DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.schema.mof
[ClassVersion("1.0.0.0")]
class MSFT_DeviceManagementConfigurationPolicyAssignments { [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType; [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType; [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId; [Write, Description("The group Id that is the target of the assignment.")] String groupId; [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphWindows10AssociatedApps { [Write, Description("Application type. Possible values are: desktop, universal."), ValueMap{"desktop","universal"}, Values{"desktop","universal"}] String AppType; [Write, Description("Identifier.")] String Identifier; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphCryptographySuite { [Write, Description("Authentication Transform Constants. Possible values are: md5_96, sha1_96, sha_256_128, aes128Gcm, aes192Gcm, aes256Gcm."), ValueMap{"md5_96","sha1_96","sha_256_128","aes128Gcm","aes192Gcm","aes256Gcm"}, Values{"md5_96","sha1_96","sha_256_128","aes128Gcm","aes192Gcm","aes256Gcm"}] String AuthenticationTransformConstants; [Write, Description("Cipher Transform Constants. Possible values are: aes256, des, tripleDes, aes128, aes128Gcm, aes256Gcm, aes192, aes192Gcm, chaCha20Poly1305."), ValueMap{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}, Values{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}] String CipherTransformConstants; [Write, Description("Diffie Hellman Group. Possible values are: group1, group2, group14, ecp256, ecp384, group24."), ValueMap{"group1","group2","group14","ecp256","ecp384","group24"}, Values{"group1","group2","group14","ecp256","ecp384","group24"}] String DhGroup; [Write, Description("Encryption Method. Possible values are: aes256, des, tripleDes, aes128, aes128Gcm, aes256Gcm, aes192, aes192Gcm, chaCha20Poly1305."), ValueMap{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}, Values{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}] String EncryptionMethod; [Write, Description("Integrity Check Method. Possible values are: sha2_256, sha1_96, sha1_160, sha2_384, sha2_512, md5."), ValueMap{"sha2_256","sha1_96","sha1_160","sha2_384","sha2_512","md5"}, Values{"sha2_256","sha1_96","sha1_160","sha2_384","sha2_512","md5"}] String IntegrityCheckMethod; [Write, Description("Perfect Forward Secrecy Group. Possible values are: pfs1, pfs2, pfs2048, ecp256, ecp384, pfsMM, pfs24."), ValueMap{"pfs1","pfs2","pfs2048","ecp256","ecp384","pfsMM","pfs24"}, Values{"pfs1","pfs2","pfs2048","ecp256","ecp384","pfsMM","pfs24"}] String PfsGroup; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphVpnDnsRule { [Write, Description("Automatically connect to the VPN when the device connects to this domain: Default False.")] Boolean AutoTrigger; [Write, Description("Name.")] String Name; [Write, Description("Keep this rule active even when the VPN is not connected: Default False")] Boolean Persistent; [Write, Description("Proxy Server Uri.")] String ProxyServerUri; [Write, Description("Servers.")] String Servers[]; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphWindows10VpnProxyServer { [Write, Description("Bypass proxy server for local address.")] Boolean BypassProxyServerForLocalAddress; [Write, Description("Address.")] String Address; [Write, Description("Proxy's automatic configuration script url.")] String AutomaticConfigurationScriptUrl; [Write, Description("Port. Valid values 0 to 65535")] UInt32 Port; [Write, Description("Automatically detect proxy settings.")] Boolean AutomaticallyDetectProxySettings; [Write, Description("The type of the entity."), ValueMap{"#microsoft.graph.windows10VpnProxyServer","#microsoft.graph.windows81VpnProxyServer"}, Values{"#microsoft.graph.windows10VpnProxyServer","#microsoft.graph.windows81VpnProxyServer"}] String odataType; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphVpnRoute { [Write, Description("Destination prefix (IPv4/v6 address).")] String DestinationPrefix; [Write, Description("Prefix size. (1-32). Valid values 1 to 32")] UInt32 PrefixSize; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphExtendedKeyUsage { [Write, Description("Extended Key Usage Name")] String Name; [Write, Description("Extended Key Usage Object Identifier")] String ObjectIdentifier; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphVpnTrafficRule { [Write, Description("App identifier, if this traffic rule is triggered by an app.")] String AppId; [Write, Description("App type, if this traffic rule is triggered by an app. Possible values are: none, desktop, universal."), ValueMap{"none","desktop","universal"}, Values{"none","desktop","universal"}] String AppType; [Write, Description("Claims associated with this traffic rule.")] String Claims; [Write, Description("Local address range. This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphIPv4Range")] String LocalAddressRanges[]; [Write, Description("Local port range can be set only when protocol is either TCP or UDP (6 or 17). This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphNumberRange")] String LocalPortRanges[]; [Write, Description("Name.")] String Name; [Write, Description("Protocols (0-255). Valid values 0 to 255")] UInt32 Protocols; [Write, Description("Remote address range. This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphIPv4Range")] String RemoteAddressRanges[]; [Write, Description("Remote port range can be set only when protocol is either TCP or UDP (6 or 17). This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphNumberRange")] String RemotePortRanges[]; [Write, Description("When app triggered, indicates whether to enable split tunneling along this route. Possible values are: none, splitTunnel, forceTunnel."), ValueMap{"none","splitTunnel","forceTunnel"}, Values{"none","splitTunnel","forceTunnel"}] String RoutingPolicyType; [Write, Description("Specify whether the rule applies to inbound traffic or outbound traffic. Possible values are: outbound, inbound, unknownFutureValue."), ValueMap{"outbound","inbound","unknownFutureValue"}, Values{"outbound","inbound","unknownFutureValue"}] String VpnTrafficDirection; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphIPv4Range { [Write, Description("Lower address.")] String LowerAddress; [Write, Description("Upper address.")] String UpperAddress; [Write, Description("IPv4 address in CIDR notation. Not nullable.")] String CidrAddress; [Write, Description("The type of the entity."), ValueMap{"#microsoft.graph.iPv4CidrRange","#microsoft.graph.iPv6CidrRange","#microsoft.graph.iPv4Range","#microsoft.graph.iPv6Range"}, Values{"#microsoft.graph.iPv4CidrRange","#microsoft.graph.iPv6CidrRange","#microsoft.graph.iPv4Range","#microsoft.graph.iPv6Range"}] String odataType; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphNumberRange { [Write, Description("Lower number.")] UInt32 LowerNumber; [Write, Description("Upper number.")] UInt32 UpperNumber; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphVpnServer { [Write, Description("Address (IP address, FQDN or URL)")] String Address; [Write, Description("Description.")] String Description; [Write, Description("Default server.")] Boolean IsDefaultServer; }; [ClassVersion("1.0.0.0"), FriendlyName("IntuneDeviceConfigurationVpnPolicyWindows10")] class MSFT_IntuneDeviceConfigurationVpnPolicyWindows10 : OMI_BaseResource { [Write, Description("Associated Apps. This collection can contain a maximum of 10000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphwindows10AssociatedApps")] String AssociatedApps[]; [Write, Description("Authentication method. Possible values are: certificate, usernameAndPassword, customEapXml, derivedCredential."), ValueMap{"certificate","usernameAndPassword","customEapXml","derivedCredential"}, Values{"certificate","usernameAndPassword","customEapXml","derivedCredential"}] String AuthenticationMethod; [Write, Description("Connection type. Possible values are: pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, checkPointCapsuleVpn, automatic, ikEv2, l2tp, pptp, citrix, paloAltoGlobalProtect, ciscoAnyConnect, unknownFutureValue, microsoftTunnel."), ValueMap{"pulseSecure","f5EdgeClient","dellSonicWallMobileConnect","checkPointCapsuleVpn","automatic","ikEv2","l2tp","pptp","citrix","paloAltoGlobalProtect","ciscoAnyConnect","unknownFutureValue","microsoftTunnel"}, Values{"pulseSecure","f5EdgeClient","dellSonicWallMobileConnect","checkPointCapsuleVpn","automatic","ikEv2","l2tp","pptp","citrix","paloAltoGlobalProtect","ciscoAnyConnect","unknownFutureValue","microsoftTunnel"}] String ConnectionType; [Write, Description("Cryptography Suite security settings for IKEv2 VPN in Windows10 and above"), EmbeddedInstance("MSFT_MicrosoftGraphcryptographySuite")] String CryptographySuite; [Write, Description("DNS rules. This collection can contain a maximum of 1000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnDnsRule")] String DnsRules[]; [Write, Description("Specify DNS suffixes to add to the DNS search list to properly route short names.")] String DnsSuffixes[]; [Write, Description("Extensible Authentication Protocol (EAP) XML. (UTF8 encoded byte array)")] String EapXml; [Write, Description("Enable Always On mode.")] Boolean EnableAlwaysOn; [Write, Description("Enable conditional access.")] Boolean EnableConditionalAccess; [Write, Description("Enable device tunnel.")] Boolean EnableDeviceTunnel; [Write, Description("Enable IP address registration with internal DNS.")] Boolean EnableDnsRegistration; [Write, Description("Enable single sign-on (SSO) with alternate certificate.")] Boolean EnableSingleSignOnWithAlternateCertificate; [Write, Description("Enable split tunneling.")] Boolean EnableSplitTunneling; [Write, Description("ID of the Microsoft Tunnel site associated with the VPN profile.")] String MicrosoftTunnelSiteId; [Write, Description("Only associated Apps can use connection (per-app VPN).")] Boolean OnlyAssociatedAppsCanUseConnection; [Write, Description("Profile target type. Possible values are: user, device, autoPilotDevice."), ValueMap{"user","device","autoPilotDevice"}, Values{"user","device","autoPilotDevice"}] String ProfileTarget; [Write, Description("Proxy Server."), EmbeddedInstance("MSFT_MicrosoftGraphwindows10VpnProxyServer")] String ProxyServer; [Write, Description("Remember user credentials.")] Boolean RememberUserCredentials; [Write, Description("Routes (optional for third-party providers). This collection can contain a maximum of 1000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnRoute")] String Routes[]; [Write, Description("Single sign-on Extended Key Usage (EKU)."), EmbeddedInstance("MSFT_MicrosoftGraphextendedKeyUsage")] String SingleSignOnEku; [Write, Description("Single sign-on issuer hash.")] String SingleSignOnIssuerHash; [Write, Description("Traffic rules. This collection can contain a maximum of 1000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnTrafficRule")] String TrafficRules[]; [Write, Description("Trusted Network Domains")] String TrustedNetworkDomains[]; [Write, Description("Windows Information Protection (WIP) domain to associate with this connection.")] String WindowsInformationProtectionDomain; [Write, Description("Connection name displayed to the user.")] String ConnectionName; [Write, Description("Custom XML commands that configures the VPN connection. (UTF8 encoded byte array)")] String CustomXml; [Write, Description("List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnServer")] String ServerCollection[]; [Write, Description("Admin provided description of the Device Configuration.")] String Description; [Required, Description("Admin provided name of the device configuration.")] String DisplayName; [Key, Description("The unique identifier for an entity. Read-only.")] String Id; [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[]; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; }; |