DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.schema.mof

[ClassVersion("1.0.0.0")]
class MSFT_DeviceManagementConfigurationPolicyAssignments
{
    [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType;
    [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType;
    [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId;
    [Write, Description("The group Id that is the target of the assignment.")] String groupId;
    [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName;
    [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphWindows10AssociatedApps
{
    [Write, Description("Application type. Possible values are: desktop, universal."), ValueMap{"desktop","universal"}, Values{"desktop","universal"}] String AppType;
    [Write, Description("Identifier.")] String Identifier;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphCryptographySuite
{
    [Write, Description("Authentication Transform Constants. Possible values are: md5_96, sha1_96, sha_256_128, aes128Gcm, aes192Gcm, aes256Gcm."), ValueMap{"md5_96","sha1_96","sha_256_128","aes128Gcm","aes192Gcm","aes256Gcm"}, Values{"md5_96","sha1_96","sha_256_128","aes128Gcm","aes192Gcm","aes256Gcm"}] String AuthenticationTransformConstants;
    [Write, Description("Cipher Transform Constants. Possible values are: aes256, des, tripleDes, aes128, aes128Gcm, aes256Gcm, aes192, aes192Gcm, chaCha20Poly1305."), ValueMap{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}, Values{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}] String CipherTransformConstants;
    [Write, Description("Diffie Hellman Group. Possible values are: group1, group2, group14, ecp256, ecp384, group24."), ValueMap{"group1","group2","group14","ecp256","ecp384","group24"}, Values{"group1","group2","group14","ecp256","ecp384","group24"}] String DhGroup;
    [Write, Description("Encryption Method. Possible values are: aes256, des, tripleDes, aes128, aes128Gcm, aes256Gcm, aes192, aes192Gcm, chaCha20Poly1305."), ValueMap{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}, Values{"aes256","des","tripleDes","aes128","aes128Gcm","aes256Gcm","aes192","aes192Gcm","chaCha20Poly1305"}] String EncryptionMethod;
    [Write, Description("Integrity Check Method. Possible values are: sha2_256, sha1_96, sha1_160, sha2_384, sha2_512, md5."), ValueMap{"sha2_256","sha1_96","sha1_160","sha2_384","sha2_512","md5"}, Values{"sha2_256","sha1_96","sha1_160","sha2_384","sha2_512","md5"}] String IntegrityCheckMethod;
    [Write, Description("Perfect Forward Secrecy Group. Possible values are: pfs1, pfs2, pfs2048, ecp256, ecp384, pfsMM, pfs24."), ValueMap{"pfs1","pfs2","pfs2048","ecp256","ecp384","pfsMM","pfs24"}, Values{"pfs1","pfs2","pfs2048","ecp256","ecp384","pfsMM","pfs24"}] String PfsGroup;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphVpnDnsRule
{
    [Write, Description("Automatically connect to the VPN when the device connects to this domain: Default False.")] Boolean AutoTrigger;
    [Write, Description("Name.")] String Name;
    [Write, Description("Keep this rule active even when the VPN is not connected: Default False")] Boolean Persistent;
    [Write, Description("Proxy Server Uri.")] String ProxyServerUri;
    [Write, Description("Servers.")] String Servers[];
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphWindows10VpnProxyServer
{
    [Write, Description("Bypass proxy server for local address.")] Boolean BypassProxyServerForLocalAddress;
    [Write, Description("Address.")] String Address;
    [Write, Description("Proxy's automatic configuration script url.")] String AutomaticConfigurationScriptUrl;
    [Write, Description("Port. Valid values 0 to 65535")] UInt32 Port;
    [Write, Description("Automatically detect proxy settings.")] Boolean AutomaticallyDetectProxySettings;
    [Write, Description("The type of the entity."), ValueMap{"#microsoft.graph.windows10VpnProxyServer","#microsoft.graph.windows81VpnProxyServer"}, Values{"#microsoft.graph.windows10VpnProxyServer","#microsoft.graph.windows81VpnProxyServer"}] String odataType;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphVpnRoute
{
    [Write, Description("Destination prefix (IPv4/v6 address).")] String DestinationPrefix;
    [Write, Description("Prefix size. (1-32). Valid values 1 to 32")] UInt32 PrefixSize;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphExtendedKeyUsage
{
    [Write, Description("Extended Key Usage Name")] String Name;
    [Write, Description("Extended Key Usage Object Identifier")] String ObjectIdentifier;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphVpnTrafficRule
{
    [Write, Description("App identifier, if this traffic rule is triggered by an app.")] String AppId;
    [Write, Description("App type, if this traffic rule is triggered by an app. Possible values are: none, desktop, universal."), ValueMap{"none","desktop","universal"}, Values{"none","desktop","universal"}] String AppType;
    [Write, Description("Claims associated with this traffic rule.")] String Claims;
    [Write, Description("Local address range. This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphIPv4Range")] String LocalAddressRanges[];
    [Write, Description("Local port range can be set only when protocol is either TCP or UDP (6 or 17). This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphNumberRange")] String LocalPortRanges[];
    [Write, Description("Name.")] String Name;
    [Write, Description("Protocols (0-255). Valid values 0 to 255")] UInt32 Protocols;
    [Write, Description("Remote address range. This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphIPv4Range")] String RemoteAddressRanges[];
    [Write, Description("Remote port range can be set only when protocol is either TCP or UDP (6 or 17). This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphNumberRange")] String RemotePortRanges[];
    [Write, Description("When app triggered, indicates whether to enable split tunneling along this route. Possible values are: none, splitTunnel, forceTunnel."), ValueMap{"none","splitTunnel","forceTunnel"}, Values{"none","splitTunnel","forceTunnel"}] String RoutingPolicyType;
    [Write, Description("Specify whether the rule applies to inbound traffic or outbound traffic. Possible values are: outbound, inbound, unknownFutureValue."), ValueMap{"outbound","inbound","unknownFutureValue"}, Values{"outbound","inbound","unknownFutureValue"}] String VpnTrafficDirection;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphIPv4Range
{
    [Write, Description("Lower address.")] String LowerAddress;
    [Write, Description("Upper address.")] String UpperAddress;
    [Write, Description("IPv4 address in CIDR notation. Not nullable.")] String CidrAddress;
    [Write, Description("The type of the entity."), ValueMap{"#microsoft.graph.iPv4CidrRange","#microsoft.graph.iPv6CidrRange","#microsoft.graph.iPv4Range","#microsoft.graph.iPv6Range"}, Values{"#microsoft.graph.iPv4CidrRange","#microsoft.graph.iPv6CidrRange","#microsoft.graph.iPv4Range","#microsoft.graph.iPv6Range"}] String odataType;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphNumberRange
{
    [Write, Description("Lower number.")] UInt32 LowerNumber;
    [Write, Description("Upper number.")] UInt32 UpperNumber;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphVpnServer
{
    [Write, Description("Address (IP address, FQDN or URL)")] String Address;
    [Write, Description("Description.")] String Description;
    [Write, Description("Default server.")] Boolean IsDefaultServer;
};
 
[ClassVersion("1.0.0.0"), FriendlyName("IntuneDeviceConfigurationVpnPolicyWindows10")]
class MSFT_IntuneDeviceConfigurationVpnPolicyWindows10 : OMI_BaseResource
{
    [Write, Description("Associated Apps. This collection can contain a maximum of 10000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphwindows10AssociatedApps")] String AssociatedApps[];
    [Write, Description("Authentication method. Possible values are: certificate, usernameAndPassword, customEapXml, derivedCredential."), ValueMap{"certificate","usernameAndPassword","customEapXml","derivedCredential"}, Values{"certificate","usernameAndPassword","customEapXml","derivedCredential"}] String AuthenticationMethod;
    [Write, Description("Connection type. Possible values are: pulseSecure, f5EdgeClient, dellSonicWallMobileConnect, checkPointCapsuleVpn, automatic, ikEv2, l2tp, pptp, citrix, paloAltoGlobalProtect, ciscoAnyConnect, unknownFutureValue, microsoftTunnel."), ValueMap{"pulseSecure","f5EdgeClient","dellSonicWallMobileConnect","checkPointCapsuleVpn","automatic","ikEv2","l2tp","pptp","citrix","paloAltoGlobalProtect","ciscoAnyConnect","unknownFutureValue","microsoftTunnel"}, Values{"pulseSecure","f5EdgeClient","dellSonicWallMobileConnect","checkPointCapsuleVpn","automatic","ikEv2","l2tp","pptp","citrix","paloAltoGlobalProtect","ciscoAnyConnect","unknownFutureValue","microsoftTunnel"}] String ConnectionType;
    [Write, Description("Cryptography Suite security settings for IKEv2 VPN in Windows10 and above"), EmbeddedInstance("MSFT_MicrosoftGraphcryptographySuite")] String CryptographySuite;
    [Write, Description("DNS rules. This collection can contain a maximum of 1000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnDnsRule")] String DnsRules[];
    [Write, Description("Specify DNS suffixes to add to the DNS search list to properly route short names.")] String DnsSuffixes[];
    [Write, Description("Extensible Authentication Protocol (EAP) XML. (UTF8 encoded byte array)")] String EapXml;
    [Write, Description("Enable Always On mode.")] Boolean EnableAlwaysOn;
    [Write, Description("Enable conditional access.")] Boolean EnableConditionalAccess;
    [Write, Description("Enable device tunnel.")] Boolean EnableDeviceTunnel;
    [Write, Description("Enable IP address registration with internal DNS.")] Boolean EnableDnsRegistration;
    [Write, Description("Enable single sign-on (SSO) with alternate certificate.")] Boolean EnableSingleSignOnWithAlternateCertificate;
    [Write, Description("Enable split tunneling.")] Boolean EnableSplitTunneling;
    [Write, Description("ID of the Microsoft Tunnel site associated with the VPN profile.")] String MicrosoftTunnelSiteId;
    [Write, Description("Only associated Apps can use connection (per-app VPN).")] Boolean OnlyAssociatedAppsCanUseConnection;
    [Write, Description("Profile target type. Possible values are: user, device, autoPilotDevice."), ValueMap{"user","device","autoPilotDevice"}, Values{"user","device","autoPilotDevice"}] String ProfileTarget;
    [Write, Description("Proxy Server."), EmbeddedInstance("MSFT_MicrosoftGraphwindows10VpnProxyServer")] String ProxyServer;
    [Write, Description("Remember user credentials.")] Boolean RememberUserCredentials;
    [Write, Description("Routes (optional for third-party providers). This collection can contain a maximum of 1000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnRoute")] String Routes[];
    [Write, Description("Single sign-on Extended Key Usage (EKU)."), EmbeddedInstance("MSFT_MicrosoftGraphextendedKeyUsage")] String SingleSignOnEku;
    [Write, Description("Single sign-on issuer hash.")] String SingleSignOnIssuerHash;
    [Write, Description("Traffic rules. This collection can contain a maximum of 1000 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnTrafficRule")] String TrafficRules[];
    [Write, Description("Trusted Network Domains")] String TrustedNetworkDomains[];
    [Write, Description("Windows Information Protection (WIP) domain to associate with this connection.")] String WindowsInformationProtectionDomain;
    [Write, Description("Connection name displayed to the user.")] String ConnectionName;
    [Write, Description("Custom XML commands that configures the VPN connection. (UTF8 encoded byte array)")] String CustomXml;
    [Write, Description("List of VPN Servers on the network. Make sure end users can access these network locations. This collection can contain a maximum of 500 elements."), EmbeddedInstance("MSFT_MicrosoftGraphvpnServer")] String ServerCollection[];
    [Write, Description("Admin provided description of the Device Configuration.")] String Description;
    [Key, Description("Admin provided name of the device configuration.")] String DisplayName;
    [Write, Description("The unique identifier for an entity. Read-only.")] String Id;
    [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[];
    [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;
    [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential;
    [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId;
    [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId;
    [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret;
    [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint;
    [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;
};