingsBlockAccountsPage $this.settingsBlockTimeLanguagePage = $policy.settingsBlockTimeLanguagePage $this.settingsBlockEaseOfAccessPage = $policy.settingsBlockEaseOfAccessPage $this.settingsBlockPrivacyPage = $policy.settingsBlockPrivacyPage $this.settingsBlockUpdateSecurityPage = $policy.settingsBlockUpdateSecurityPage $this.settingsBlockAppsPage = $policy.settingsBlockAppsPage $this.settingsBlockGamingPage = $policy.settingsBlockGamingPage $this.windowsSpotlightBlockConsumerSpecificFeatures = $policy.windowsSpotlightBlockConsumerSpecificFeatures $this.windowsSpotlightBlocked = $policy.windowsSpotlightBlocked $this.windowsSpotlightBlockOnActionCenter = $policy.windowsSpotlightBlockOnActionCenter $this.windowsSpotlightBlockTailoredExperiences = $policy.windowsSpotlightBlockTailoredExperiences $this.windowsSpotlightBlockThirdPartyNotifications = $policy.windowsSpotlightBlockThirdPartyNotifications $this.windowsSpotlightBlockWelcomeExperience = $policy.windowsSpotlightBlockWelcomeExperience $this.windowsSpotlightBlockWindowsTips = $policy.windowsSpotlightBlockWindowsTips $this.windowsSpotlightConfigureOnLockScreen = $policy.windowsSpotlightConfigureOnLockScreen $this.networkProxyApplySettingsDeviceWide = $policy.networkProxyApplySettingsDeviceWide $this.networkProxyDisableAutoDetect = $policy.networkProxyDisableAutoDetect $this.networkProxyAutomaticConfigurationUrl = $policy.networkProxyAutomaticConfigurationUrl $this.networkProxyServer = $policy.networkProxyServer $this.accountsBlockAddingNonMicrosoftAccountEmail = $policy.accountsBlockAddingNonMicrosoftAccountEmail $this.antiTheftModeBlocked = $policy.antiTheftModeBlocked $this.bluetoothBlocked = $policy.bluetoothBlocked $this.cameraBlocked = $policy.cameraBlocked $this.connectedDevicesServiceBlocked = $policy.connectedDevicesServiceBlocked $this.certificatesBlockManualRootCertificateInstallation = $policy.certificatesBlockManualRootCertificateInstallation $this.copyPasteBlocked = $policy.copyPasteBlocked $this.cortanaBlocked = $policy.cortanaBlocked $this.deviceManagementBlockFactoryResetOnMobile = $policy.deviceManagementBlockFactoryResetOnMobile $this.deviceManagementBlockManualUnenroll = $policy.deviceManagementBlockManualUnenroll $this.safeSearchFilter = $policy.safeSearchFilter $this.edgeBlockPopups = $policy.edgeBlockPopups $this.edgeBlockSearchSuggestions = $policy.edgeBlockSearchSuggestions $this.edgeBlockSearchEngineCustomization = $policy.edgeBlockSearchEngineCustomization $this.edgeBlockSendingIntranetTrafficToInternetExplorer = $policy.edgeBlockSendingIntranetTrafficToInternetExplorer $this.edgeSendIntranetTrafficToInternetExplorer = $policy.edgeSendIntranetTrafficToInternetExplorer $this.edgeRequireSmartScreen = $policy.edgeRequireSmartScreen $this.edgeEnterpriseModeSiteListLocation = $policy.edgeEnterpriseModeSiteListLocation $this.edgeFirstRunUrl = $policy.edgeFirstRunUrl $this.edgeSearchEngine = $policy.edgeSearchEngine $this.edgeHomepageUrls = $policy.edgeHomepageUrls $this.edgeBlockAccessToAboutFlags = $policy.edgeBlockAccessToAboutFlags $this.smartScreenBlockPromptOverride = $policy.smartScreenBlockPromptOverride $this.smartScreenBlockPromptOverrideForFiles = $policy.smartScreenBlockPromptOverrideForFiles $this.webRtcBlockLocalhostIpAddress = $policy.webRtcBlockLocalhostIpAddress $this.internetSharingBlocked = $policy.internetSharingBlocked $this.settingsBlockAddProvisioningPackage = $policy.settingsBlockAddProvisioningPackage $this.settingsBlockRemoveProvisioningPackage = $policy.settingsBlockRemoveProvisioningPackage $this.settingsBlockChangeSystemTime = $policy.settingsBlockChangeSystemTime $this.settingsBlockEditDeviceName = $policy.settingsBlockEditDeviceName $this.settingsBlockChangeRegion = $policy.settingsBlockChangeRegion $this.settingsBlockChangeLanguage = $policy.settingsBlockChangeLanguage $this.settingsBlockChangePowerSleep = $policy.settingsBlockChangePowerSleep $this.locationServicesBlocked = $policy.locationServicesBlocked $this.microsoftAccountBlocked = $policy.microsoftAccountBlocked $this.microsoftAccountBlockSettingsSync = $policy.microsoftAccountBlockSettingsSync $this.nfcBlocked = $policy.nfcBlocked $this.resetProtectionModeBlocked = $policy.resetProtectionModeBlocked $this.screenCaptureBlocked = $policy.screenCaptureBlocked $this.storageBlockRemovableStorage = $policy.storageBlockRemovableStorage $this.storageRequireMobileDeviceEncryption = $policy.storageRequireMobileDeviceEncryption $this.usbBlocked = $policy.usbBlocked $this.voiceRecordingBlocked = $policy.voiceRecordingBlocked $this.wiFiBlockAutomaticConnectHotspots = $policy.wiFiBlockAutomaticConnectHotspots $this.wiFiBlocked = $policy.wiFiBlocked $this.wiFiBlockManualConfiguration = $policy.wiFiBlockManualConfiguration $this.wiFiScanInterval = $policy.wiFiScanInterval $this.wirelessDisplayBlockProjectionToThisDevice = $policy.wirelessDisplayBlockProjectionToThisDevice $this.wirelessDisplayBlockUserInputFromReceiver = $policy.wirelessDisplayBlockUserInputFromReceiver $this.wirelessDisplayRequirePinForPairing = $policy.wirelessDisplayRequirePinForPairing $this.windowsStoreBlocked = $policy.windowsStoreBlocked $this.appsAllowTrustedAppsSideloading = $policy.appsAllowTrustedAppsSideloading $this.windowsStoreBlockAutoUpdate = $policy.windowsStoreBlockAutoUpdate $this.developerUnlockSetting = $policy.developerUnlockSetting $this.sharedUserAppDataAllowed = $policy.sharedUserAppDataAllowed $this.appsBlockWindowsStoreOriginatedApps = $policy.appsBlockWindowsStoreOriginatedApps $this.windowsStoreEnablePrivateStoreOnly = $policy.windowsStoreEnablePrivateStoreOnly $this.storageRestrictAppDataToSystemVolume = $policy.storageRestrictAppDataToSystemVolume $this.storageRestrictAppInstallToSystemVolume = $policy.storageRestrictAppInstallToSystemVolume $this.gameDvrBlocked = $policy.gameDvrBlocked $this.experienceBlockDeviceDiscovery = $policy.experienceBlockDeviceDiscovery $this.experienceBlockErrorDialogWhenNoSIM = $policy.experienceBlockErrorDialogWhenNoSIM $this.experienceBlockTaskSwitcher = $policy.experienceBlockTaskSwitcher $this.logonBlockFastUserSwitching = $policy.logonBlockFastUserSwitching $this.tenantLockdownRequireNetworkDuringOutOfBoxExperience = $policy.tenantLockdownRequireNetworkDuringOutOfBoxExperience $this.appManagementMSIAllowUserControlOverInstall = $policy.appManagementMSIAllowUserControlOverInstall $this.appManagementMSIAlwaysInstallWithElevatedPrivileges = $policy.appManagementMSIAlwaysInstallWithElevatedPrivileges $this.dataProtectionBlockDirectMemoryAccess = $policy.dataProtectionBlockDirectMemoryAccess $this.appManagementPackageFamilyNamesToLaunchAfterLogOn = $policy.appManagementPackageFamilyNamesToLaunchAfterLogOn $this.uninstallBuiltInApps = $policy.uninstallBuiltInApps $this.configureTimeZone = $policy.configureTimeZone } # Overriding the ToString method [string] ToString() { return "Class: GetEmWindows10GeneralConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmWindows10GeneralConfiguration.ps1' 898 #Region '.\Classes\DeviceConfiguration\Get\GetEmWindows81SCEPCertificateProfile.ps1' -1 class GetEmWindows81SCEPCertificateProfile { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [object]$renewalThresholdPercentage [string]$keyStorageProvider [string]$subjectNameFormat [string]$subjectAlternativeNameType [object]$certificateValidityPeriodValue [string]$certificateValidityPeriodScale [object[]]$extendedKeyUsages [object[]]$customSubjectAlternativeNames [object[]]$scepServerUrls [string]$subjectNameFormatString [string]$keyUsage [string]$keySize [string]$hashAlgorithm [string]$subjectAlternativeNameFormatString [string]$certificateStore # Default constructor GetEmWindows81SCEPCertificateProfile() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.renewalThresholdPercentage = $null $this.keyStorageProvider = '' $this.subjectNameFormat = '' $this.subjectAlternativeNameType = '' $this.certificateValidityPeriodValue = $null $this.certificateValidityPeriodScale = '' $this.extendedKeyUsages = @() $this.customSubjectAlternativeNames = @() $this.scepServerUrls = @() $this.subjectNameFormatString = '' $this.keyUsage = '' $this.keySize = '' $this.hashAlgorithm = '' $this.subjectAlternativeNameFormatString = '' $this.certificateStore = '' } # Parameterized constructor GetEmWindows81SCEPCertificateProfile ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.renewalThresholdPercentage = $policy.renewalThresholdPercentage $this.keyStorageProvider = $policy.keyStorageProvider $this.subjectNameFormat = $policy.subjectNameFormat $this.subjectAlternativeNameType = $policy.subjectAlternativeNameType $this.certificateValidityPeriodValue = $policy.certificateValidityPeriodValue $this.certificateValidityPeriodScale = $policy.certificateValidityPeriodScale $this.extendedKeyUsages = $policy.extendedKeyUsages $this.customSubjectAlternativeNames = $policy.customSubjectAlternativeNames $this.scepServerUrls = $policy.scepServerUrls $this.subjectNameFormatString = $policy.subjectNameFormatString $this.keyUsage = $policy.keyUsage $this.keySize = $policy.keySize $this.hashAlgorithm = $policy.hashAlgorithm $this.subjectAlternativeNameFormatString = $policy.subjectAlternativeNameFormatString $this.certificateStore = $policy.certificateStore } # Overriding the ToString method [string] ToString() { return "Class: GetEmWindows81SCEPCertificateProfile" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmWindows81SCEPCertificateProfile.ps1' 97 #Region '.\Classes\DeviceConfiguration\Get\GetEmWindows81TrustedRootCertificate.ps1' -1 class GetEmWindows81TrustedRootCertificate { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$trustedRootCertificate [string]$certFileName [string]$destinationStore # Default constructor GetEmWindows81TrustedRootCertificate() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.trustedRootCertificate = '' $this.certFileName = '' $this.destinationStore = '' } # Parameterized constructor GetEmWindows81TrustedRootCertificate ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.trustedRootCertificate = $policy.trustedRootCertificate $this.certFileName = $policy.certFileName $this.destinationStore = $policy.destinationStore } # Overriding the ToString method [string] ToString() { return "Class: GetEmWindows81TrustedRootCertificate" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmWindows81TrustedRootCertificate.ps1' 61 #Region '.\Classes\DeviceConfiguration\Get\GetEmWindowsHealthMonitoringConfiguration.ps1' -1 class GetEmWindowsHealthMonitoringConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$allowDeviceHealthMonitoring [string]$configDeviceHealthMonitoringScope [string]$configDeviceHealthMonitoringCustomScope # Default constructor GetEmWindowsHealthMonitoringConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.allowDeviceHealthMonitoring = '' $this.configDeviceHealthMonitoringScope = '' $this.configDeviceHealthMonitoringCustomScope = '' } # Parameterized constructor GetEmWindowsHealthMonitoringConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.allowDeviceHealthMonitoring = $policy.allowDeviceHealthMonitoring $this.configDeviceHealthMonitoringScope = $policy.configDeviceHealthMonitoringScope $this.configDeviceHealthMonitoringCustomScope = $policy.configDeviceHealthMonitoringCustomScope } # Overriding the ToString method [string] ToString() { return "Class: GetEmWindowsHealthMonitoringConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmWindowsHealthMonitoringConfiguration.ps1' 61 #Region '.\Classes\DeviceConfiguration\Get\GetEmWindowsUpdateForBusinessConfiguration.ps1' -1 class GetEmWindowsUpdateForBusinessConfiguration { [string]${@odata.type} [string]$id [datetime]$lastModifiedDateTime [object[]]$roleScopeTagIds [bool]$supportsScopeTags [psobject]$deviceManagementApplicabilityRuleOsEdition [psobject]$deviceManagementApplicabilityRuleOsVersion [psobject]$deviceManagementApplicabilityRuleDeviceMode [datetime]$createdDateTime [string]$description [string]$displayName [object]$version [string]$deliveryOptimizationMode [string]$prereleaseFeatures [string]$automaticUpdateMode [bool]$microsoftUpdateServiceAllowed [bool]$driversExcluded [psobject]$installationSchedule [object]$qualityUpdatesDeferralPeriodInDays [object]$featureUpdatesDeferralPeriodInDays [bool]$qualityUpdatesPaused [bool]$featureUpdatesPaused [datetime]$qualityUpdatesPauseExpiryDateTime [datetime]$featureUpdatesPauseExpiryDateTime [string]$businessReadyUpdatesOnly [bool]$skipChecksBeforeRestart [string]$updateWeeks [string]$qualityUpdatesPauseStartDate [string]$featureUpdatesPauseStartDate [object]$featureUpdatesRollbackWindowInDays [bool]$qualityUpdatesWillBeRolledBack [bool]$featureUpdatesWillBeRolledBack [datetime]$qualityUpdatesRollbackStartDateTime [datetime]$featureUpdatesRollbackStartDateTime [object]$engagedRestartDeadlineInDays [object]$engagedRestartSnoozeScheduleInDays [object]$engagedRestartTransitionScheduleInDays [object]$deadlineForFeatureUpdatesInDays [object]$deadlineForQualityUpdatesInDays [object]$deadlineGracePeriodInDays [bool]$postponeRebootUntilAfterDeadline [string]$autoRestartNotificationDismissal [object]$scheduleRestartWarningInHours [object]$scheduleImminentRestartWarningInMinutes [string]$userPauseAccess [string]$userWindowsUpdateScanAccess [string]$updateNotificationLevel [bool]$allowWindows11Upgrade # Default constructor GetEmWindowsUpdateForBusinessConfiguration() { $this."@odata.type" = '' $this.id = '' $this.lastModifiedDateTime = [datetime]::MinValue $this.roleScopeTagIds = @() $this.supportsScopeTags = $false $this.deviceManagementApplicabilityRuleOsEdition = $null $this.deviceManagementApplicabilityRuleOsVersion = $null $this.deviceManagementApplicabilityRuleDeviceMode = $null $this.createdDateTime = [datetime]::MinValue $this.description = '' $this.displayName = '' $this.version = $null $this.deliveryOptimizationMode = '' $this.prereleaseFeatures = '' $this.automaticUpdateMode = '' $this.microsoftUpdateServiceAllowed = $false $this.driversExcluded = $false $this.installationSchedule = $null $this.qualityUpdatesDeferralPeriodInDays = $null $this.featureUpdatesDeferralPeriodInDays = $null $this.qualityUpdatesPaused = $false $this.featureUpdatesPaused = $false $this.qualityUpdatesPauseExpiryDateTime = [datetime]::MinValue $this.featureUpdatesPauseExpiryDateTime = [datetime]::MinValue $this.businessReadyUpdatesOnly = '' $this.skipChecksBeforeRestart = $false $this.updateWeeks = '' $this.qualityUpdatesPauseStartDate = '' $this.featureUpdatesPauseStartDate = '' $this.featureUpdatesRollbackWindowInDays = $null $this.qualityUpdatesWillBeRolledBack = $false $this.featureUpdatesWillBeRolledBack = $false $this.qualityUpdatesRollbackStartDateTime = [datetime]::MinValue $this.featureUpdatesRollbackStartDateTime = [datetime]::MinValue $this.engagedRestartDeadlineInDays = $null $this.engagedRestartSnoozeScheduleInDays = $null $this.engagedRestartTransitionScheduleInDays = $null $this.deadlineForFeatureUpdatesInDays = $null $this.deadlineForQualityUpdatesInDays = $null $this.deadlineGracePeriodInDays = $null $this.postponeRebootUntilAfterDeadline = $false $this.autoRestartNotificationDismissal = '' $this.scheduleRestartWarningInHours = $null $this.scheduleImminentRestartWarningInMinutes = $null $this.userPauseAccess = '' $this.userWindowsUpdateScanAccess = '' $this.updateNotificationLevel = '' $this.allowWindows11Upgrade = $false } # Parameterized constructor GetEmWindowsUpdateForBusinessConfiguration ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.roleScopeTagIds = $policy.roleScopeTagIds $this.supportsScopeTags = $policy.supportsScopeTags $this.deviceManagementApplicabilityRuleOsEdition = $policy.deviceManagementApplicabilityRuleOsEdition $this.deviceManagementApplicabilityRuleOsVersion = $policy.deviceManagementApplicabilityRuleOsVersion $this.deviceManagementApplicabilityRuleDeviceMode = $policy.deviceManagementApplicabilityRuleDeviceMode $this.createdDateTime = $policy.createdDateTime $this.description = $policy.description $this.displayName = $policy.displayName $this.version = $policy.version $this.deliveryOptimizationMode = $policy.deliveryOptimizationMode $this.prereleaseFeatures = $policy.prereleaseFeatures $this.automaticUpdateMode = $policy.automaticUpdateMode $this.microsoftUpdateServiceAllowed = $policy.microsoftUpdateServiceAllowed $this.driversExcluded = $policy.driversExcluded $this.installationSchedule = $policy.installationSchedule $this.qualityUpdatesDeferralPeriodInDays = $policy.qualityUpdatesDeferralPeriodInDays $this.featureUpdatesDeferralPeriodInDays = $policy.featureUpdatesDeferralPeriodInDays $this.qualityUpdatesPaused = $policy.qualityUpdatesPaused $this.featureUpdatesPaused = $policy.featureUpdatesPaused $this.qualityUpdatesPauseExpiryDateTime = $policy.qualityUpdatesPauseExpiryDateTime $this.featureUpdatesPauseExpiryDateTime = $policy.featureUpdatesPauseExpiryDateTime $this.businessReadyUpdatesOnly = $policy.businessReadyUpdatesOnly $this.skipChecksBeforeRestart = $policy.skipChecksBeforeRestart $this.updateWeeks = $policy.updateWeeks $this.qualityUpdatesPauseStartDate = $policy.qualityUpdatesPauseStartDate $this.featureUpdatesPauseStartDate = $policy.featureUpdatesPauseStartDate $this.featureUpdatesRollbackWindowInDays = $policy.featureUpdatesRollbackWindowInDays $this.qualityUpdatesWillBeRolledBack = $policy.qualityUpdatesWillBeRolledBack $this.featureUpdatesWillBeRolledBack = $policy.featureUpdatesWillBeRolledBack $this.qualityUpdatesRollbackStartDateTime = $policy.qualityUpdatesRollbackStartDateTime $this.featureUpdatesRollbackStartDateTime = $policy.featureUpdatesRollbackStartDateTime $this.engagedRestartDeadlineInDays = $policy.engagedRestartDeadlineInDays $this.engagedRestartSnoozeScheduleInDays = $policy.engagedRestartSnoozeScheduleInDays $this.engagedRestartTransitionScheduleInDays = $policy.engagedRestartTransitionScheduleInDays $this.deadlineForFeatureUpdatesInDays = $policy.deadlineForFeatureUpdatesInDays $this.deadlineForQualityUpdatesInDays = $policy.deadlineForQualityUpdatesInDays $this.deadlineGracePeriodInDays = $policy.deadlineGracePeriodInDays $this.postponeRebootUntilAfterDeadline = $policy.postponeRebootUntilAfterDeadline $this.autoRestartNotificationDismissal = $policy.autoRestartNotificationDismissal $this.scheduleRestartWarningInHours = $policy.scheduleRestartWarningInHours $this.scheduleImminentRestartWarningInMinutes = $policy.scheduleImminentRestartWarningInMinutes $this.userPauseAccess = $policy.userPauseAccess $this.userWindowsUpdateScanAccess = $policy.userWindowsUpdateScanAccess $this.updateNotificationLevel = $policy.updateNotificationLevel $this.allowWindows11Upgrade = $policy.allowWindows11Upgrade } # Overriding the ToString method [string] ToString() { return "Class: GetEmWindowsUpdateForBusinessConfiguration" } } #EndRegion '.\Classes\DeviceConfiguration\Get\GetEmWindowsUpdateForBusinessConfiguration.ps1' 160 #Region '.\Classes\DeviceManagement\EmDMBooleanSettingInstance.ps1' -1 <# # { "@odata.type": "#microsoft.graph.deviceManagementBooleanSettingInstance", "id": "String (identifier)", "definitionId": "String", "valueJson": "String", "value": true } #> class EmDMBooleanSettingInstance { [string]${@odata.type} [string]$id [string]$definitionId [string]$valueJson [bool]$value # Default constructor EmDMBooleanSettingInstance() { $this."@odata.type" = '' $this.id = '' $this.definitionId = '' $this.valueJson = '' $this.value = $false } # Parameterized constructor EmDMBooleanSettingInstance ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.definitionId = $policy.definitionId $this.valueJson = $policy.valueJson $this.value = $policy.value } # Overriding the ToString method [string] ToString() { return "Class: EmDMBooleanSettingInstance" } } #EndRegion '.\Classes\DeviceManagement\EmDMBooleanSettingInstance.ps1' 43 #Region '.\Classes\DeviceManagement\EmDMIntegerSettingInstance.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceintent-devicemanagementintegersettinginstance?view=graph-rest-beta#json-representation { "@odata.type": "#microsoft.graph.deviceManagementIntegerSettingInstance", "id": "String (identifier)", "definitionId": "String", "valueJson": "String", "value": 1024 } #> class EmDMIntegerSettingInstance { [string]${@odata.type} [string]$id [string]$definitionId [string]$valueJson [object]$value # Default constructor EmDMIntegerSettingInstance() { $this."@odata.type" = '' $this.id = '' $this.definitionId = '' $this.valueJson = '' $this.value = $null } # Parameterized constructor EmDMIntegerSettingInstance ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.definitionId = $policy.definitionId $this.valueJson = $policy.valueJson $this.value = $policy.value } # Overriding the ToString method [string] ToString() { return "Class: EmDMIntegerSettingInstance" } } #EndRegion '.\Classes\DeviceManagement\EmDMIntegerSettingInstance.ps1' 41 #Region '.\Classes\DeviceManagement\EmDMIntent.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceintent-devicemanagementintent?view=graph-rest-beta#json-representation { "@odata.type": "#microsoft.graph.deviceManagementIntent", "id": "String (identifier)", "displayName": "String", "description": "String", "isAssigned": true, "isMigratingToConfigurationPolicy": true, "lastModifiedDateTime": "String (timestamp)", "templateId": "String", "roleScopeTagIds": [ "String" ] } # Endpoint Security Policy # Get-EndpointSecurityPolicy #> class EmDMIntent { [string]${@odata.type} [string]$id [string]$displayName [string]$description [bool]$isAssigned [bool]$isMigratingToConfigurationPolicy [string]$lastModifiedDateTime [string]$templateId [object[]]$roleScopeTagIds EmDMIntent ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.displayName = $policy.displayName $this.description = $policy.description $this.isAssigned = $policy.isAssigned $this.isMigratingToConfigurationPolicy = $policy.isMigratingToConfigurationPolicy $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.templateId = $policy.templateId $this.roleScopeTagIds = $policy.roleScopeTagIds } } #EndRegion '.\Classes\DeviceManagement\EmDMIntent.ps1' 41 #Region '.\Classes\DeviceManagement\EmDMIntentInstance.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/intune-deviceintent-devicemanagementtemplate-createinstance?view=graph-rest-beta#request { "displayName": "Display Name value", "description": "Description value", "settingsDelta": [ { "@odata.type": "#microsoft.graph.deviceManagementSettingInstance", "id": "d68168e1-68e1-d681-e168-81d6e16881d6", "definitionId": "Definition Id value", "valueJson": "Value Json value" } ], "roleScopeTagIds": [ "Role Scope Tag Ids value" ] } #> class EmDMIntentInstance { [string]$displayName [string]$description [object[]]$roleScopeTagIds [object[]]$settingsDelta # Default constructor EmDMIntentInstance() { $this.displayName = '' $this.description = '' $this.roleScopeTagIds = @() $this.settingsDelta = @() } # Parameterized constructor EmDMIntentInstance ($policy) { $this.displayName = $policy.displayName $this.description = $policy.description $this.roleScopeTagIds = $policy.roleScopeTagIds $this.settingsDelta = $policy.settingsDelta } # Overriding the ToString method [string] ToString() { return "Class: EmDMIntentInstance" } } #EndRegion '.\Classes\DeviceManagement\EmDMIntentInstance.ps1' 46 #Region '.\Classes\DeviceManagement\EmDMIntentInstanceCustom.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/intune-deviceintent-devicemanagementtemplate-createinstance?view=graph-rest-beta#request { "displayName": "Display Name value", "description": "Description value", "settingsDelta": [ { "@odata.type": "#microsoft.graph.deviceManagementSettingInstance", "id": "d68168e1-68e1-d681-e168-81d6e16881d6", "definitionId": "Definition Id value", "valueJson": "Value Json value" } ], "roleScopeTagIds": [ "Role Scope Tag Ids value" ] } #> class EmDManagementIntentInstanceCustom { [string]$displayName [string]$description [object[]]$roleScopeTagIds [string]$TemplateDisplayName [string]$TemplateId [object[]]$settingsDelta # Default constructor EmDManagementIntentInstanceCustom() { $this.displayName = "" $this.description = "" $this.roleScopeTagIds = @() $this.TemplateDisplayName = "" $this.TemplateId = "" $this.settingsDelta = @() } # Constructor with parameters EmDManagementIntentInstanceCustom ($policy) { $this.displayName = $policy.displayName $this.description = $policy.description $this.roleScopeTagIds = $policy.roleScopeTagIds $this.TemplateDisplayName = $Policy.TemplateDisplayName $this.TemplateId = $policy.templateId $this.settingsDelta = $policy.settingsDelta } # Overriding the ToString method [string] ToString() { return "Policy Name: $($this.displayName), Description: $($this.description)" } } #EndRegion '.\Classes\DeviceManagement\EmDMIntentInstanceCustom.ps1' 50 #Region '.\Classes\DeviceManagement\EmDMSettingInstance.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceintent-devicemanagementsettinginstance?view=graph-rest-beta#json-representation # Can be one of the following types: # #microsoft.graph.deviceManagementBooleanSettingInstance # #microsoft.graph.deviceManagementIntegerSettingInstance # #microsoft.graph.deviceManagementStringSettingInstance { "@odata.type": "#microsoft.graph.deviceManagementSettingInstance", "id": "String (identifier)", "definitionId": "String", "valueJson": "String" } # EmDeviceEndpointSecurityTemplateSettingCategory # Get-EndpointSecurityCategorySetting #> class EmDMSettingInstance { [string]$value [string]$valueJson [string]$definitionId [string]${@odata.type} [string]$id # Default constructor EmDMSettingInstance() { $this.value = '' $this.valueJson = '' $this.definitionId = '' $this."@odata.type" = '' $this.id = '' } # Parameterized constructor EmDMSettingInstance ($policy) { $this.value = $policy.value $this.valueJson = $policy.valueJson $this.definitionId = $policy.definitionId $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id } # Overriding the ToString method [string] ToString() { return "Class: EmDMSettingInstance" } } #EndRegion '.\Classes\DeviceManagement\EmDMSettingInstance.ps1' 43 #Region '.\Classes\DeviceManagement\EmDMStringSettingInstance.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceintent-devicemanagementstringsettinginstance?view=graph-rest-beta#json-representation { "@odata.type": "#microsoft.graph.deviceManagementStringSettingInstance", "id": "String (identifier)", "definitionId": "String", "valueJson": "String", "value": "String" } #> class EmDMStringSettingInstance { [string]${@odata.type} [string]$id [string]$definitionId [string]$valueJson [string]$value # Default constructor EmDMStringSettingInstance() { $this."@odata.type" = '' $this.id = '' $this.definitionId = '' $this.valueJson = '' $this.value = '' } # Parameterized constructor EmDMStringSettingInstance ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.definitionId = $policy.definitionId $this.valueJson = $policy.valueJson $this.value = $policy.value } # Overriding the ToString method [string] ToString() { return "Class: EmDMStringSettingInstance" } } #EndRegion '.\Classes\DeviceManagement\EmDMStringSettingInstance.ps1' 38 #Region '.\Classes\DeviceManagement\EmDMTemplate.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/intune-deviceintent-devicemanagementtemplate-create?view=graph-rest-beta#request { "@odata.type": "#microsoft.graph.deviceManagementTemplate", "id": "edd764ca-64ca-edd7-ca64-d7edca64d7ed", "displayName": "Display Name value", "description": "Description value", "versionInfo": "Version Info value", "isDeprecated": true, "intentCount": 11, "templateType": "specializedDevices", "platformType": "androidForWork", "templateSubtype": "firewall", "publishedDateTime": "2016-12-31T23:58:16.1180489-08:00" } # EmDeviceEndpointSecurityTemplate # Get-EmEndpointSecurityTemplate #> class EmDMTemplate { [string]${@odata.type} [string]$id [string]$displayName [string]$description [string]$versionInfo [bool]$isDeprecated [object]$intentCount [string]$templateType [string]$platformType [string]$templateSubtype [datetime]$publishedDateTime EmDMTemplate ($policy) { $this."@odata.type" = $policy."@odata.type" $this.id = $policy.id $this.displayName = $policy.displayName $this.description = $policy.description $this.versionInfo = $policy.versionInfo $this.isDeprecated = $policy.isDeprecated $this.intentCount = $policy.intentCount $this.templateType = $policy.templateType $this.platformType = $policy.platformType $this.templateSubtype = $policy.templateSubtype $this.publishedDateTime = $policy.publishedDateTime } } #EndRegion '.\Classes\DeviceManagement\EmDMTemplate.ps1' 45 #Region '.\Classes\DeviceManagement\EmDMTemplateSettingCategory.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceintent-devicemanagementtemplatesettingcategory?view=graph-rest-beta#json-representation # Json representation does not accurately represent the output as there is no "@odata.type" property. $policy = [PSCustomObject]@{ displayName = "Test Policy" description = "Test Description" settingsDelta = @() roleScopeTagIds = @() } $instance = [EmDeviceManagementTemplateSettingCategory]::new($policy) # JSON: { "id": "String (identifier)", "displayName": "String", "hasRequiredSetting": true } #> class EmDMTemplateSettingCategory { [string]$id [string]$displayName [bool]$hasRequiredSetting # Default constructor EmDMTemplateSettingCategory() { $this.id = '' $this.displayName = '' $this.hasRequiredSetting = $false } # Parameterized constructor EmDMTemplateSettingCategory ($policy) { $this.id = $policy.id $this.displayName = $policy.displayName $this.hasRequiredSetting = $policy.hasRequiredSetting } # Overriding the ToString method [string] ToString() { return "Class: EmDMTemplateSettingCategory" } } #EndRegion '.\Classes\DeviceManagement\EmDMTemplateSettingCategory.ps1' 39 #Region '.\Classes\SettingsCatalog\EmConfigurationPolicy.ps1' -1 <# # https://learn.microsoft.com/en-us/graph/api/intune-deviceconfigv2-devicemanagementconfigurationpolicy-create?view=graph-rest-beta#response-1 # Omitting "@odata.type" { "@odata.type": "#microsoft.graph.deviceManagementConfigurationPolicy", "id": "3ffd7cd0-7cd0-3ffd-d07c-fd3fd07cfd3f", "name": "Name value", "description": "Description value", "platforms": "android", "technologies": "mdm", "createdDateTime": "2017-01-01T00:02:43.5775965-08:00", "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00", "settingCount": 12, "creationSource": "Creation Source value", "roleScopeTagIds": [ "Role Scope Tag Ids value" ], "isAssigned": true, "templateReference": { "@odata.type": "microsoft.graph.deviceManagementConfigurationPolicyTemplateReference", "templateId": "Template Id value", "templateFamily": "endpointSecurityAntivirus", "templateDisplayName": "Template Display Name value", "templateDisplayVersion": "Template Display Version value" }, "priorityMetaData": { "@odata.type": "microsoft.graph.deviceManagementPriorityMetaData", "priority": 8 } } #> class EmConfigurationPolicy { [string]$id [string]$name [string]$description [string]$platforms [string]$technologies [datetime]$createdDateTime [datetime]$lastModifiedDateTime [object]$settingCount [string]$creationSource [object[]]$roleScopeTagIds [psobject]$templateReference [psobject]$priorityMetaData # Default constructor EmConfigurationPolicy() { $this.id = '' $this.name = '' $this.description = '' $this.platforms = '' $this.technologies = '' $this.createdDateTime = [datetime]::MinValue $this.lastModifiedDateTime = [datetime]::MinValue $this.settingCount = $null $this.creationSource = '' $this.roleScopeTagIds = @() $this.templateReference = $null $this.priorityMetaData = $null } # Parameterized constructor EmConfigurationPolicy ($policy) { $this.id = $policy.id $this.name = $policy.name $this.description = $policy.description $this.platforms = $policy.platforms $this.technologies = $policy.technologies $this.createdDateTime = $policy.createdDateTime $this.lastModifiedDateTime = $policy.lastModifiedDateTime $this.settingCount = $policy.settingCount $this.creationSource = $policy.creationSource $this.roleScopeTagIds = $policy.roleScopeTagIds $this.templateReference = $policy.templateReference $this.priorityMetaData = $policy.priorityMetaData } # Overriding the ToString method [string] ToString() { return "Class: EmConfigurationPolicy" } } #EndRegion '.\Classes\SettingsCatalog\EmConfigurationPolicy.ps1' 80 #Region '.\Classes\SettingsCatalog\EmConfigurationPolicyExport.ps1' -1 <# # Custom Setting Catalog Policy class # Custom Output object to allow for easy import #> class EmConfigurationPolicyExport { [string]$name [string]$description [string]$platforms [string]$technologies [psobject]$templateReference [object[]]$settings # Default constructor EmConfigurationPolicyExport() { $this.name = '' $this.description = '' $this.platforms = '' $this.technologies = '' $this.templateReference = $null $this.settings = @() } # Parameterized constructor EmConfigurationPolicyExport ($policy) { $this.name = $policy.name $this.description = $policy.description $this.platforms = $policy.platforms $this.technologies = $policy.technologies $this.templateReference = $policy.templateReference $this.settings = $policy.settings } # Overriding the ToString method [string] ToString() { return "Class: EmConfigurationPolicyExport" } } #EndRegion '.\Classes\SettingsCatalog\EmConfigurationPolicyExport.ps1' 35 #Region '.\Classes\SettingsCatalog\EmConfigurationPolicySettingDefinitionsExpanded.ps1' -1 <# # $Resource = "deviceManagement/configurationPolicies('$policyId')/settings?`$expand=settingDefinitions" # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfigv2-devicemanagementconfigurationsetting?view=graph-rest-beta#json-representation #> class EmConfigurationPolicySettingDefinitionsExpanded { [string]$id [psobject]$settingInstance [object[]]$settingDefinitions # Default constructor EmConfigurationPolicySettingDefinitionsExpanded() { $this.id = '' $this.settingInstance = @() $this.settingDefinitions = @() } # Parameterized constructor EmConfigurationPolicySettingDefinitionsExpanded ($policy) { $this.id = $policy.id $this.settingInstance = $policy.settingInstance $this.settingDefinitions = $policy.settingDefinitions } # Overriding the ToString method [string] ToString() { return "Class: EmConfigurationPolicySettingDefinitionsExpanded" } } #EndRegion '.\Classes\SettingsCatalog\EmConfigurationPolicySettingDefinitionsExpanded.ps1' 26 #Region '.\Private\Add\Add-EmMdmAppConfiguration.ps1' -1 <# .SYNOPSIS Adds an MDM App Configuration to Microsoft Graph API. .DESCRIPTION This function sends a POST request to the Microsoft Graph API to add a new MDM App Configuration. The JSON configuration object is converted to JSON format and sent to the specified API endpoint. .PARAMETER JSON The JSON object representing the MDM App Configuration to be added. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object The response object from the Microsoft Graph API. .EXAMPLE $jsonConfig = @{ "@odata.type" = "#microsoft.graph.androidManagedAppProtection" displayName = "App Protection Policy" description = "A sample app protection policy" ... } Add-EmMdmAppConfiguration -JSON $jsonConfig -graphApiVersion "v1.0" This example adds a new MDM App Configuration using the provided JSON configuration object and the v1.0 API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Add-EmMdmAppConfiguration { [cmdletBinding()] param ( [Parameter(Mandatory = $true)] [object]$JSON, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $JSON = $JSON | ConvertTo-Json -Depth 10 $Resource = "deviceAppManagement/managedAppPolicies" $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" try { $response = Invoke-MgGraphRequest -Uri $uri -Method Post -Body $JSON -ContentType "application/json" Write-Verbose "Configuration Policy added successfully." -Verbose return $response } catch { throw "An error occurred while adding the Compliance Policy: `n$_" } } } #EndRegion '.\Private\Add\Add-EmMdmAppConfiguration.ps1' 53 #Region '.\Private\Add\Add-EmMdmAppProtection.ps1' -1 <# .SYNOPSIS Adds an MDM App Protection policy to Microsoft Graph API. .DESCRIPTION The Add-EmMdmAppProtection cmdlet sends a POST request to the Microsoft Graph API to add a new MDM App Protection policy. The JSON object representing the policy is converted to JSON format and sent to the specified API endpoint. .PARAMETER JSON The JSON object representing the MDM App Protection policy to be added. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object The response object from the Microsoft Graph API. .EXAMPLE $jsonPolicy = @{ "@odata.type" = "#microsoft.graph.iosManagedAppProtection" displayName = "App Protection Policy" description = "A sample app protection policy" ... } Add-EmMdmAppProtection -JSON $jsonPolicy -graphApiVersion "v1.0" This example adds a new MDM App Protection policy using the provided JSON object and the v1.0 API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Add-EmMdmAppProtection { [cmdletBinding()] param ( [Parameter(Mandatory = $true)] [object]$JSON, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $JSON = $JSON | ConvertTo-Json -Depth 10 $Resource = "deviceAppManagement/managedAppPolicies" $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" try { $response = Invoke-MgGraphRequest -Uri $uri -Method Post -Body $JSON -ContentType "application/json" Write-Verbose "App Protection Policy added successfully." -Verbose return $response } catch { throw "An error occurred while adding the Compliance Policy: `n$_" } } } #EndRegion '.\Private\Add\Add-EmMdmAppProtection.ps1' 47 #Region '.\Private\Add\Add-EmMdmCompliance.ps1' -1 <# .SYNOPSIS Adds an MDM Compliance policy to Microsoft Graph API. .DESCRIPTION The Add-EmMdmCompliance cmdlet sends a POST request to the Microsoft Graph API to add a new MDM Compliance policy. The JSON string representing the policy is sent to the specified API endpoint. .PARAMETER JSON The JSON string representing the MDM Compliance policy to be added. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object The response object from the Microsoft Graph API. .EXAMPLE $jsonPolicy = '{ "@odata.type": "#microsoft.graph.deviceCompliancePolicy", "displayName": "Compliance Policy", "description": "A sample compliance policy", ... }' Add-EmMdmCompliance -JSON $jsonPolicy -graphApiVersion "v1.0" This example adds a new MDM Compliance policy using the provided JSON string and the v1.0 API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Add-EmMdmCompliance { #[Alias("Add-EmDeviceCompliancePolicy")] [cmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$JSON, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $Resource = "deviceManagement/deviceCompliancePolicies" $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" try { $response = Invoke-MgGraphRequest -Uri $uri -Method Post -Body $JSON -ContentType "application/json" Write-Verbose "Compliance Policy added successfully." -Verbose return $response } catch { throw "An error occurred while adding the Compliance Policy: `n$_" } } } #EndRegion '.\Private\Add\Add-EmMdmCompliance.ps1' 47 #Region '.\Private\Add\Add-EmMdmConfiguration.ps1' -1 <# .SYNOPSIS Adds a device configuration policy to Microsoft Graph. .DESCRIPTION The Add-EmConfiguration function takes a configuration object of various types, converts it to JSON, and sends it to the Microsoft Graph API to add a device configuration policy. .PARAMETER Configuration The configuration object to be added. Valid types are: - CreateEmAndroidWorkProfileGeneralDeviceConfiguration - CreateEmAndroidWorkProfileVpnConfiguration - CreateEmIosupdateconfiguration - CreateEmMacOSCustomConfiguration - CreateEmMacOSDeviceFeaturesConfiguration - CreateEmMacOSEndpointProtectionConfiguration - CreateEmMacOSExtensionsConfiguration - CreateEmMacOSGeneralDeviceConfiguration - CreateEmMacOSSoftwareUpdateConfiguration - CreateEmWindows10CustomConfiguration - CreateEmWindows10EndpointProtectionConfiguration - CreateEmWindows10GeneralConfiguration - CreateEmWindows81SCEPCertificateProfile - CreateEmWindows81TrustedRootCertificate - CreateEmWindowsHealthMonitoringConfiguration - CreateEmWindowsUpdateForBusinessConfiguration .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". Default is "beta". .EXAMPLE $configuration = [CreateEmAndroidWorkProfileGeneralDeviceConfiguration]::new() Add-EmMdmConfiguration -Configuration $configuration .EXAMPLE $configuration = [CreateEmMacOSCustomConfiguration]::new() Add-EmMdmConfiguration -Configuration $configuration -graphApiVersion "v1.0" #> function Add-EmMdmConfiguration { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [ValidateScript({ $_ -is [CreateEmAndroidWorkProfileGeneralDeviceConfiguration] -or $_ -is [CreateEmAndroidWorkProfileVpnConfiguration] -or $_ -is [CreateEmIosUpdateConfiguration] -or $_ -is [CreateEmMacOSCustomConfiguration] -or $_ -is [CreateEmMacOSDeviceFeaturesConfiguration] -or $_ -is [CreateEmMacOSEndpointProtectionConfiguration] -or $_ -is [CreateEmMacOSExtensionsConfiguration] -or $_ -is [CreateEmMacOSGeneralDeviceConfiguration] -or $_ -is [CreateEmMacOSSoftwareUpdateConfiguration] -or $_ -is [CreateEmWindows10CustomConfiguration] -or $_ -is [CreateEmWindows10EndpointProtectionConfiguration] -or $_ -is [CreateEmWindows10GeneralConfiguration] -or $_ -is [CreateEmWindows81SCEPCertificateProfile] -or $_ -is [CreateEmWindows81TrustedRootCertificate] -or $_ -is [CreateEmWindowsHealthMonitoringConfiguration] -or $_ -is [CreateEmWindowsUpdateForBusinessConfiguration] })] [object]$Configuration, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $JSON = $Configuration | ConvertTo-Json -Depth 10 $Resource = "deviceManagement/deviceConfigurations" $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" try { $response = Invoke-MgGraphRequest -Uri $uri -Method Post -Body $JSON -ContentType "application/json" Write-Verbose "Device Configuration Policy added successfully." -Verbose return $response } catch { throw $_ } } } #EndRegion '.\Private\Add\Add-EmMdmConfiguration.ps1' 80 #Region '.\Private\Add\Add-EmMdmEndpointSecurity.ps1' -1 <# .SYNOPSIS Adds a new Endpoint Security Policy using the provided JSON and Template ID. .DESCRIPTION This function creates a new instance of an Endpoint Security Policy in Microsoft Intune using the provided JSON configuration and Template ID. .PARAMETER TemplateId The ID of the template to use for creating the Endpoint Security Policy. .PARAMETER JSON The JSON string representing the Endpoint Security Policy configuration. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .OUTPUTS None .EXAMPLE Add-EmMdmEndpointSecurity -TemplateId "template-id" -JSON $jsonString .NOTES Author: DrIOSX Date: 07/21/2024 #> function Add-EmMdmEndpointSecurity { #[Alias("Add-EmDeviceEndpointSecurityPolicy")] [cmdletBinding()] [OutputType([void])] param ( [Parameter(Mandatory = $true)] [string]$TemplateId, [Parameter(Mandatory = $true)] [string]$JSON, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $ESP_resource = "deviceManagement/templates/$TemplateId/createInstance" Write-Verbose "Resource: $ESP_resource" try { #$JSON = $JSON | ConvertTo-Json -Depth 10 $uri = "https://graph.microsoft.com/$graphApiVersion/$($ESP_resource)" return Invoke-MgGraphRequest -Uri $uri -Method POST -Body $JSON -ContentType "application/json" Write-Verbose "Endpoint Security Policy added successfully." -Verbose } catch { throw "An error occurred while adding the Endpoint Security Policy: `n$_" } } } #EndRegion '.\Private\Add\Add-EmMdmEndpointSecurity.ps1' 46 #Region '.\Private\Add\Add-EmMdmSettingsCatalog.ps1' -1 <# .SYNOPSIS Adds an MDM Settings Catalog policy to Microsoft Graph API. .DESCRIPTION The Add-EmMdmSettingsCatalog cmdlet sends a POST request to the Microsoft Graph API to add a new MDM Settings Catalog policy. The policy object is converted to JSON format and sent to the specified API endpoint. The cmdlet also validates the JSON format before sending the request. .PARAMETER PolicyObject The policy object representing the MDM Settings Catalog policy to be added. This parameter is mandatory and must be of type [EmConfigurationPolicyExport]. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object The response object from the Microsoft Graph API. .EXAMPLE $policyObject = New-EmConfigurationPolicyExport -Name "Settings Catalog Policy" -Description "A sample settings catalog policy" -Settings @{} Add-EmMdmSettingsCatalog -PolicyObject $policyObject -graphApiVersion "v1.0" This example adds a new MDM Settings Catalog policy using the provided policy object and the v1.0 API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Add-EmMdmSettingsCatalog { #[Alias("Add-SettingsCatalogPolicy")] [cmdletBinding()] param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [EmConfigurationPolicyExport]$PolicyObject, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) $Resource = "deviceManagement/configurationPolicies" # Convert the policy object to JSON $JSON = $PolicyObject | ConvertTo-Json -Depth 20 # Validate the JSON format if (-not (Test-IntuneJSON -JSON $JSON)) { Write-Verbose "Invalid JSON format. Exiting..." -Verbose return } $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" try { $response = Invoke-MgGraphRequest -Uri $uri -Method Post -Body $JSON -ContentType "application/json" Write-Verbose "Settings Catalog Policy added successfully." -Verbose return $response } catch { throw $_ } } #EndRegion '.\Private\Add\Add-EmMdmSettingsCatalog.ps1' 48 #Region '.\Private\Backup\Backup-EmMdmPolicy.ps1' -1 <# .SYNOPSIS Backs up MDM policies to a specified export path. .DESCRIPTION The Backup-EmMdmPolicy cmdlet backs up MDM policies to the specified export path. It iterates over the provided policies, exports each one to the specified directory as JSON files, and supports optional alternative naming conventions. .PARAMETER ExportPath The directory path where the MDM policies will be exported. This parameter is mandatory. .PARAMETER Policy An array of policy objects to be backed up. This parameter is mandatory. .PARAMETER PolicyType The type of policy being backed up (e.g., "Configuration", "Compliance"). This parameter is mandatory. .PARAMETER AltName A switch to use an alternative naming convention for the policy files. If set, the policy files will be named based on the "displayName" property instead of the default "name" property. .OUTPUTS None. This cmdlet does not output any objects. .EXAMPLE $policies = Get-MdmPolicies -Type "Configuration" Backup-EmMdmPolicy -ExportPath "C:\Backup\MDMPolicies" -Policy $policies -PolicyType "Configuration" This example backs up MDM configuration policies to the specified directory "C:\Backup\MDMPolicies". .EXAMPLE $policies = Get-MdmPolicies -Type "Compliance" Backup-EmMdmPolicy -ExportPath "C:\Backup\MDMPolicies" -Policy $policies -PolicyType "Compliance" -AltName This example backs up MDM compliance policies to the specified directory "C:\Backup\MDMPolicies" using the alternative naming convention based on "displayName". .NOTES Author: DrIOSX Date: 07/21/2024 #> function Backup-EmMdmPolicy { [CmdletBinding()] param ( [Parameter(Mandatory = $true)] [string]$ExportPath, [Parameter(Mandatory = $true)] [object[]]$Policy, [Parameter(Mandatory = $true)] [string]$PolicyType, [switch]$AltName ) switch ($AltName) { $true { $Name = "displayName" } Default {$Name = "name"} } foreach ($Pol in $Policy) { Write-Verbose "Backing up $PolicyType Policy: $($Pol."$($Name)")" -Verbose Export-JSONData -Policy $Pol -ExportPath "$ExportPath" -AltName:$AltName Write-Information "`n" -InformationAction Continue } } #EndRegion '.\Private\Backup\Backup-EmMdmPolicy.ps1' 49 #Region '.\Private\Connect\Connect-EmMdmGraph.ps1' -1 <# .SYNOPSIS Connects to Microsoft Graph API using various authentication methods. .DESCRIPTION The Connect-EmMdmGraph cmdlet connects to the Microsoft Graph API using the specified scopes and an optional authentication object. It supports multiple authentication methods, including Client Secret, Certificate Thumbprint, Certificate Name, Managed Identity, Access Token, Environment Variables, and X509 Certificate. .PARAMETER Scopes The scopes required for the Microsoft Graph API connection. This parameter is mandatory. .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. This parameter is optional. .OUTPUTS System.Boolean Returns $true if the connection is successful. .EXAMPLE $scopes = @("User.Read.All", "Group.Read.All") $authObject = Get-EmMdmGraphAuth -ClientSecretId "your-client-id" -ClientSecretTenantId "your-tenant-id" -ClientSecretValue "your-client-secret" Connect-EmMdmGraph -Scopes $scopes -AuthObject $authObject This example connects to Microsoft Graph using the specified scopes and a Client Secret authentication object. .EXAMPLE $scopes = @("User.Read.All", "Group.Read.All") Connect-EmMdmGraph -Scopes $scopes This example connects to Microsoft Graph using the specified scopes without providing an authentication object, assuming the context is already established. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Connect-EmMdmGraph { param ( [Parameter(Mandatory = $true)] [string[]]$Scopes, [Parameter(Mandatory = $false)] [EmMdmAuthBase]$AuthObject ) Write-Verbose "Connecting to MgGraph..." -Verbose try { Import-Module Microsoft.Graph.Authentication if ($AuthObject) { switch ($AuthObject.GetType().Name) { "EmMdmAuthClientSecret" { Connect-MgGraph -ClientId $AuthObject.ClientSecretId -TenantId $AuthObject.ClientSecretTenantId -ClientSecret $AuthObject.ClientSecretValue -Scopes $Scopes | Out-Null } "EmMdmAuthCertificateThumbprint" { Connect-MgGraph -ClientId $AuthObject.CertificateThumbprintClientId -TenantId $AuthObject.CertificateThumbprintTenantId -CertificateThumbprint $AuthObject.CertificateThumbprint -Scopes $Scopes | Out-Null } "EmMdmAuthCertificateName" { Connect-MgGraph -ClientId $AuthObject.CertificateNameClientId -TenantId $AuthObject.CertificateNameTenantId -CertificateName $AuthObject.CertificateName -Scopes $Scopes | Out-Null } "EmMdmAuthManagedIdentity" { Connect-MgGraph -Identity -Scopes $Scopes | Out-Null } "EmMdmAuthAccessToken" { Connect-MgGraph -AccessToken $AuthObject.AccessToken -Scopes $Scopes | Out-Null } "EmMdmAuthEnvironmentVariable" { Connect-MgGraph -EnvironmentVariable -Scopes $Scopes | Out-Null } "EmMdmAuthX509Certificate" { Connect-MgGraph -ClientId $AuthObject.ClientId -CertificateSubjectName $AuthObject.CertificateSubjectName -CertificateThumbprint $AuthObject.CertificateThumbprint -Certificate $AuthObject.Certificate -TenantId $AuthObject.TenantId -Scopes $Scopes | Out-Null } } } else { $context = Get-MgContext if ($null -ne $context -and $context.Scopes -contains $Scopes) { Write-Verbose "Using existing MgGraph connection context." -Verbose } else { Connect-MgGraph -Scopes $Scopes | Out-Null } } } catch { throw "An error occurred while connecting to MgGraph: `n$_" } return $true } #EndRegion '.\Private\Connect\Connect-EmMdmGraph.ps1' 73 #Region '.\Private\ConvertTo\ConvertTo-FlatObject.ps1' -1 <# .SYNOPSIS Flattens a nested object into a single level object. .DESCRIPTION Flattens a nested object into a single level object. .PARAMETER Objects The object (or objects) to be flatten. .PARAMETER Separator The separator used between the recursive property names .PARAMETER Base The first index name of an embedded array: - 1, arrays will be 1 based: <Parent>.1, <Parent>.2, <Parent>.3, … - 0, arrays will be 0 based: <Parent>.0, <Parent>.1, <Parent>.2, … - "", the first item in an array will be unnamed and than followed with 1: <Parent>, <Parent>.1, <Parent>.2, … .PARAMETER Depth The maximal depth of flattening a recursive property. Any negative value will result in an unlimited depth and could cause a infinitive loop. .PARAMETER Uncut The maximal depth of flattening a recursive property. Any negative value will result in an unlimited depth and could cause a infinitive loop. .PARAMETER ExcludeProperty The property to be excluded from the output. .Parameter Path The current path of the object. .Parameter OutputObject The output object you're working with. .EXAMPLE $Object3 | ConvertTo-FlatObject .NOTES Based on https://github.com/EvotecIT/PSSharedGoods/blob/master/License #> function ConvertTo-FlatObject { [CmdletBinding()] Param ( [Parameter(ValueFromPipeLine)][Object[]]$Objects, [String]$Separator = ".", [ValidateSet("", 0, 1)]$Base = 1, [int]$Depth = 5, [string[]] $ExcludeProperty, [Parameter(DontShow)][String[]]$Path, [Parameter(DontShow)][System.Collections.IDictionary] $OutputObject ) Begin { $InputObjects = [System.Collections.Generic.List[Object]]::new() } Process { foreach ($O in $Objects) { if ($null -ne $O) { $InputObjects.Add($O) } } } End { If ($PSBoundParameters.ContainsKey("OutputObject")) { $Object = $InputObjects[0] $Iterate = [ordered] @{} if ($null -eq $Object) { #Write-Verbose -Message "ConvertTo-FlatObject - Object is null" } elseif ($Object.GetType().Name -in 'String', 'DateTime', 'TimeSpan', 'Version', 'Enum') { $Object = $Object.ToString() } elseif ($Depth) { $Depth-- If ($Object -is [System.Collections.IDictionary]) { $Iterate = $Object } elseif ($Object -is [Array] -or $Object -is [System.Collections.IEnumerable]) { $i = $Base foreach ($Item in $Object.GetEnumerator()) { $NewObject = [ordered] @{} If ($Item -is [System.Collections.IDictionary]) { foreach ($Key in $Item.Keys) { if ($Key -notin $ExcludeProperty) { $NewObject[$Key] = $Item[$Key] } } } elseif ($Item -isnot [Array] -and $Item -isnot [System.Collections.IEnumerable]) { foreach ($Prop in $Item.PSObject.Properties) { if ($Prop.IsGettable -and $Prop.Name -notin $ExcludeProperty) { $NewObject["$($Prop.Name)"] = $Item.$($Prop.Name) } } } else { $NewObject = $Item } $Iterate["$i"] = $NewObject $i += 1 } } else { foreach ($Prop in $Object.PSObject.Properties) { if ($Prop.IsGettable -and $Prop.Name -notin $ExcludeProperty) { $Iterate["$($Prop.Name)"] = $Object.$($Prop.Name) } } } } If ($Iterate.Keys.Count) { foreach ($Key in $Iterate.Keys) { if ($Key -notin $ExcludeProperty) { ConvertTo-FlatObject -Objects @(, $Iterate["$Key"]) -Separator $Separator -Base $Base -Depth $Depth -Path ($Path + $Key) -OutputObject $OutputObject -ExcludeProperty $ExcludeProperty } } } else { $Property = $Path -Join $Separator if ($Property) { # We only care if property is not empty if ($Object -is [System.Collections.IDictionary] -and $Object.Keys.Count -eq 0) { $OutputObject[$Property] = $null } else { $OutputObject[$Property] = $Object } } } } elseif ($InputObjects.Count -gt 0) { foreach ($ItemObject in $InputObjects) { $OutputObject = [ordered]@{} ConvertTo-FlatObject -Objects @(, $ItemObject) -Separator $Separator -Base $Base -Depth $Depth -Path $Path -OutputObject $OutputObject -ExcludeProperty $ExcludeProperty [PSCustomObject] $OutputObject } } } } #EndRegion '.\Private\ConvertTo\ConvertTo-FlatObject.ps1' 119 #Region '.\Private\Export\Export-JSONData.ps1' -1 <# .SYNOPSIS Exports JSON data to a specified path. .DESCRIPTION This function exports the provided JSON data to a specified path. This is a private function and is not exported by the module. .EXAMPLE Export-JSONData -Policy $Policy -ExportPath 'C:\Export' .PARAMETER JSON The JSON data to be exported. .PARAMETER ExportPath The path where the JSON file will be exported. .PARAMETER Depth The depth of the JSON data. .PARAMETER AltName Specifies whether to use the name or displayName property. .PARAMETER ExportType The type of export to perform. The default is All. .PARAMETER Policy The JSON data to be exported. .NOTES This function is intended for internal use within the module. #> function Export-JSONData { [cmdletBinding()] [OutputType([void])] param ( [Parameter(Mandatory = $true)] [object[]]$Policy, [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [string]$ExportPath, [int]$Depth = 100, [switch]$AltName, [Parameter()] [ValidateSet("JSON", "CSV", "All")] [string]$ExportType = "All" ) process { if ($AltName) { $name = "name" } else { $name = "displayName" } try { <# if ($Policy -eq "" -or $null -eq $Policy) { Write-Verbose "No JSON specified, please specify valid JSON..." } elseif (!$ExportPath) { Write-Verbose "No export path parameter set, please provide a path to export the file" } elseif (!(Test-Path $ExportPath)) { Write-Verbose "$ExportPath doesn't exist, can't export JSON Data" } #> $JSON1 = ConvertTo-Json $Policy -Depth $Depth $JSON_Convert = $JSON1 | ConvertFrom-Json -AsHashtable -NoEnumerate $displayName = $JSON_Convert.$name # Updating display name to follow file naming conventions $displayName = $displayName -replace '\<|\>|:|"|/|\\|\||\?|\*', "_" $FileName_CSV = "$DisplayName" + "_" + $(Get-Date -f dd-MM-yyyy-H-mm-ss) + ".csv" $FileName_JSON = "$displayName" + "_" + $(Get-Date -Format dd-MM-yyyy-H-mm-ss) + ".json" #$FileName_HTML = "$displayName" + "_" + $(Get-Date -Format dd-MM-yyyy-H-mm-ss) + ".html" $Object = ($JSON1 | ConvertFrom-Json | ConvertTo-FlatObject -Depth 100 | ConvertTo-Json | ConvertFrom-Json -AsHashtable).GetEnumerator() | Select-Object -Property Key, Value $FileName_CSV = Get-ValidFileName -String $FileName_CSV $FileName_JSON = Get-ValidFileName -String $FileName_JSON #$FileName_HTML = Get-ValidFileName -String $FileName_HTML $JSONPATH = "$( Join-Path -Path $ExportPath -ChildPath $FileName_JSON)" Write-Information "Export Path: $ExportPath" -InformationAction Continue switch ($ExportType) { 'CSV' { $Object | Export-Csv -LiteralPath "$( Join-Path -Path $ExportPath -ChildPath $FileName_CSV)" -Delimiter "," -NoTypeInformation -Append -Force Write-Verbose "CSV created in $ExportPath\$FileName_CSV..." -Verbose } 'JSON' { $JSON1 | Set-Content -LiteralPath "$JSONPATH" Write-Verbose "JSON created in $ExportPath\$FileName_JSON..." -Verbose } #'HTML' { # ConvertTo-EmMgJsonEditorHtml -JsonFilePath $JSONPATH -OutputHtmlFilePath "$( Join-Path -Path $ExportPath -ChildPath $FileName_HTML)" # Write-Verbose "HTML created in $ExportPath\$FileName_HTML..." -Verbose #} Default { $Object | Export-Csv -LiteralPath "$( Join-Path -Path $ExportPath -ChildPath $FileName_CSV)" -Delimiter "," -NoTypeInformation -Append -Force Write-Verbose "CSV created in $ExportPath\$FileName_CSV..." -Verbose $JSON1 | Set-Content -LiteralPath "$JSONPATH" Write-Verbose "JSON created in $ExportPath\$FileName_JSON..." -Verbose #ConvertTo-EmMgJsonEditorHtml -JsonFilePath $JSONPATH -OutputHtmlFilePath "$( Join-Path -Path $ExportPath -ChildPath $FileName_HTML)" #Write-Verbose "HTML created in $ExportPath\$FileName_HTML..." -Verbose } } } catch { throw $_ } } } #EndRegion '.\Private\Export\Export-JSONData.ps1' 99 #Region '.\Private\Get\Mdm\Get-EmMdmAppConfigurationAPI.ps1' -1 <# .SYNOPSIS Retrieves MDM App Configuration policies from Microsoft Graph API. .DESCRIPTION The Get-EmMdmAppConfigurationAPI cmdlet sends a GET request to the Microsoft Graph API to retrieve MDM App Configuration policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and returns the policies of type 'targetedManagedAppConfiguration'. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object[] Returns an array of MDM App Configuration policy objects of type 'targetedManagedAppConfiguration'. .EXAMPLE Get-EmMdmAppConfigurationAPI -graphApiVersion $graphApiVersion This example retrieves MDM App Configuration policies using the v1.0 API version. .EXAMPLE Get-EmMdmAppConfigurationAPI This example retrieves MDM App Configuration policies using the default beta API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EmMdmAppConfigurationAPI { [cmdletBinding()] param ( [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { <# #microsoft.graph.iosManagedAppProtection #microsoft.graph.targetedManagedAppConfiguration #microsoft.graph.androidManagedAppProtection #microsoft.graph.mdmWindowsInformationProtectionPolicy #> $Resource = "deviceAppManagement/managedAppPolicies" $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" try { $response = Invoke-MgGraphRequest -Uri $uri -Method GET $objects = $response.value | Where-Object { $_."@odata.type" -eq "#microsoft.graph.targetedManagedAppConfiguration" } | ` ForEach-Object { [GetEmMdmTargetedManagedAppConfiguration]::new($_) } Write-Verbose "App Configuration Policies retrieved successfully." -Verbose return $objects } catch { throw "An error occurred while getting the Compliance policies: `n$_" } } } #EndRegion '.\Private\Get\Mdm\Get-EmMdmAppConfigurationAPI.ps1' 48 #Region '.\Private\Get\Mdm\Get-EmMdmAppProtectionAPI.ps1' -1 <# .SYNOPSIS Retrieves MDM App Protection policies from Microsoft Graph API. .DESCRIPTION The Get-EmMdmAppProtectionAPI cmdlet sends a GET request to the Microsoft Graph API to retrieve MDM App Protection policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and returns the policies of various types excluding 'targetedManagedAppConfiguration'. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object[] Returns an array of MDM App Protection policy objects. .EXAMPLE Get-EmMdmAppProtectionAPI -graphApiVersion "v1.0" This example retrieves MDM App Protection policies using the v1.0 API version. .EXAMPLE Get-EmMdmAppProtectionAPI This example retrieves MDM App Protection policies using the default beta API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EmMdmAppProtectionAPI { [cmdletBinding()] param ( [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { <# #microsoft.graph.iosManagedAppProtection #microsoft.graph.targetedManagedAppConfiguration #microsoft.graph.androidManagedAppProtection #microsoft.graph.mdmWindowsInformationProtectionPolicy #> $Resource = "deviceAppManagement/managedAppPolicies" $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" try { $response = Invoke-MgGraphRequest -Uri $uri -Method GET $objects = $response.value | Where-Object {$_."@odata.type" -ne "#microsoft.graph.targetedManagedAppConfiguration"} $createdObjects = @() # Cast each object to the appropriate class foreach ($object in $objects) { $type = $object."@odata.type" $newObject = switch ($type) { "#microsoft.graph.androidManagedAppProtection" { [GetEmMdmAndroidManagedAppProtection]::new($object) } "#microsoft.graph.iosManagedAppProtection" { [GetEmMdmIosManagedAppProtection]::new($object) } "#microsoft.graph.mdmWindowsInformationProtectionPolicy" { [GetEmMdmMdmWindowsInformationProtectionPolicy]::new($object) } "#microsoft.graph.windowsManagedAppProtection" { [GetEmMdmWindowsManagedAppProtection]::new($object) } default { $object } # If the type is not recognized, return the object as-is } $createdObjects += $newObject } return $createdObjects Write-Verbose "App Protection Policies retrieved successfully." -Verbose return $objects } catch { throw "An error occurred while getting the Compliance policies: `n$_" } } } #EndRegion '.\Private\Get\Mdm\Get-EmMdmAppProtectionAPI.ps1' 61 #Region '.\Private\Get\Mdm\Get-EmMdmComplianceAPI.ps1' -1 <# .SYNOPSIS Retrieves MDM Compliance policies from Microsoft Graph API. .DESCRIPTION The Get-EmMdmComplianceAPI cmdlet sends a GET request to the Microsoft Graph API to retrieve MDM Compliance policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and allows filtering by operating system. .PARAMETER OperatingSystem The operating system for which to retrieve compliance policies. Valid values are "android", "iOS", "Win10", "macos", and "all". The default value is "all". .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object[] Returns an array of MDM Compliance policy objects. .EXAMPLE Get-EmMdmComplianceAPI -OperatingSystem "iOS" -graphApiVersion "v1.0" This example retrieves iOS MDM Compliance policies using the v1.0 API version. .EXAMPLE Get-EmMdmComplianceAPI This example retrieves MDM Compliance policies for all operating systems using the default beta API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EmMdmComplianceAPI { [cmdletBinding()] param ( [Parameter(Mandatory = $false)] [ValidateSet("android", "iOS", "Win10", "macos", "all")] [string]$OperatingSystem = "all", [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $androidCompliancePolicies = @( "microsoft.graph.androidCompliancePolicy", "microsoft.graph.androidDeviceOwnerCompliancePolicy", "microsoft.graph.androidWorkProfileCompliancePolicy", "microsoft.graph.androidForWorkCompliancePolicy", "microsoft.graph.aospDeviceOwnerCompliancePolicy" ) $Resource = "deviceManagement/deviceCompliancePolicies" $Uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" $iosFilter = "?`$filter=isof('microsoft.graph.iosCompliancePolicy')" $win10Filter = "?`$filter=isof('microsoft.graph.windows10CompliancePolicy')" $macosFilter = "?`$filter=isof('microsoft.graph.macOSCompliancePolicy')" $filterUri = switch ($OperatingSystem) { 'android' { $filterParts = $androidCompliancePolicies | ForEach-Object { "isof('$_')" } $androidFilter = "?`$filter=" + ($filterParts -join " or ") $Uri + $androidFilter } 'iOS' { $Uri + $iosFilter } 'Win10' { $Uri + $win10Filter } 'macos' { $Uri + $macosFilter } 'all' { $Uri } } try { $response = Invoke-MgGraphRequest -Uri $filterUri -Method GET Write-Verbose "Compliance Policies retrieved successfully." $typeApi = switch ($graphApiVersion) { 'v1.0' { "v1" } Default { "Beta" } } $typedResponse = switch ($OperatingSystem) { 'android' { foreach ($policy in $response.Value) { switch ($_."@odata.type") { "#microsoft.graph.androidCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.androidDeviceOwnerCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidDeviceOwnerCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.androidWorkProfileCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidWorkProfileCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.androidForWorkCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidForWorkCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.aospDeviceOwnerCompliancePolicy" { New-Object -TypeName "GetEmMdmAospDeviceOwnerCompliancePolicy$($typeApi)" -ArgumentList $policy } Default { $policy } } } } 'iOS' { $response.Value | ForEach-Object { New-Object -TypeName "GetEmMdmCompliancePolicyiOS$($typeApi)" -ArgumentList $_ } } 'Win10' { $response.Value | ForEach-Object { New-Object -TypeName "GetEmMdmCompliancePolicyWindows10$($typeApi)" -ArgumentList $_ } } 'macos' { $response.Value | ForEach-Object { New-Object -TypeName "GetEmMdmCompliancePolicymacOS$($typeApi)" -ArgumentList $_ } } 'all' { # Get Android Policies $android = $response.Value | Where-Object { $_."@odata.type" -like "#microsoft.graph.android*" -or $_."@odata.type" -like "#microsoft.graph.aosp*"} $androidPolicies = foreach ($policy in $android) { switch ($_."@odata.type") { "#microsoft.graph.androidCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.androidDeviceOwnerCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidDeviceOwnerCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.androidWorkProfileCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidWorkProfileCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.androidForWorkCompliancePolicy" { New-Object -TypeName "GetEmMdmAndroidForWorkCompliancePolicy$($typeApi)" -ArgumentList $policy } "#microsoft.graph.aospDeviceOwnerCompliancePolicy" { New-Object -TypeName "GetEmMdmAospDeviceOwnerCompliancePolicy$($typeApi)" -ArgumentList $policy } Default { $policy } } } # Get iOS Policies $iosPolicies = $response.Value | Where-Object { $_."@odata.type" -eq "#microsoft.graph.iosCompliancePolicy" } | ` ForEach-Object { New-Object -TypeName "GetEmMdmCompliancePolicyiOS$($typeApi)" -ArgumentList $_ } # Get Win10 Policies $win10Policies = $response.Value | Where-Object { $_."@odata.type" -eq "#microsoft.graph.windows10CompliancePolicy" } | ` ForEach-Object { New-Object -TypeName "GetEmMdmCompliancePolicyWindows10$($typeApi)" -ArgumentList $_ } # Get macOS Policies $macosPolicies = $response.Value | Where-Object { $_."@odata.type" -eq "#microsoft.graph.macOSCompliancePolicy" } | ` ForEach-Object { New-Object -TypeName "GetEmMdmCompliancePolicymacOS$($typeApi)" -ArgumentList $_ } # Add all policies to the response $androidPolicies + $iosPolicies + $win10Policies + $macosPolicies } } return $typedResponse } catch { throw "An error occurred while getting the Compliance policies: `n$_" } } } #EndRegion '.\Private\Get\Mdm\Get-EmMdmComplianceAPI.ps1' 114 #Region '.\Private\Get\Mdm\Get-EMMdmConfigurationAPI.ps1' -1 <# .SYNOPSIS Retrieves MDM Configuration policies from Microsoft Graph API. .DESCRIPTION The Get-EMMdmConfigurationAPI cmdlet sends a GET request to the Microsoft Graph API to retrieve MDM Configuration policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and allows filtering by configuration type. .PARAMETER odataType The OData type for the configuration policies to retrieve. Valid values are "windows81", "macOSExtensions", "macOSCustom", "macOSDeviceFeatures", "macOSGeneral", "macOSSoftwareUpdate", "macOSEndpointProtection", "androidWorkProfileGeneral", "androidWorkProfileVpn", "windowsHealthMonitoring", "windows81SCEP", "windows10Custom", "windows10EndpointProtection", "windows10General", "softwareUpdates", and "all". The default value is "all". .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS System.Object[] Returns an array of MDM Configuration policy objects. .EXAMPLE Get-EMMdmConfigurationAPI -odataType "windows10General" -graphApiVersion "v1.0" This example retrieves Windows 10 General Configuration policies using the v1.0 API version. .EXAMPLE Get-EMMdmConfigurationAPI This example retrieves all MDM Configuration policies using the default beta API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EMMdmConfigurationAPI { [CmdletBinding()] param ( [Parameter( Mandatory = $false, Position = 0 )] [ValidateSet( "windows81", "macOSExtensions", "macOSCustom", "macOSDeviceFeatures", "macOSGeneral", "macOSSoftwareUpdate", "macOSEndpointProtection", "androidWorkProfileGeneral", "androidWorkProfileVpn", "windowsHealthMonitoring", "windows81SCEP", "windows10Custom", "windows10EndpointProtection", "windows10General", "softwareUpdates", "all" )] [string]$odataType = "all", [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $DCP_resource = "deviceManagement/deviceConfigurations" $excludeTypes = @( "microsoft.graph.iosUpdateConfiguration", "microsoft.graph.windowsUpdateForBusinessConfiguration", "microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration" ) $includeTypes = @{ "windows81" = "microsoft.graph.windows81TrustedRootCertificate" "macOSExtensions" = "microsoft.graph.macOSExtensionsConfiguration" "macOSCustom" = "microsoft.graph.macOSCustomConfiguration" "macOSDeviceFeatures" = "microsoft.graph.macOSDeviceFeaturesConfiguration" "macOSGeneral" = "microsoft.graph.macOSGeneralDeviceConfiguration" "macOSSoftwareUpdate" = "microsoft.graph.macOSSoftwareUpdateConfiguration" "macOSEndpointProtection" = "microsoft.graph.macOSEndpointProtectionConfiguration" "androidWorkProfileGeneral" = "microsoft.graph.androidWorkProfileGeneralDeviceConfiguration" "androidWorkProfileVpn" = "microsoft.graph.androidWorkProfileVpnConfiguration" "windowsHealthMonitoring" = "microsoft.graph.windowsHealthMonitoringConfiguration" "windows81SCEP" = "microsoft.graph.windows81SCEPCertificateProfile" "windows10Custom" = "microsoft.graph.windows10CustomConfiguration" "windows10EndpointProtection" = "microsoft.graph.windows10EndpointProtectionConfiguration" "windows10General" = "microsoft.graph.windows10GeneralConfiguration" } $softwareUpdates = @( "microsoft.graph.iosUpdateConfiguration", "microsoft.graph.windowsUpdateForBusinessConfiguration" ) switch ($odataType) { "all" { $filterParts = $excludeTypes | ForEach-Object { "not isof('$_')" } $filter = "?`$filter=" + ($filterParts -join " and ") } "softwareUpdates" { $filterParts = $softwareUpdates | ForEach-Object { "isof('$_')" } $filter = "?`$filter=" + ($filterParts -join " or ") } Default { $filterParts = @("isof('$($includeTypes[$odataType])')") $filter = "?`$filter=" + ($filterParts -join " and ") } } $Resource = "$($DCP_resource)$filter" try { $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" $objects = (Invoke-MgGraphRequest -Uri $uri -Method Get).Value $createdObjects = @() # Cast each object to the appropriate class foreach ($object in $objects) { $type = $object."@odata.type" $newObject = switch ($type) { "#microsoft.graph.windows81TrustedRootCertificate" { [GetEmWindows81TrustedRootCertificate]::new($object) } "#microsoft.graph.macOSExtensionsConfiguration" { [GetEmMacOSExtensionsConfiguration]::new($object) } "#microsoft.graph.macOSCustomConfiguration" { [GetEmMacOSCustomConfiguration]::new($object) } "#microsoft.graph.macOSDeviceFeaturesConfiguration" { [GetEmMacOSDeviceFeaturesConfiguration]::new($object) } "#microsoft.graph.macOSGeneralDeviceConfiguration" { [GetEmMacOSGeneralDeviceConfiguration]::new($object) } "#microsoft.graph.macOSSoftwareUpdateConfiguration" { [GetEmMacOSSoftwareUpdateConfiguration]::new($object) } "#microsoft.graph.macOSEndpointProtectionConfiguration" { [GetEmMacOSEndpointProtectionConfiguration]::new($object) } "#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration" { [GetEmAndroidWorkProfileGeneralDeviceConfiguration]::new($object) } "#microsoft.graph.androidWorkProfileVpnConfiguration" { [GetEmAndroidWorkProfileVpnConfiguration]::new($object) } "#microsoft.graph.windowsHealthMonitoringConfiguration" { [GetEmWindowsHealthMonitoringConfiguration]::new($object) } "#microsoft.graph.windows81SCEPCertificateProfile" { [GetEmWindows81SCEPCertificateProfile]::new($object) } "#microsoft.graph.windows10CustomConfiguration" { [GetEmWindows10CustomConfiguration]::new($object) } "#microsoft.graph.windows10EndpointProtectionConfiguration" { [GetEmWindows10EndpointProtectionConfiguration]::new($object) } "#microsoft.graph.windows10GeneralConfiguration" { [GetEmWindows10GeneralConfiguration]::new($object) } "#microsoft.graph.iosUpdateConfiguration" { [GetEmIosUpdateConfiguration]::new($object) } "#microsoft.graph.windowsUpdateForBusinessConfiguration" { [GetEmWindowsUpdateForBusinessConfiguration]::new($object) } default { $object } # If the type is not recognized, return the object as-is } $createdObjects += $newObject } return $createdObjects } catch { throw $_ } } } #EndRegion '.\Private\Get\Mdm\Get-EMMdmConfigurationAPI.ps1' 131 #Region '.\Private\Get\Mdm\Get-EmMdmSettingsCatalogAPI.ps1' -1 <# .SYNOPSIS Retrieves MDM Settings Catalog policies from Microsoft Graph API. .DESCRIPTION The Get-EmMdmSettingsCatalogAPI cmdlet sends a GET request to the Microsoft Graph API to retrieve MDM Settings Catalog policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and allows filtering by platform. .PARAMETER Platform The platform for which to retrieve settings catalog policies. Valid values are "windows10", "macOS", and $null. The default value is $null. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS EmConfigurationPolicy[] Returns an array of MDM Settings Catalog policy objects. .EXAMPLE Get-EmMdmSettingsCatalogAPI -Platform "windows10" -graphApiVersion "v1.0" This example retrieves Windows 10 MDM Settings Catalog policies using the v1.0 API version. .EXAMPLE Get-EmMdmSettingsCatalogAPI This example retrieves all MDM Settings Catalog policies using the default beta API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EmMdmSettingsCatalogAPI { #[Alias("Get-SettingsCatalogPolicy")] [cmdletBinding()] [OutputType([EmConfigurationPolicy[]])] param ( [parameter(Mandatory = $false)] [ValidateSet("windows10", "macOS", $null)] [string]$Platform = $null, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $allPolicies = @() if ($Platform) { $Resource = "deviceManagement/configurationPolicies?`$filter=platforms has '$Platform' and technologies has 'mdm'" } else { $Resource = "deviceManagement/configurationPolicies?`$filter=technologies has 'mdm'" } try { $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" do { $response = Invoke-MgGraphRequest -Uri $uri -Method Get $allPolicies += $response.Value | ForEach-Object { [EmConfigurationPolicy]::new($_) } $uri = $response."@odata.nextLink" } while ($null -ne $uri) return $allPolicies } catch { throw $_#"An error occurred while getting the Settings Catalog policies: `n$_" break } } } #EndRegion '.\Private\Get\Mdm\Get-EmMdmSettingsCatalogAPI.ps1' 57 #Region '.\Private\Get\Mdm\Get-EmMdmSettingsCatalogSettingsAPI.ps1' -1 <# .SYNOPSIS Retrieves MDM Settings Catalog policy settings from Microsoft Graph API. .DESCRIPTION The Get-EmMdmSettingsCatalogSettingsAPI cmdlet sends a GET request to the Microsoft Graph API to retrieve settings for a specified MDM Settings Catalog policy. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes expanded setting definitions. .PARAMETER policyId The ID of the MDM Settings Catalog policy for which to retrieve settings. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS EmConfigurationPolicySettingDefinitionsExpanded[] Returns an array of expanded MDM Settings Catalog policy setting definition objects. .EXAMPLE Get-EmMdmSettingsCatalogSettingsAPI -policyId "12345" -graphApiVersion "v1.0" This example retrieves settings for the MDM Settings Catalog policy with ID "12345" using the v1.0 API version. .EXAMPLE Get-EmMdmSettingsCatalogSettingsAPI -policyId "12345" This example retrieves settings for the MDM Settings Catalog policy with ID "12345" using the default beta API version. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EmMdmSettingsCatalogSettingsAPI { #[Alias("Get-SettingsCatalogPolicySettings")] [cmdletBinding()] [OutputType([EmConfigurationPolicySettingDefinitionsExpanded[]])] param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] $policyId, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process{ $Resource = "deviceManagement/configurationPolicies('$policyId')/settings?`$expand=settingDefinitions" try { $uri = "https://graph.microsoft.com/$graphApiVersion/$($Resource)" $Response = (Invoke-MgGraphRequest -Uri $uri -Method Get) $AllResponses = $Response.value | ForEach-Object { [EmConfigurationPolicySettingDefinitionsExpanded]::new($_) } $ResponseNextLink = $Response."@odata.nextLink" while ($null -ne $ResponseNextLink) { $Response = (Invoke-MgGraphRequest -Uri $ResponseNextLink -Method Get) $ResponseNextLink = $Response."@odata.nextLink" $AllResponses += $Response.value | ForEach-Object { [EmConfigurationPolicySettingDefinitionsExpanded]::new($_) } } return $AllResponses } catch { throw $_ } } } #EndRegion '.\Private\Get\Mdm\Get-EmMdmSettingsCatalogSettingsAPI.ps1' 53 #Region '.\Private\Get\Other\Get-EmDMIntent.ps1' -1 <# .SYNOPSIS Retrieves all Endpoint Security policies from Microsoft Graph. .DESCRIPTION This function connects to Microsoft Graph API and retrieves all Endpoint Security policies available in Endpoint Manager. This is a private function and is not exported by the module. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS PSCustomObject[] Returns an array of Endpoint Security policy objects. .EXAMPLE $policies = Get-EmDMIntent -graphApiVersion "v1.0" Write-Output $policies This example retrieves Endpoint Security policies using the v1.0 API version and outputs them. .EXAMPLE $policies = Get-EmDMIntent Write-Output $policies This example retrieves Endpoint Security policies using the default beta API version and outputs them. .NOTES This function is intended for internal use within the module. Author: DrIOSX Date: 07/21/2024 #> function Get-EmDMIntent { #[Alias("Get-EmDeviceManagementIntent")] [cmdletBinding()] [OutputType([PSCustomObject[]])] param ( [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $ESP_resource = "deviceManagement/intents" try { $uri = "https://graph.microsoft.com/$graphApiVersion/$($ESP_resource)" return (Invoke-MgGraphRequest -Method GET -Uri $uri).Value | ForEach-Object { New-Object -TypeName EmDMIntent -ArgumentList $_ } } catch { throw "An error occurred while retrieving the Endpoint Security policies: `n$_" } } } #EndRegion '.\Private\Get\Other\Get-EmDMIntent.ps1' 43 #Region '.\Private\Get\Other\Get-EmDMSettingInstance.ps1' -1 <# .SYNOPSIS Retrieves all settings for a specified category of an Endpoint Security policy from Microsoft Graph. .DESCRIPTION This function connects to Microsoft Graph API and retrieves all settings for a specified category of an Endpoint Security policy available in Endpoint Manager. This is a private function and is not exported by the module. .EXAMPLE $settings = Get-EndpointSecurityCategorySetting -PolicyId 'policy1' -categoryId 'category1' Write-Output $settings .PARAMETER PolicyId The ID of the Endpoint Security policy for which to retrieve category settings. .PARAMETER categoryId The ID of the category for which to retrieve settings. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS PSCustomObject[] Returns an array of Endpoint Security policy setting objects. .NOTES This function is intended for internal use within the module. #> function Get-EmDMSettingInstance { #[Alias("Get-EmDeviceManagementSettingInstance")] [cmdletBinding()] [OutputType([PSCustomObject[]])] param ( [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [string]$PolicyId, [Parameter(Mandatory = $true)] [ValidateNotNullOrEmpty()] [string]$categoryId, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $ESP_resource = "deviceManagement/intents/$PolicyId/categories/$categoryId/settings?\`$expand=Microsoft.Graph.DeviceManagementComplexSettingInstance/Value" try { $uri = "https://graph.microsoft.com/$graphApiVersion/$($ESP_resource)" return (Invoke-MgGraphRequest -Method GET -Uri $uri).Value #| ForEach-Object{[EmDMSettingInstance]::new($_)} } catch { throw $_ } } } #EndRegion '.\Private\Get\Other\Get-EmDMSettingInstance.ps1' 47 #Region '.\Private\Get\Other\Get-EmDMTemplateSettingCategory.ps1' -1 <# .SYNOPSIS Retrieves all categories for a specified Endpoint Security template from Microsoft Graph. .DESCRIPTION This function connects to Microsoft Graph API and retrieves all categories for a specified Endpoint Security template available in Endpoint Manager. This is a private function and is not exported by the module. .EXAMPLE $categories = Get-EmDMTemplateSettingCategory -TemplateId 'template1' Write-Output $categories .PARAMETER TemplateId The ID of the Endpoint Security template for which to retrieve categories. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS PSCustomObject[] Returns an array of Endpoint Security template category objects. .NOTES This function is intended for internal use within the module. #> function Get-EmDMTemplateSettingCategory { #[Alias("Get-EmDeviceManagementTemplateSettingCategory")] [cmdletBinding()] [OutputType([PSCustomObject[]])] param ( [Parameter(Mandatory=$true)] [ValidateNotNullOrEmpty()] [string]$TemplateId, [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $ESP_resource = "deviceManagement/templates/$TemplateId/categories" try { $uri = "https://graph.microsoft.com/$graphApiVersion/$($ESP_resource)" return (Invoke-MgGraphRequest -Method GET -Uri $uri).Value | ForEach-Object { [EmDMTemplateSettingCategory]::new($_) } } catch { throw $_ } } } #EndRegion '.\Private\Get\Other\Get-EmDMTemplateSettingCategory.ps1' 41 #Region '.\Private\Get\Other\Get-EmEndpointSecurityTemplate.ps1' -1 <# .SYNOPSIS Retrieves all Endpoint Security templates from Microsoft Graph. .DESCRIPTION This function connects to Microsoft Graph API and retrieves all Endpoint Security templates available in Endpoint Manager. This is a private function and is not exported by the module. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. It can be either "beta" or "v1.0". The default value is "beta". .OUTPUTS PSCustomObject[] Returns an array of Endpoint Security template objects. .EXAMPLE $templates = Get-EmEndpointSecurityTemplate Write-Output $templates .NOTES This function is intended for internal use within the module. #> function Get-EmEndpointSecurityTemplate { #[Alias("Get-EmDeviceEndpointSecurityTemplate")] [cmdletBinding()] [OutputType([PSCustomObject[]])] param ( [Parameter(Mandatory = $false)] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $ESP_resource = "deviceManagement/templates?\`$filter=(isof('microsoft.graph.securityBaselineTemplate'))" try { $uri = "https://graph.microsoft.com/$graphApiVersion/$($ESP_resource)" return (Invoke-MgGraphRequest -Method GET -Uri $uri).Value | ForEach-Object {$_ | ForEach-Object { New-Object -TypeName EmDMTemplate -ArgumentList $_ }} } catch { throw $_ } } } #EndRegion '.\Private\Get\Other\Get-EmEndpointSecurityTemplate.ps1' 37 #Region '.\Private\Get\Other\Get-EmMgRestApiPwshType.ps1' -1 <# .SYNOPSIS Maps Microsoft Graph API data types to PowerShell types. .DESCRIPTION The Get-EmMgRestApiPwshType function maps Microsoft Graph API data types to their corresponding PowerShell types. It supports various scalar and collection types. .PARAMETER typeName The Microsoft Graph API data type name to map to a PowerShell type. This parameter is mandatory. .OUTPUTS System.String Returns the corresponding PowerShell type as a string. .EXAMPLE $psType = Get-EmMgRestApiPwshType -typeName "String" Write-Output $psType This example maps the Microsoft Graph API type "String" to the PowerShell type "[string]". .EXAMPLE $psType = Get-EmMgRestApiPwshType -typeName "Int32 collection" Write-Output $psType This example maps the Microsoft Graph API type "Int32 collection" to the PowerShell type "[int[]]". .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EmMgRestApiPwshType { param ( [string]$typeName ) process { $TypeMappings = @{ "String" = "[string]" "DateTimeOffset" = "[datetime]" "Boolean" = "[bool]" "Int32" = "[int]" "Int64" = "[long]" "Double" = "[double]" "Binary" = "[byte[]]" "TimeOfDay" = "[TimeSpan]" "String collection" = "[string[]]" "Int32 collection" = "[int[]]" "Int64 collection" = "[long[]]" "Double collection" = "[double[]]" "Boolean collection" = "[bool[]]" "DateTimeOffset collection" = "[datetime[]]" "TimeOfDay collection" = "[TimeSpan[]]" } if ($TypeMappings.ContainsKey($typeName)) { return $TypeMappings[$typeName] } elseif ($typeName -match ' collection$') { $baseType = $typeName -replace ' collection$', '' if ($TypeMappings.ContainsKey($baseType)) { return "[${baseType}[]]" } } return "[object[]]" } } #EndRegion '.\Private\Get\Other\Get-EmMgRestApiPwshType.ps1' 56 #Region '.\Private\Get\Other\Get-EmRestApiPwshType.ps1' -1 <# .SYNOPSIS Maps Microsoft Graph API data types to PowerShell types. .DESCRIPTION The Get-EmMgRestApiPwshType function maps Microsoft Graph API data types to their corresponding PowerShell types. It supports various scalar and collection types. .PARAMETER typeName The Microsoft Graph API data type name to map to a PowerShell type. This parameter is mandatory. .OUTPUTS System.String Returns the corresponding PowerShell type as a string. .EXAMPLE $psType = Get-EmMgRestApiPwshType -typeName "String" Write-Output $psType This example maps the Microsoft Graph API type "String" to the PowerShell type "[string]". .EXAMPLE $psType = Get-EmMgRestApiPwshType -typeName "Collection(Edm.String)" Write-Output $psType This example maps the Microsoft Graph API type "Collection(Edm.String)" to the PowerShell type "[string[]]". .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-EmMgRestApiPwshType { param ( [string]$typeName ) process { $TypeMappings = @{ "String" = "[string]" "DateTimeOffset" = "[datetime]" "Boolean" = "[bool]" "Int32" = "[int]" "Int64" = "[long]" "Double" = "[double]" "Binary" = "[byte[]]" "TimeOfDay" = "[TimeSpan]" "Collection(Edm.String)" = "[string[]]" "Int32 collection" = "[int[]]" "Int64 collection" = "[long[]]" "Double collection" = "[double[]]" "Boolean collection" = "[bool[]]" "DateTimeOffset collection" = "[datetime[]]" "TimeOfDay collection" = "[TimeSpan[]]" } if ($TypeMappings.ContainsKey($typeName)) { return $TypeMappings[$typeName] } elseif ($typeName -match ' collection$') { $baseType = $typeName -replace ' collection$', '' if ($TypeMappings.ContainsKey($baseType)) { return "[${baseType}[]]" } } return "[object[]]" } } #EndRegion '.\Private\Get\Other\Get-EmRestApiPwshType.ps1' 57 #Region '.\Private\Get\Other\Get-UniqueSetting.ps1' -1 <# .SYNOPSIS Retrieves unique settings based on their definitionId. .DESCRIPTION This function processes an array of settings and returns only the unique settings based on their definitionId. .PARAMETER Settings An array of PSCustomObject representing the settings. .OUTPUTS PSCustomObject[] .EXAMPLE $uniqueSettings = Get-UniqueSetting -Settings $settings #> function Get-UniqueSetting { [cmdletBinding()] [OutputType([PSCustomObject[]])] param ( [Parameter(Mandatory = $true)] [PSCustomObject[]]$Settings ) $uniqueSettings = @{} foreach ($setting in $Settings) { if (-not $uniqueSettings.ContainsKey($setting.definitionId)) { $uniqueSettings[$setting.definitionId] = $setting } } return $uniqueSettings.Values } #EndRegion '.\Private\Get\Other\Get-UniqueSetting.ps1' 28 #Region '.\Private\Get\Other\Get-ValidFileName.ps1' -1 <# .SYNOPSIS Generates a valid file name by replacing invalid characters. .DESCRIPTION The Get-ValidFileName function takes a string and replaces any invalid file name characters with a specified replacement character. This ensures the string can be used as a valid file name. .PARAMETER String The string to be converted into a valid file name. This parameter is mandatory. .PARAMETER ReplacementCharacter The character used to replace invalid file name characters. Valid values are '_', '-', '.', and ' '. The default value is '_'. .OUTPUTS System.String Returns a valid file name string. .EXAMPLE $validFileName = Get-ValidFileName -String "Invalid:FileName*Example?.txt" Write-Output $validFileName This example converts the string "Invalid:FileName*Example?.txt" into a valid file name by replacing invalid characters with the default replacement character '_'. .EXAMPLE $validFileName = Get-ValidFileName -String "Invalid:FileName*Example?.txt" -ReplacementCharacter "-" Write-Output $validFileName This example converts the string "Invalid:FileName*Example?.txt" into a valid file name by replacing invalid characters with the replacement character '-'. .NOTES Author: DrIOSX Date: 07/21/2024 #> function Get-ValidFileName { param ( [Parameter(Mandatory = $true)] [string]$String, [Parameter( HelpMessage = "Specify the character used to replace invalid characters. Default: '_' ", Mandatory = $false )] [ValidateSet('_', '-', '.', ' ')] [string]$ReplacementCharacter = '_' ) if ([string]::IsNullOrEmpty($ReplacementCharacter)) { throw "Replacement character cannot be empty." } $illegalChars = ([IO.Path]::GetInvalidFileNameChars() )#+ ':', '[', ']','\','/' ) -join '' $regex = "[{0}]" -f [regex]::Escape($illegalChars) $filename = $String -replace $regex, $ReplacementCharacter $filename = $filename -replace "\[", "_" $filename -replace "\]", "_" } #EndRegion '.\Private\Get\Other\Get-ValidFileName.ps1' 47 #Region '.\Private\New\New-EmMdmBackupDirectory.ps1' -1 <# .SYNOPSIS Creates a new directory for MDM backup if it does not already exist. .DESCRIPTION The New-EmMdmBackupDirectory function checks if the specified directory exists. If it does not, the function creates the directory. This is useful for setting up a backup path for MDM configurations. .PARAMETER ExportPath The path of the directory to create. This parameter is mandatory. .OUTPUTS None. This function does not output any objects. .EXAMPLE New-EmMdmBackupDirectory -ExportPath "C:\Backup\MDM" This example checks for the existence of the "C:\Backup\MDM" directory and creates it if it does not exist. .NOTES Author: DrIOSX Date: 07/21/2024 #> function New-EmMdmBackupDirectory { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'medium' )] param ( [Parameter(Mandatory = $true)] [string]$ExportPath ) process { try { if ($PSCmdlet.ShouldProcess("Creating directory at $ExportPath", "New-Item")) { if (!(Test-Path "$ExportPath")) { New-Item -ItemType Directory -Path "$ExportPath" | Out-Null Write-Verbose "Directory created at $ExportPath" -Verbose } } } catch { throw "An error occurred while creating the directory: `n$_" } } } #EndRegion '.\Private\New\New-EmMdmBackupDirectory.ps1' 41 #Region '.\Private\Test\Test-IntuneJSON.ps1' -1 <# .SYNOPSIS Validates the provided JSON string for Intune configuration. .DESCRIPTION This function attempts to convert the provided JSON string to a PowerShell object to validate its format for Intune configuration. .PARAMETER JSON The JSON string to validate. .OUTPUTS None .EXAMPLE Test-IntuneJSON -JSON $jsonString .NOTES This function is used to validate JSON strings before using them in Intune configuration operations. #> function Test-IntuneJSON { [cmdletBinding()] [OutputType([void])] param ( [Parameter(Mandatory = $true)] $JSON ) try { ConvertFrom-Json $JSON -ErrorAction Stop $validJson = $true } catch { $validJson = $false $_.Exception } if (!$validJson) { Write-Verbose "Provided JSON isn't in valid JSON format" -Verbose break } } #EndRegion '.\Private\Test\Test-IntuneJSON.ps1' 34 #Region '.\Public\Backup\Backup-EmMdmAppConfiguration.ps1' -1 <# .SYNOPSIS Backs up Intune App Configuration policies to a specified export path. .DESCRIPTION The Backup-EmMdmAppConfiguration cmdlet connects to Microsoft Graph, retrieves Intune App Configuration policies, and exports them to the specified directory as JSON files. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ExportPath The directory path where the App Configuration policies will be exported. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a directory path as input. .OUTPUTS [void] This cmdlet does not output any objects. .EXAMPLE PS> Backup-EmMdmAppConfiguration -ExportPath "C:\Backup\AppConfigurations" This example connects to Microsoft Graph, retrieves Intune App Configuration policies, and exports them to the specified directory "C:\Backup\AppConfigurations" as JSON files. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -ClientSecretId "your-client-id" -ClientSecretTenantId "your-tenant-id" -ClientSecretValue "your-client-secret" PS> Backup-EmMdmAppConfiguration -ExportPath "C:\Backup\AppConfigurations" -AuthObject $authObject This example creates an authentication object using Client Secret authentication and uses it to connect to Microsoft Graph, retrieve Intune App Configuration policies, and export them to the specified directory. .NOTES The cmdlet uses the following functions: - New-EmMdmBackupDirectory - Connect-EmMdmGraph - Get-EmMdmAppConfigurationAPI - Backup-EmMdmPolicy - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Backup-EmMdmAppConfiguration #> function Backup-EmMdmAppConfiguration { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'high' )] [OutputType([void])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The directory path where the App Configuration policies will be exported." )] [ValidateNotNullOrEmpty()] [String]$ExportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Creating directory `"$(Split-Path -Path $ExportPath -Leaf)`" in `"$(Split-Path -Path $ExportPath -Parent)`" if not found.", "New-Item")) { New-EmMdmBackupDirectory -ExportPath $ExportPath -Confirm:$false } if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementApps.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementApps.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PSCmdlet.ShouldProcess("Getting App Configuration policies and exporting to JSON", "Get-EmMdmAppConfigurationAPI")) { $APPs = Get-EmMdmAppConfigurationAPI -graphApiVersion $graphApiVersion if ($APPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No policies found" } Write-Verbose "Exporting App Configuration policies..." -Verbose Backup-EmMdmPolicy -Policy $APPs -ExportPath $ExportPath -PolicyType "App Configuration" <# foreach ($APP in $APPs) { Write-Verbose "APP Protection Policy:"$APP.displayName -f Yellow Export-JSONData -Policy $APP -ExportPath "$ExportPath" -AltName Write-Verbose } #> $ExportComplete = $true } } catch { throw "An error occurred while getting the App Configuration policies: `n$_" } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { if ($ExportComplete) { Write-Verbose "Backup-EmMdmAppConfiguration completed." -Verbose } } } #EndRegion '.\Public\Backup\Backup-EmMdmAppConfiguration.ps1' 113 #Region '.\Public\Backup\Backup-EmMdmAppProtection.ps1' -1 <# .SYNOPSIS Backs up Intune App Protection policies to a specified export path. .DESCRIPTION The Backup-EmMdmAppProtection cmdlet connects to Microsoft Graph, retrieves Intune App Protection policies, and exports them to the specified directory as JSON files. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ExportPath The directory path where the App Protection policies will be exported. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a directory path as input. .OUTPUTS [void] This cmdlet does not output any objects. .EXAMPLE PS> Backup-EmMdmAppProtection -ExportPath "C:\Backup\AppProtections" This example connects to Microsoft Graph, retrieves Intune App Protection policies, and exports them to the specified directory "C:\Backup\AppProtections" as JSON files. .NOTES The cmdlet uses the following functions: - New-EmMdmBackupDirectory - Connect-EmMdmGraph - Get-EmMdmAppProtectionAPI - Backup-EmMdmPolicy - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Backup-EmMdmAppProtection #> function Backup-EmMdmAppProtection { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'high' )] [OutputType([void])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The directory path where the App Protection policies will be exported." )] [ValidateNotNullOrEmpty()] [String]$ExportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Creating directory `"$(Split-Path -Path $ExportPath -Leaf)`" in `"$(Split-Path -Path $ExportPath -Parent)`" if not found.", "New-Item")) { New-EmMdmBackupDirectory -ExportPath $ExportPath -Confirm:$false } if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementApps.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementApps.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PSCmdlet.ShouldProcess("Getting App Protection policies and exporting to JSON", "Get-EmMdmAppProtectionAPI")) { $APPs = Get-EmMdmAppProtectionAPI -graphApiVersion $graphApiVersion if ($APPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No policies found" } Write-Verbose "Exporting App Protection policies..." -Verbose Backup-EmMdmPolicy -Policy $APPs -ExportPath $ExportPath -PolicyType "App Protection" <# foreach ($APP in $APPs) { Write-Verbose "APP Protection Policy:"$APP.displayName -f Yellow Export-JSONData -Policy $APP -ExportPath "$ExportPath" -AltName Write-Verbose } #> $ExportComplete = $true } } catch { throw "An error occurred while getting the App Protection policies: `n$_" } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { if ($ExportComplete) { Write-Verbose "Backup-EmMdmAppProtection completed." -Verbose } } } #EndRegion '.\Public\Backup\Backup-EmMdmAppProtection.ps1' 109 #Region '.\Public\Backup\Backup-EmMdmCompliance.ps1' -1 <# .SYNOPSIS Backs up Intune Device Compliance policies to a specified export path. .DESCRIPTION The Backup-EmMdmCompliance cmdlet connects to Microsoft Graph, retrieves Intune Device Compliance policies, and exports them to the specified directory as JSON files. The cmdlet supports filtering policies by operating system and allows selecting between 'beta' and 'v1.0' versions of the Graph API. The cmdlet includes confirmation prompts for actions with high impact. .PARAMETER ExportPath The directory path where the Device Compliance policies will be exported. This parameter is mandatory. .PARAMETER OperatingSystem The operating system filter for the compliance policies. Valid values are "android", "iOS", "Win10", "macos", and "all". The default value is "all". .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a directory path as input. .OUTPUTS [string] This cmdlet returns the export path upon successful completion. .EXAMPLE PS> Backup-EmMdmCompliance -ExportPath "C:\Backup\CompliancePolicies" -OperatingSystem "Win10" This example connects to Microsoft Graph, retrieves Windows 10 Device Compliance policies, and exports them to the specified directory "C:\Backup\CompliancePolicies" as JSON files. .EXAMPLE PS> Backup-EmMdmCompliance -ExportPath "C:\Backup\CompliancePolicies" -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version, retrieves all Device Compliance policies, and exports them to the specified directory "C:\Backup\CompliancePolicies" as JSON files. .NOTES The cmdlet uses the following functions: - New-EmMdmBackupDirectory - Connect-EmMdmGraph - Get-EmMdmComplianceAPI - Backup-EmMdmPolicy - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Backup-EmMdmCompliance #> function Backup-EmMdmCompliance { #[Alias("Export-EmDeviceCompliancePolicy")] [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([void])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The directory path where the Compliance policies will be exported." )] [ValidateNotNullOrEmpty()] [string]$ExportPath, [Parameter( Mandatory = $false, HelpMessage = "The operating system for which the compliance policies are retrieved. Valid values are 'android', 'iOS', 'Win10', 'macos', and 'all'. The default value is 'all'." )] [ValidateSet("android", "iOS", "Win10", "macos", "all")] [string]$OperatingSystem = "all", [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Creating directory `"$(Split-Path -Path $ExportPath -Leaf)`" in `"$(Split-Path -Path $ExportPath -Parent)`" if not found.", "New-Item")) { New-EmMdmBackupDirectory -ExportPath $ExportPath -Confirm:$false } if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PSCmdlet.ShouldProcess("Getting all Compliance policies and exporting to JSON", "Get-EmMdmComplianceAPI")) { $DCPs = Get-EmMdmComplianceAPI -OperatingSystem $OperatingSystem -graphApiVersion $graphApiVersion if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No policies found" } Write-Verbose "Exporting $OperatingSystem Compliance policies..." -Verbose Backup-EmMdmPolicy -Policy $DCPs -ExportPath $ExportPath -PolicyType "Device Compliance" $ExportComplete = $true } } catch { throw "An error occurred while exporting the Compliance policies: `n$_" } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } End { if ($ExportComplete) { Write-Verbose "Export-CompliancePolicy completed." -Verbose } } } #EndRegion '.\Public\Backup\Backup-EmMdmCompliance.ps1' 115 #Region '.\Public\Backup\Backup-EmMdmConfiguration.ps1' -1 <# .SYNOPSIS Backs up Intune Device Configuration policies to a specified export path. .DESCRIPTION The Backup-EmMdmConfiguration cmdlet connects to Microsoft Graph, retrieves Intune Device Configuration policies, and exports them to the specified directory as JSON files. The cmdlet supports filtering policies by device type and allows selecting between 'beta' and 'v1.0' versions of the Graph API. The cmdlet includes confirmation prompts for actions with high impact. .PARAMETER DeviceType The device type filter for the configuration policies. Valid values are "windows81", "macOSExtensions", "macOSCustom", "macOSDeviceFeatures", "macOSGeneral", "macOSSoftwareUpdate", "macOSEndpointProtection", "androidWorkProfileGeneral", "androidWorkProfileVpn", "windowsHealthMonitoring", "windows81SCEP", "windows10Custom", "windows10EndpointProtection", "windows10General", and "all". The default value is "all". .PARAMETER ExportPath The directory path where the Device Configuration policies will be exported. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a directory path as input. .OUTPUTS [void] This cmdlet does not output any objects. .EXAMPLE PS> Backup-EmMdmConfiguration -DeviceType "windows10General" -ExportPath "C:\Backup\DeviceConfigurations" This example connects to Microsoft Graph, retrieves Windows 10 General Device Configuration policies, and exports them to the specified directory "C:\Backup\DeviceConfigurations" as JSON files. .EXAMPLE PS> Backup-EmMdmConfiguration -DeviceType "all" -ExportPath "C:\Backup\DeviceConfigurations" -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version, retrieves all Device Configuration policies, and exports them to the specified directory "C:\Backup\DeviceConfigurations" as JSON files. .NOTES The cmdlet uses the following functions: - New-EmMdmBackupDirectory - Connect-EmMdmGraph - Get-EMMdmConfigurationAPI - Backup-EmMdmPolicy - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Backup-EmMdmConfiguration #> function Backup-EmMdmConfiguration { [CmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([void])] param ( [Parameter( Mandatory = $false, HelpMessage = "The type of device configuration to backup. Valid values are 'windows81', 'macOSExtensions', 'macOSCustom', 'macOSDeviceFeatures', 'macOSGeneral', 'macOSSoftwareUpdate', 'macOSEndpointProtection', 'androidWorkProfileGeneral', 'androidWorkProfileVpn', 'windowsHealthMonitoring', 'windows81SCEP', 'windows10Custom', 'windows10EndpointProtection', 'windows10General', and 'all'. The default value is 'all'." )] [ValidateSet( "windows81", "macOSExtensions", "macOSCustom", "macOSDeviceFeatures", "macOSGeneral", "macOSSoftwareUpdate", "macOSEndpointProtection", "androidWorkProfileGeneral", "androidWorkProfileVpn", "windowsHealthMonitoring", "windows81SCEP", "windows10Custom", "windows10EndpointProtection", "windows10General", "all" )] [string]$DeviceType = "all", [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The directory path where the device configuration policies will be exported." )] [ValidateNotNullOrEmpty()] [String]$ExportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Creating directory `"$(Split-Path -Path $ExportPath -Leaf)`" in `"$(Split-Path -Path $ExportPath -Parent)`" if not found.", "New-Item")) { New-EmMdmBackupDirectory -ExportPath $ExportPath -Confirm:$false } if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Exporting device configurations to JSON", "Get-EMConfigurationAPI")) { # Filtering out iOS and Windows Software Update Policies $DCPs = Get-EMMdmConfigurationAPI -odataType $DeviceType -graphApiVersion $graphApiVersion Write-Verbose "Exporting $($DCPs.Length) policies to $ExportPath" -Verbose if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No policies found" } Backup-EmMdmPolicy -Policy $DCPs -ExportPath $ExportPath -PolicyType "Device Configuration" $ExportComplete = $true } } catch { throw "An error occurred while exporting the device configuration policies: `n$_" } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { if ($ExportComplete) { Write-Verbose "Backup-EmMdmConfiguration completed." -Verbose } } } #EndRegion '.\Public\Backup\Backup-EmMdmConfiguration.ps1' 131 #Region '.\Public\Backup\Backup-EmMdmEndpointSecurity.ps1' -1 <# .SYNOPSIS Backs up Intune Endpoint Security policies to a specified export path. .DESCRIPTION The Backup-EmMdmEndpointSecurity cmdlet connects to Microsoft Graph, retrieves Intune Endpoint Security policies, and exports them to the specified directory as JSON files. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ExportPath The directory path where the Endpoint Security policies will be exported. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a directory path as input. .OUTPUTS [void] This cmdlet does not output any objects. .EXAMPLE PS> Backup-EmMdmEndpointSecurity -ExportPath "C:\Backup\EndpointSecurity" This example connects to Microsoft Graph, retrieves Intune Endpoint Security policies, and exports them to the specified directory "C:\Backup\EndpointSecurity" as JSON files. .EXAMPLE PS> Backup-EmMdmEndpointSecurity -ExportPath "C:\Backup\EndpointSecurity" -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version, retrieves Intune Endpoint Security policies, and exports them to the specified directory "C:\Backup\EndpointSecurity" as JSON files. .NOTES The cmdlet uses the following functions: - New-EmMdmBackupDirectory - Connect-EmMdmGraph - Get-EmEndpointSecurityTemplate - Get-EmDMIntent - Get-EmDMTemplateSettingCategory - Get-EmDMSettingInstance - Backup-EmMdmPolicy - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Backup-EmMdmEndpointSecurity #> function Backup-EmMdmEndpointSecurity { [CmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([void])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The directory path where the endpoint security policies will be exported." )] [ValidateNotNullOrEmpty()] [string]$ExportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) Begin { try { if ($PSCmdlet.ShouldProcess("Creating directory `"$(Split-Path -Path $ExportPath -Leaf)`" in `"$(Split-Path -Path $ExportPath -Parent)`" if not found.", "New-Item")) { New-EmMdmBackupDirectory -ExportPath $ExportPath -Confirm:$false } if ($PScmdlet.ShouldProcess("Connecting to Microsoft Graph API with permissions: DeviceManagementConfiguration.Read.All, DeviceManagementManagedDevices.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All", "DeviceManagementManagedDevices.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } Process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Exporting JSON device configurations from Microsoft Graph API to path: '$ExportPath' ", "Invoke-MgGraphRequest")) { # Get all Endpoint Security Templates $Templates = Get-EmEndpointSecurityTemplate -graphApiVersion $graphApiVersion # Get all Endpoint Security Policies configured ([Alias("Get-EmDeviceManagementIntent")]) $ESPolicies = Get-EmDMIntent -graphApiVersion $graphApiVersion | Sort-Object displayName if ($ESPolicies.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No policies found" } # Looping through all policies configured foreach ($policy in ($ESPolicies | Sort-Object displayName)) { Write-Verbose "Endpoint Security Policy: $($policy.displayName)" -Verbose # Update TemplateDisplayName and TemplateId properties $ES_Template = $Templates | Where-Object { $_.id -eq $policy.templateId } # Creating EmDManagementIntentInstanceCustom object for JSON output $JSON = [EmDManagementIntentInstanceCustom]::new($policy) # Add TemplateDisplayName to JSON object for easy identification during retrieval and import $JSON.TemplateDisplayName = $ES_Template.displayName # Getting all categories in specified Endpoint Security Template $Categories = Get-EmDMTemplateSettingCategory -TemplateId $policy.templateId -graphApiVersion $graphApiVersion # Looping through all categories within the Template $Settings = @() # Initialize the $Settings array to store the settings foreach ($category in $Categories) { $categoryId = $category.id # [Alias("Get-EmDeviceManagementSettingInstance")] $Settings += Get-EmDMSettingInstance -PolicyId $policy.id -categoryId $categoryId -graphApiVersion $graphApiVersion } # Adding All settings to settingsDelta ready for JSON export $JSON.settingsDelta = @($Settings) # Export JSON data Backup-EmMdmPolicy -Policy $JSON -ExportPath $ExportPath -PolicyType "Endpoint Security" } $ExportComplete = $true } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } End { if ($ExportComplete) { Write-Verbose "Export complete..." -Verbose } } } #EndRegion '.\Public\Backup\Backup-EmMdmEndpointSecurity.ps1' 132 #Region '.\Public\Backup\Backup-EmMdmSettingsCatalog.ps1' -1 <# .SYNOPSIS Backs up Intune Settings Catalog policies to a specified export path. .DESCRIPTION The Backup-EmMdmSettingsCatalog cmdlet connects to Microsoft Graph, retrieves Intune Settings Catalog policies, and exports them to the specified directory as JSON files. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ExportPath The directory path where the Settings Catalog policies will be exported. This parameter is mandatory. .PARAMETER Platform The platform for which to retrieve policies. Valid values are "windows10" and "macOS". The default value is null, which retrieves policies for all platforms. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a directory path as input. .OUTPUTS [void] This cmdlet does not output any objects. .EXAMPLE PS> Backup-EmMdmSettingsCatalog -ExportPath "C:\Backup\SettingsCatalog" This example connects to Microsoft Graph, retrieves Intune Settings Catalog policies, and exports them to the specified directory "C:\Backup\SettingsCatalog" as JSON files. .EXAMPLE PS> Backup-EmMdmSettingsCatalog -ExportPath "C:\Backup\SettingsCatalog" -Platform "windows10" This example connects to Microsoft Graph, retrieves Intune Settings Catalog policies for Windows 10, and exports them to the specified directory "C:\Backup\SettingsCatalog" as JSON files. .NOTES The cmdlet uses the following functions: - New-EmMdmBackupDirectory - Connect-EmMdmGraph - Get-EmMdmSettingsCatalogAPI - Get-EmMdmSettingsCatalogSettingsAPI - Backup-EmMdmPolicy - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Backup-EmMdmSettingsCatalog #> function Backup-EmMdmSettingsCatalog { #[Alias("Export-SettingsCatalogPolicy")] [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([void])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The directory path where the settings catalog policies will be exported." )] [ValidateNotNullOrEmpty()] [string]$ExportPath, [Parameter( Mandatory = $false, HelpMessage = "The platform for which to retrieve settings catalog policies. Valid values are 'windows10', 'macOS', or null." )] [ValidateSet("windows10", "macOS", $null)] [string]$Platform = $null, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Creating directory `"$(Split-Path -Path $ExportPath -Leaf)`" in `"$(Split-Path -Path $ExportPath -Parent)`" if not found.", "New-Item")) { New-EmMdmBackupDirectory -ExportPath $ExportPath -Confirm:$false } # Connect to Microsoft Graph API if ($PScmdlet.ShouldProcess("Connecting to MgGraph", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } process { # Export Settings Catalog policies to JSON try { if ($isConnected -and $PScmdlet.ShouldProcess("Exporting device configurations to JSON", "Invoke-MgGraphRequest")) { $ExportPath = $ExportPath.replace('"', '') # Retrieve Settings Catalog policies $Policies = Get-EmMdmSettingsCatalogAPI -Platform $Platform -graphApiVersion $graphApiVersion # # Excluding EDR Policy to ensure Onboarding Blob Connector not included: '0385b795-0f2f-44ac-8602-9f65bf6adede_1' $policies = $policies | Where-Object { $_.TemplateReference.TemplateId -ne "0385b795-0f2f-44ac-8602-9f65bf6adede_1" } if ($Policies.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No policies found" } foreach ($policy in $Policies) { Write-Verbose $policy.name -Verbose $AllSettingsInstances = @() $PolicyId = $policy.id # Create a new instance of the custom export class $PolicyBody = [EmConfigurationPolicyExport]::new() # Assign properties from the retrieved policy $PolicyBody.name = $policy.name $PolicyBody.description = $policy.description $PolicyBody.platforms = $policy.platforms $PolicyBody.technologies = $policy.technologies # Checking if policy has a templateId associated if ($policy.templateReference.templateId) { Write-Verbose "Found template reference" # Assign template reference property $PolicyBody.templateReference = New-Object psobject -Property @{ templateId = $policy.templateReference.templateId } } # Fetch the settings instances for the current policy $SettingInstances = Get-EmMdmSettingsCatalogSettingsAPI -PolicyId $PolicyId -graphApiVersion $graphApiVersion # Extract setting instances and add to the collection $Instances = $SettingInstances.settingInstance foreach ($object in $Instances) { $Instance = New-Object -TypeName PSObject -Property @{ settingInstance = $object } $AllSettingsInstances += $Instance } # Assign the collected settings to the custom export class $PolicyBody.settings = $AllSettingsInstances # Export the custom object to JSON Backup-EmMdmPolicy -Policy $PolicyBody -ExportPath $ExportPath -PolicyType "Settings Catalog" -AltName } $ExportComplete = $true } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { if ($ExportComplete) { Write-Verbose "Export complete..." -Verbose } } } #EndRegion '.\Public\Backup\Backup-EmMdmSettingsCatalog.ps1' 150 #Region '.\Public\Backup\Backup-EmMdmSoftwareUpdate.ps1' -1 <# .SYNOPSIS Backs up Intune Software Update policies to a specified export path. .DESCRIPTION The Backup-EmMdmSoftwareUpdate cmdlet connects to Microsoft Graph, retrieves Intune Software Update policies, and exports them to the specified directory as JSON files. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ExportPath The directory path where the Software Update policies will be exported. This parameter is mandatory. .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .INPUTS [string] The cmdlet accepts a directory path as input. .OUTPUTS [void] This cmdlet does not output any objects. .EXAMPLE PS> Backup-EmMdmSoftwareUpdate -ExportPath "C:\Backup\SoftwareUpdates" This example connects to Microsoft Graph, retrieves Intune Software Update policies, and exports them to the specified directory "C:\Backup\SoftwareUpdates" as JSON files. .NOTES The cmdlet uses the following functions: - New-EmMdmBackupDirectory - Connect-EmMdmGraph - Get-EmMdmConfigurationAPI - Backup-EmMdmPolicy - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Backup-EmMdmSoftwareUpdate #> function Backup-EmMdmSoftwareUpdate { [CmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([void])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "The directory path where the software update policies will be exported." )] [ValidateNotNullOrEmpty()] [string]$ExportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Creating directory `"$(Split-Path -Path $ExportPath -Leaf)`" in `"$(Split-Path -Path $ExportPath -Parent)`" if not found.", "New-Item")) { New-EmMdmBackupDirectory -ExportPath $ExportPath -Confirm:$false } if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Exporting Software Updates device configurations to JSON", "Get-EmMdmConfigurationAPI")) { # Filtering out iOS and Windows Software Update Policies $DCPs = Get-EmMdmConfigurationAPI -odataType "softwareUpdates" -graphApiVersion $graphApiVersion if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No policies found" } Backup-EmMdmPolicy -Policy $DCPs -ExportPath $ExportPath -PolicyType "Software Updates" $ExportComplete = $true } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { if ($ExportComplete) { Write-Verbose "Backup-EmMdmSoftwareUpdate completed." -Verbose } } } #EndRegion '.\Public\Backup\Backup-EmMdmSoftwareUpdate.ps1' 101 #Region '.\Public\Compare\Compare-EmMgClass.ps1' -1 <# .SYNOPSIS Compares two PowerShell classes and outputs their differences. .DESCRIPTION The Compare-EmMgClass cmdlet compares the properties and methods of two specified PowerShell classes. It outputs the differences between the classes, if any, or indicates if the classes are identical. .PARAMETER Class1 The first class to compare. This parameter is mandatory. .PARAMETER Class2 The second class to compare. This parameter is mandatory. .INPUTS [Type] The cmdlet accepts two class types as input. .OUTPUTS [string] The cmdlet outputs a string indicating whether the classes are different or identical. It also outputs the specific property and method differences, if any. .EXAMPLE PS> Compare-EmMgClass -Class1 [ClassA] -Class2 [ClassB] This example compares ClassA and ClassB, outputting their differences in properties and methods. .NOTES The cmdlet uses the Compare-Object cmdlet to compare properties and methods of the specified classes. .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Compare-EmMgClass #> function Compare-EmMgClass { [CmdletBinding()] param ( [Parameter( Mandatory = $true, HelpMessage = "The first class type to compare." )] [ValidateNotNull()] [Type]$Class1, [Parameter( Mandatory = $true, HelpMessage = "The second class type to compare." )] [ValidateNotNull()] [Type]$Class2 ) process { $class1Properties = $Class1 | Get-Member -MemberType Properties $class2Properties = $Class2 | Get-Member -MemberType Properties $class1Methods = $Class1 | Get-Member -MemberType Methods $class2Methods = $Class2 | Get-Member -MemberType Methods $propertyDifferences = Compare-Object -ReferenceObject $class1Properties -DifferenceObject $class2Properties -Property Name, MemberType, Definition $methodDifferences = Compare-Object -ReferenceObject $class1Methods -DifferenceObject $class2Methods -Property Name, MemberType, Definition if ($propertyDifferences -or $methodDifferences) { Write-Output "The classes are different." if ($propertyDifferences) { Write-Output "Property Differences:" $propertyDifferences | ForEach-Object { $_ } } if ($methodDifferences) { Write-Output "Method Differences:" $methodDifferences | ForEach-Object { $_ } } } else { Write-Output "The classes are identical." } } } #EndRegion '.\Public\Compare\Compare-EmMgClass.ps1' 65 #Region '.\Public\Convert\Convert-EmMgJsonToClass.ps1' -1 <# .SYNOPSIS Converts a JSON string to a PowerShell class definition. .DESCRIPTION The Convert-EmMgJsonToClass cmdlet takes a JSON string and a class name as input and generates a PowerShell class definition. The cmdlet supports different operations (create, update, get) to customize the generated class properties and constructors. .PARAMETER Json The JSON string to be converted into a PowerShell class. This parameter is mandatory. .PARAMETER ClassName The name of the class to be generated. This parameter is mandatory. .PARAMETER Operation The operation type to customize the generated class. Valid values are "create", "update", and "get". This parameter is mandatory. .INPUTS [string] The cmdlet accepts a JSON string and a class name as input. .OUTPUTS [string] The cmdlet outputs the generated PowerShell class definition as a string. .EXAMPLE PS> $json = '{"name": "Test", "value": 123}' PS> Convert-EmMgJsonToClass -Json $json -ClassName "TestClass" -Operation "create" This example converts the JSON string into a PowerShell class named "TestClass" for the "create" operation. .NOTES The cmdlet generates a PowerShell class with properties, a default constructor, and a parameterized constructor based on the JSON string. The cmdlet uses different operations to customize the class properties and constructors. .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Convert-EmMgJsonToClass #> function Convert-EmMgJsonToClass { [cmdletBinding()] [OutputType([string])] param ( [Parameter( Mandatory = $true, Position = 0, HelpMessage = "The JSON string to convert to a PowerShell class." )] [ValidateNotNullOrEmpty()] [string]$Json, [Parameter( Mandatory = $true, Position = 1, HelpMessage = "The name of the class to generate." )] [ValidateNotNullOrEmpty()] [string]$ClassName, [Parameter( Mandatory = $true, Position = 2, HelpMessage = "The operation type for the class generation." )] [ValidateSet("create", "update", "get")] [string]$Operation ) process { # Convert JSON string to PowerShell object switch ($Operation) { "get" { $jsonObject = $Json | ConvertFrom-Json -NoEnumerate | Select-Object -Property * } Default { $jsonObject = $Json | ConvertFrom-Json -NoEnumerate | Select-Object -Property * -ExcludeProperty id, lastModifiedDateTime, roleScopeTagIds, supportsScopeTags, deviceManagementApplicabilityRuleOsEdition, deviceManagementApplicabilityRuleOsVersion, deviceManagementApplicabilityRuleDeviceMode, createdDateTime } } $properties = @() $constructorAssignments = @() $defaultAssignments = @() # Iterate over each property in the JSON object foreach ($property in $jsonObject.PSObject.Properties) { $name = $property.Name $value = $property.Value $type = switch ($value.GetType().Name) { "String" { "[string]" } "Int32" { "[int]" } "Boolean" { "[bool]" } "DateTime" { "[datetime]" } "Object[]" { "[object[]]" } "PSCustomObject" { "[psobject]" } default { "[object]" } } # Special handling for the @odata.type property if ($name -eq "@odata.type") { $properties += "[string]`$`{${name}`}" $constructorAssignments += "`$this.`"$name`"` = `$policy.`"$name`"" $defaultAssignments += "`$this.`"@odata.type`" = ''" } else { $properties += "$type`$$name" $constructorAssignments += "`$this.$name = `$policy.$name" $defaultAssignment = switch ($type) { "[string]" { "`$this.$name = ''" } "[int]" { "`$this.$name = 0" } "[bool]" { "`$this.$name = `$false" } "[datetime]" { "`$this.$name = [datetime]::MinValue" } "[object[]]" { "`$this.$name = @()" } "[psobject]" { "`$this.$name = `$null" } default { "`$this.$name = `$null" } } $defaultAssignments += $defaultAssignment } } # Join the properties and assignments into text blocks $propertiesText = $properties -join "`n " $constructorAssignmentsText = $constructorAssignments -join "`n " $defaultAssignmentsText = $defaultAssignments -join "`n " # Create the class template $classTemplate = @" class $ClassName { $propertiesText # Default constructor $ClassName() { $defaultAssignmentsText } # Parameterized constructor $ClassName (`$policy) { $constructorAssignmentsText } # Overriding the ToString method [string] ToString() { return "Class: $ClassName" } } "@ return $classTemplate } # process } #EndRegion '.\Public\Convert\Convert-EmMgJsonToClass.ps1' 130 #Region '.\Public\Convert\Convert-EmMgJsonToFlatObject.ps1' -1 <# .SYNOPSIS Converts a JSON string or file to a flat PowerShell object. .DESCRIPTION The Convert-EmMgJsonToFlatObject cmdlet takes a JSON string or a path to a JSON file and converts it into a flat PowerShell object. The cmdlet supports importing JSON from a file or directly from a string provided in the pipeline. .PARAMETER ImportPath The path to the JSON file to be imported. This parameter is mandatory when using the 'Import' parameter set. .PARAMETER JSON The JSON string to be converted to a flat object. This parameter is mandatory when using the 'StringObject' parameter set. .INPUTS [string] The cmdlet accepts a JSON string or a file path as input. .OUTPUTS [PSCustomObject] The cmdlet outputs a flat PowerShell object. .EXAMPLE PS> Convert-EmMgJsonToFlatObject -ImportPath "C:\path\to\file.json" This example imports the JSON file from the specified path and converts it to a flat PowerShell object. .EXAMPLE PS> '{"name": "Test", "value": {"nested": 123}}' | Convert-EmMgJsonToFlatObject This example takes a JSON string from the pipeline, converts it to a flat PowerShell object, and outputs the result. .NOTES The cmdlet uses the ConvertTo-FlatObject function to flatten the JSON structure. The cmdlet supports two parameter sets: 'Import' for importing JSON from a file and 'StringObject' for converting JSON strings. Borrowed private function code from: https://powersnippets.com/convertto-flatobject/ .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Convert-EmMgJsonToFlatObject #> function Convert-EmMgJsonToFlatObject { [CmdletBinding()] [OutputType([PSCustomObject])] param ( [Parameter( Mandatory = $true, ParameterSetName = 'Import', ValueFromPipelineByPropertyName = $true, HelpMessage = "Path to the JSON file to be imported." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $true, ParameterSetName = 'StringObject', ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "JSON string to be converted to a flat object." )] [ValidateNotNullOrEmpty()] [String]$JSON ) process { # Using code found at : https://powersnippets.com/convertto-flatobject/ switch ($PSCmdlet.ParameterSetName) { 'Import' { $output = (Get-Content $ImportPath | ConvertFrom-Json -NoEnumerate -AsHashtable) | ConvertTo-FlatObject } Default { $output = ($JSON | ConvertFrom-Json -NoEnumerate -AsHashtable) | ConvertTo-FlatObject } } return $output } } #EndRegion '.\Public\Convert\Convert-EmMgJsonToFlatObject.ps1' 64 #Region '.\Public\Get\Mdm\Get-EmMdmAppConfiguration.ps1' -1 <# .SYNOPSIS Retrieves Intune App Configuration policies from Microsoft Graph. .DESCRIPTION The Get-EmMdmAppConfiguration cmdlet connects to Microsoft Graph using the specified API version and retrieves Intune App Configuration policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS [GetEmMdmTargetedManagedAppConfiguration[]] The cmdlet returns an array of Intune App Configuration policy objects. .EXAMPLE PS> Get-EmMdmAppConfiguration This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune App Configuration policies. .EXAMPLE PS> Get-EmMdmAppConfiguration -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version and retrieves Intune App Configuration policies. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Get-EmMdmAppConfigurationAPI - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMdmAppConfiguration #> function Get-EmMdmAppConfiguration { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'Medium' )] [OutputType([GetEmMdmTargetedManagedAppConfiguration[]])] param ( [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { try { if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementApps.Read.All" -AuthObject $AuthObject } if ($PSCmdlet.ShouldProcess("Getting App Configuration Policies", "Get-EmMdmAppConfigurationAPI")) { $DCPs = Get-EmMdmAppConfigurationAPI -graphApiVersion $graphApiVersion if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No App Configuration Policies were found" } return $DCPs } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } } #EndRegion '.\Public\Get\Mdm\Get-EmMdmAppConfiguration.ps1' 75 #Region '.\Public\Get\Mdm\Get-EmMdmAppProtection.ps1' -1 <# .SYNOPSIS Retrieves Intune App Protection policies from Microsoft Graph. .DESCRIPTION The Get-EmMdmAppProtection cmdlet connects to Microsoft Graph using the specified API version and retrieves Intune App Protection policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS [pscustomobject[]] The cmdlet returns an array of Intune App Protection policy objects. .EXAMPLE PS> Get-EmMdmAppProtection This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune App Protection policies. .EXAMPLE PS> Get-EmMdmAppProtection -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version and retrieves Intune App Protection policies. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Get-EmMdmAppProtectionAPI - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMdmAppProtection #> function Get-EmMdmAppProtection { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'Medium' )] [OutputType([pscustomobject[]])] param ( [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { try { if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementApps.Read.All" -AuthObject $AuthObject } if ($PSCmdlet.ShouldProcess("Getting App Protection Policies", "Get-EmMdmAppProtectionAPI")) { $DCPs = Get-EmMdmAppProtectionAPI -graphApiVersion $graphApiVersion if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No App Protection Policies were found" } return $DCPs } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } } #EndRegion '.\Public\Get\Mdm\Get-EmMdmAppProtection.ps1' 75 #Region '.\Public\Get\Mdm\Get-EmMdmCompliance.ps1' -1 <# .SYNOPSIS Retrieves Intune Device Compliance policies from Microsoft Graph. .DESCRIPTION The Get-EmMdmCompliance cmdlet connects to Microsoft Graph using the specified API version and retrieves Intune Device Compliance policies for a specified operating system. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API. .PARAMETER OperatingSystem The operating system for which to retrieve compliance policies. Valid values are "android", "iOS", "Win10", "macos", and "all". The default value is "all". .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS The cmdlet returns an array of Intune Device Compliance policy objects. .EXAMPLE PS> Get-EmMdmCompliance -OperatingSystem "android" This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune Device Compliance policies for Android devices. .EXAMPLE PS> Get-EmMdmCompliance -OperatingSystem "iOS" -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version and retrieves Intune Device Compliance policies for iOS devices. .EXAMPLE PS> Get-EmMdmCompliance This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune Device Compliance policies for all supported operating systems. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Get-EmMdmComplianceAPI - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMdmCompliance #> function Get-EmMdmCompliance { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'Medium' )] [OutputType([PSCustomObject[]])] param ( [Parameter( Mandatory = $false, HelpMessage = "Specify the operating system for which to retrieve compliance policies. Default is 'all'." )] [ValidateSet("android", "iOS", "Win10", "macos", "all")] [string]$OperatingSystem = "all", [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PSCmdlet.ShouldProcess("Getting Device Compliance Policies", "Get-EmMdmComplianceAPI")) { $DCPs = Get-EmMdmComplianceAPI -OperatingSystem $OperatingSystem -graphApiVersion $graphApiVersion if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No Device Compliance Policies were found" } } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Returning `"$OperatingSystem`" Device Compliance Policies..." return $DCPs } } #EndRegion '.\Public\Get\Mdm\Get-EmMdmCompliance.ps1' 101 #Region '.\Public\Get\Mdm\Get-EmMdmConfiguration.ps1' -1 <# .SYNOPSIS Retrieves Intune Device Configuration policies from Microsoft Graph. .DESCRIPTION The Get-EmMdmConfiguration cmdlet connects to Microsoft Graph using the specified API version and retrieves Intune Device Configuration policies for a specified device type. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API. .PARAMETER DeviceType The device type for which to retrieve configuration policies. Valid values are "windows81", "macOSExtensions", "macOSCustom", "macOSDeviceFeatures", "macOSGeneral", "macOSSoftwareUpdate", "macOSEndpointProtection", "androidWorkProfileGeneral", "androidWorkProfileVpn", "windowsHealthMonitoring", "windows81SCEP", "windows10Custom", "windows10EndpointProtection", "windows10General", and "all". The default value is "all". .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS The cmdlet returns an array of Intune Device Configuration policy objects. .EXAMPLE PS> Get-EmMdmConfiguration -DeviceType "windows81" This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune Device Configuration policies for Windows 8.1 devices. .EXAMPLE PS> Get-EmMdmConfiguration -DeviceType "macOSGeneral" -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version and retrieves Intune Device Configuration policies for macOS devices. .EXAMPLE PS> Get-EmMdmConfiguration This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune Device Configuration policies for all supported device types. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Get-EmMdmConfigurationAPI - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMdmConfiguration #> function Get-EmMdmConfiguration { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'Medium' )] [OutputType([pscustomobject[]])] param ( [Parameter( Mandatory = $false, Position = 0, HelpMessage = "Specify the device type for which to retrieve configuration policies. Default is 'all'." )] [ValidateSet( "windows81", "macOSExtensions", "macOSCustom", "macOSDeviceFeatures", "macOSGeneral", "macOSSoftwareUpdate", "macOSEndpointProtection", "androidWorkProfileGeneral", "androidWorkProfileVpn", "windowsHealthMonitoring", "windows81SCEP", "windows10Custom", "windows10EndpointProtection", "windows10General", "all" )] [string]$DeviceType = "all", [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { try { if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All" -AuthObject $AuthObject } if ($isConnected -and $PSCmdlet.ShouldProcess("Getting Device Configuration Policies", "Get-EmMdmConfigurationAPI")) { $DCPs = Get-EmMdmConfigurationAPI -odataType $DeviceType -graphApiVersion $graphApiVersion if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No Device Compliance Policies were found" } return $DCPs } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } } #EndRegion '.\Public\Get\Mdm\Get-EmMdmConfiguration.ps1' 108 #Region '.\Public\Get\Mdm\Get-EmMdmEndpointSecurity.ps1' -1 <# .SYNOPSIS Retrieves Intune Endpoint Security policies from Microsoft Graph. .DESCRIPTION The Get-EmMdmEndpointSecurity cmdlet connects to Microsoft Graph using the specified API version and retrieves Intune Endpoint Security policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS EmDManagementIntentInstanceCustom[] The cmdlet returns an array of EmDManagementIntentInstanceCustom objects representing the Endpoint Security policies. .EXAMPLE PS> Get-EmMdmEndpointSecurity -graphApiVersion $graphApiVersion This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune Endpoint Security policies. .EXAMPLE PS> Get-EmMdmEndpointSecurity -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version and retrieves Intune Endpoint Security policies. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Get-EmEndpointSecurityTemplate - Get-EmDMIntent - Get-EmDMTemplateSettingCategory - Get-EmDMSettingInstance - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMdmEndpointSecurity #> function Get-EmMdmEndpointSecurity { [CmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([EmDManagementIntentInstanceCustom])] param ( [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) Begin { try { if ($PScmdlet.ShouldProcess("Connecting to Microsoft Graph API with permissions: DeviceManagementConfiguration.Read.All, DeviceManagementManagedDevices.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All", "DeviceManagementManagedDevices.Read.All" -AuthObject $AuthObject } } catch { throw $_ } } Process { try { if ($PScmdlet.ShouldProcess("Listing device configurations from Microsoft Graph API to path: '$ExportPath' ", "Invoke-MgGraphRequest")) { # Get all Endpoint Security Templates $Templates = Get-EmEndpointSecurityTemplate -graphApiVersion $graphApiVersion # Get all Endpoint Security Policies configured $ESPolicies = Get-EmDMIntent -graphApiVersion $graphApiVersion | Sort-Object displayName if ($ESPolicies.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No Device Compliance Policies were found" } $allPolicies = @() # Looping through all policies configured foreach ($policy in ($ESPolicies | Sort-Object displayName)) { Write-Verbose "Endpoint Security Policy: $policy.displayName found..." # Update TemplateDisplayName and TemplateId properties $ES_Template = $Templates | Where-Object { $_.id -eq $policy.templateId } # Creating EmDManagementIntentInstanceCustom object for JSON output $JSON = [EmDManagementIntentInstanceCustom]::new($policy) # Add TemplateDisplayName to JSON object for easy identification during retrieval and import $JSON.TemplateDisplayName = $ES_Template.displayName # Getting all categories in specified Endpoint Security Template $Categories = Get-EmDMTemplateSettingCategory -TemplateId $policy.templateId -graphApiVersion $graphApiVersion # Looping through all categories within the Template $Settings = @() # Initialize the $Settings array to store the settings foreach ($category in $Categories) { $categoryId = $category.id $Settings += Get-EmDMSettingInstance -PolicyId $policy.id -categoryId $categoryId -graphApiVersion $graphApiVersion } # Adding All settings to settingsDelta ready for JSON export $JSON.settingsDelta = @($Settings) # Export JSON data #Export-JSONData -Policy $JSON -ExportPath $ExportPath $allPolicies += $JSON } return $allPolicies $ExportComplete = $true } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } End { if ($ExportComplete) { Write-Verbose "Export complete..." -Verbose } } } #EndRegion '.\Public\Get\Mdm\Get-EmMdmEndpointSecurity.ps1' 121 #Region '.\Public\Get\Mdm\Get-EmMdmGraphAuth.ps1' -1 <# .SYNOPSIS Creates an authentication object for connecting to Microsoft Graph using various authentication methods. .DESCRIPTION The Get-EmMdmGraphAuth function creates an authentication object that can be used to connect to Microsoft Graph. The function supports multiple authentication methods, including Client Secret, Certificate Thumbprint, Certificate Name, Managed Identity, System Assigned Identity, Access Token, Environment Variables, and X509 Certificate. .PARAMETER ClientSecretId The Client ID for the application using Client Secret authentication. Mandatory for ClientSecret parameter set. .PARAMETER ClientSecretTenantId The Tenant ID for the application using Client Secret authentication. Mandatory for ClientSecret parameter set. .PARAMETER ClientSecretValue The Client Secret value for the application using Client Secret authentication. Mandatory for ClientSecret parameter set. .PARAMETER CertificateThumbprintClientId The Client ID for the application using Certificate Thumbprint authentication. Mandatory for CertificateThumbprint parameter set. .PARAMETER CertificateThumbprintTenantId The Tenant ID for the application using Certificate Thumbprint authentication. Mandatory for CertificateThumbprint parameter set. .PARAMETER CertificateThumbprint The Certificate Thumbprint for the application using Certificate Thumbprint authentication. Mandatory for CertificateThumbprint parameter set. .PARAMETER CertificateNameClientId The Client ID for the application using Certificate Name authentication. Mandatory for CertificateName parameter set. .PARAMETER CertificateNameTenantId The Tenant ID for the application using Certificate Name authentication. Mandatory for CertificateName parameter set. .PARAMETER CertificateName The Certificate Name for the application using Certificate Name authentication. Mandatory for CertificateName parameter set. .PARAMETER ManagedIdentity The Client ID for the Managed Identity. Mandatory for ManagedIdentity parameter set. .PARAMETER SystemAssignedIdentity Indicates the use of a System Assigned Identity for authentication. Mandatory for SystemAssignedIdentity parameter set. .PARAMETER AccessToken Specifies a bearer token for Microsoft Graph service. Mandatory for AccessToken parameter set. .PARAMETER EnvironmentVariable Allows for authentication using environment variables configured on the host machine. Mandatory for EnvironmentVariable parameter set. .PARAMETER ClientId The client id of your application for X509 certificate authentication. Mandatory for X509Certificate parameter set. .PARAMETER CertificateSubjectName The subject distinguished name of a certificate for X509 certificate authentication. Mandatory for X509Certificate parameter set. .PARAMETER CertificateThumbprint The thumbprint of your certificate for X509 certificate authentication. Mandatory for X509Certificate parameter set. .PARAMETER Certificate An X.509 certificate supplied during invocation. Mandatory for X509Certificate parameter set. .PARAMETER TenantId The id of the tenant to connect to for X509 certificate authentication. Mandatory for X509Certificate parameter set. .Parameter X509CertificateThumbprint The thumbprint of your certificate for X509 certificate authentication. .INPUTS None .OUTPUTS PSCustomObject Returns an authentication object for connecting to Microsoft Graph. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -ClientSecretId "your-client-id" -ClientSecretTenantId "your-tenant-id" -ClientSecretValue "your-client-secret" Creates an authentication object using Client Secret authentication. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -CertificateThumbprintClientId "your-client-id" -CertificateThumbprintTenantId "your-tenant-id" -CertificateThumbprint "your-thumbprint" Creates an authentication object using Certificate Thumbprint authentication. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -CertificateNameClientId "your-client-id" -CertificateNameTenantId "your-tenant-id" -CertificateName "your-certificatename" Creates an authentication object using Certificate Name authentication. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -ManagedIdentity "your-client-id" Creates an authentication object using Managed Identity authentication. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -SystemAssignedIdentity Creates an authentication object using System Assigned Identity authentication. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -AccessToken (ConvertTo-SecureString -String "your-access-token" -AsPlainText -Force) Creates an authentication object using Access Token authentication. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -EnvironmentVariable Creates an authentication object using Environment Variable authentication. .EXAMPLE PS> $authObject = Get-EmMdmGraphAuth -ClientId "your-client-id" -CertificateSubjectName "CN=YourCertificate" -CertificateThumbprint "your-thumbprint" -Certificate $certificate -TenantId "your-tenant-id" Creates an authentication object using X509 Certificate authentication. .NOTES https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMdmGraphAuth #> function Get-EmMdmGraphAuth { [CmdletBinding()] param ( [Parameter(Mandatory = $true, ParameterSetName = "ClientSecret", Position = 0, HelpMessage = "The Client ID for the application using Client Secret authentication.")] [ValidateNotNullOrEmpty()] [string]$ClientSecretId, [Parameter(Mandatory = $true, ParameterSetName = "ClientSecret", Position = 1, HelpMessage = "The Tenant ID for the application using Client Secret authentication.")] [ValidateNotNullOrEmpty()] [string]$ClientSecretTenantId, [Parameter(Mandatory = $true, ParameterSetName = "ClientSecret", Position = 2, HelpMessage = "The Client Secret value for the application using Client Secret authentication.")] [ValidateNotNullOrEmpty()] [string]$ClientSecretValue, [Parameter(Mandatory = $true, ParameterSetName = "CertificateThumbprint", Position = 0, HelpMessage = "The Client ID for the application using Certificate Thumbprint authentication.")] [ValidateNotNullOrEmpty()] [string]$CertificateThumbprintClientId, [Parameter(Mandatory = $true, ParameterSetName = "CertificateThumbprint", Position = 1, HelpMessage = "The Tenant ID for the application using Certificate Thumbprint authentication.")] [ValidateNotNullOrEmpty()] [string]$CertificateThumbprintTenantId, [Parameter(Mandatory = $true, ParameterSetName = "CertificateThumbprint", Position = 2, HelpMessage = "The Certificate Thumbprint for the application using Certificate Thumbprint authentication.")] [ValidateNotNullOrEmpty()] [string]$CertificateThumbprint, [Parameter(Mandatory = $true, ParameterSetName = "CertificateName", Position = 0, HelpMessage = "The Client ID for the application using Certificate Name authentication.")] [ValidateNotNullOrEmpty()] [string]$CertificateNameClientId, [Parameter(Mandatory = $true, ParameterSetName = "CertificateName", Position = 1, HelpMessage = "The Tenant ID for the application using Certificate Name authentication.")] [ValidateNotNullOrEmpty()] [string]$CertificateNameTenantId, [Parameter(Mandatory = $true, ParameterSetName = "CertificateName", Position = 2, HelpMessage = "The Certificate Name for the application using Certificate Name authentication.")] [ValidateNotNullOrEmpty()] [string]$CertificateName, [Parameter(Mandatory = $true, ParameterSetName = "ManagedIdentity", Position = 0, HelpMessage = "The Client ID for the Managed Identity.")] [ValidateNotNullOrEmpty()] [string]$ManagedIdentity, [Parameter(Mandatory = $true, ParameterSetName = "SystemAssignedIdentity", Position = 0, HelpMessage = "Indicates the use of a System Assigned Identity for authentication.")] [switch]$SystemAssignedIdentity, [Parameter(Mandatory = $true, ParameterSetName = "AccessToken", Position = 0, HelpMessage = "Specifies a bearer token for Microsoft Graph service.")] [ValidateNotNullOrEmpty()] [SecureString]$AccessToken, [Parameter(Mandatory = $true, ParameterSetName = "EnvironmentVariable", Position = 0, HelpMessage = "Allows for authentication using environment variables configured on the host machine.")] [switch]$EnvironmentVariable, [Parameter(Mandatory = $true, ParameterSetName = "X509Certificate", Position = 0, HelpMessage = "The client id of your application for X509 certificate authentication.")] [ValidateNotNullOrEmpty()] [string]$ClientId, [Parameter(Mandatory = $true, ParameterSetName = "X509Certificate", Position = 1, HelpMessage = "The subject distinguished name of a certificate for X509 certificate authentication.")] [ValidateNotNullOrEmpty()] [string]$CertificateSubjectName, [Parameter(Mandatory = $true, ParameterSetName = "X509Certificate", Position = 2, HelpMessage = "The thumbprint of your certificate for X509 certificate authentication.")] [ValidateNotNullOrEmpty()] [string]$X509CertificateThumbprint, [Parameter(Mandatory = $true, ParameterSetName = "X509Certificate", Position = 3, HelpMessage = "An X.509 certificate supplied during invocation.")] [ValidateNotNullOrEmpty()] [System.Security.Cryptography.X509Certificates.X509Certificate2]$Certificate, [Parameter(Mandatory = $true, ParameterSetName = "X509Certificate", Position = 4, HelpMessage = "The id of the tenant to connect to for X509 certificate authentication.")] [ValidateNotNullOrEmpty()] [string]$TenantId ) switch ($PSCmdlet.ParameterSetName) { "ClientSecret" { return [EmMdmAuthClientSecret]::new($ClientSecretId, $ClientSecretTenantId, $ClientSecretValue) } "CertificateThumbprint" { return [EmMdmAuthCertificateThumbprint]::new($CertificateThumbprintClientId, $CertificateThumbprintTenantId, $CertificateThumbprint) } "CertificateName" { return [EmMdmAuthCertificateName]::new($CertificateNameClientId, $CertificateNameTenantId, $CertificateName) } "ManagedIdentity" { return [EmMdmAuthManagedIdentity]::new($ManagedIdentity) } "SystemAssignedIdentity" { if ($SystemAssignedIdentity) { return [EmMdmAuthManagedIdentity]::new($true) } } "AccessToken" { return [EmMdmAuthAccessToken]::new($AccessToken) } "EnvironmentVariable" { if ($EnvironmentVariable) { return [EmMdmAuthEnvironmentVariable]::new() } } "X509Certificate" { return [EmMdmAuthX509Certificate]::new($ClientId, $CertificateSubjectName, $X509CertificateThumbprint, $Certificate, $TenantId) } } } #EndRegion '.\Public\Get\Mdm\Get-EmMdmGraphAuth.ps1' 199 #Region '.\Public\Get\Mdm\Get-EmMdmSoftwareUpdate.ps1' -1 <# .SYNOPSIS Retrieves Intune Device Update policies from Microsoft Graph. .DESCRIPTION The Get-EmMdmSoftwareUpdate cmdlet connects to Microsoft Graph using the specified API version and retrieves Intune Device Update policies. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS [pscustomobject[]] The cmdlet returns an array of PSCustomObject representing the Device Update policies. .EXAMPLE PS> Get-EmMdmSoftwareUpdate -graphApiVersion $graphApiVersion This example connects to Microsoft Graph using the 'beta' API version and retrieves Intune Device Update policies. .EXAMPLE PS> Get-EmMdmSoftwareUpdate -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version and retrieves Intune Device Update policies. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Get-EmMdmConfigurationAPI - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMdmSoftwareUpdate #> function Get-EmMdmSoftwareUpdate { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'Medium' )] [OutputType([pscustomobject[]])] param ( [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { try { if ($PSCmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.Read.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.Read.All" -AuthObject $AuthObject } if ($PSCmdlet.ShouldProcess("Getting Device Update Policies", "Get-EmMdmConfigurationAPI")) { $DCPs = Get-EmMdmConfigurationAPI -odataType softwareUpdates -graphApiVersion $graphApiVersion if ($DCPs.Length -eq 0) { Write-Verbose "No policies found" -Verbose throw "No Device Compliance Policies were found" } return $DCPs } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } } #EndRegion '.\Public\Get\Mdm\Get-EmMdmSoftwareUpdate.ps1' 78 #Region '.\Public\Get\Mg\Get-EmMgMetadataXml.ps1' -1 <# .SYNOPSIS Downloads the Microsoft Graph metadata XML file. .DESCRIPTION The Get-EmMgMetadataXml cmdlet connects to Microsoft Graph using the specified API version and downloads the metadata XML file to the specified output path. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API. .PARAMETER OutputPath The file path where the metadata XML file will be saved. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS [string] The cmdlet outputs a message indicating the success or failure of the metadata XML download. .EXAMPLE PS> Get-EmMgMetadataXml -OutputPath "C:\GraphMetadata\metadata.xml" This example connects to Microsoft Graph using the 'beta' API version and downloads the metadata XML file to "C:\GraphMetadata\metadata.xml". .EXAMPLE PS> Get-EmMgMetadataXml -OutputPath "C:\GraphMetadata\metadata.xml" -graphApiVersion "v1.0" This example connects to Microsoft Graph using the 'v1.0' API version and downloads the metadata XML file to "C:\GraphMetadata\metadata.xml". .NOTES The cmdlet uses the following functions: - Invoke-WebRequest .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMgMetadataXml #> function Get-EmMgMetadataXml { [CmdletBinding()] param ( [Parameter( Mandatory = $true, ValueFromPipelineByPropertyName = $true, Position = 0, HelpMessage = "Specify the output path where the metadata XML will be saved." )] [ValidateNotNullOrEmpty()] [string]$OutputPath, [Parameter( Mandatory = $false, HelpMessage = "Specify the version of the Microsoft Graph API to use. Default is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { try { $metadataUrl = "https://graph.microsoft.com/$graphApiVersion/`$metadata/" Invoke-WebRequest -Method Get -Uri $metadataUrl -OutFile $OutputPath -UseBasicParsing Write-Verbose "Metadata XML downloaded successfully to $OutputPath." -Verbose } catch { Write-Error "Failed to download metadata XML: $_" } } } #EndRegion '.\Public\Get\Mg\Get-EmMgMetadataXml.ps1' 60 #Region '.\Public\Get\Mg\Get-EmMgMetadataXmlInfo.ps1' -1 <# .SYNOPSIS Retrieves metadata information for a specific entity type from a Microsoft Graph metadata XML file. .DESCRIPTION The Get-EmMgMetadataXmlInfo cmdlet parses a Microsoft Graph metadata XML file and retrieves detailed information for a specified entity type. It gathers properties, methods, actions, enums, and relationships related to the entity type, and provides a JSON representation of the entity. .PARAMETER XmlFilePath The file path to the Microsoft Graph metadata XML file. This parameter is mandatory. .PARAMETER TypeName The name of the entity type to retrieve information for. This parameter is mandatory. .PARAMETER InfoType The type of information to retrieve. Default is "EntityType". .INPUTS None. This cmdlet does not accept pipeline input. .OUTPUTS [PSCustomObject] The cmdlet outputs a custom object containing detailed information about the specified entity type, including its properties, methods, actions, enums, relationships, and a JSON representation. .EXAMPLE PS> Get-EmMgMetadataXmlInfo -XmlFilePath "C:\GraphMetadata\metadata.xml" -TypeName "User" This example retrieves metadata information for the 'User' entity type from the specified Microsoft Graph metadata XML file. .EXAMPLE PS> Get-EmMgMetadataXmlInfo -XmlFilePath "C:\GraphMetadata\metadata.xml" -TypeName "Device" This example retrieves metadata information for the 'Device' entity type from the specified Microsoft Graph metadata XML file. .NOTES The cmdlet uses XPath queries to navigate the metadata XML and extract relevant information. .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMgMetadataXmlInfo #> function Get-EmMgMetadataXmlInfo { [CmdletBinding()] [OutputType([PSCustomObject])] param ( [Parameter( Mandatory = $true, HelpMessage = "Specify the path to the XML metadata file." )] [ValidateNotNullOrEmpty()] [string]$XmlFilePath, [Parameter( Mandatory = $true, HelpMessage = "Specify the type name for which information is to be retrieved." )] [ValidateNotNullOrEmpty()] [string]$TypeName, [Parameter( Mandatory = $false, HelpMessage = "Specify the information type to be retrieved. Default is 'EntityType'." )] [ValidateSet("EntityType")] [string]$InfoType = "EntityType" ) process{ #[ValidateSet("EntityType")] [string]$InfoType = "EntityType" [xml]$XmlMetadata = Get-Content -Path $XmlFilePath $NamespaceManager = New-Object System.Xml.XmlNamespaceManager($XmlMetadata.NameTable) $NamespaceManager.AddNamespace("edmx", "http://docs.oasis-open.org/odata/ns/edmx") $NamespaceManager.AddNamespace("edm", "http://docs.oasis-open.org/odata/ns/edm") $schemaNodes = $XmlMetadata.SelectNodes("//edmx:Edmx/edmx:DataServices/edm:Schema", $NamespaceManager) $info = [PSCustomObject]@{ Type = $InfoType Name = $TypeName BaseType = "" Properties = @() Methods = @() Actions = @() Enums = @() Relationships = @() JsonRepresentation = @{} } $found = $false foreach ($schema in $schemaNodes) { $typeNode = $schema.SelectSingleNode("edm:$InfoType[@Name='$TypeName']", $NamespaceManager) if ($typeNode) { $found = $true Write-Verbose "$InfoType`: $TypeName" if ($typeNode.BaseType) { $info.BaseType = $typeNode.BaseType Write-Verbose "BaseType`: $($typeNode.BaseType)" } foreach ($property in $typeNode.Property) { $propertyName = $property.Name $propertyType = $property.Type Write-Verbose "Property Name`: $propertyName, Type`: $propertyType" $info.Properties += [PSCustomObject]@{ Name = $propertyName Type = $propertyType } switch -Wildcard ($propertyType) { "Edm.String" { $info.JsonRepresentation[$propertyName] = "string" } "Edm.Int32" { $info.JsonRepresentation[$propertyName] = 0 } "Edm.DateTimeOffset" { $info.JsonRepresentation[$propertyName] = "2024-01-01T00:00:00Z" } "Edm.Boolean" { $info.JsonRepresentation[$propertyName] = $false } "Collection(Edm.String)" { $info.JsonRepresentation[$propertyName] = [string[]]@("string1", "string2") } "Collection(Edm.Int32)" { $info.JsonRepresentation[$propertyName] = @(0, 1) } "Collection(Edm.DateTimeOffset)" { $info.JsonRepresentation[$propertyName] = @("2024-01-01T00:00:00Z", "2024-01-02T00:00:00Z") } "Collection(*)" { $info.JsonRepresentation[$propertyName] = @{} } default { $info.JsonRepresentation[$propertyName] = "null" } } } foreach ($navProp in $typeNode.NavigationProperty) { $navPropName = $navProp.Name $navPropType = $navProp.Type Write-Verbose "Navigation Property Name`: $navPropName, Type`: $navPropType" $info.Relationships += [PSCustomObject]@{ Name = $navPropName Type = $navPropType } } # Gather related functions and actions $methods = $schema.SelectNodes("edm:Function", $NamespaceManager) foreach ($method in $methods) { $parameterType = $method.Parameter.Type if ($parameterType -eq "graph.$TypeName" -or $parameterType -eq "Collection(graph.$TypeName)") { $methodName = $method.LocalName $methodType = "Function" Write-Verbose "$methodType`: $methodName" $info.Methods += [PSCustomObject]@{ Name = $methodName Type = $methodType } } } $actions = $schema.SelectNodes("edm:Action", $NamespaceManager) foreach ($action in $actions) { $parameterType = $action.Parameter.Type if ($parameterType -eq "graph.$TypeName" -or $parameterType -eq "Collection(graph.$TypeName)") { $actionName = $action.LocalName $actionType = "Action" Write-Verbose "$actionType`: $actionName" $info.Actions += [PSCustomObject]@{ Name = $actionName Type = $actionType } } } # Gather related enums $enumTypes = $schema.SelectNodes("edm:EnumType", $NamespaceManager) foreach ($enumType in $enumTypes) { $enumName = $enumType.Name Write-Verbose "EnumType`: $enumName" $info.Enums += [PSCustomObject]@{ Name = $enumName Type = "EnumType" } } } if ($found) { break } } if (-not $found) { Write-Verbose "$InfoType`: $TypeName not found in schema: $($schema.NamespaceURI)" -Verbose } return $info } } #EndRegion '.\Public\Get\Mg\Get-EmMgMetadataXmlInfo.ps1' 157 #Region '.\Public\Get\Mg\Get-EmMgResourceJson.ps1' -1 <# .SYNOPSIS Retrieves JSON resource and property information from Microsoft Graph API documentation. .DESCRIPTION The Get-EmMgResourceJson cmdlet fetches JSON resource data and property tables from specified OData types using Microsoft Graph API documentation hosted on GitHub. The cmdlet returns the JSON representation of the resource and its properties table. .PARAMETER ODataTypes An array of OData types for which to retrieve JSON resource data. This parameter is mandatory. .INPUTS [string[]] The cmdlet accepts an array of OData types as input. .OUTPUTS [PSCustomObject] The cmdlet outputs a custom object containing the JSON representation and properties table of the specified OData types. .EXAMPLE PS> Get-EmMgResourceJson -ODataTypes "macOSExtensionsConfiguration", "windows81TrustedRootCertificate" This example retrieves JSON resource data and properties table for the specified OData types from Microsoft Graph API documentation. .NOTES The cmdlet constructs the URL to the Microsoft Graph API documentation for each specified OData type, downloads the markdown content, and parses the JSON resource data and properties table. .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMgResourceJson #> function Get-EmMgResourceJson { [CmdletBinding()] [OutputType([PSCustomObject])] param ( [Parameter(Mandatory = $true, HelpMessage = "Specify the OData types for which to retrieve JSON resources.")] [ValidateNotNullOrEmpty()] [string[]]$ODataTypes ) process { $result = @() foreach ($odataType in $ODataTypes) { # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-macosextensionsconfiguration?view=graph-rest-beta # https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-windows81trustedrootcertificate?view=graph-rest-beta $uri = "https://raw.githubusercontent.com/microsoftgraph/microsoft-graph-docs-contrib/main/api-reference/beta/resources/intune-deviceconfig-$odataType.md" #$uri = "https://raw.githubusercontent.com/microsoftgraph/microsoft-graph-docs-contrib/main/api-reference/beta/api/intune-deviceconfig-$odataType-list.md" try { $markdownContent = Invoke-WebRequest -Uri $uri -UseBasicParsing $lines = $markdownContent.Content -split "`n" $jsonStart = $false $jsonContent = @() $braceCount = 0 $tableContent = @() $inTable = $false foreach ($line in $lines) { if ($line.Trim() -eq "{") { $jsonStart = $true $braceCount++ } if ($jsonStart) { $jsonContent += $line if ($line.Trim() -eq "{") { $braceCount++ } elseif ($line.Trim() -eq "}") { $braceCount-- if ($braceCount -eq 0) { $jsonStart = $false } } } if ($line -match "^## Properties$") { $inTable = $true continue } if ($inTable) { if ($line -match "^## " -or $line -match '^```') { $inTable = $false } elseif ($line -notmatch "^\|:---\|:---\|:---\|$" -and $line.Trim() -ne "") { $tableContent += $line } } } $jsonContent = ($jsonContent -join "`n").Replace('```', "").Trim() $tableString = ($tableContent -join "`n").TrimEnd("`n") | ConvertFrom-Csv -Delimiter "|" | Select-Object -Property * -ExcludeProperty h1 | ConvertTo-Csv -Delimiter "|" if ($jsonContent -and $tableString) { $customObject = [PSCustomObject]@{ Table = $tableString Json = $jsonContent } $result += $customObject } } catch { Write-Verbose "Failed to process $odataType`: $_" -ForegroundColor Red } } return $result } } #EndRegion '.\Public\Get\Mg\Get-EmMgResourceJson.ps1' 93 #Region '.\Public\Get\Mg\Get-EmMgResourceOperationJson.ps1' -1 <# .SYNOPSIS Retrieves JSON examples for specified OData types and operations from Microsoft Graph API documentation. .DESCRIPTION The Get-EmMgResourceOperationJson cmdlet fetches JSON examples for specified OData types and operations (get, create, update) from the Microsoft Graph API documentation hosted on GitHub. The cmdlet returns JSON representations for the specified operations. .PARAMETER ODataTypes An array of OData types for which to retrieve JSON examples. This parameter is mandatory. .PARAMETER Operation The operation type for which to retrieve JSON examples. Valid values are "get", "create", and "update". This parameter is mandatory. .PARAMETER Resource The resource type for which to retrieve JSON examples. Valid values are "intune-deviceconfig" and "intune-mam". This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .INPUTS [string[]] The cmdlet accepts an array of OData types as input. .OUTPUTS [PSCustomObject] The cmdlet outputs a custom object containing JSON examples for the specified OData types and operations. .EXAMPLE PS> Get-EmMgResourceOperationJson -ODataTypes "androidCompliancePolicy", "iosCompliancePolicy" -Operation "get" -Resource "intune-deviceconfig" This example retrieves JSON examples for the specified OData types and get operations from Microsoft Graph API documentation. .NOTES The cmdlet constructs the URL to the Microsoft Graph API documentation for each specified OData type and operation, downloads the markdown content, and parses the JSON examples. .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Get-EmMgResourceOperationJson #> function Get-EmMgResourceOperationJson { [CmdletBinding()] [OutputType([System.Object[]])] param ( [Parameter(Mandatory = $true, HelpMessage = "Specify the OData types for which to retrieve operation JSON.")] [ValidateNotNullOrEmpty()] [string[]]$ODataTypes, [Parameter(Mandatory = $true, HelpMessage = "Specify the operation type (get, create, update).")] [ValidateSet("get", "create", "update")] [string]$Operation, [Parameter(Mandatory = $true, HelpMessage = "Specify the resource type (intune-deviceconfig, intune-mam).")] [ValidateSet("intune-deviceconfig", "intune-mam")] [string]$Resource, [Parameter(Mandatory = $false, HelpMessage = "Specify the API version to use (beta, v1.0).")] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) process { $result = @() foreach ($odataType in $ODataTypes) { #$uri = "https://raw.githubusercontent.com/microsoftgraph/microsoft-graph-docs-contrib/main/api-reference/beta/api/intune-mam-targetedmanagedappconfiguration-create.md" $uri = "https://raw.githubusercontent.com/microsoftgraph/microsoft-graph-docs-contrib/main/api-reference/$graphApiVersion/api/$Resource-$(($odataType).ToLower())-$Operation.md" try { $markdownContent = Invoke-WebRequest -Uri $uri -UseBasicParsing $lines = $markdownContent.Content -split "`n" $jsonStart = $false $jsonContent = @() $braceCount = 0 foreach ($line in $lines) { if ($line.Trim() -eq "{") { $jsonStart = $true $braceCount++ } if ($jsonStart) { $jsonContent += $line if ($line.Trim() -eq "{") { $braceCount++ } elseif ($line.Trim() -eq "}") { $braceCount-- if ($braceCount -eq 0) { $jsonStart = $false } } } } $jsonContent = ($jsonContent -join "`n").Replace('```', "").Trim() if ($jsonContent) { if ($Operation -eq "get") { $customObject = [PSCustomObject]@{ Operation = $Operation Type = $odataType JsonResponse = $jsonContent } } else { # Split the JSON content into two parts based on the number of lines between the JSON objects $jsonLines = $jsonContent -split "`n" $json1 = $jsonLines[0..($jsonLines.IndexOf("}"))] -join "`n" $json2 = $jsonLines[($jsonLines.IndexOf("}") + 10)..($jsonLines.Length - 1)] -join "`n" $customObject = [PSCustomObject]@{ Operation = $Operation Type = $odataType JsonBody = $json1 JsonResponse = $json2 } } $result += $customObject } } catch { throw $_ } } return $result } } #EndRegion '.\Public\Get\Mg\Get-EmMgResourceOperationJson.ps1' 107 #Region '.\Public\Import\Import-EmMdmAppConfiguration.ps1' -1 <# .SYNOPSIS Imports Intune App Configuration policies from a specified JSON file. .DESCRIPTION The Import-EmMdmAppConfiguration cmdlet connects to Microsoft Graph, reads an Intune App Configuration policy from a specified JSON file, and creates the policy in Intune. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ImportPath The file path to the JSON file containing the App Configuration policy to import. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a file path as input. .OUTPUTS [string] The cmdlet outputs the ID of the created policy. .EXAMPLE PS> Import-EmMdmAppConfiguration -ImportPath "C:\Backup\AppConfigurations\Policy.json" This example connects to Microsoft Graph, reads the App Configuration policy from the specified JSON file, and creates the policy in Intune. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Add-EmMdmAppConfiguration - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Import-EmMdmAppConfiguration #> function Import-EmMdmAppConfiguration { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([string])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specify the path to the JSON file containing the app configuration to import." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PScmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementApps.ReadWrite.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementApps.ReadWrite.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Importing App Configuration Policy '$DisplayName'", "Add-EmMdmAppConfiguration")) { $ImportPath = $ImportPath.replace('"', '') $JSON_Data = Get-Content -Path "$ImportPath" $backupConfig = $JSON_Data | ConvertFrom-Json -AsHashtable -NoEnumerate $DisplayName = $backupConfig.displayName $Configuration = [CreateEmMdmTargetedManagedAppConfiguration]::new($backupConfig) $CreateResult = Add-EmMdmAppConfiguration -Json $Configuration -graphApiVersion $graphApiVersion Write-Verbose "Policy '$DisplayName' created with id" $CreateResult.id -Verbose } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Import-EmMdmAppConfiguration completed." -Verbose } } #EndRegion '.\Public\Import\Import-EmMdmAppConfiguration.ps1' 95 #Region '.\Public\Import\Import-EmMdmAppProtection.ps1' -1 <# .SYNOPSIS Imports Intune App Protection policies from a specified JSON file. .DESCRIPTION The Import-EmMdmAppProtection cmdlet connects to Microsoft Graph, reads an Intune App Protection policy from a specified JSON file, and creates the policy in Intune. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ImportPath The file path to the JSON file containing the App Protection policy to import. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a file path as input. .OUTPUTS [string] The cmdlet outputs the ID of the created policy. .EXAMPLE PS> Import-EmMdmAppProtection -ImportPath "C:\Backup\AppProtections\Policy.json" This example connects to Microsoft Graph, reads the App Protection policy from the specified JSON file, and creates the policy in Intune. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Add-EmMdmAppProtection - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Import-EmMdmAppProtection #> function Import-EmMdmAppProtection { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([string])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specify the path to the JSON file containing the app configuration to import." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PScmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementApps.ReadWrite.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementApps.ReadWrite.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Importing App Protection Policy '$DisplayName'", "Add-EmMdmAppProtection")) { $ImportPath = $ImportPath.replace('"', '') $JSON_Data = Get-Content -Path "$ImportPath" $backupConfig = $JSON_Data | ConvertFrom-Json -AsHashtable -NoEnumerate $DisplayName = $backupConfig.displayName $Configuration = [CreateEmMdmTargetedManagedAppConfiguration]::new($backupConfig) $CreateResult = Add-EmMdmAppProtection -Json $Configuration -graphApiVersion $graphApiVersion Write-Verbose "Policy '$DisplayName' created with id" $CreateResult.id -Verbose } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Import-EmMdmAppProtection completed." -Verbose } } #EndRegion '.\Public\Import\Import-EmMdmAppProtection.ps1' 94 #Region '.\Public\Import\Import-EmMdmCompliance.ps1' -1 <# .SYNOPSIS Imports Intune Compliance policies from a specified JSON file. .DESCRIPTION The Import-EmMdmCompliance cmdlet connects to Microsoft Graph, reads an Intune Compliance policy from a specified JSON file, and creates the policy in Intune. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ImportPath The file path to the JSON file containing the Compliance policy to import. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a file path as input. .OUTPUTS [pscustomobject] The cmdlet outputs the result of the created policy. .EXAMPLE PS> Import-EmMdmCompliance -ImportPath "C:\Backup\CompliancePolicies\Policy.json" This example connects to Microsoft Graph, reads the Compliance policy from the specified JSON file, and creates the policy in Intune. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Add-EmMdmCompliance - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Import-EmMdmCompliance #> function Import-EmMdmCompliance { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([pscustomobject])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specify the path to the JSON file containing the app configuration to import." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PScmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.ReadWrite.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.ReadWrite.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Importing Compliance Policy '$DisplayName'", "Add-EmMdmCompliance")) { $ImportPath = $ImportPath.replace('"', '') $Import = Get-Content $ImportPath $id = "00000000-0000-0000-0000-000000000000" $JSON_Data = $import | ConvertFrom-Json -AsHashtable -NoEnumerate # Excluding entries that are not required - id,createdDateTime,lastModifiedDateTime,version $basicJson = $JSON_Data | Select-Object -Property * -ExcludeProperty createdDateTime, id, lastModifiedDateTime, version, restrictedApps $DisplayName = $basicJson.DisplayName if (-not (($basicJson).scheduledActionsForRule)) { $scheduledActionsForRule = @( @{ ruleName = "PasswordRequired" scheduledActionConfigurations = @( @{ actionType = "block" gracePeriodHours = 0 notificationTemplateId = "" } ) } ) $basicJson | Add-Member -NotePropertyName scheduledActionsForRule -NotePropertyValue $scheduledActionsForRule -Force } $basicJson | Add-Member -NotePropertyName id -NotePropertyValue $id -Force $CreateResult = Add-EmMdmCompliance -JSON ($basicJson | ConvertTo-Json -Depth 10) -graphApiVersion $graphApiVersion Write-Verbose "PolicyType: '$($basicJson."@odata.type")'; API Version: '$graphApiVersion'; DisplayName: '$($basicJson.DisplayName)'; id: $($CreateResult.id)" -Verbose return $CreateResult } } catch { throw "An error occurred while importing the Compliance Policy: `n$_" } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Import-EmMdmCompliance completed." -Verbose } } #EndRegion '.\Public\Import\Import-EmMdmCompliance.ps1' 113 #Region '.\Public\Import\Import-EmMdmConfiguration.ps1' -1 <# .SYNOPSIS Imports Intune Device Configuration policies from a specified JSON file. .DESCRIPTION The Import-EmMdmConfiguration cmdlet connects to Microsoft Graph, reads an Intune Device Configuration policy from a specified JSON file, and creates the policy in Intune. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ImportPath The file path to the JSON file containing the Device Configuration policy to import. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a file path as input. .OUTPUTS [string] The cmdlet outputs the result of the created policy. .EXAMPLE PS> Import-EmMdmConfiguration -ImportPath "C:\Backup\DeviceConfigurations\Policy.json" This example connects to Microsoft Graph, reads the Device Configuration policy from the specified JSON file, and creates the policy in Intune. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Add-EmMdmConfiguration - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Import-EmMdmConfiguration #> function Import-EmMdmConfiguration { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([string])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specify the path to the JSON file containing the app configuration to import." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PScmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.ReadWrite.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.ReadWrite.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Importing Device Configuration Policy '$DisplayName'", "Add-EmMdmConfiguration")) { $ImportPath = $ImportPath.replace('"', '') $JSON_Data = Get-Content -Path "$ImportPath" $backupConfig = $JSON_Data | ConvertFrom-Json -AsHashtable -NoEnumerate #| Select-Object -Property * -ExcludeProperty id,lastModifiedDateTime,roleScopeTagIds,supportsScopeTags,deviceManagementApplicabilityRuleOsEdition,deviceManagementApplicabilityRuleOsVersion,deviceManagementApplicabilityRuleDeviceMode,createdDateTime $DisplayName = $backupConfig.displayName $JSON_Type = $backupConfig."@odata.type" $Configuration = switch ($JSON_Type) { "#microsoft.graph.windows81TrustedRootCertificate" { [CreateEmWindows81TrustedRootCertificate]::new($backupConfig) } "#microsoft.graph.macOSExtensionsConfiguration" { [CreateEmMacOSExtensionsConfiguration]::new($backupConfig) } "#microsoft.graph.macOSCustomConfiguration" { [CreateEmMacOSCustomConfiguration]::new($backupConfig) } "#microsoft.graph.macOSDeviceFeaturesConfiguration" { [CreateEmMacOSDeviceFeaturesConfiguration]::new($backupConfig) } "#microsoft.graph.macOSGeneralDeviceConfiguration" { [CreateEmMacOSGeneralDeviceConfiguration]::new($backupConfig) } "#microsoft.graph.macOSSoftwareUpdateConfiguration" { [CreateEmMacOSSoftwareUpdateConfiguration]::new($backupConfig) } "#microsoft.graph.macOSEndpointProtectionConfiguration" { [CreateEmMacOSEndpointProtectionConfiguration]::new($backupConfig) } "#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration" { [CreateEmAndroidWorkProfileGeneralDeviceConfiguration]::new($backupConfig) } "#microsoft.graph.androidWorkProfileVpnConfiguration" { [CreateEmAndroidWorkProfileVpnConfiguration]::new($backupConfig) } "#microsoft.graph.windowsHealthMonitoringConfiguration" { [CreateEmWindowsHealthMonitoringConfiguration]::new($backupConfig) } "#microsoft.graph.windows81SCEPCertificateProfile" { [CreateEmWindows81SCEPCertificateProfile]::new($backupConfig) } "#microsoft.graph.windows10CustomConfiguration" { [CreateEmWindows10CustomConfiguration]::new($backupConfig) } "#microsoft.graph.windows10EndpointProtectionConfiguration" { [CreateEmWindows10EndpointProtectionConfiguration]::new($backupConfig) } "#microsoft.graph.windows10GeneralConfiguration" { [CreateEmWindows10GeneralConfiguration]::new($backupConfig) } default { $backupConfig } # If the type is not recognized, return the object as-is } $CreateResult = Add-EmMdmConfiguration -Configuration $Configuration -graphApiVersion $graphApiVersion Write-Verbose "Policy '$DisplayName' created with id" $CreateResult.id -Verbose } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Import-EmMdmConfiguration completed." -Verbose } } #EndRegion '.\Public\Import\Import-EmMdmConfiguration.ps1' 110 #Region '.\Public\Import\Import-EmMdmEndpointSecurity.ps1' -1 <# .SYNOPSIS Imports Intune Endpoint Security policies from a specified JSON file. .DESCRIPTION The Import-EmMdmEndpointSecurity cmdlet connects to Microsoft Graph, reads an Intune Endpoint Security policy from a specified JSON file, and creates the policy in Intune. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ImportPath The file path to the JSON file containing the Endpoint Security policy to import. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a file path as input. .OUTPUTS [PSCustomObject] The cmdlet outputs the result of the created policy. .EXAMPLE PS> Import-EmMdmEndpointSecurity -ImportPath "C:\Backup\EndpointSecurity\Policy.json" This example connects to Microsoft Graph, reads the Endpoint Security policy from the specified JSON file, and creates the policy in Intune. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Add-EmMdmEndpointSecurity - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Import-EmMdmEndpointSecurity #> function Import-EmMdmEndpointSecurity { [CmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([PSCustomObject])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specify the path to the JSON file containing the app configuration to import." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Connecting to Microsoft Graph API with permissions: DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.ReadWrite.All", "DeviceManagementManagedDevices.ReadWrite.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Getting Endpoint Security Policy from Microsoft Graph API", "Invoke-MgGraphRequest")) { # Get all Endpoint Security Templates $Templates = Get-EmDeviceEndpointSecurityTemplate -graphApiVersion $graphApiVersion $ImportPath = $ImportPath.replace('"', '') # Getting content of JSON Import file $JSON_Data = Get-Content -Path "$ImportPath" -Raw # Converting input to JSON format $jsonObject = $JSON_Data | ConvertFrom-Json $JSON_TemplateId = $jsonObject.templateId $JSON_Convert = [EmDMIntentInstance]::new($jsonObject) # Pulling out variables to use in the import $JSON_DN = $jsonObject.displayName $JSON_TemplateDisplayName = $jsonObject.TemplateDisplayName $DisplayName = $jsonObject.displayName Write-Information "`n" -InformationAction Continue Write-Verbose "Endpoint Security Policy '$JSON_DN' found..." -Verbose Write-Information "Template Display Name: $JSON_TemplateDisplayName" -InformationAction Continue Write-Information "Template ID: $JSON_TemplateId" -InformationAction Continue # Checking if templateId from JSON is a valid templateId $ES_Template = $Templates | Where-Object { $_.id -eq $JSON_TemplateId } # If template is a baseline Edge, MDATP or Windows, use templateId specified if ($ES_Template.templateType -eq "microsoftEdgeSecurityBaseline" -or $ES_Template.templateType -eq "securityBaseline" -or $ES_Template.templateType -eq "advancedThreatProtectionSecurityBaseline") { $TemplateId = $JSON_TemplateId } # Else If not a baseline, check if template is deprecated elseif ($ES_Template) { # if template isn't deprecated use templateId if ($ES_Template.isDeprecated -eq $false) { $TemplateId = $JSON_TemplateId } # If template deprecated, look for latest version elseif ($ES_Template.isDeprecated -eq $true) { $Template = $Templates | Where-Object { $_.displayName -eq "$JSON_TemplateDisplayName" } | Where-Object { $_.isDeprecated -eq $false } $TemplateId = $Template.id } } # Else If Imported JSON template ID can't be found check if Template Display Name can be used elseif ($null -eq $ES_Template) { Write-Verbose "Didn't find Template with ID $JSON_TemplateId, checking if Template DisplayName '$JSON_TemplateDisplayName' can be used..." -Verbose $ES_Template = $Templates | Where-Object { $_.displayName -eq "$JSON_TemplateDisplayName" } If ($ES_Template) { if ($ES_Template.templateType -eq "securityBaseline" -or $ES_Template.templateType -eq "advancedThreatProtectionSecurityBaseline") { Write-Information "`n" -InformationAction Continue Write-Verbose "TemplateID '$JSON_TemplateId' with template Name '$JSON_TemplateDisplayName' doesn't exist..." -Verbose Write-Warning "Importing using the updated template could fail as settings specified may not be included in the latest template..." -WarningAction Continue Write-Information "`n" -InformationAction Continue break } else { Write-Verbose "Template with displayName '$JSON_TemplateDisplayName' found..." -Verbose $Template = $ES_Template | Where-Object { $_.isDeprecated -eq $false } $TemplateId = $Template.id } } else { Write-Information "`n" -InformationAction Continue Write-Verbose "TemplateID '$JSON_TemplateId' with template Name '$JSON_TemplateDisplayName' doesn't exist..." -Verbose Write-Warning "Importing using the updated template could fail as settings specified may not be included in the latest template..." -WarningAction Continue Write-Information "`n" -InformationAction Continue Write-Information "`n" -InformationAction Continue } } Write-Verbose "Adding Endpoint Security Policy '$DisplayName'" -Verbose $CreateResult = Add-EmMdmEndpointSecurity -TemplateId $TemplateId -JSON ($JSON_Convert | ConvertTo-Json) -graphApiVersion $graphApiVersion Write-Verbose "Policy '$DisplayName' created with id" $CreateResult.id -Verbose return $CreateResult } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Import-EmMdmEndpointSecurity completed." -Verbose } } #EndRegion '.\Public\Import\Import-EmMdmEndpointSecurity.ps1' 151 #Region '.\Public\Import\Import-EmMdmSettingsCatalog.ps1' -1 <# .SYNOPSIS Imports Intune Settings Catalog policies from a specified JSON file. .DESCRIPTION The Import-EmMdmSettingsCatalog cmdlet connects to Microsoft Graph, reads an Intune Settings Catalog policy from a specified JSON file, and creates the policy in Intune. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ImportPath The file path to the JSON file containing the Settings Catalog policy to import. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a file path as input. .OUTPUTS [void] This cmdlet does not output any objects. .EXAMPLE PS> Import-EmMdmSettingsCatalog -ImportPath "C:\Backup\SettingsCatalog\Policy.json" This example connects to Microsoft Graph, reads the Settings Catalog policy from the specified JSON file, and creates the policy in Intune. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Add-EmMdmSettingsCatalog - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Import-EmMdmSettingsCatalog #> function Import-EmMdmSettingsCatalog { [cmdletBinding(SupportsShouldProcess = $true, ConfirmImpact = 'High')] [OutputType([void])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specify the path to the JSON file containing the app configuration to import." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PSCmdlet.ShouldProcess("Connecting to Microsoft Graph API with permissions: DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.ReadWrite.All", "DeviceManagementManagedDevices.ReadWrite.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PSCmdlet.ShouldProcess("Importing Settings Catalog Policy", "Add-EmMdmSettingsCatalog")) { $ImportPath = $ImportPath.replace('"', '') # Getting content of JSON Import file $JSON_Data = Get-Content -Path "$ImportPath" -Raw # Converting input to JSON format and creating the custom class object for validation $JSON_Convert = $JSON_Data | ConvertFrom-Json -AsHashtable $PolicyObject = [EmConfigurationPolicyExport]::new($JSON_Convert) $DisplayName = $PolicyObject.name $Platforms = $PolicyObject.platforms $Technologies = $PolicyObject.technologies Write-Verbose "Adding Settings Catalog Policy '$DisplayName'" -Verbose Write-Information "Platforms: $Platforms" -InformationAction Continue Write-Information "Technologies: $Technologies" -InformationAction Continue # Call the Add-SettingsCatalogPolicy function with the validated policy object $response = Add-EmMdmSettingsCatalog -PolicyObject $PolicyObject -graphApiVersion $graphApiVersion return $response } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Settings Catalog Policy '$DisplayName' imported successfully." -Verbose } } #EndRegion '.\Public\Import\Import-EmMdmSettingsCatalog.ps1' 99 #Region '.\Public\Import\Import-EmMdmSoftwareUpdate.ps1' -1 <# .SYNOPSIS Imports Intune Software Update policies from a specified JSON file. .DESCRIPTION The Import-EmMdmSoftwareUpdate cmdlet connects to Microsoft Graph, reads an Intune Software Update policy from a specified JSON file, and creates the policy in Intune. The cmdlet supports both 'beta' and 'v1.0' versions of the Graph API and includes confirmation prompts for actions with high impact. .PARAMETER ImportPath The file path to the JSON file containing the Software Update policy to import. This parameter is mandatory. .PARAMETER graphApiVersion The version of the Microsoft Graph API to use. Valid values are "beta" and "v1.0". The default value is "beta". .PARAMETER AuthObject The authentication object used for connecting to Microsoft Graph. .INPUTS [string] The cmdlet accepts a file path as input. .OUTPUTS [string] The ID of the created policy. .EXAMPLE PS> Import-EmMdmSoftwareUpdate -ImportPath "C:\Backup\SoftwareUpdates\Policy.json" This example connects to Microsoft Graph, reads the Software Update policy from the specified JSON file, and creates the policy in Intune. .NOTES The cmdlet uses the following functions: - Connect-EmMdmGraph - Add-EmMdmConfiguration - Disconnect-MgGraph .LINK https://criticalsolutionsnetwork.github.io/MemPolicyManager/#Import-EmMdmSoftwareUpdate #> function Import-EmMdmSoftwareUpdate { [cmdletBinding( SupportsShouldProcess = $true, ConfirmImpact = 'High' )] [OutputType([string])] param ( [Parameter( Mandatory = $true, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true, HelpMessage = "Specify the path to the JSON file containing the app configuration to import." )] [ValidateScript({ Test-Path $_ -PathType Leaf })] [String]$ImportPath, [Parameter( Mandatory = $false, HelpMessage = "The authentication object used for connecting to Microsoft Graph." )] [EmMdmAuthBase]$AuthObject, [Parameter( DontShow = $true, Mandatory = $false, HelpMessage = "The version of the Microsoft Graph API to use. Valid values are 'beta' and 'v1.0'. The default value is 'beta'." )] [ValidateSet("beta", "v1.0")] [string]$graphApiVersion = "beta" ) begin { try { if ($PScmdlet.ShouldProcess("Connecting to MgGraph with scopes DeviceManagementConfiguration.ReadWrite.All", "Connect-MgGraph")) { $isConnected = Connect-EmMdmGraph -Scopes "DeviceManagementConfiguration.ReadWrite.All" -AuthObject $AuthObject } } catch { throw $_ } } process { try { if ($isConnected -and $PScmdlet.ShouldProcess("Importing Software Update Policy '$DisplayName'", "Add-EmMdmConfiguration")) { $ImportPath = $ImportPath.replace('"', '') $JSON_Data = Get-Content -Path "$ImportPath" $backupConfig = $JSON_Data | ConvertFrom-Json -AsHashtable -NoEnumerate #| Select-Object -Property * -ExcludeProperty id,lastModifiedDateTime,roleScopeTagIds,supportsScopeTags,deviceManagementApplicabilityRuleOsEdition,deviceManagementApplicabilityRuleOsVersion,deviceManagementApplicabilityRuleDeviceMode,createdDateTime $DisplayName = $backupConfig.displayName $JSON_Type = $backupConfig."@odata.type" $Configuration = switch ($JSON_Type) { "#microsoft.graph.iosUpdateConfiguration" { [CreateEmIosUpdateConfiguration]::new($backupConfig) } "#microsoft.graph.windowsUpdateForBusinessConfiguration" { [CreateEmWindowsUpdateForBusinessConfiguration]::new($backupConfig) } default { $backupConfig } # If the type is not recognized, return the object as-is } $CreateResult = Add-EmMdmConfiguration -Configuration $Configuration -graphApiVersion $graphApiVersion Write-Verbose "Policy '$DisplayName' created with id" $CreateResult.id -Verbose } } catch { throw $_ } finally { if ($isConnected) { Write-Verbose "Disconnecting from MgGraph..." -Verbose Disconnect-MgGraph | Out-Null } } } end { Write-Verbose "Import-EmMdmSoftwareUpdate completed." -Verbose } } #EndRegion '.\Public\Import\Import-EmMdmSoftwareUpdate.ps1' 98 |