DSCResources/MSFT_IntuneAppProtectionPolicyiOS/MSFT_IntuneAppProtectionPolicyiOS.schema.mof
[ClassVersion("1.0.0.0"), FriendlyName("IntuneAppProtectionPolicyiOS")]
class MSFT_IntuneAppProtectionPolicyiOS : OMI_BaseResource { [Key, Description("Display name of the iOS App Protection Policy.")] String DisplayName; [Write, Description("Description of the iOS App Protection Policy.")] String Description; [Write, Description("The period after which access is checked when the device is not connected to the internet.")] String PeriodOfflineBeforeAccessCheck; [Write, Description("The period after which access is checked when the device is connected to the internet.")] String PeriodOnlineBeforeAccessCheck; [Write, Description("Sources from which data is allowed to be transferred. Possible values are: allApps, managedApps, none."), ValueMap{"allApps","managedApps", "none"}, Values{"allApps","managedApps", "none"}] String AllowedInboundDataTransferSources; [Write, Description("Destinations to which data is allowed to be transferred. Possible values are: allApps, managedApps, none."), ValueMap{"allApps","managedApps", "none"}, Values{"allApps","managedApps", "none"}] String AllowedOutboundDataTransferDestinations; [Write, Description("Indicates whether organizational credentials are required for app use.")] Boolean OrganizationalCredentialsRequired; [Write, Description("The level to which the clipboard may be shared between apps on the managed device. Possible values are: allApps, managedAppsWithPasteIn, managedApps, blocked."), ValueMap{"allApps","managedAppsWithPasteIn","managedApps", "blocked"}, Values{"allApps","managedAppsWithPasteIn","managedApps", "blocked"}] String AllowedOutboundClipboardSharingLevel; [Write, Description("Indicates whether the backup of a managed app's data is blocked.")] Boolean DataBackupBlocked; [Write, Description("Indicates whether device compliance is required.")] Boolean DeviceComplianceRequired; [Write, Description("Indicates whether internet links should be opened in the managed browser app, or any custom browser specified by CustomBrowserProtocol (for iOS) or CustomBrowserPackageId/CustomBrowserDisplayName (for Android).")] Boolean ManagedBrowserToOpenLinksRequired; [Write, Description("Indicates whether users may use the Save As menu item to save a copy of protected files.")] Boolean SaveAsBlocked; [Write, Description("The amount of time an app is allowed to remain disconnected from the internet before all managed data it is wiped.")] String PeriodOfflineBeforeWipeIsEnforced; [Write, Description("Indicates whether an app-level pin is required.")] Boolean PinRequired; [write, description("Indicates whether use of the app pin is required if the device pin is set.")] Boolean DisableAppPinIfDevicePinIsSet; [Write, Description("Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.")] UInt32 MaximumPinRetries; [Write, Description("Block simple PIN and require complex PIN to be set.")] Boolean SimplePinBlocked; [Write, Description("Minimum pin length required for an app-level pin if PinRequired is set to True.")] UInt32 MinimumPinLength; [Write, Description("Character set which may be used for an app-level pin if PinRequired is set to True. Possible values are: numeric, alphanumericAndSymbol."), ValueMap{"numeric","alphanumericAndSymbol"}, Values{"numeric","alphanumericAndSymbol"}] String PinCharacterSet; [Write, Description("Data storage locations where a user may store managed data.")] String AllowedDataStorageLocations[]; [Write, Description("Indicates whether contacts can be synced to the user's device.")] Boolean ContactSyncBlocked; [Write, Description("TimePeriod before the all-level pin must be reset if PinRequired is set to True.")] String PeriodBeforePinReset; [Write, Description("Indicates whether printing is allowed from managed apps.")] Boolean PrintBlocked; [Write, Description("Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.")] Boolean FingerprintBlocked; [Write, Description("Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True.")] Boolean FaceIdBlocked; [Write, Description("Indicates in which managed browser(s) that internet links should be opened. When this property is configured, ManagedBrowserToOpenLinksRequired should be true. Possible values are: notConfigured, microsoftEdge."), ValueMap{"notConfigured","microsoftEdge"}, Values{"notConfigured","microsoftEdge"}] String ManagedBrowser; [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredAppVersion; [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredOSVersion; [Write, Description("Versions less than the specified version will block the managed app from accessing company data.")] String MinimumRequiredSdkVersion; [Write, Description("Versions less than the specified version will result in warning message on the managed app")] String MinimumWarningAppVersion; [Write, Description("Versions less than the specified version will result in warning message on the managed app from accessing company data.")] String MinimumWarningOSVersion; [Write, Description("Require app data to be encrypted.")] String AppDataEncryptionType; [Write, Description("List of IDs representing the iOS apps controlled by this protection policy.")] String Apps[]; [Write, Description("List of IDs of the groups assigned to this iOS Protection Policy.")] String Assignments[]; [Write, Description("List of IDs of the groups that are excluded from this iOS Protection Policy.")] String ExcludedGroups[]; [Write, Description("A custom browser protocol to open weblink on iOS.")] String CustomBrowserProtocol; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Intune Admin."), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("ID of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("ID of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory tenant used for authentication.")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; }; |