Microsoft365DSC

1.25.604.1

DSCResources/MSFT_IntuneSecurityBaselineHoloLens2Advanced/MSFT_IntuneSecurityBaselineHoloLens2Advanced.schema.mof

                                [ClassVersion("1.0.0.0")]

class MSFT_DeviceManagementConfigurationPolicyAssignments

{

    [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType;

    [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType;

    [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId;

    [Write, Description("The group Id that is the target of the assignment.")] String groupId;

    [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName;

    [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId;

};

[ClassVersion("1.0.0.0"), FriendlyName("IntuneSecurityBaselineHoloLens2Advanced")]

class MSFT_IntuneSecurityBaselineHoloLens2Advanced : OMI_BaseResource

{

    [Write, Description("Policy description")] String Description;

    [Key, Description("Policy name")] String DisplayName;

    [Write, Description("List of Scope Tags for this Entity instance.")] String RoleScopeTagIds[];

    [Write, Description("The unique identifier for an entity. Read-only.")] String Id;

    [Write, Description("Deletion Policy (0: Delete immediately upon device returning to a state with no currently active users), 1: Delete at storage capacity threshold, 2: Delete at both storage capacity threshold and profile inactivity threshold)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String DeletionPolicy;

    [Write, Description("Enable Profile Manager (false: False, true: True)"), ValueMap{"false", "true"}, Values{"false", "true"}] String EnableProfileManager;

    [Write, Description("Profile Inactivity Threshold")] SInt32 ProfileInactivityThreshold;

    [Write, Description("Storage Capacity Start Deletion")] SInt32 StorageCapacityStartDeletion;

    [Write, Description("Storage Capacity Stop Deletion")] SInt32 StorageCapacityStopDeletion;

    [Write, Description("Allow Microsoft Account Connection (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowMicrosoftAccountConnection;

    [Write, Description("Turn off the display (plugged in) (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String VideoPowerDownTimeOutAC_2;

    [Write, Description("When plugged in, turn display off after (seconds) - Depends on VideoPowerDownTimeOutAC_2")] SInt32 EnterVideoACPowerDownTimeOut;

    [Write, Description("Allow Autofill (0: Prevented/Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowAutofill;

    [Write, Description("Allow Cookies (0: Block all cookies from all sites, 1: Block only cookies from third party websites, 2: Allow all cookies from all sites)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String AllowCookies;

    [Write, Description("Allow Do Not Track (0: Never send tracking information., 1: Send tracking information.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowDoNotTrack;

    [Write, Description("Allow Password Manager (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowPasswordManager;

    [Write, Description("Allow Popups (0: Turn off Pop-up Blocker letting pop-up windows open., 1: Turn on Pop-up Blocker stopping pop-up windows from opening.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowPopups;

    [Write, Description("Allow Search Suggestionsin Address Bar (0: Prevented/Not allowed. Hide the search suggestions., 1: Allowed. Show the search suggestions.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowSearchSuggestionsinAddressBar;

    [Write, Description("Allow Smart Screen (0: Turned off. Do not protect users from potential threats and prevent users from turning it on., 1: Turned on. Protect users from potential threats and prevent users from turning it off.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowSmartScreen;

    [Write, Description("Allow Bluetooth (0: Disallow Bluetooth. If this is set to 0, the radio in the Bluetooth control panel will be grayed out and the user will not be able to turn Bluetooth on., 1: Reserved. If this is set to 1, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on., 2: Allow Bluetooth. If this is set to 2, the radio in the Bluetooth control panel will be functional and the user will be able to turn Bluetooth on.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String AllowBluetooth;

    [Write, Description("Allow USB Connection (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowUSBConnection;

    [Write, Description("Device Password Enabled (0: Enabled, 1: Disabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String DevicePasswordEnabled;

    [Write, Description("Device Password Expiration - Depends on DevicePasswordEnabled")] SInt32 DevicePasswordExpiration;

    [Write, Description("Min Device Password Length - Depends on DevicePasswordEnabled")] SInt32 MinDevicePasswordLength;

    [Write, Description("Alphanumeric Device Password Required - Depends on DevicePasswordEnabled (0: Password or Alphanumeric PIN required., 1: Password or Numeric PIN required., 2: Password, Numeric PIN, or Alphanumeric PIN required.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String AlphanumericDevicePasswordRequired;

    [Write, Description("Max Device Password Failed Attempts - Depends on DevicePasswordEnabled")] SInt32 MaxDevicePasswordFailedAttempts;

    [Write, Description("Min Device Password Complex Characters - Depends on DevicePasswordEnabled (1: Digits only, 2: Digits and lowercase letters are required, 3: Digits lowercase letters and uppercase letters are required. Not supported in desktop Microsoft accounts and domain accounts, 4: Digits lowercase letters uppercase letters and special characters are required. Not supported in desktop)"), ValueMap{"1", "2", "3", "4"}, Values{"1", "2", "3", "4"}] String MinDevicePasswordComplexCharacters;

    [Write, Description("Max Inactivity Time Device Lock - Depends on DevicePasswordEnabled")] SInt32 MaxInactivityTimeDeviceLock;

    [Write, Description("Device Password History - Depends on DevicePasswordEnabled")] SInt32 DevicePasswordHistory;

    [Write, Description("Allow Simple Device Password - Depends on DevicePasswordEnabled (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowSimpleDevicePassword;

    [Write, Description("Allow Manual MDM Unenrollment (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowManualMDMUnenrollment;

    [Write, Description("Allow All Trusted Apps (0: Explicit deny., 1: Explicit allow unlock., 65535: Not configured.)"), ValueMap{"0", "1", "65535"}, Values{"0", "1", "65535"}] String AllowAllTrustedApps;

    [Write, Description("Allow apps from the Microsoft app store to auto update (0: Not allowed., 1: Allowed., 2: Not configured.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String AllowAppStoreAutoUpdate;

    [Write, Description("Allow Developer Unlock (0: Explicit deny., 1: Explicit allow unlock., 65535: Not configured.)"), ValueMap{"0", "1", "65535"}, Values{"0", "1", "65535"}] String AllowDeveloperUnlock;

    [Write, Description("Block third party cookies (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String BlockThirdPartyCookies;

    [Write, Description("Configure Do Not Track (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String ConfigureDoNotTrack;

    [Write, Description("Default pop-up window setting (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String MicrosoftEdge_ContentSettings_DefaultPopupsSetting;

    [Write, Description("Default pop-up window setting (Device) - Depends on MicrosoftEdge_ContentSettings_DefaultPopupsSetting (1: Allow all sites to show pop-ups, 2: Do not allow any site to show popups)"), ValueMap{"1", "2"}, Values{"1", "2"}] String DefaultPopupsSetting_DefaultPopupsSetting;

    [Write, Description("Enable AutoFill for addresses (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AutofillAddressEnabled;

    [Write, Description("Enable AutoFill for payment instruments (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AutofillCreditCardEnabled;

    [Write, Description("Enable search suggestions (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String SearchSuggestEnabled;

    [Write, Description("Control which extensions cannot be installed (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String ExtensionInstallBlocklist;

    [Write, Description("Extension IDs the user should be prevented from installing (or * for all) (Device) - Depends on ExtensionInstallBlocklist")] String ExtensionInstallBlocklistDesc[];

    [Write, Description("Configures a setting that asks users to enter their device password while using password autofill (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String MicrosoftEdge_PasswordManager_PrimaryPasswordSetting;

    [Write, Description("Configures a setting that asks users to enter their device password while using password autofill (Device) - Depends on MicrosoftEdge_PasswordManager_PrimaryPasswordSetting (0: Automatically, 1: With device password, 2: With custom primary password, 3: Autofill off)"), ValueMap{"0", "1", "2", "3"}, Values{"0", "1", "2", "3"}] String PrimaryPasswordSetting_PrimaryPasswordSetting;

    [Write, Description("Enable saving passwords to the password manager (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String PasswordManagerEnabled;

    [Write, Description("Configure Microsoft Defender SmartScreen (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] String SmartScreenEnabled;

    [Write, Description("AAD Group Membership Cache Validity In Days")] SInt32 AADGroupMembershipCacheValidityInDays;

    [Write, Description("Let Apps Access Account Info (0: User in control., 1: Force allow., 2: Force deny.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LetAppsAccessAccountInfo;

    [Write, Description("Let Apps Access Account Info Force Allow These Apps")] String LetAppsAccessAccountInfo_ForceAllowTheseApps[];

    [Write, Description("Let Apps Access Background Spatial Perception (0: User in control., 1: Force allow., 2: Force deny.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LetAppsAccessBackgroundSpatialPerception;

    [Write, Description("Let Apps Access Background Spatial Perception Force Allow These Apps")] String LetAppsAccessBackgroundSpatialPerception_ForceAllowTheseApps[];

    [Write, Description("Let Apps Access Camera (0: User in control., 1: Force allow., 2: Force deny.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LetAppsAccessCamera;

    [Write, Description("Let Apps Access Camera Force Allow These Apps")] String LetAppsAccessCamera_ForceAllowTheseApps[];

    [Write, Description("Let Apps Access Microphone (0: User in control., 1: Force allow., 2: Force deny.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LetAppsAccessMicrophone;

    [Write, Description("Let Apps Access Microphone Force Allow These Apps")] String LetAppsAccessMicrophone_ForceAllowTheseApps[];

    [Write, Description("Allow Search To Use Location (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowSearchToUseLocation;

    [Write, Description("Allow Add Provisioning Package (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowAddProvisioningPackage;

    [Write, Description("Allow VPN (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowVPN;

    [Write, Description("Page Visibility List")] String PageVisibilityList;

    [Write, Description("Allow Storage Card (0: SD card use is not allowed and USB drives are disabled. This setting does not prevent programmatic access to the storage card., 1: Allow a storage card.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowStorageCard;

    [Write, Description("Allow Telemetry (0: Security. Information that is required to help keep Windows more secure, including data about the Connected User Experience and Telemetry component settings, the Malicious Software Removal Tool, and Windows Defender, 1: Basic. Basic device info, including: quality-related data, app compatibility, app usage data, and data from the Security level, 3: Full. All data necessary to identify and help to fix problems, plus data from the Security, Basic, and Enhanced levels.)"), ValueMap{"0", "1", "3"}, Values{"0", "1", "3"}] String AllowTelemetry;

    [Write, Description("Allow Manual Wi Fi Configuration (0: No Wi-Fi connection outside of MDM provisioned network is allowed., 1: Adding new network SSIDs beyond the already MDM provisioned ones is allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowManualWiFiConfiguration;

    [Write, Description("Enable Pin Recovery - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String EnablePinRecovery;

    [Write, Description("Restrict use of TPM 1.2 - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String TPM12;

    [Write, Description("Digits - Depends on TenantId (0: Allows the use of digits in PIN., 1: Requires the use of at least one digits in PIN., 2: Does not allow the use of digits in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String Digits;

    [Write, Description("Expiration - Depends on TenantId")] SInt32 Expiration;

    [Write, Description("PIN History - Depends on TenantId")] SInt32 History;

    [Write, Description("Lowercase Letters - Depends on TenantId (0: Allows the use of lowercase letters in PIN., 1: Requires the use of at least one lowercase letters in PIN., 2: Does not allow the use of lowercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String LowercaseLetters;

    [Write, Description("Maximum PIN Length - Depends on TenantId")] SInt32 MaximumPINLength;

    [Write, Description("Minimum PIN Length - Depends on TenantId")] SInt32 MinimumPINLength;

    [Write, Description("Special Characters - Depends on TenantId (0: Allows the use of special characters in PIN., 1: Requires the use of at least one special characters in PIN., 2: Does not allow the use of special characters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String SpecialCharacters;

    [Write, Description("Uppercase Letters - Depends on TenantId (0: Allows the use of uppercase letters in PIN., 1: Requires the use of at least one uppercase letters in PIN., 2: Does not allow the use of uppercase letters in PIN.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] String UppercaseLetters;

    [Write, Description("Require Security Device - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String RequireSecurityDevice;

    [Write, Description("Use Certificate For On Prem Auth - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UseCertificateForOnPremAuth;

    [Write, Description("Use Hello Certificates As Smart Card Certificates - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UseHelloCertificatesAsSmartCardCertificates;

    [Write, Description("Use Windows Hello For Business (Device) - Depends on TenantId (false: Disabled, true: Enabled)"), ValueMap{"false", "true"}, Values{"false", "true"}] String UsePassportForWork;

    [Write, Description("Allow Update Service (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] String AllowUpdateService;

    [Write, Description("Manage Preview Builds (0: Disable Preview builds, 1: Disable Preview builds once the next release is public, 2: Enable Preview builds, 3: Preview builds is left to user selection)"), ValueMap{"0", "1", "2", "3"}, Values{"0", "1", "2", "3"}] String ManagePreviewBuilds;

    [Write, Description("Require Network In OOBE (Device) (true: true, false: false)"), ValueMap{"true", "false"}, Values{"true", "false"}] String RequireNetworkInOOBE;

    [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[];

    [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;

    [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential;

    [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId;

    [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId;

    [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret;

    [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint;

    [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;

    [Write, Description("Access token used for authentication.")] String AccessTokens[];

};