diff --git a/.github/ISSUE_TEMPLATE/ProblemWithResource.yml b/.github/ISSUE_TEMPLATE/ProblemWithResource.yml index a74cec8539..71ba363725 100644 --- a/.github/ISSUE_TEMPLATE/ProblemWithResource.yml +++ b/.github/ISSUE_TEMPLATE/ProblemWithResource.yml @@ -41,8 +41,9 @@ body: label: "Which workloads are affected" description: The workload of the resource you are having an issue with. options: - - "Azure Active Directory" + - "Azure Active Directory (Entra ID)" - "Exchange Online" + - "Intune" - "Office 365 Admin" - "OneDrive for Business" - "Planner" diff --git a/.github/workflows/Describe Resources Schemas.yml b/.github/workflows/Describe Resources Schemas.yml new file mode 100644 index 0000000000..f3e9568012 --- /dev/null +++ b/.github/workflows/Describe Resources Schemas.yml @@ -0,0 +1,47 @@ +name: Describe Resources Schemas +on: [push] + +jobs: + ParseSchemas: + # The type of runner that the job will run on + runs-on: windows-latest + permissions: write-all + + # Only when run from the main repo + if: github.repository == 'microsoft/Microsoft365DSC' + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v3 + - name: Install Microsoft365DSC + shell: powershell + run: | + winrm quickconfig -force + $source = "./Modules/Microsoft365DSC/" + $destination = "C:\Program Files\WindowsPowerShell\Modules" + Copy-Item -Path $source -Recurse -Destination $destination -Container -Force + Update-M365DSCDependencies + - name: Configure Environment + shell: powershell + run: | + Set-ExecutionPolicy Unrestricted -Force + Get-ChildItem "C:\Program Files\WindowsPowerShell\Modules" -Recurse | Unblock-File + Set-M365DSCTelemetryOption -Enabled $false + Set-Item -Path WSMan:\localhost\MaxEnvelopeSizekb -Value 99999 + - name: Generate {Create} Integration Tests from Examples + shell: powershell + run: | + Import-Module './Modules/Microsoft365DSC/Modules/M365DSCSchemaHandler.psm1' + New-M365DSCSchemaDefinition + - name: Commit File + shell: powershell + run: | + git config --local user.email "nicharl@microsoft.com" + git config --local user.name "NikCharlebois" + git add D:/a/Microsoft365DSC/Microsoft365DSC/Modules/Microsoft365DSC/SchemaDefinition.json + git pull + git commit -m "Updated Schema Definition" + git push + $SHA = git rev-parse HEAD + echo "commitid=$SHA" >> $env:GITHUB_OUTPUT diff --git a/.github/workflows/Global - Integration - AAD.yml b/.github/workflows/Global - Integration - AAD.yml index df54194a4b..67e0d5cff9 100644 --- a/.github/workflows/Global - Integration - AAD.yml +++ b/.github/workflows/Global - Integration - AAD.yml @@ -62,7 +62,9 @@ jobs: { throw $_ } - + - name: Validating {Create} Integration Tests + shell: powershell + run: | try { $Result = Test-DSCConfiguration -Detailed -Verbose -ErrorAction Stop @@ -88,6 +90,18 @@ jobs: { Write-Host "All resources in the Tenant are in the Desired State" } + + try + { + # Commenting out since this is very finnicky right now and its preventing other tests from running. + # The Get-DSCConfiguration cmdlet isn't providing much value added when failing and doesn't provide + # info about what parsing issues occured. + #$Result = Get-DSCConfiguration -Verbose -ErrorAction Stop + } + catch + { + throw $_ + } - name: Generate {Update} Integration Tests from Examples shell: powershell run: | @@ -120,7 +134,9 @@ jobs: { throw $_ } - + - name: Validating {Update} Integration Tests + shell: powershell + run: | try { $Result = Test-DSCConfiguration -Detailed -Verbose -ErrorAction Stop @@ -146,6 +162,18 @@ jobs: { Write-Host "All resources in the Tenant are in the Desired State" } + + try + { + # Commenting out since this is very finnicky right now and its preventing other tests from running. + # The Get-DSCConfiguration cmdlet isn't providing much value added when failing and doesn't provide + # info about what parsing issues occured. + #$Result = Get-DSCConfiguration -Verbose -ErrorAction Stop + } + catch + { + throw $_ + } - name: Generate {Remove} Integration Tests from Examples shell: powershell run: | @@ -178,7 +206,9 @@ jobs: { throw $_ } - + - name: Validating {Remove} Integration Tests + shell: powershell + run: | try { $Result = Test-DSCConfiguration -Detailed -Verbose -ErrorAction Stop @@ -205,3 +235,11 @@ jobs: Write-Host "All resources in the Tenant are in the Desired State" } + try + { + #$Result = Get-DSCConfiguration -Verbose -ErrorAction Stop + } + catch + { + throw $_ + } diff --git a/.github/workflows/PublishGitHubPages.yml b/.github/workflows/PublishGitHubPages.yml index bf85a3d7be..5db8507be7 100644 --- a/.github/workflows/PublishGitHubPages.yml +++ b/.github/workflows/PublishGitHubPages.yml @@ -38,6 +38,10 @@ jobs: needs: GenerateResource runs-on: ubuntu-latest + permissions: + contents: write + pages: write + # Only when run from the main repo if: github.repository == 'microsoft/Microsoft365DSC' diff --git a/.vscode/GetTestCoverage.ps1 b/.vscode/GetTestCoverage.ps1 index 458df495a2..0b3a88ff68 100644 --- a/.vscode/GetTestCoverage.ps1 +++ b/.vscode/GetTestCoverage.ps1 @@ -2,31 +2,38 @@ param( [Parameter(Mandatory = $true)] [string] - $UnitTestFilePath, - - [Parameter(Mandatory = $true)] - [string] - $CmdletModule = (Join-Path -Path $PSScriptRoot ` - -ChildPath '..\Stubs\Microsoft365.psm1' ` - -Resolve) + $UnitTestFilePath ) -if ($UnitTestFilePath.EndsWith('Tests.ps1')) -{ +$moduleName = 'Pester' +$minVersion = '5.5.0' - $pesterParameters = @{ - Path = $unitTestFilePath - Parameters = @{ - CmdletModule = $CmdletModule - } - } +$module = Get-Module -ListAvailable | Where-Object { $_.Name -eq $moduleName -and $_.Version -ge $minVersion } +if ($module -ne $null) +{ + Write-Output "Module $moduleName with version greater than or equal to $minVersion found." +} +else +{ + Write-Output "Module $moduleName with version greater than or equal to $minVersion not found." + Write-Output 'Please install the module using the following command:' + Write-Output "Install-Module -Name $moduleName -MinimumVersion $minVersion" + return +} + +if ($UnitTestFilePath.EndsWith('Tests.ps1')) +{ $unitTest = Get-Item -Path $UnitTestFilePath $unitTestName = "$($unitTest.Name.Split('.')[1])" - $unitTestFilePath = (Join-Path -Path $PSScriptRoot ` + $coveragePath = (Join-Path -Path $PSScriptRoot ` -ChildPath "..\Modules\Microsoft365DSC\DSCResources\MSFT_$($unitTestName)\MSFT_$($unitTestName).psm1" ` -Resolve) - Invoke-Pester -Script $pesterParameters -CodeCoverage $UnitTestFilePath -Verbose + $config = New-PesterConfiguration + $config.Run.Path = $UnitTestFilePath + $config.CodeCoverage.Enabled = $true + $config.CodeCoverage.Path = $coveragePath + Invoke-Pester -Configuration $config } diff --git a/.vscode/launch.json b/.vscode/launch.json index 3bd859a536..1258adeb13 100644 --- a/.vscode/launch.json +++ b/.vscode/launch.json @@ -6,9 +6,7 @@ "request": "launch", "name": "Run current unit test", "script": "${file}", - "args": [ - "${workspaceRoot}/Tests/Unit/Stubs/Microsoft365.psm1" - ], + "args": [], "cwd": "${file}", "createTemporaryIntegratedConsole": true }, @@ -18,10 +16,25 @@ "name": "Get current unit test code overage", "script": "${workspaceRoot}/.vscode/GetTestCoverage.ps1", "args": [ - "${file}", - "${workspaceRoot}/Tests/Unit/Stubs/Microsoft365.psm1" + "${file}" ], "createTemporaryIntegratedConsole": true + }, + { + "type": "PowerShell", + "request": "launch", + "name": "Run all QA tests", + "script": "Import-Module '${workspaceRoot}/Tests/TestHarness.psm1'; $QaResults = Invoke-QualityChecksHarness ", + "args": [], + "createTemporaryIntegratedConsole": true + }, + { + "type": "PowerShell", + "request": "launch", + "name": "Run all Unit Tests", + "script": "Import-Module '${workspaceRoot}/Tests/TestHarness.psm1'; $UnitResults = Invoke-TestHarness", + "args": [], + "createTemporaryIntegratedConsole": true } ] } diff --git a/CHANGELOG.md b/CHANGELOG.md index ffee9d7823..c2b154ff4c 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,11 +2,267 @@ # UNRELEASED +* AADAdministrativeUnit + * Fix issue with deploying/creating a new AU with members and/or adding members to an existing AU + FIXES [#4404](https://github.com/microsoft/Microsoft365DSC/issues/4404) + * Updated examples to include setting Visibility and ScopedRoleMembers + * Fix issue with Set-TargetResource was failing to apply when Verbose is set + FIXES [#4497](https://github.com/microsoft/Microsoft365DSC/issues/4497) +* All resources + * Fix issue where Ensure cannot be left as default 'Present' +* AADAdministrativeUnit + * Fix issue with omitted Ensure and/or Id + FIXES [#4437](https://github.com/microsoft/Microsoft365DSC/issues/4437) +* AADConditionalAccessPolicy + * Fixed schema file +* EXOCalendarProcessing + * Fixed schema file +* EXOGroupSettings + * Fixed schema file +* EXOMailTips + * [BREAKING CHANGE] Replaced the Organization parameter with IsSingleInstance + FIXES [#4117](https://github.com/microsoft/Microsoft365DSC/issues/4117) +* EXOMessageClassification + * Fixed schema file +* EXOOMEConfiguration + * Fixed schema file +* EXOTransportRule + * [BREAKING CHANGE] Change data type of Priority from String to Int + FIXES [[#4136](https://github.com/microsoft/Microsoft365DSC/issues/4136)] +* IntuneAppConfigurationPolicy + * Fix comparison in Test-TargetResource + FIXES [#4451](https://github.com/microsoft/Microsoft365DSC/issues/4451) +* IntuneDeviceCompliancePolicyWindows10 + * Fix group assignment by using the corrected function + Update-DeviceConfigurationPolicyAssignment from module M365DSCDRGUtil + FIXES [#4467](https://github.com/microsoft/Microsoft365DSC/issues/4467) * IntuneDeviceEnrollmentPlatformRestriction - * Update the Intune enrollment platform restriction logic to the single platform approach. - * Introduce additional validation for selected properties. * Fixed an issue where nested settings would throw a conflict FIXES [#4082](https://github.com/microsoft/Microsoft365DSC/issues/4082) +* IntuneDeviceEnrollmentStatusPageWindows10 + * Added support for specifying SelectedMobileAppNames in addition to SelectedMobileAppIds, + which are different for each tenant. + FIXES [#4494](https://github.com/microsoft/Microsoft365DSC/issues/4494) +* M365DSCRuleEvaluation + * Log both matching and not matching resources and in XML format +* O365OrgSettings + * Fixed missing permissions in settings.json +* SPOAccessControlSettings + * [BREAKING CHANGE] Removed CommentsOnSitePagesDisabled parameter, because of + duplication in SPOTenantSettings + FIXES [#3576](https://github.com/microsoft/Microsoft365DSC/issues/3576) + * [BREAKING CHANGE] Moved SocialBarOnSitePagesDisabled parameter to SPOTenantSettings, + because it makes more sense there. This has nothing to do with Access Control. +* SPOTenantSettings + * [BREAKING CHANGE] Removed ConditionalAccessPolicy parameter, because of + duplication in SPOAccessControlSettings + FIXES [#3576](https://github.com/microsoft/Microsoft365DSC/issues/3576) + * Added SocialBarOnSitePagesDisabled parameter, moved from SPOAccessControlSettings. +* TeamsChannelTab + * Fixed schema file +* TeamsGroupPolicyAssignment + * Skip assignments that have orphaned/deleted groups or without display name + instead of throwing an error + FIXES [#4407](https://github.com/microsoft/Microsoft365DSC/issues/4407) +* TeamsTenantDialPlan + * Fix output of property NormalizationRules as a string to the blueprint + FIXES [#4428](https://github.com/microsoft/Microsoft365DSC/issues/4428) + * Fix creation, update and deletion of resource +* DEPENDENCIES + * Updated DSCParser to version 2.0.0.2. +* MISC + * Initial release of Get-M365DSCEvaluationRulesForConfiguration + * M365DSCDRGUtil + Fix Update-DeviceConfigurationPolicyAssignment so that if the group cannot + be found by its Id it tries to search it by display name + FIXES [#4467](https://github.com/microsoft/Microsoft365DSC/issues/4467) + * M365DSCReport + Fix issue when asserting TeamsGroupPolicyAssignment configurations by + returning its both mandatory parameters in Get-M365DSCResourceKey + * Fix broken links to integration tests in README.md + +# 1.24.313.1 + +* AADAuthenticationStrengthPolicy + * Removed the Id paremeter from being checked in the Test-TargetResource. +* AADGroup + * Fixed issue when filtering groups by display name + FIXES [#4394](https://github.com/microsoft/Microsoft365DSC/issues/4394) + * Fixed issue where group owners were removed from existing groups when unspecified in the config + FIXES [#4390](https://github.com/microsoft/Microsoft365DSC/issues/4390) +* EXOAcceptedDomain + * Update regular expression to support domains with digits + FIXES [#4446](https://github.com/microsoft/Microsoft365DSC/issues/4446) +* EXOHostedContentFilterPolicy + * Add support for IntraOrgFilterState parameter + FIXES [#4424](https://github.com/microsoft/Microsoft365DSC/issues/4424) +* EXOHostedContentFilterRule + * Fixed issue in case of different names of filter rule and filter policy + FIXES [#4401](https://github.com/microsoft/Microsoft365DSC/issues/4401) +* EXOIntraOrganizationConnector + * Fixed issue with TargetSharingEpr + FIXES [#4381](https://github.com/microsoft/Microsoft365DSC/issues/4381) +* IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneAccountProtectionLocalUserGroupMembershipPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneAccountProtectionPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneAntivirusPolicyWindows10SettingCatalog + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneAppConfigurationPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneApplicationControlPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneASRRulesPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceCompliancePolicyAndroid + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceCompliancePolicyAndroidDeviceOwner + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceCompliancePolicyAndroidWorkProfile + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceCompliancePolicyiOs + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceCompliancePolicyMacOS + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceCompliancePolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceConfigurationCustomPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceConfigurationDomainJoinPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceConfigurationEmailProfilePolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource +* IntuneDeviceConfigurationEndpointProtectionPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * Fixed an issue with the parameter InterfaceTypes from firewallrules defined + as a string instead of string[] +* IntuneDeviceConfigurationSCEPCertificatePolicyWindows10 + * Add property RootCertificateDisplayName in order to support assigning root + certificates by display name since their Ids in a blueprint might be from a + different source tenant + FIXES [#3965](https://github.com/microsoft/Microsoft365DSC/issues/3965) +* IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator + * Fixed policy assignment retrieval when Id is from other tenant, bogus or + null + FIXES [#3970](https://github.com/microsoft/Microsoft365DSC/issues/3970) +* IntuneDeviceConfigurationPolicyAndroidOpenSourceProject + * Fixed policy assignment retrieval when Id is from other tenant, bogus or + null + FIXES [#3971](https://github.com/microsoft/Microsoft365DSC/issues/3971) + * Fixed compare logic for CIM instances in Test-TargetResource +* M365DSCRuleEvaluation + * Fix issue when it didn't find any matching resources and it tried to make a + comparison +* O365OrgSettings + * Add read permission for extracting M365 apps installation settings instead + of extracting them only with read/write permissions + FIXES [#4418](https://github.com/microsoft/Microsoft365DSC/issues/4418) +* TeamsTeam + * Add error handling for teams without displayname during export + FIXES [#4406](https://github.com/microsoft/Microsoft365DSC/issues/4406) +* TeamsVoiceRoute + * Fix policy removal and also comparison in Test-TargetResource +* DEPENDENCIES + * Updated DSCParser to version 1.4.0.4. + * Updated Microsoft.Graph to version 2.15.0. + * Updated MicrosoftTeams to version 6.0.0. +* MISC + * Enhancement to obfuscate password from verbose logging and avoid empty lines + FIXES [#4392](https://github.com/microsoft/Microsoft365DSC/issues/4392) + * Fix example in documentation for Update-M365DSCAzureAdApplication + * Added support for groupDisplayName to all devices and all users groups + +# 1.24.228.1 + +* AADApplication + * Show current values of resource in Test-TargetResource +* AADAuthorizationPolicy + * Show current values of resource in Test-TargetResource +* AADConditionalAccessPolicy + * Improved verbose logging to show that items are being skipped. + * Show current values of resource in Test-TargetResource +* AADExternalIdentityPolicy + * Show current values of resource in Test-TargetResource +* AADGroup + * Fixed issue with single quotes in the display name. + FIXES [#4358](https://github.com/microsoft/Microsoft365DSC/issues/4358) + * Show current values of resource in Test-TargetResource +* AADGroupLifecyclePolicy + * Show current values of resource in Test-TargetResource +* AADGroupsNamingPolicy + * Show current values of resource in Test-TargetResource +* AADGroupsSettings + * Show current values of resource in Test-TargetResource +* AADNamedLocationPolicy + * Show current values of resource in Test-TargetResource +* AADRoleDefinition + * Show current values of resource in Test-TargetResource +* AADRoleSetting + * Show current values of resource in Test-TargetResource +* AADSecurityDefaults + * Show current values of resource in Test-TargetResource +* AADServicePrincipal + * Show current values of resource in Test-TargetResource +* AADTenantDetails + * Show current values of resource in Test-TargetResource +* AADTokenLifetimePolicy + * Show current values of resource in Test-TargetResource +* EXOActiveSyncDeviceAccessRule + * Remove extra property GUID that is stopping EXO integration tests from + running +* IntuneDeviceConfigurationScepCertificatePolicyWindows10 + * Fixes an issue where the keyUsage property format was not correctly handled +* IntuneExploitProtectionPolicyWindows10SettingCatalog + * Fix update and removal of resource when Identity is from another tenant + FIXES [#3962](https://github.com/microsoft/Microsoft365DSC/issues/3962) +* SPOAccessControlSettings + * Added support for the ConditionalAccessPolicy parameter based on the PNP Module +* Teams resources + * Updated required application permissions to support [Application Based Authentication](https://learn.microsoft.com/en-us/microsoftteams/teams-powershell-application-authentication) +* TeamsCallQueue + * Reduce the number of Calls for Export using new cache pattern + FIXES [[#4191](https://github.com/microsoft/Microsoft365DSC/issues/4192)] +* TeamsGuestMeetingConfiguration + * Added the missing parameter AllowTranscription. + FIXES [#4363](https://github.com/microsoft/Microsoft365DSC/issues/4363) +* TeamsTeam + * Corrected Parameters for Graph Commands when creating a new Team + FIXES [#4383](https://github.com/microsoft/Microsoft365DSC/issues/4383) +* MISC + * M365DSCDRGUtil + Add new parameter for customizable assignment identifier + * M365DSCUtil + Change heuristics on how to find the mandatory key of the resources to + include them as part of the ResourceInstanceName during their export + FIXES [#4333](https://github.com/microsoft/Microsoft365DSC/issues/4333) # 1.24.221.1 @@ -76,12 +332,11 @@ * Updated Microsoft.Graph to version 2.14.1. # 1.24.214.2 - * AADConditionalAccessPolicy * Removed invalid empty string value that was added to the validate set of two parameters. - * Updated permission reference for app-onlzy authentication. - FIXES [[#3329](https://github.com/microsoft/Microsoft365DSC/issues/3329)] + * Updated permission reference for app-only authentication. + FIXES [#3329](https://github.com/microsoft/Microsoft365DSC/issues/3329) * AADRoleEligibilityScheduleRequest * Fixed an issue where an error was thrown if no requests were found instead of simply returning the Null object. @@ -89,8 +344,9 @@ * Fix handling of DisplayName property in comparison FIXES [#4019](https://github.com/microsoft/Microsoft365DSC/issues/4019) * AADUser - * Fixed and issue where an user would be created even if the resrouce was set to absent. - FIXES [[#4265](https://github.com/microsoft/Microsoft365DSC/issues/4265)] + * Fixed and issue where an user would be created even if the resource was set + to absent. + FIXES [#4265](https://github.com/microsoft/Microsoft365DSC/issues/4265) * EXOMobileDeviceMailboxPolicy * Fixes an issue where an empty MinPasswordLength value was always passed down to the update logic flow. @@ -132,6 +388,7 @@ * Fix IntuneDeviceEnrolllmentPlatformRestriction comparison in report FIXES [#4291](https://github.com/microsoft/Microsoft365DSC/issues/4291) * Added new QA test to check for missing description in resource schema + * Added new QA test to check for falsely assigned write-premissions in settings.json # 1.24.207.2 @@ -151,7 +408,7 @@ * SCDLPComplianceRule * Properly escapes fancy quotes in the Get method. * TeamsMeetingPolicy - * Ignore the AllowUserToJoinExternalMeeting parameterfor drift evaluation + * Ignore the AllowUserToJoinExternalMeeting parameter for drift evaluation since it doesn't do anything based on official documentation. * DEPENDENCIES * Updated Microsoft.PowerApps.Administration.PowerShell to version 2.0.180. diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 index 910ed8d5f9..7a94fad632 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAdministrativeUnit/MSFT_AADAdministrativeUnit.psm1 @@ -100,22 +100,6 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $getValue = $null - - #region resource generator code - if (-Not [string]::IsNullOrEmpty($Id)) - { - $getValue = Get-MgBetaDirectoryAdministrativeUnit -AdministrativeUnitId $Id -ErrorAction Stop - } - - if (-not $getValue -and -Not [string]::IsNullOrEmpty($DisplayName)) - { - $getValue = Get-MgBetaDirectoryAdministrativeUnit -Filter "DisplayName eq '$DisplayName'" -ErrorAction Stop - } - #endregion - - $nullResult = $PSBoundParameters - $nullResult.Ensure = 'Absent' $getValue = $null #region resource generator code @@ -565,8 +549,8 @@ function Set-TargetResource foreach ($member in $memberSpecification) { Write-Verbose -Message "Adding new dynamic member {$($member.Id)}" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$($member.Type)/$($member.Id)" $memberBodyParam = @{ - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/$($member.Type)/$($member.Id)" '@odata.id' = $url } @@ -663,8 +647,8 @@ function Set-TargetResource { Write-Verbose -Message "AdministrativeUnit {$DisplayName} Adding member {$($diff.Identity)}, type {$($diff.Type)}" + $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "beta/$memberType/$($memberObject.Id)" $memberBodyParam = @{ - $url = $Global:MSCloudLoginConnectionProfile.MicrosoftGraph.ResourceUrl + "v1.0/$memberType/$($memberObject.Id)" '@odata.id' = $url } New-MgBetaDirectoryAdministrativeUnitMemberByRef -AdministrativeUnitId ($currentInstance.Id) -BodyParameter $memberBodyParam | Out-Null @@ -895,7 +879,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false - Ensure not the same" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 index 290621c0ba..763ceb3092 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADApplication/MSFT_AADApplication.psm1 @@ -112,6 +112,7 @@ function Get-TargetResource $nullReturn = $PSBoundParameters $nullReturn.Ensure = 'Absent' + $AADApp = $null try { try @@ -212,7 +213,7 @@ function Get-TargetResource TenantId = $TenantId ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent + ManagedIdentity = $ManagedIdentity.IsPresent } Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result @@ -813,6 +814,7 @@ function Test-TargetResource Write-Verbose -Message 'No Permissions exist for the current Azure AD App and no permissions were specified' } } + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 index ad70aeaa6c..eb1ebd16af 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicy/MSFT_AADAuthenticationMethodPolicy.psm1 @@ -453,7 +453,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 index dc55e471df..8474aa15d3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyAuthenticator/MSFT_AADAuthenticationMethodPolicyAuthenticator.psm1 @@ -105,7 +105,14 @@ function Get-TargetResource } else { - $complexExcludeTarget.Add('Id', 'all_users') + if ($getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.id -eq '00000000-0000-0000-0000-000000000000') + { + $complexExcludeTarget.Add('Id', '00000000-0000-0000-0000-000000000000') + } + else + { + $complexExcludeTarget.Add('Id', 'all_users') + } } if ($null -ne $getValue.additionalProperties.featureSettings.companionAppAllowedState.excludeTarget.targetType) { @@ -124,7 +131,14 @@ function Get-TargetResource } else { - $complexIncludeTarget.Add('Id', 'all_users') + if ($getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.id -eq '00000000-0000-0000-0000-000000000000') + { + $complexIncludeTarget.Add('Id', '00000000-0000-0000-0000-000000000000') + } + else + { + $complexIncludeTarget.Add('Id', 'all_users') + } } if ($null -ne $getValue.additionalProperties.featureSettings.companionAppAllowedState.includeTarget.targetType) { @@ -154,7 +168,14 @@ function Get-TargetResource } else { - $complexExcludeTarget.Add('Id', 'all_users') + if ($getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.id -eq '00000000-0000-0000-0000-000000000000') + { + $complexExcludeTarget.Add('Id', '00000000-0000-0000-0000-000000000000') + } + else + { + $complexExcludeTarget.Add('Id', 'all_users') + } } if ($null -ne $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.excludeTarget.targetType) { @@ -173,7 +194,14 @@ function Get-TargetResource } else { - $complexIncludeTarget.Add('Id', 'all_users') + if ($getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.id -eq '00000000-0000-0000-0000-000000000000') + { + $complexIncludeTarget.Add('Id', '00000000-0000-0000-0000-000000000000') + } + else + { + $complexIncludeTarget.Add('Id', 'all_users') + } } if ($null -ne $getValue.additionalProperties.featureSettings.displayAppInformationRequiredState.includeTarget.targetType) { @@ -202,7 +230,14 @@ function Get-TargetResource } else { - $complexExcludeTarget.Add('Id', 'all_users') + if ($getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.id -eq '00000000-0000-0000-0000-000000000000') + { + $complexExcludeTarget.Add('Id', '00000000-0000-0000-0000-000000000000') + } + else + { + $complexExcludeTarget.Add('Id', 'all_users') + } } if ($null -ne $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.excludeTarget.targetType) { @@ -221,7 +256,14 @@ function Get-TargetResource } else { - $complexIncludeTarget.Add('Id', 'all_users') + if ($getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.id -eq '00000000-0000-0000-0000-000000000000') + { + $complexIncludeTarget.Add('Id', '00000000-0000-0000-0000-000000000000') + } + else + { + $complexIncludeTarget.Add('Id', 'all_users') + } } if ($null -ne $getValue.additionalProperties.featureSettings.displayLocationInformationRequiredState.includeTarget.targetType) { @@ -612,7 +654,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 index 1ea4e8d70c..f9340ee1ea 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyEmail/MSFT_AADAuthenticationMethodPolicyEmail.psm1 @@ -392,7 +392,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 index 5e1bd2fce9..2591366082 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyFido2/MSFT_AADAuthenticationMethodPolicyFido2.psm1 @@ -420,7 +420,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 index 8ac4fd6b8e..2693cf761e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySms/MSFT_AADAuthenticationMethodPolicySms.psm1 @@ -368,7 +368,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 index 0a2f0a50f5..de1128d96c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicySoftware/MSFT_AADAuthenticationMethodPolicySoftware.psm1 @@ -368,7 +368,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 index 2fd4718e04..48d7b98a99 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyTemporary/MSFT_AADAuthenticationMethodPolicyTemporary.psm1 @@ -436,7 +436,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 index e816c4dfc6..4b500ccb94 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyVoice/MSFT_AADAuthenticationMethodPolicyVoice.psm1 @@ -381,7 +381,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyX509/MSFT_AADAuthenticationMethodPolicyX509.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyX509/MSFT_AADAuthenticationMethodPolicyX509.psm1 index b79f23dec4..84716c3376 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyX509/MSFT_AADAuthenticationMethodPolicyX509.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationMethodPolicyX509/MSFT_AADAuthenticationMethodPolicyX509.psm1 @@ -444,7 +444,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 index 939662c622..0160f9e242 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthenticationStrengthPolicy/MSFT_AADAuthenticationStrengthPolicy.psm1 @@ -75,7 +75,7 @@ function Get-TargetResource if (-not [System.String]::IsNullOrEmpty($Id)) { - $getValue = Get-MgBetaPolicyAuthenticationStrengthPolicy -AuthenticationStrengthPolicyId $Id + $getValue = Get-MgBetaPolicyAuthenticationStrengthPolicy -AuthenticationStrengthPolicyId $Id -ErrorAction 'SilentlyContinue' } if ($null -eq $getValue) @@ -279,8 +279,8 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + $ValuesToCheck.Remove('Id') | Out-Null + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthorizationPolicy/MSFT_AADAuthorizationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthorizationPolicy/MSFT_AADAuthorizationPolicy.psm1 index 6559de3f37..ec4a07d6e9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthorizationPolicy/MSFT_AADAuthorizationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADAuthorizationPolicy/MSFT_AADAuthorizationPolicy.psm1 @@ -489,6 +489,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 index c62d6a3aca..3f5d7451f5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.psm1 @@ -31,7 +31,7 @@ function Get-TargetResource $ApplicationsFilter, [Parameter()] - [ValidateSet("include", "exclude")] + [ValidateSet('include', 'exclude')] [System.String] $ApplicationsFilterMode, @@ -300,7 +300,8 @@ function Get-TargetResource } catch { - New-M365DSCLogEntry -Message 'Error retrieving data:' ` + $message = "Couldn't find IncludedUser '$IncludeUserGUID', that is defined in policy '$PolicyDisplayName'. Skipping user." + New-M365DSCLogEntry -Message $message ` -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -334,8 +335,9 @@ function Get-TargetResource } catch { - $message = "Couldn't find user $ExcludeUserGUID , that is defined in policy $PolicyDisplayName" + $message = "Couldn't find ExcludedUser '$ExcludeUserGUID', that is defined in policy '$PolicyDisplayName'. Skipping user." New-M365DSCLogEntry -Message $message ` + -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` -Credential $Credential @@ -366,8 +368,9 @@ function Get-TargetResource } catch { - $message = "Couldn't find Group $IncludeGroupGUID , that is defined in policy $PolicyDisplayName" + $message = "Couldn't find IncludedGroup '$IncludeGroupGUID', that is defined in policy '$PolicyDisplayName'. Skipping group." New-M365DSCLogEntry -Message $message ` + -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` -Credential $Credential @@ -393,8 +396,9 @@ function Get-TargetResource } catch { - $message = "Couldn't find Group $ExcludeGroupGUID , that is defined in policy $PolicyDisplayName" + $message = "Couldn't find ExcludedGroup '$ExcludeGroupGUID', that is defined in policy '$PolicyDisplayName'. Skipping group." New-M365DSCLogEntry -Message $message ` + -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` -Credential $Credential @@ -426,7 +430,7 @@ function Get-TargetResource { if ($null -eq $rolelookup[$IncludeRoleGUID]) { - $message = "Couldn't find role $IncludeRoleGUID , couldn't add to policy $PolicyDisplayName" + $message = "Couldn't find IncludedRole '$IncludeRoleGUID', that is defined in policy '$PolicyDisplayName'. Skipping role." New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -446,7 +450,7 @@ function Get-TargetResource { if ($null -eq $rolelookup[$ExcludeRoleGUID]) { - $message = "Couldn't find role $ExcludeRoleGUID , couldn't add to policy $PolicyDisplayName" + $message = "Couldn't find ExcludedRole '$ExcludeRoleGUID', that is defined in policy '$PolicyDisplayName'. Skipping role." New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -576,7 +580,7 @@ function Get-TargetResource $AuthenticationStrengthValue = $null if ($null -ne $Policy.GrantControls -and $null -ne $Policy.GrantControls.AuthenticationStrength -and ` - $null -ne $Policy.GrantControls.AuthenticationStrength.Id) + $null -ne $Policy.GrantControls.AuthenticationStrength.Id) { $strengthPolicy = Get-MgBetaPolicyAuthenticationStrengthPolicy -AuthenticationStrengthPolicyId $Policy.GrantControls.AuthenticationStrength.Id if ($null -ne $strengthPolicy) @@ -591,8 +595,8 @@ function Get-TargetResource foreach ($class in $Policy.Conditions.Applications.IncludeAuthenticationContextClassReferences) { $classReference = Get-MgBetaIdentityConditionalAccessAuthenticationContextClassReference ` - -AuthenticationContextClassReferenceId $class ` - -ErrorAction SilentlyContinue + -AuthenticationContextClassReferenceId $class ` + -ErrorAction SilentlyContinue if ($null -ne $classReference) { $AuthenticationContextsValues += $classReference.DisplayName @@ -678,9 +682,9 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent } + Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" return $result - } function Set-TargetResource @@ -715,7 +719,7 @@ function Set-TargetResource $ApplicationsFilter, [Parameter()] - [ValidateSet("include", "exclude")] + [ValidateSet('include', 'exclude')] [System.String] $ApplicationsFilterMode, @@ -947,18 +951,16 @@ function Set-TargetResource #create Conditions object Write-Verbose -Message 'Set-Targetresource: create Conditions object' $conditions = @{ - Applications = @{ - } - Users = @{ - } + Applications = @{} + Users = @{} } #create and provision Application Condition object Write-Verbose -Message 'Set-Targetresource: create Application Condition object' - if ($currentParameters.ContainsKey("IncludeApplications")) + if ($currentParameters.ContainsKey('IncludeApplications')) { $conditions.Applications.Add('IncludeApplications', $IncludeApplications) } - if ($currentParameters.ContainsKey("ExcludeApplications")) + if ($currentParameters.ContainsKey('ExcludeApplications')) { $conditions.Applications.Add('ExcludeApplications', $ExcludeApplications) } @@ -968,7 +970,7 @@ function Set-TargetResource rule = $ApplicationsFilter mode = $ApplicationsFilterMode } - $conditions.Applications.Add("ApplicationFilter", $appFilterValue) + $conditions.Applications.Add('ApplicationFilter', $appFilterValue) } if ($IncludeUserActions) { @@ -981,7 +983,7 @@ function Set-TargetResource $classReferences = Get-MgBetaIdentityConditionalAccessAuthenticationContextClassReference -ErrorAction SilentlyContinue foreach ($authContext in $AuthenticationContexts) { - $currentClassId = $classReferences | Where-Object -FilterScript {$_.DisplayName -eq $authContext} + $currentClassId = $classReferences | Where-Object -FilterScript { $_.DisplayName -eq $authContext } if ($null -ne $currentClassId) { $AuthenticationContextsValues += $currentClassId.Id @@ -1018,7 +1020,7 @@ function Set-TargetResource } if ($null -eq $userguid) { - $message = "Couldn't find user $includeuser , couldn't add to policy $DisplayName" + $message = "Couldn't find user '$includeuser', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1065,7 +1067,7 @@ function Set-TargetResource } if ($null -eq $userguid) { - $message = "Couldn't find user $excludeuser , couldn't add to policy $DisplayName" + $message = "Couldn't find user '$excludeuser', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1110,7 +1112,7 @@ function Set-TargetResource } if ($GroupLookup.Length -gt 1) { - $message = "Duplicate group found with displayname $includegroup , couldn't add to policy $DisplayName" + $message = "Duplicate group found with displayname '$includegroup', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1119,7 +1121,7 @@ function Set-TargetResource } elseif ($null -eq $GroupLookup) { - $message = "Couldn't find group $includegroup , couldn't add to policy $DisplayName" + $message = "Couldn't find group '$includegroup', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1128,7 +1130,7 @@ function Set-TargetResource } else { - Write-Verbose -Message 'adding group to includegroups' + Write-Verbose -Message 'Adding group to includegroups' $conditions.Users.IncludeGroups += $GroupLookup.Id } } @@ -1160,7 +1162,7 @@ function Set-TargetResource } if ($GroupLookup.Length -gt 1) { - $message = "Duplicate group found with displayname $ExcludeGroup , couldn't add to policy $DisplayName" + $message = "Duplicate group found with displayname '$ExcludeGroup', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1169,7 +1171,7 @@ function Set-TargetResource } elseif ($null -eq $GroupLookup) { - $message = "Couldn't find group $ExcludeGroup , couldn't add to policy $DisplayName" + $message = "Couldn't find group '$ExcludeGroup', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1178,7 +1180,7 @@ function Set-TargetResource } else { - Write-Verbose -Message 'adding group to ExcludeGroups' + Write-Verbose -Message 'Adding group to ExcludeGroups' $conditions.Users.ExcludeGroups += $GroupLookup.Id } } @@ -1203,7 +1205,7 @@ function Set-TargetResource { if ($null -eq $rolelookup[$IncludeRole]) { - $message = "Couldn't find role $IncludeRole , couldn't add to policy $DisplayName" + $message = "Couldn't find role '$IncludeRole', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1237,7 +1239,7 @@ function Set-TargetResource { if ($null -eq $rolelookup[$ExcludeRole]) { - $message = "Couldn't find role $ExcludeRole , couldn't add to policy $DisplayName" + $message = "Couldn't find role '$ExcludeRole', couldn't add to policy '$DisplayName'" New-M365DSCLogEntry -Message $message ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` @@ -1507,12 +1509,12 @@ function Set-TargetResource } if ($AuthenticationStrength) { - $strengthPolicy = Get-MgBetaPolicyAuthenticationStrengthPolicy | Where-Object -FilterScript {$_.DisplayName -eq $AuthenticationStrength} -ErrorAction SilentlyContinue + $strengthPolicy = Get-MgBetaPolicyAuthenticationStrengthPolicy | Where-Object -FilterScript { $_.DisplayName -eq $AuthenticationStrength } -ErrorAction SilentlyContinue if ($null -ne $strengthPolicy) { $authenticationStrengthInstance = @{ id = $strengthPolicy.Id - "@odata.type" = "#microsoft.graph.authenticationStrengthPolicy" + '@odata.type' = '#microsoft.graph.authenticationStrengthPolicy' } $GrantControls.Add('authenticationStrength', $authenticationStrengthInstance) } @@ -1575,7 +1577,7 @@ function Set-TargetResource } else { - $sessioncontrols.SignInFrequency.Remove("type") | Out-Null + $sessioncontrols.SignInFrequency.Remove('type') | Out-Null } if ($SignInFrequencyValue -gt 0) { @@ -1583,7 +1585,7 @@ function Set-TargetResource } else { - $sessioncontrols.SignInFrequency.Remove("value") | Out-Null + $sessioncontrols.SignInFrequency.Remove('value') | Out-Null } $sessioncontrols.SignInFrequency.frequencyInterval = $SignInFrequencyInterval } @@ -1649,9 +1651,9 @@ function Set-TargetResource else { New-M365DSCLogEntry -Message 'Error creating new policy:' ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential Write-Verbose -Message 'Set-Targetresource: Failed creating new policy. At least a user rule, application rule and grant or session control is required' } @@ -1674,7 +1676,7 @@ function Set-TargetResource Write-Verbose -Message "Set-Targetresource: Failed deleting policy $DisplayName" } } - Write-Verbose -Message "Set-Targetresource: finished processing Policy $Displayname" + Write-Verbose -Message "Set-Targetresource: Finished processing Policy $Displayname" } function Test-TargetResource @@ -1710,7 +1712,7 @@ function Test-TargetResource $ApplicationsFilter, [Parameter()] - [ValidateSet("include", "exclude")] + [ValidateSet('include', 'exclude')] [System.String] $ApplicationsFilterMode, @@ -1912,6 +1914,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.schema.mof index 9d1203c2af..f02f40a012 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADConditionalAccessPolicy/MSFT_AADConditionalAccessPolicy.schema.mof @@ -40,7 +40,7 @@ class MSFT_AADConditionalAccessPolicy : OMI_BaseResource [Write, Description("Custom Controls assigned to the grant property of this policy.")] String CustomAuthenticationFactors[]; [Write, Description("Sign in frequency unit (days/hours) to be interpreted by the policy."), ValueMap{"Days","Hours",""}, Values{"Days","Hours",""}] String SignInFrequencyType; [Write, Description("Specifies, whether sign-in frequency is enforced by the Policy.")] Boolean SignInFrequencyIsEnabled; - [Write, Description("Sign in frequency interval. Possible values are: timeBased, everyTime and unknownFutureValue."), ValueMap{"timeBased","everyTime","unknownFutureValue"}, Values{"timeBased","everyTime","unknownFutureValue"}] String SignInFrequencyInterval; + [Write, Description("Sign in frequency interval. Possible values are: timeBased, everyTime and unknownFutureValue."), ValueMap{"timeBased","everyTime","unknownFutureValue"}, Values{"timeBased","everyTime","unknownFutureValue"}] String SignInFrequencyInterval; [Write, Description("Specifies, whether Browser Persistence is controlled by the Policy.")] Boolean PersistentBrowserIsEnabled; [Write, Description("Specifies, what Browser Persistence control is enforced by the Policy."), ValueMap{"Always","Never",""}, Values{"Always","Never",""}] String PersistentBrowserMode; [Write, Description("Name of the associated authentication strength policy.")] String AuthenticationStrength; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 index 9339b59158..ea4de736a4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicy/MSFT_AADCrossTenantAccessPolicy.psm1 @@ -257,7 +257,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 index 5300c7096b..30fb8b5229 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/MSFT_AADCrossTenantAccessPolicyConfigurationDefault.psm1 @@ -336,7 +336,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/settings.json index 4de0e492b8..a6f1520575 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationDefault/settings.json @@ -1,5 +1,5 @@ { - "resourceName": "AADAuthenticationMethodPolicyConfigurationDefault", + "resourceName": "AADCrossTenantAccessPolicyConfigurationDefault", "description": "This resource configures an Azure AD Authentication Method Policy Configuration Default.", "roles": { "read": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 index 008e94eac6..d3a2f70c35 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/MSFT_AADCrossTenantAccessPolicyConfigurationPartner.psm1 @@ -364,7 +364,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/settings.json index b44cf1dfc7..7bf245462c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADCrossTenantAccessPolicyConfigurationPartner/settings.json @@ -1,5 +1,5 @@ { - "resourceName": "AADAuthenticationMethodPolicyConfigurationPartner", + "resourceName": "AADCrossTenantAccessPolicyConfigurationPartner", "description": "This resource configures an Azure AD Authentication Method Policy Configuration Partner.", "roles": { "read": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 index 62fb18a109..fb2cc2c977 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy/MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy.psm1 @@ -796,7 +796,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 index 98a4ef18ea..adf83a4b86 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementAccessPackageCatalogResource/MSFT_AADEntitlementManagementAccessPackageCatalogResource.psm1 @@ -571,7 +571,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 index 6e7b94cf31..39c98aa1a9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/MSFT_AADEntitlementManagementConnectedOrganization.psm1 @@ -647,7 +647,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json index 6dbd672a14..3a9096b509 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADEntitlementManagementConnectedOrganization/settings.json @@ -15,9 +15,6 @@ "read": [ { "name": "EntitlementManagement.Read.All" - }, - { - "name": "EntitlementManagement.ReadWrite.All" } ], "update": [ @@ -33,9 +30,6 @@ "read": [ { "name": "EntitlementManagement.Read.All" - }, - { - "name": "EntitlementManagement.ReadWrite.All" } ], "update": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 index 889b914f14..05d6fb57c5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADExternalIdentityPolicy/MSFT_AADExternalIdentityPolicy.psm1 @@ -241,6 +241,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 index c000517482..7112d8965d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroup/MSFT_AADGroup.psm1 @@ -129,9 +129,9 @@ function Get-TargetResource Write-Verbose -Message 'GroupID was specified' try { - if ($null -ne $Script:exportedGroups-and $Script:ExportMode) + if ($null -ne $Script:exportedGroups -and $Script:ExportMode) { - $Group = $Script:exportedGroups | Where-Object -FilterScript {$_.Id -eq $Id} + $Group = $Script:exportedGroups | Where-Object -FilterScript { $_.Id -eq $Id } } else { @@ -141,13 +141,14 @@ function Get-TargetResource catch { Write-Verbose -Message "Couldn't get group by ID, trying by name" - if ($null -ne $Script:exportedGroups-and $Script:ExportMode) + if ($null -ne $Script:exportedGroups -and $Script:ExportMode) { - $Group = $Script:exportedGroups | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $Group = $Script:exportedGroups | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { - $Group = Get-MgGroup -Filter "DisplayName eq '$DisplayName'" -ErrorAction Stop + $filter = "DisplayName eq '$DisplayName'" -replace "'", "''" + $Group = Get-MgGroup -Filter $filter -ErrorAction Stop } if ($Group.Length -gt 1) { @@ -159,13 +160,18 @@ function Get-TargetResource { Write-Verbose -Message 'Id was NOT specified' ## Can retreive multiple AAD Groups since displayname is not unique - if ($null -ne $Script:exportedGroups-and $Script:ExportMode) + if ($null -ne $Script:exportedGroups -and $Script:ExportMode) { - $Group = $Script:exportedGroups | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $Group = $Script:exportedGroups | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { - $Group = Get-MgGroup -Filter "DisplayName eq '$DisplayName'" -ErrorAction Stop + if ($DisplayName.Contains("'")) + { + $DisplayName = $DisplayName -replace "'", "''" + } + $filter = "DisplayName eq '$DisplayName'" + $Group = Get-MgGroup -Filter $filter -ErrorAction Stop } if ($Group.Length -gt 1) { @@ -271,7 +277,7 @@ function Get-TargetResource Credential = $Credential Managedidentity = $ManagedIdentity.IsPresent } - Write-Verbose -Message "Get-TargetResource Result: `n $(Convert-M365DscHashtableToString -Hashtable $result)" + return $result } } @@ -616,48 +622,52 @@ function Set-TargetResource if ($Ensure -ne 'Absent') { #Owners - $currentOwnersValue = @() - if ($currentParameters.Owners.Length -gt 0) - { - $currentOwnersValue = $backCurrentOwners - } - $desiredOwnersValue = @() - if ($Owners.Length -gt 0) + if ($PSBoundParameters.ContainsKey('Owners')) { - $desiredOwnersValue = $Owners - } - if ($backCurrentOwners -eq $null) - { - $backCurrentOwners = @() - } - $ownersDiff = Compare-Object -ReferenceObject $backCurrentOwners -DifferenceObject $desiredOwnersValue - foreach ($diff in $ownersDiff) - { - $user = Get-MgUser -UserId $diff.InputObject - - if ($diff.SideIndicator -eq '=>') + $currentOwnersValue = @() + if ($currentParameters.Owners.Length -gt 0) { - Write-Verbose -Message "Adding new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" - $ownerObject = @{ - '@odata.id' = "https://graph.microsoft.com/v1.0/users/{$($user.Id)}" - } - try - { - New-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -BodyParameter $ownerObject -ErrorAction Stop| Out-Null - } - catch + $currentOwnersValue = $backCurrentOwners + } + $desiredOwnersValue = @() + if ($Owners.Length -gt 0) + { + $desiredOwnersValue = $Owners + } + if ($backCurrentOwners -eq $null) + { + $backCurrentOwners = @() + } + $ownersDiff = Compare-Object -ReferenceObject $backCurrentOwners -DifferenceObject $desiredOwnersValue + foreach ($diff in $ownersDiff) + { + $user = Get-MgUser -UserId $diff.InputObject + + if ($diff.SideIndicator -eq '=>') { - if ($_.Exception.Message -notlike "*One or more added object references already exist for the following modified properties*") + Write-Verbose -Message "Adding new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" + $ownerObject = @{ + '@odata.id' = "https://graph.microsoft.com/v1.0/users/{$($user.Id)}" + } + try + { + New-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -BodyParameter $ownerObject -ErrorAction Stop | Out-Null + } + catch { - throw $_ + if ($_.Exception.Message -notlike '*One or more added object references already exist for the following modified properties*') + { + throw $_ + } } } + elseif ($diff.SideIndicator -eq '<=') + { + Write-Verbose -Message "Removing new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" + Remove-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -DirectoryObjectId ($user.Id) | Out-Null + } } - elseif ($diff.SideIndicator -eq '<=') - { - Write-Verbose -Message "Removing new owner {$($diff.InputObject)} to AAD Group {$($currentGroup.DisplayName)}" - Remove-MgGroupOwnerByRef -GroupId ($currentGroup.Id) -DirectoryObjectId ($user.Id) | Out-Null - } + } #Members @@ -945,6 +955,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" # Check Licenses @@ -1078,29 +1089,32 @@ function Export-TargetResource # Define the list of attributes $attributesToCheck = @( - "description", - "displayName", - "hasMembersWithLicenseErrors", - "mail", - "mailNickname", - "onPremisesSecurityIdentifier", - "onPremisesSyncEnabled", - "preferredLanguage" + 'description', + 'displayName', + 'hasMembersWithLicenseErrors', + 'mail', + 'mailNickname', + 'onPremisesSecurityIdentifier', + 'onPremisesSyncEnabled', + 'preferredLanguage' ) # Initialize a flag to indicate whether any attribute matches the condition $matchConditionFound = $false # Check each attribute in the list - foreach ($attribute in $attributesToCheck) { - if ($Filter -like "*$attribute eq null*") { + foreach ($attribute in $attributesToCheck) + { + if ($Filter -like "*$attribute eq null*") + { $matchConditionFound = $true break } } # If any attribute matches, add parameters to $ExportParameters - if ($matchConditionFound -or $Filter -like "*endsWith*") { + if ($matchConditionFound -or $Filter -like '*endsWith*') + { $ExportParameters.Add('CountVariable', 'count') $ExportParameters.Add('ConsistencyLevel', 'eventual') } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupLifecyclePolicy/MSFT_AADGroupLifecyclePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupLifecyclePolicy/MSFT_AADGroupLifecyclePolicy.psm1 index d7fb7cbdeb..64fc27b4ad 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupLifecyclePolicy/MSFT_AADGroupLifecyclePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupLifecyclePolicy/MSFT_AADGroupLifecyclePolicy.psm1 @@ -324,6 +324,8 @@ function Test-TargetResource Write-Verbose -Message 'Testing configuration of AzureAD Groups Lifecycle Policy' $CurrentValues = Get-TargetResource @PSBoundParameters + + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsNamingPolicy/MSFT_AADGroupsNamingPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsNamingPolicy/MSFT_AADGroupsNamingPolicy.psm1 index 3f3556c1a5..4e400a5690 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsNamingPolicy/MSFT_AADGroupsNamingPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsNamingPolicy/MSFT_AADGroupsNamingPolicy.psm1 @@ -284,6 +284,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 index aa1d47adf6..ba85c2ec10 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADGroupsSettings/MSFT_AADGroupsSettings.psm1 @@ -415,6 +415,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 index cb125080aa..d1f57d538e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADNamedLocationPolicy/MSFT_AADNamedLocationPolicy.psm1 @@ -398,6 +398,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 index 242ee1b0f2..4b07889575 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleDefinition/MSFT_AADRoleDefinition.psm1 @@ -365,6 +365,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 index c5266516d2..ecd106f47e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/MSFT_AADRoleEligibilityScheduleRequest.psm1 @@ -154,16 +154,15 @@ else { Write-Verbose -Message "Getting Role Eligibility by PrincipalId and RoleDefinitionId" + Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" if ($PrincipalType -eq 'User') { - Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" $PrincipalIdValue = Get-MgUser -Filter "UserPrincipalName eq '$Principal'" -ErrorAction SilentlyContinue $PrincipalTypeValue = 'User' } if ($null -eq $PrincipalIdValue -or $PrincipalType -eq 'Group') { - Write-Verbose -Message "Retrieving principal {$Principal} of type {$PrincipalType}" $PrincipalIdValue = Get-MgGroup -Filter "DisplayName eq '$Principal'" -ErrorAction SilentlyContinue $PrincipalTypeValue = 'Group' } @@ -817,10 +816,10 @@ function Export-TargetResource } foreach ($request in $Script:exportedInstances) { - $displayedKey = $request.Id + $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId + $displayedKey = $RoleDefinitionId.DisplayName + " - " + $request.PrincipalId Write-Host " |---[$i/$($Script:exportedInstances.Count)] $displayedKey" -NoNewline - $RoleDefinitionId = Get-MgBetaRoleManagementDirectoryRoleDefinition -UnifiedRoleDefinitionId $request.RoleDefinitionId $params = @{ Id = $request.Id Principal = $request.PrincipalId diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json index e6d4aedab2..920f41deef 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleEligibilityScheduleRequest/settings.json @@ -14,7 +14,7 @@ "application": { "read": [ { - "name": "RoleEligibilitySchedule.ReadWrite.Directory" + "name": "RoleEligibilitySchedule.Read.Directory" } ], "update": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 index ab1bd0536e..fb4fd4a2e7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.psm1 @@ -164,6 +164,18 @@ function Get-TargetResource [System.Boolean] $EligibleAssignmentAssigneeNotificationOnlyCritical, + [Parameter()] + [System.Boolean] + $AuthenticationContextRequired, + + [Parameter()] + [System.String] + $AuthenticationContextId, + + [Parameter()] + [System.String] + $AuthenticationContextName, + [Parameter()] [ValidateSet('Present')] [System.String] @@ -217,7 +229,7 @@ function Get-TargetResource $RoleDefintion = $null if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript {$_.Id -eq $Id} + $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript { $_.Id -eq $Id } } elseif (-not [System.String]::IsNullOrEmpty($Id)) { @@ -229,7 +241,7 @@ function Get-TargetResource { if ($null -ne $Script:exportedInstances -and $Script:ExportMode) { - $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript {$_.DisplayName -eq $DisplayName} + $RoleDefinition = $Script:exportedInstances | Where-Object -FilterScript { $_.DisplayName -eq $DisplayName } } else { @@ -245,7 +257,7 @@ function Get-TargetResource $Script:PolicyAssignments = Get-MgBetaPolicyRoleManagementPolicyAssignment -Filter $allFilter -All } - $Policy = $Script:PolicyAssignments | Where-Object -FilterScript {$_.RoleDefinitionId -eq $RoleDefinition.Id} + $Policy = $Script:PolicyAssignments | Where-Object -FilterScript { $_.RoleDefinitionId -eq $RoleDefinition.Id } } catch { @@ -269,6 +281,13 @@ function Get-TargetResource $ActivationReqJustification = (($role | Where-Object { $_.Id -eq 'Enablement_EndUser_Assignment' }).AdditionalProperties.enabledRules) -contains 'Justification' $ActivationReqTicket = (($role | Where-Object { $_.Id -eq 'Enablement_EndUser_Assignment' }).AdditionalProperties.enabledRules) -contains 'Ticketing' $ActivationReqMFA = (($role | Where-Object { $_.Id -eq 'Enablement_EndUser_Assignment' }).AdditionalProperties.enabledRules) -contains 'MultiFactorAuthentication' + $AuthenticationContext = ($role | Where-Object { $_.Id -eq 'AuthenticationContext_EndUser_Assignment' }).AdditionalProperties + $AuthenticationContextRequired = $AuthenticationContext.isEnabled + if ($AuthenticationContextRequired) + { + $AuthenticationContextId = $AuthenticationContext.claimValue + $AuthenticationContextName = (Get-MgBetaIdentityConditionalAccessAuthenticationContextClassReference -AuthenticationContextClassReferenceId $AuthenticationContextId).DisplayName + } $ApprovaltoActivate = (($role | Where-Object { $_.Id -eq 'Approval_EndUser_Assignment' }).AdditionalProperties.setting.isApprovalRequired) [array]$ActivateApprovers = (($role | Where-Object { $_.Id -eq 'Approval_EndUser_Assignment' }).AdditionalProperties.setting.approvalStages.primaryApprovers) [string[]]$ActivateApprover = @() @@ -369,6 +388,9 @@ function Get-TargetResource EligibleAssignmentAssigneeNotificationDefaultRecipient = $EligibleAssignmentAssigneeNotificationDefaultRecipient EligibleAssignmentAssigneeNotificationAdditionalRecipient = [System.String[]]$EligibleAssignmentAssigneeNotificationAdditionalRecipient EligibleAssignmentAssigneeNotificationOnlyCritical = $EligibleAssignmentAssigneeNotificationOnlyCritical + AuthenticationContextRequired = $AuthenticationContextRequired + AuthenticationContextId = $AuthenticationContextId + AuthenticationContextName = $AuthenticationContextName Ensure = 'Present' ApplicationId = $ApplicationId TenantId = $TenantId @@ -557,6 +579,18 @@ function Set-TargetResource [System.Boolean] $EligibleAssignmentAssigneeNotificationOnlyCritical, + [Parameter()] + [System.Boolean] + $AuthenticationContextRequired, + + [Parameter()] + [System.String] + $AuthenticationContextId, + + [Parameter()] + [System.String] + $AuthenticationContextName, + [Parameter()] [ValidateSet('Present')] [System.String] @@ -591,6 +625,7 @@ function Set-TargetResource #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies + #$PSBoundParameters.Remove('AuthenticationContextName') | Out-Null #region Telemetry $ResourceName = $MyInvocation.MyCommand.ModuleName -replace 'MSFT_', '' @@ -1083,6 +1118,22 @@ function Set-TargetResource } } } + elseif ($role.Id -match 'AuthenticationContext_EndUser_Assignment') + { + if ($PSBoundParameters.ContainsKey('AuthenticationContextRequired') ` + -and $PSBoundParameters.ContainsKey('AuthenticationContextId')) + { + $params = @{ + '@odata.type' = $odatatype + 'id' = $role.Id + 'isEnabled' = $true + 'claimValue' = $AuthenticationContextId + target = @{ + '@odata.type' = 'microsoft.graph.unifiedRoleManagementPolicyRuleTarget' + } + } + } + } if ($params.Count -gt 0) { @@ -1269,6 +1320,18 @@ function Test-TargetResource [System.Boolean] $EligibleAssignmentAssigneeNotificationOnlyCritical, + [Parameter()] + [System.Boolean] + $AuthenticationContextRequired, + + [Parameter()] + [System.String] + $AuthenticationContextId, + + [Parameter()] + [System.String] + $AuthenticationContextName, + [Parameter()] [ValidateSet('Present')] [System.String] @@ -1316,6 +1379,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof index 9239601277..6b7e78718c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADRoleSetting/MSFT_AADRoleSetting.schema.mof @@ -41,6 +41,9 @@ class MSFT_AADRoleSetting : OMI_BaseResource [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False)")] Boolean EligibleAssignmentAssigneeNotificationDefaultRecipient; [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), additional recipient (UPN)")] String EligibleAssignmentAssigneeNotificationAdditionalRecipient[]; [Write, Description("Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False)")] Boolean EligibleAssignmentAssigneeNotificationOnlyCritical; + [Write, Description("Authorization context is required (True/False)")] Boolean AuthenticationContextRequired; + [Write, Description("Descriptive name of associated authorization context")] String AuthenticationContextName; + [Write, Description("Authorization context id")] String AuthenticationContextId; [Write, Description("Specify if the Azure AD role setting should exist or not."), ValueMap{"Present"}, Values{"Present"}] String Ensure; [Write, Description("Credentials for the Microsoft Graph delegated permissions."), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADSecurityDefaults/MSFT_AADSecurityDefaults.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADSecurityDefaults/MSFT_AADSecurityDefaults.psm1 index a1fea0964d..0094a10a24 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADSecurityDefaults/MSFT_AADSecurityDefaults.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADSecurityDefaults/MSFT_AADSecurityDefaults.psm1 @@ -253,6 +253,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 index 489a81b607..92235300ac 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADServicePrincipal/MSFT_AADServicePrincipal.psm1 @@ -603,6 +603,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/settings.json index 92e00500a2..18de6335a5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADSocialIdentityProvider/settings.json @@ -1,5 +1,5 @@ { - "resourceName": "AADAttributeSet", + "resourceName": "AADSocialIdentityProvider", "description": "Represents a group of related custom security attribute definitions.", "roles": { "read": [ diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 index 7431729c3c..b6e99e6faa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADTenantDetails/MSFT_AADTenantDetails.psm1 @@ -283,7 +283,8 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters - Write-Verbose -Message "Target-Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters $ValuesToCheck.Remove('Credential') | Out-Null diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_AADTokenLifetimePolicy/MSFT_AADTokenLifetimePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_AADTokenLifetimePolicy/MSFT_AADTokenLifetimePolicy.psm1 index fdea455788..89d4771757 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_AADTokenLifetimePolicy/MSFT_AADTokenLifetimePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_AADTokenLifetimePolicy/MSFT_AADTokenLifetimePolicy.psm1 @@ -300,6 +300,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" $ValuesToCheck = $PSBoundParameters diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.psm1 index a5a1401f1e..de086bd70f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOAcceptedDomain/MSFT_EXOAcceptedDomain.psm1 @@ -5,7 +5,7 @@ function Get-TargetResource param ( [Parameter(Mandatory = $true)] - [ValidatePattern( '(?=^.{1,254}$)(^(?:(?!\d+\.|-)[a-zA-Z0-9_\-]{1,63}(? Out-Null #region Assignments $assignmentsHash = @() @@ -737,6 +738,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Endpoint Protection Attack Surface Protection rules Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -748,75 +754,28 @@ function Test-TargetResource $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + $testResult = $true + if ($CurrentValues.Ensure -ne $Ensure) { - return $false + $testResult = $false } #region Assignments - $testResult = $true - - if ((-not $CurrentValues.Assignments) -xor (-not $ValuesToCheck.Assignments)) + if ($testResult) { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } + #endregion - if ($CurrentValues.Assignments) - { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) - { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - - if (-not $testResult) - { - $testResult = $false - break - } - - } - } - if (-not $testResult) + if ($testResult) { - return $false + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys } - $ValuesToCheck.Remove('Assignments') | Out-Null - #endregion - - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult @@ -908,6 +867,11 @@ function Export-TargetResource } $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Assignments) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/settings.json index a21e872c90..0250bfc33a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneASRRulesPolicyWindows10/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 index a6ff9a5167..9df45b323c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.psm1 @@ -130,7 +130,7 @@ function Get-TargetResource try { #Retrieve policy general settings - $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity -ErrorAction SilentlyContinue + $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity -ExpandProperty settings -ErrorAction SilentlyContinue if ($null -eq $policy) { @@ -138,28 +138,32 @@ function Get-TargetResource $policyTemplateID = 'adc46e5a-f4aa-4ff6-aeff-4f27bc525796_1' $filter = "name eq '$DisplayName' and templateReference/TemplateId eq '$policyTemplateID'" $policy = Get-MgBetaDeviceManagementConfigurationPolicy -Filter $filter -ErrorAction SilentlyContinue + + if(([array]$policy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } + if ($null -eq $policy) { Write-Verbose -Message "No Account Protection LAPS Policy {displayName: '$DisplayName'} was found" return $nullResult } + + $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $policy.Id -ExpandProperty settings -ErrorAction SilentlyContinue } $Identity = $policy.Id Write-Verbose -Message "Found Account Protection LAPS Policy {$($policy.id):$($policy.Name)}" - - #Retrieve policy specific settings - [array]$settings = Get-MgBetaDeviceManagementConfigurationPolicySetting ` - -DeviceManagementConfigurationPolicyId $Identity ` - -ErrorAction Stop + [array]$settings = $policy.settings $returnHashtable = @{} $returnHashtable.Add('Identity', $Identity) $returnHashtable.Add('DisplayName', $policy.name) $returnHashtable.Add('Description', $policy.description) - foreach ($setting in $settings.settingInstance) + foreach ($setting in $settings.SettingInstance) { $addToParameters = $true $settingName = $setting.settingDefinitionId.Split('_') | Select-Object -Last 1 @@ -226,9 +230,16 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-DeviceManagementConfigurationPolicyAssignment -DeviceManagementConfigurationPolicyId $Identity + $graphAssignments = Get-MgBetaDeviceManagementConfigurationPolicyAssignment -DeviceManagementConfigurationPolicyId $policy.Id + if ($graphAssignments.count -gt 0) + { + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) + } $returnHashtable.Add('Assignments', $returnAssignments) + Write-Verbose -Message "Found Account Protection LAPS Policy {$($policy.name)}" $returnHashtable.Add('Ensure', 'Present') @@ -249,6 +260,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -562,87 +574,32 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Account Protection LAPS Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters - + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" - $ValuesToCheck = $PSBoundParameters + $ValuesToCheck = ([hashtable]$PSBoundParameters).clone() $ValuesToCheck.Remove('Identity') | Out-Null $ValuesToCheck.Remove('Credential') | Out-Null $ValuesToCheck.Remove('ApplicationId') | Out-Null $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - $ValuesToCheck.Remove('Identity') | Out-Null - - if ($BackupDirectory -eq 0) - { - $ValuesToCheck.Remove('PasswordAgeDays_AAD') | Out-Null - $ValuesToCheck.Remove('PasswordAgeDays') | Out-Null - $ValuesToCheck.Remove('PasswordExpirationProtectionEnabled') | Out-Null - $ValuesToCheck.Remove('AdEncryptedPasswordHistorySize') | Out-Null - $ValuesToCheck.Remove('AdPasswordEncryptionEnabled') | Out-Null - $ValuesToCheck.Remove('AdPasswordEncryptionPrincipal') | Out-Null - } - elseif ($BackupDirectory -eq 1) { - $ValuesToCheck.Remove('PasswordAgeDays') | Out-Null - $ValuesToCheck.Remove('PasswordExpirationProtectionEnabled') | Out-Null - $ValuesToCheck.Remove('AdEncryptedPasswordHistorySize') | Out-Null - $ValuesToCheck.Remove('AdPasswordEncryptionEnabled') | Out-Null - $ValuesToCheck.Remove('AdPasswordEncryptionPrincipal') | Out-Null - } elseif ($BackupDirectory -eq 2) - { - $ValuesToCheck.Remove('PasswordAgeDays_AAD') | Out-Null - } $testResult = $true - if ([Array]$Assignments.count -ne $CurrentValues.Assignments.count) + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Configuration drift:Number of assignments does not match: Source=$([Array]$Assignments.count) Target=$($CurrentValues.Assignments.count)" - $testResult = $false + Write-Verbose -Message "Test-TargetResource returned $false" + return $false } - if ($testResult) - { - foreach ($assignment in $CurrentValues.Assignments) - { - if ($null -ne $Assignment) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - } - if (-not $testResult) - { - $testResult = $false - break - } - - } - - } + #Compare Cim instances + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target $ValuesToCheck.Remove('Assignments') | Out-Null if ($testResult) @@ -744,7 +701,11 @@ function Export-TargetResource } $Results = Get-TargetResource @params - + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Ensure -eq 'Present') { $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` @@ -752,7 +713,8 @@ function Export-TargetResource if ($Results.Assignments) { - $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString -ComplexObject ([Array]$Results.Assignments) -CIMInstanceName IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments + $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString -ComplexObject ([Array]$Results.Assignments) ` + -CIMInstanceName IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments if ($complexTypeStringResult) { $Results.Assignments = $complexTypeStringResult @@ -771,12 +733,7 @@ function Export-TargetResource if ($Results.Assignments) { - $isCIMArray = $false - if ($Results.Assignments.getType().Fullname -like '*[[\]]') - { - $isCIMArray = $true - } - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$isCIMArray + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/settings.json index 76338d2e0a..7f3c9f6cc3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 index 4b58e81abc..6399431955 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy.psm1 @@ -79,7 +79,7 @@ function Get-TargetResource { #Retrieve policy general settings - $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity -ErrorAction SilentlyContinue + $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity -ExpandProperty settings -ErrorAction SilentlyContinue if ($null -eq $policy) { @@ -87,18 +87,26 @@ function Get-TargetResource if (-not [String]::IsNullOrEmpty($DisplayName)) { $policy = Get-MgBetaDeviceManagementConfigurationPolicy -Filter "Name eq '$DisplayName'" -ErrorAction SilentlyContinue + + if(([array]$devicePolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } + + if ($null -eq $policy) + { + Write-Verbose -Message "No Account Protection Local User Group Membership Policy with displayName {$DisplayName} was found" + return $nullResult + } + + $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $policy.id -ExpandProperty settings -ErrorAction SilentlyContinue } } - if ($null -eq $policy) - { - Write-Verbose -Message "No Account Protection Local User Group Membership Policy with displayName {$DisplayName} was found" - return $nullResult - } + #Retrieve policy specific settings - [array]$settings = Get-MgBetaDeviceManagementConfigurationPolicySetting ` - -DeviceManagementConfigurationPolicyId $policy.Id ` - -ErrorAction Stop + $Identity = $policy.id + [array]$settings = $policy.settings $returnHashtable = @{} $returnHashtable.Add('Identity', $policy.Id) @@ -148,19 +156,14 @@ function Get-TargetResource $returnHashtable.Add('ManagedIdentity', $ManagedIdentity.IsPresent) $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementConfigurationPolicyAssignment -DeviceManagementConfigurationPolicyId $policy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementConfigurationPolicyAssignment -DeviceManagementConfigurationPolicyId $policy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $returnHashtable.Add('Assignments', $assignmentResult) + $returnHashtable.Add('Assignments', $returnAssignments) return $returnHashtable } @@ -183,6 +186,7 @@ function Get-TargetResource -Credential $Credential } + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -401,7 +405,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Account Protection Local User Group Membership Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters - + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -412,109 +420,66 @@ function Test-TargetResource $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) - { - return $false - } - - #region LocalUserGroupCollection $testResult = $true - if ((-not $CurrentValues.LocalUserGroupCollection) -xor (-not $ValuesToCheck.LocalUserGroupCollection)) + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message 'Configuration drift: one the LocalUserGroupCollection is null' - return $false + $testResult = $false } - if ($CurrentValues.LocalUserGroupCollection) + #region LocalUserGroupCollection + if ($testResult) { - if ($CurrentValues.LocalUserGroupCollection.count -ne $ValuesToCheck.LocalUserGroupCollection.count) + if ((-not $CurrentValues.LocalUserGroupCollection) -xor (-not $ValuesToCheck.LocalUserGroupCollection)) { - Write-Verbose -Message "Configuration drift: Number of LocalUserGroupCollection has changed - current {$($CurrentValues.LocalUserGroupCollection.count)} target {$($ValuesToCheck.LocalUserGroupCollection.count)}" + Write-Verbose -Message 'Configuration drift: one the LocalUserGroupCollection is null' return $false } - for ($i = 0; $i -lt $CurrentValues.LocalUserGroupCollection.count; $i++) - { - $source = $ValuesToCheck.LocalUserGroupCollection[$i] - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $CurrentValues.LocalUserGroupCollection[$i] - - if (-not $testResult) - { - $testResult = $false - break - } - } - } - if (-not $testResult) - { - return $false - } - $ValuesToCheck.Remove('LocalUserGroupCollection') | Out-Null - #endregion - - #region Assignments - if ((-not $CurrentValues.Assignments) -xor (-not $ValuesToCheck.Assignments)) - { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false - } - if ($CurrentValues.Assignments) - { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) + if ($CurrentValues.LocalUserGroupCollection) { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) + if ($CurrentValues.LocalUserGroupCollection.count -ne $ValuesToCheck.LocalUserGroupCollection.count) { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment + Write-Verbose -Message "Configuration drift: Number of LocalUserGroupCollection has changed - current {$($CurrentValues.LocalUserGroupCollection.count)} target {$($ValuesToCheck.LocalUserGroupCollection.count)}" + return $false } - #AllDevices/AllUsers assignment - else + for ($i = 0; $i -lt $CurrentValues.LocalUserGroupCollection.count; $i++) { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) + $source = $ValuesToCheck.LocalUserGroupCollection[$i] + $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source + $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $CurrentValues.LocalUserGroupCollection[$i] + + if (-not $testResult) { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" $testResult = $false break } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment } - - if (-not $testResult) - { - $testResult = $false - break - } - } + if (-not $testResult) + { + return $false + } + $ValuesToCheck.Remove('LocalUserGroupCollection') | Out-Null } - if (-not $testResult) + #endregion + + #region Assignments + if ($testResult) { - return $false + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } - $ValuesToCheck.Remove('Assignments') | Out-Null #endregion - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - + if ($testResult) + { + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult @@ -607,6 +572,11 @@ function Export-TargetResource } $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.LocalUserGroupCollection) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/settings.json index 76dcf45483..d6aeda8c71 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 index 327fc77e61..62d941924a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/MSFT_IntuneAccountProtectionPolicy.psm1 @@ -144,7 +144,7 @@ function Get-TargetResource { #Retrieve policy general settings - $policy = Get-MgBetaDeviceManagementIntent -DeviceManagementIntentId $Identity -ErrorAction SilentlyContinue + $policy = Get-MgBetaDeviceManagementIntent -DeviceManagementIntentId $Identity -ExpandProperty settings,assignments -ErrorAction SilentlyContinue if ($null -eq $policy) { @@ -153,17 +153,25 @@ function Get-TargetResource { $policy = Get-MgBetaDeviceManagementIntent -Filter "DisplayName eq '$DisplayName'" -ErrorAction SilentlyContinue } + + if ($null -eq $policy) + { + Write-Verbose -Message "No Account Protection Policy with displayName {$DisplayName} was found" + return $nullResult + } + + if(([array]$policy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } + + $policy = Get-MgBetaDeviceManagementIntent -DeviceManagementIntentId $policy.id -ExpandProperty settings,assignments -ErrorAction SilentlyContinue + } - if ($null -eq $policy) - { - Write-Verbose -Message "No Account Protection Policy with displayName {$DisplayName} was found" - return $nullResult - } - #Retrieve policy specific settings - [array]$settings = Get-MgBetaDeviceManagementIntentSetting ` - -DeviceManagementIntentId $policy.Id ` - -ErrorAction Stop + + $Identity = $policy.id + [array]$settings = $policy.settings $returnHashtable = @{} $returnHashtable.Add('Identity', $policy.Id) @@ -202,19 +210,11 @@ function Get-TargetResource $returnHashtable.Add('ManagedIdentity', $ManagedIdentity.IsPresent) $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementIntentAssignment -DeviceManagementIntentId $policy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + if ($policy.assignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment -Assignments $policy.assignments -IncludeDeviceFilter $true } - $returnHashtable.Add('Assignments', $assignmentResult) + $returnHashtable.Add('Assignments', $returnAssignments) return $returnHashtable } @@ -237,6 +237,7 @@ function Get-TargetResource -Credential $Credential } + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -443,7 +444,7 @@ function Set-TargetResource #Using Rest to reduce the number of calls $Uri = "https://graph.microsoft.com/beta/deviceManagement/intents/$($currentPolicy.Identity)/updateSettings" $body = @{'settings' = $settings } - Invoke-MgGraphRequest -Method POST -Uri $Uri -Body ($body | ConvertTo-Json -Depth 20) -ContentType 'application/json' + Invoke-MgGraphRequest -Method POST -Uri $Uri -Body ($body | ConvertTo-Json -Depth 20) -ContentType 'application/json' 4> Out-Null #region Assignments $assignmentsHash = @() @@ -598,6 +599,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Account Protection Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -610,96 +616,29 @@ function Test-TargetResource $ValuesToCheck.Remove('Identity') | Out-Null $ValuesToCheck.Remove('Verbose') | Out-Null - foreach ($key in $PSBoundParameters.Keys) { - if ($null -eq $ValuesToCheck.$key) { - $ValuesToCheck.Remove($key) | Out-Null - } - } - - if ($CurrentValues.WindowsHelloForBusinessBlocked -in @('notconfigured', 'True')) - { - $ValuesToCheck.Remove('PinMinimumLength') | Out-Null - $ValuesToCheck.Remove('PinMaximumLength') | Out-Null - $ValuesToCheck.Remove('PinLowercaseCharactersUsage') | Out-Null - $ValuesToCheck.Remove('PinUppercaseCharactersUsage') | Out-Null - $ValuesToCheck.Remove('PinSpecialCharactersUsage') | Out-Null - $ValuesToCheck.Remove('PinExpirationInDays') | Out-Null - $ValuesToCheck.Remove('PinPreviousBlockCount') | Out-Null - $ValuesToCheck.Remove('PinRecoveryEnabled') | Out-Null - $ValuesToCheck.Remove('SecurityDeviceRequired') | Out-Null - $ValuesToCheck.Remove('UnlockWithBiometricsEnabled') | Out-Null - $ValuesToCheck.Remove('EnhancedAntiSpoofingForFacialFeaturesEnabled') | Out-Null - $ValuesToCheck.Remove('UseCertificatesForOnPremisesAuthEnabled') | Out-Null - } - - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) - { - return $false - } - #region Assignments $testResult = $true - - if ((-not $CurrentValues.Assignments) -xor (-not $ValuesToCheck.Assignments)) + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false + $testResult = $false } - if ($CurrentValues.Assignments) + #region assignments + if ($testResult) { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) - { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - - if (-not $testResult) - { - $testResult = $false - break - } - - } + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } - if (-not $testResult) - { - return $false - } - $ValuesToCheck.Remove('Assignments') | Out-Null #endregion - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + if ($testResult) + { + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } Write-Verbose -Message "Test-TargetResource returned $TestResult" @@ -792,6 +731,11 @@ function Export-TargetResource } $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Assignments) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/settings.json index bdddc7e8c6..1d0cdf0573 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAccountProtectionPolicy/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 index 2659437cce..9957633591 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog.psm1 @@ -373,7 +373,7 @@ function Get-TargetResource try { #Retrieve policy general settings - $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity -ErrorAction SilentlyContinue + $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity -ExpandProperty settings -ErrorAction SilentlyContinue if ($null -eq $policy) { @@ -385,12 +385,19 @@ function Get-TargetResource Write-Verbose -Message "No policy with name {$DisplayName} was found." return $nullResult } + + if(([array]$policy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } + + $policy = Get-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $policy.id -ExpandProperty settings -ErrorAction SilentlyContinue + } #Retrieve policy specific settings - [array]$settings = Get-MgBetaDeviceManagementConfigurationPolicySetting ` - -DeviceManagementConfigurationPolicyId $policy.Id ` - -ErrorAction Stop + $Identity = $policy.id + [array]$settings = $policy.settings $returnHashtable = @{} $returnHashtable.Add('Identity', $policy.id) @@ -442,19 +449,14 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementConfigurationPolicyAssignment -DeviceManagementConfigurationPolicyId $policy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementConfigurationPolicyAssignment -DeviceManagementConfigurationPolicyId $policy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $returnHashtable.Add('Assignments', $assignmentResult) + $returnHashtable.Add('Assignments', $returnAssignments) Write-Verbose -Message "Found Endpoint Protection Policy {$($policy.name)}" @@ -476,7 +478,8 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential - return $nullResult + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult + return $nullResult } } @@ -1279,6 +1282,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Endpoint Protection Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -1286,58 +1294,22 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) - { - Write-Verbose -Message "Test-TargetResource returned $false" - return $false - } $testResult = $true - if ([Array]$Assignments.count -ne $CurrentValues.Assignments.count) + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Configuration drift:Number of assignments does not match: Source=$([Array]$Assignments.count) Target=$($CurrentValues.Assignments.count)" $testResult = $false } - if ($testResult) - { - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - if (-not $testResult) - { - $testResult = $false - break - } - - } + #region Assignments + if ($testResult) + { + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } - $ValuesToCheck.Remove('Assignments') | Out-Null + #endregion if ($testResult) { @@ -1451,6 +1423,11 @@ function Export-TargetResource } $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Ensure -eq 'Present') { @@ -1656,7 +1633,7 @@ function Update-IntuneDeviceConfigurationPolicy } $body = $policy | ConvertTo-Json -Depth 20 #write-verbose -Message $body - Invoke-MgGraphRequest -Method PUT -Uri $Uri -Body $body -ErrorAction Stop + Invoke-MgGraphRequest -Method PUT -Uri $Uri -Body $body -ErrorAction Stop 4> Out-Null } catch diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/settings.json index f00abc50c8..307c2f8403 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAntivirusPolicyWindows10SettingCatalog/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 index eab7b43d76..ec6778f1b6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/MSFT_IntuneAppConfigurationPolicy.psm1 @@ -70,9 +70,7 @@ function Get-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - $nullResult = @{ - DisplayName = $DisplayName - } + $nullResult = ([Hashtable]$PSBoundParameters).clone() $nullResult.Ensure = 'Absent' try { @@ -104,6 +102,10 @@ function Get-TargetResource Write-Verbose -Message "No App Configuration Policy with DisplayName {$DisplayName} was found" return $nullResult } + if(([array]$configPolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } Write-Verbose -Message "Found App Configuration Policy with Id {$($configPolicy.Id)} and DisplayName {$($configPolicy.DisplayName)}" @@ -122,19 +124,14 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceAppManagementTargetedManagedAppConfigurationAssignment -TargetedManagedAppConfigurationId $configPolicy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceAppManagementTargetedManagedAppConfigurationAssignment -TargetedManagedAppConfigurationId $configPolicy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $returnHashtable.Add('Assignments', $assignmentResult) + $returnHashtable.Add('Assignments', $returnAssignments) return $returnHashtable } @@ -146,6 +143,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -355,20 +353,23 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Intune App Configuration Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" + + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false } - if ($CurrentValues.Ensure -eq 'Absent' -and $PSBoundParameters.Ensure -eq 'Absent') - { - Write-Verbose -Message "Test-TargetResource returned $true" - return $true - } $testResult = $true #Compare Cim instances @@ -384,43 +385,22 @@ function Test-TargetResource -Source ($source) ` -Target ($target) - if ($key -eq "Assignments") + if ($key -eq 'Assignments') { - $testResult = $source.count -eq $target.count - if (-Not $testResult) { break } - foreach ($assignment in $source) - { - if ($assignment.dataType -like '*GroupAssignmentTarget') - { - $testResult = $null -ne ($target | Where-Object {$_.dataType -eq $assignment.DataType -and $_.groupId -eq $assignment.groupId}) - #Using assignment groupDisplayName only if the groupId is not found in the directory otherwise groupId should be the key - if (-not $testResult) - { - $groupNotFound = $null -eq (Get-MgGroup -GroupId ($assignment.groupId) -ErrorAction SilentlyContinue) - } - if (-not $testResult -and $groupNotFound) - { - $testResult = $null -ne ($target | Where-Object {$_.dataType -eq $assignment.DataType -and $_.groupDisplayName -eq $assignment.groupDisplayName}) - } - } - else - { - $testResult = $null -ne ($target | Where-Object {$_.dataType -eq $assignment.DataType}) - } - if (-Not $testResult) { break } - } - if (-Not $testResult) { break } + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } + + if (-Not $testResult) + { + $testResult = $false + break } - if (-Not $testResult) { break } $ValuesToCheck.Remove($key) | Out-Null } } - Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" - Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - - if ($TestResult) + if ($testResult) { $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` @@ -510,6 +490,12 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent } $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } + if ($Results.CustomSettings.Count -gt 0) { $Results.CustomSettings = Get-M365DSCIntuneAppConfigurationPolicyCustomSettingsAsString -Settings $Results.CustomSettings diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/settings.json index b3e924b2f7..e5bfa4dcaf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppConfigurationPolicy/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementApps.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementApps.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 index 1a04856c16..b2e0ebca32 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/MSFT_IntuneAppProtectionPolicyAndroid.psm1 @@ -345,15 +345,13 @@ function Get-TargetResource } catch { - Write-Verbose -Message "ERROR on get-targetresource for $displayName" - $nullResult.Ensure = 'ERROR' - New-M365DSCLogEntry -Message 'Error retrieving data:' ` -Exception $_ ` -Source $($MyInvocation.MyCommand.Source) ` -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -932,6 +930,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Android App Protection Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } if ($CurrentValues.Ensure -eq 'ERROR') { @@ -1107,7 +1110,12 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint ManagedIdentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/settings.json index c70b824025..10e50f1081 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyAndroid/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementApps.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementApps.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/settings.json index d2fd86113a..270c79777d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneAppProtectionPolicyiOS/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementApps.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementApps.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 index 7231018cf5..0a0a25f8d5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/MSFT_IntuneApplicationControlPolicyWindows10.psm1 @@ -84,6 +84,11 @@ function Get-TargetResource #Retrieve policy general settings $policy = Get-MgBetaDeviceManagementIntent -Filter "displayName eq '$DisplayName'" -ErrorAction Stop | Where-Object -FilterScript { $_.TemplateId -eq '63be6324-e3c9-4c97-948a-e7f4b96f0f20' } + if(([array]$policy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } + if ($null -eq $policy) { Write-Verbose -Message "No Endpoint Protection Application Control Policy {$DisplayName} was found" @@ -112,19 +117,12 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementIntentAssignment -DeviceManagementIntentId $policy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementIntentAssignment -DeviceManagementIntentId $policy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment -Assignments $graphAssignments -IncludeDeviceFilter:$true } - $returnHashtable.Add('Assignments', $assignmentResult) + $returnHashtable.Add('Assignments', $returnAssignments) return $returnHashtable } catch @@ -135,6 +133,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -375,6 +374,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Endpoint Protection Application Control Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -384,69 +388,28 @@ function Test-TargetResource $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - #region Assignments $testResult = $true - - if ((-not $CurrentValues.Assignments) -xor (-not $ValuesToCheck.Assignments)) + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false + $testResult = $false } - - if ($CurrentValues.Assignments) - { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) - { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - - if (-not $testResult) - { - $testResult = $false - break - } - } - } - if (-not $testResult) + #region Assignments + if ($TestResult) { - return $false + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } - $ValuesToCheck.Remove('Assignments') | Out-Null #endregion - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + if ($TestResult) + { + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } Write-Verbose -Message "Test-TargetResource returned $TestResult" @@ -534,7 +497,11 @@ function Export-TargetResource } $Results = Get-TargetResource @params - + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Assignments) { $complexTypeStringResult = Get-M365DSCDRGComplexTypeToString -ComplexObject ([Array]$Results.Assignments) -CIMInstanceName DeviceManagementConfigurationPolicyAssignments diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/settings.json index 6c5d9e4b38..0bd2d39195 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneApplicationControlPolicyWindows10/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 index 1c043b3278..cb05e14141 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceAndAppManagementAssignmentFilter/MSFT_IntuneDeviceAndAppManagementAssignmentFilter.psm1 @@ -314,12 +314,12 @@ function Test-TargetResource $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false } - if ($CurrentValues.Ensure -eq 'Absent' -and $PSBoundParameters.Ensure -eq 'Absent') + if ($CurrentValues.Ensure -eq 'Absent' -and $Ensure -eq 'Absent') { Write-Verbose -Message "Test-TargetResource returned $true" return $true diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 index 39d61be227..5e0f92ba7e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/MSFT_IntuneDeviceCompliancePolicyAndroid.psm1 @@ -186,6 +186,10 @@ function Get-TargetResource -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } + if(([array]$devicePolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } if ($null -eq $devicePolicy) { Write-Verbose -Message "No Android Device Compliance Policy with displayName {$DisplayName} was found" @@ -234,19 +238,14 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -258,6 +257,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -707,6 +707,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Intune Android Device Compliance Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -717,75 +722,28 @@ function Test-TargetResource $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + $testResult = $true + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Test-TargetResource returned $false" - return $false + $testResult = $false } #region Assignments - $testResult = $true - - if ((-not $CurrentValues.Assignments) -xor (-not $ValuesToCheck.Assignments)) + if ($testResult) { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } + #endregion - if ($CurrentValues.Assignments) - { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) - { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - - if (-not $testResult) - { - $testResult = $false - break - } - } - } - if (-not $testResult) + if ($testResult) { - return $false + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys } - $ValuesToCheck.Remove('Assignments') | Out-Null - #endregion - - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult @@ -869,7 +827,12 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Assignments) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/settings.json index 6ac3bd8092..6ce0bedcec 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroid/settings.json @@ -1,10 +1,13 @@ { - "resourceName": "IntuneAndroidDeviceCompliancePolicy", + "resourceName": "IntuneDeviceCompliancePolicyAndroid", "description": "This resource configures the settings of Android device compliance policies in your cloud-based organization.", "permissions": { "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 index 75d548ae46..93d9cad4ce 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner.psm1 @@ -139,7 +139,10 @@ function Get-TargetResource $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidDeviceOwnerCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - + if(([array]$devicePolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } if ($null -eq $devicePolicy) { Write-Verbose -Message "No Intune Android Device Owner Device Compliance Policy with displayName {$DisplayName} was found" @@ -176,19 +179,14 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -200,6 +198,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -558,6 +557,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Intune Android Work Profile Device Compliance Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -570,76 +574,28 @@ function Test-TargetResource $ValuesToCheck.Remove('CertificateThumbprint') | Out-Null $ValuesToCheck.Remove('ManagedIdentity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + $testResult = $true + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Test-TargetResource returned $false" - return $false + $testResult = $false } #region Assignments - $testResult = $true - - if ((-not $CurrentValues.Assignments) -xor (-not $ValuesToCheck.Assignments)) + if ($testResult) { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } + #endregion - if ($CurrentValues.Assignments) - { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) - { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - - if (-not $testResult) - { - $testResult = $false - break - } - - } - } - if (-not $testResult) + if ($testResult) { - return $false + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys } - $ValuesToCheck.Remove('Assignments') | Out-Null - #endregion - - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult @@ -725,7 +681,12 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Assignments) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/settings.json index c3b7a98d3f..d32693cec5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 index 256d43baf4..4d481a0e00 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile.psm1 @@ -175,7 +175,10 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.androidWorkProfileCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - + if(([array]$devicePolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } if ($null -eq $devicePolicy) { Write-Verbose -Message "No Intune Android Work Profile Device Compliance Policy with displayName {$DisplayName} was found" @@ -222,19 +225,14 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -246,6 +244,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -670,6 +669,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Intune Android Work Profile Device Compliance Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -680,76 +684,28 @@ function Test-TargetResource $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + $testResult = $true + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Test-TargetResource returned $false" - return $false + $testResult = $false } #region Assignments - $testResult = $true - - if ((-not $CurrentValues.Assignments) -xor (-not $ValuesToCheck.Assignments)) + if ($testResult) { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } + #endregion - if ($CurrentValues.Assignments) - { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) - { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - - if (-not $testResult) - { - $testResult = $false - break - } - - } - } - if (-not $testResult) + if ($testResult) { - return $false + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys } - $ValuesToCheck.Remove('Assignments') | Out-Null - #endregion - - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult @@ -833,7 +789,12 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.Assignments) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/settings.json index 2a9f984ec7..ab503e6e12 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 index 864a3cf2c3..51643cd0b0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/MSFT_IntuneDeviceCompliancePolicyMacOS.psm1 @@ -158,7 +158,10 @@ function Get-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.macOSCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - + if(([array]$devicePolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } if ($null -eq $devicePolicy) { Write-Verbose -Message "No MacOS Device Compliance Policy with displayName {$DisplayName} was found" @@ -200,19 +203,15 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) + return [System.Collections.Hashtable] $results } @@ -224,6 +223,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -616,6 +616,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Intune Device Compliance MacOS Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -627,76 +632,28 @@ function Test-TargetResource $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + $testResult = $true + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Test-TargetResource returned $false" - return $false + $testResult = $false } #region Assignments - $testResult = $true - - if (($null -ne $CurrentValues.Assignments) -xor ($null -ne $ValuesToCheck.Assignments)) + if ($testResult) { - Write-Verbose -Message 'Configuration drift: one the assignment is null' - return $false + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } + #endregion - if ($null -ne $CurrentValues.Assignments) - { - if ($CurrentValues.Assignments.count -ne $ValuesToCheck.Assignments.count) - { - Write-Verbose -Message "Configuration drift: Number of assignment has changed - current {$($CurrentValues.Assignments.count)} target {$($ValuesToCheck.Assignments.count)}" - return $false - } - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $sourceHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - $testResult = Compare-M365DSCComplexObject -Source $sourceHash -Target $assignment - } - - if (-not $testResult) - { - $testResult = $false - break - } - - } - } - if (-not $testResult) + if ($testResult) { - return $false + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys } - $ValuesToCheck.Remove('Assignments') | Out-Null - #endregion - - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys - Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult @@ -781,7 +738,13 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent } - $results = Get-TargetResource @params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } + if ($Results.Assignments) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/settings.json index f939681409..bd59e189c5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyMacOS/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 index 0e78c8b97a..12cf664781 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/MSFT_IntuneDeviceCompliancePolicyWindows10.psm1 @@ -200,7 +200,10 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10CompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - + if(([array]$devicePolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } if ($null -eq $devicePolicy) { Write-Verbose -Message "No Windows 10 Device Compliance Policy with displayName {$DisplayName} was found" @@ -252,9 +255,16 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $myAssignments = @() - $myAssignments += Get-M365DSCDeviceManagementPolicyAssignments -DeviceManagementPolicyId $devicePolicy.id -repository 'deviceCompliancePolicies' - $results.Add('Assignments', $myAssignments) + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + if ($graphAssignments.count -gt 0) + { + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) + } + $results.Add('Assignments', $returnAssignments) + return [System.Collections.Hashtable] $results } catch @@ -265,6 +275,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -495,16 +506,13 @@ function Set-TargetResource -AdditionalProperties $AdditionalProperties ` -ScheduledActionsForRule $scheduledActionsForRule - $assignmentsHash = @() - foreach ($assignment in $Assignments) + if ($Assignments.Count -gt 0) { - $assignmentsHash += Get-M365DSCAssignmentsAsHashtable -CIMAssignment $Assignment - + $assignmentsHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $Assignments + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + -Targets $assignmentsHash ` + -Repository 'deviceManagement/deviceCompliancePolicies' } - Update-M365DSCDeviceManagementPolicyAssignments -DeviceManagementPolicyId $policy.id ` - -Targets $assignmentsHash ` - -Repository deviceCompliancePolicies - } elseif ($Ensure -eq 'Present' -and $currentDeviceWindows10Policy.Ensure -eq 'Present') { @@ -523,15 +531,13 @@ function Set-TargetResource -Description $Description ` -DeviceCompliancePolicyId $configDevicePolicy.Id - $assignmentsHash = @() - foreach ($assignment in $Assignments) + if ($Assignments.Count -gt 0) { - $assignmentsHash += Get-M365DSCAssignmentsAsHashtable -CIMAssignment $Assignment - + $assignmentsHash = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $Assignments + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $configDevicePolicy.id ` + -Targets $assignmentsHash ` + -Repository 'deviceManagement/deviceCompliancePolicies' } - Update-M365DSCDeviceManagementPolicyAssignments -DeviceManagementPolicyId $configDevicePolicy.id ` - -Targets $assignmentsHash ` - -Repository deviceCompliancePolicies } elseif ($Ensure -eq 'Absent' -and $currentDeviceWindows10Policy.Ensure -eq 'Present') { @@ -738,6 +744,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Intune Device Compliance Windows 10 Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -748,85 +759,20 @@ function Test-TargetResource $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) - { - Write-Verbose -Message "Test-TargetResource returned $false" - return $false - } $testResult = $true - if (([Array]$Assignments).count -ne $CurrentValues.Assignments.count) + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Configuration drift:Number of assignments does not match: Source=$([Array]$Assignments.count) Target=$($CurrentValues.Assignments.count)" $testResult = $false } + #region Assignments if ($testResult) { - foreach ($assignment in $CurrentValues.Assignments) - { - #GroupId Assignment - if (-not [String]::IsNullOrEmpty($assignment.groupId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.groupId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: groupId {$($assignment.groupId)} not found" - $testResult = $false - break - } - - $CIMAssignmentAsHash = Get-M365DSCAssignmentsAsHashtable -CIMAssignment $source - } - #collectionId Assignment - elseif (-not [String]::IsNullOrEmpty($assignment.collectionId)) - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.groupId -eq $assignment.collectionId } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: collectionId {$($assignment.collectionId)} not found" - $testResult = $false - break - } - - $CIMAssignmentAsHash = Get-M365DSCAssignmentsAsHashtable -CIMAssignment $source - } - #AllDevices/AllUsers assignment - else - { - $source = [Array]$ValuesToCheck.Assignments | Where-Object -FilterScript { $_.dataType -eq $assignment.dataType } - if (-not $source) - { - Write-Verbose -Message "Configuration drift: {$($assignment.dataType)} not found" - $testResult = $false - break - } - $CIMAssignmentAsHash = Get-M365DSCAssignmentsAsHashtable -CIMAssignment $source - } - - foreach ($key in $assignment.keys) - { - $compareResult = Compare-Object ` - -ReferenceObject @($assignment[$key] | Select-Object) ` - -DifferenceObject @($CIMAssignmentAsHash[$key] | Select-Object) - - if ($null -ne $compareResult) - { - Write-Verbose -Message "Configuration drift in assignment key: $key - CurrentValue $($assignment[$key]|Out-String)" - Write-Verbose -Message "Configuration drift in assignment key: $key - TargetValue $($CIMAssignmentAsHash[$key]|Out-String)" - return $false - } - } - - if (-not $testResult) - { - $testResult = $false - break - } - - } - + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } - - $ValuesToCheck.Remove('Assignments') | Out-Null + #endregion if ($testResult) { @@ -834,7 +780,6 @@ function Test-TargetResource -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` -ValuesToCheck $ValuesToCheck.Keys - } Write-Verbose -Message "Test-TargetResource returned $TestResult" @@ -919,7 +864,13 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } + $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results @@ -1083,127 +1034,3 @@ function Get-M365DSCAssignmentsAsHashtable } return $CIMAssignmentAsHash } -function Get-M365DSCDeviceManagementPolicyAssignments -{ - [CmdletBinding()] - param ( - [Parameter(Mandatory = 'true')] - [System.String] - $DeviceManagementPolicyId, - - [Parameter()] - [ValidateSet('deviceCompliancePolicies', 'intents', 'configurationPolicies')] - [System.String] - $Repository = 'configurationPolicies' - ) - try - { - $deviceManagementPolicyAssignments = @() - - $Uri = "https://graph.microsoft.com/beta/deviceManagement/$Repository/$DeviceManagementPolicyId/assignments" - $results = Invoke-MgGraphRequest -Method GET -Uri $Uri -ErrorAction Stop - foreach ($result in $results.value.target) - { - $deviceManagementPolicyAssignments += @{ - dataType = $result.'@odata.type' - groupId = $result.groupId - collectionId = $result.collectionId - deviceAndAppManagementAssignmentFilterType = $result.deviceAndAppManagementAssignmentFilterType - deviceAndAppManagementAssignmentFilterId = $result.deviceAndAppManagementAssignmentFilterId - } - } - - while ($results.'@odata.nextLink') - { - $Uri = $results.'@odata.nextLink' - $results = Invoke-MgGraphRequest -Method GET -Uri $Uri -ErrorAction Stop - foreach ($result in $results.value.target) - { - $deviceManagementPolicyAssignments += @{ - dataType = $result.'@odata.type' - groupId = $result.groupId - collectionId = $result.collectionId - deviceAndAppManagementAssignmentFilterType = $result.deviceAndAppManagementAssignmentFilterType - deviceAndAppManagementAssignmentFilterId = $result.deviceAndAppManagementAssignmentFilterId - } - } - } - return $deviceManagementPolicyAssignments - } - catch - { - New-M365DSCLogEntry -Message 'Error retrieving data:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential - - return $null - } -} - -function Update-M365DSCDeviceManagementPolicyAssignments -{ - [CmdletBinding()] - [OutputType([System.Collections.Hashtable])] - param - ( - [Parameter(Mandatory = 'true')] - [System.String] - $DeviceManagementPolicyId, - - [Parameter()] - [Array] - $Targets, - - [Parameter()] - [ValidateSet('deviceCompliancePolicies', 'intents', 'configurationPolicies')] - [System.String] - $Repository = 'configurationPolicies' - ) - - try - { - $deviceManagementPolicyAssignments = @() - - $Uri = "https://graph.microsoft.com/beta/deviceManagement/$Repository/$DeviceManagementPolicyId/assign" - - foreach ($target in $targets) - { - $formattedTarget = @{'@odata.type' = $target.dataType } - if ($target.groupId) - { - $formattedTarget.Add('groupId', $target.groupId) - } - if ($target.collectionId) - { - $formattedTarget.Add('collectionId', $target.collectionId) - } - if ($target.deviceAndAppManagementAssignmentFilterType) - { - $formattedTarget.Add('deviceAndAppManagementAssignmentFilterType', $target.deviceAndAppManagementAssignmentFilterType) - } - if ($target.deviceAndAppManagementAssignmentFilterId) - { - $formattedTarget.Add('deviceAndAppManagementAssignmentFilterId', $target.deviceAndAppManagementAssignmentFilterId) - } - $deviceManagementPolicyAssignments += @{'target' = $formattedTarget } - } - $body = @{'assignments' = $deviceManagementPolicyAssignments } | ConvertTo-Json -Depth 20 - #write-verbose -Message $body - Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop - - } - catch - { - New-M365DSCLogEntry -Message 'Error updating data:' ` - -Exception $_ ` - -Source $($MyInvocation.MyCommand.Source) ` - -TenantId $TenantId ` - -Credential $Credential - - return $null - } -} - -Export-ModuleMember -Function *-TargetResource, * diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/settings.json index 08a66e8728..876c98b3c1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyWindows10/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 index d9fe71c7a5..e70cb3631c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/MSFT_IntuneDeviceCompliancePolicyiOs.psm1 @@ -149,7 +149,10 @@ function Get-TargetResource -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.iosCompliancePolicy' -and ` $_.displayName -eq $($DisplayName) } - + if(([array]$devicePolicy).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } if ($null -eq $devicePolicy) { Write-Verbose -Message "No iOS Device Compliance Policy with displayName {$DisplayName} was found" @@ -189,19 +192,14 @@ function Get-TargetResource } $returnAssignments = @() - $returnAssignments += Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id - $assignmentResult = @() - foreach ($assignmentEntry in $returnAssignments) + $graphAssignments = Get-MgBetaDeviceManagementDeviceCompliancePolicyAssignment -DeviceCompliancePolicyId $devicePolicy.Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.toString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -213,6 +211,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -601,6 +600,11 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Intune Device Compliance iOS Policy {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -611,46 +615,28 @@ function Test-TargetResource $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null - #region Assignments - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + $testResult = $true + if ($CurrentValues.Ensure -ne $Ensure) { - Write-Verbose -Message "Test-TargetResource returned $false" - return $false + $testResult = $false } - $testResult = $true - - #Compare Cim instances - foreach ($key in $PSBoundParameters.Keys) + #region Assignments + if ($testResult) { - $source = $PSBoundParameters.$key - $target = $CurrentValues.$key - if ($source.getType().Name -like '*CimInstance*') - { - $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $source - - $testResult = Compare-M365DSCComplexObject ` - -Source ($source) ` - -Target ($target) - - if (-Not $testResult) - { - $testResult = $false - break - } - - $ValuesToCheck.Remove($key) | Out-Null - } + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $PSBoundParameters.Assignments + $target = $CurrentValues.Assignments + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + $ValuesToCheck.Remove('Assignments') | Out-Null } #endregion if ($testResult) { - $testResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` -Source $($MyInvocation.MyCommand.Source) ` -DesiredValues $PSBoundParameters ` -ValuesToCheck $ValuesToCheck.Keys } - Write-Verbose -Message "Test-TargetResource returned $TestResult" return $TestResult @@ -734,7 +720,12 @@ function Export-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } if ($Results.RestrictedApps) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/settings.json index 40c5882040..4f70de0036 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceCompliancePolicyiOs/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 index 14affae7de..3b933592e6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.psm1 @@ -94,14 +94,19 @@ function Get-TargetResource $getValue = Get-MgBetaDeviceManagementGroupPolicyConfiguration ` -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Administrative Template Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if(([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Administrative Template Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } + $Id = $getValue.Id Write-Verbose -Message "An Intune Device Configuration Administrative Template Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName} was found." @@ -227,19 +232,15 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent #endregion } - $assignmentsValues = Get-MgBetaDeviceManagementGroupPolicyConfigurationAssignment -GroupPolicyConfigurationId $Id - $assignmentResult = @() - foreach ($assignmentEntry in $AssignmentsValues) + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementGroupPolicyConfigurationAssignment -GroupPolicyConfigurationId $Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString() - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return $results } @@ -261,6 +262,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential } + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -665,10 +667,15 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of the Intune Device Configuration Administrative Template Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -714,6 +721,11 @@ function Test-TargetResource -Source ($source) ` -Target ($target) + if ($key -eq 'Assignments') + { + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } + if (-Not $testResult) { $testResult = $false @@ -835,7 +847,12 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json index ef5aae1c68..4636671998 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10/settings.json @@ -5,7 +5,10 @@ "graph": { "delegated": { "read": [ - { + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], @@ -17,7 +20,10 @@ }, "application": { "read": [ - { + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 index e35f2b96c7..e1dedb4961 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10.psm1 @@ -96,14 +96,20 @@ function Get-TargetResource -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10CustomConfiguration" ` } + + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Custom Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if(([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Custom Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } + $Id = $getValue.Id Write-Verbose -Message "An Intune Device Configuration Custom Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName} was found." @@ -115,6 +121,7 @@ function Get-TargetResource if ($currentomaSettings.isEncrypted -eq $true) { + write-verbose ("IsEncrypted = true -- $($currentomaSettings.displayName)") $SecretReferenceValueId = $currentomaSettings.secretReferenceValueId $OmaSettingPlainTextValue = Get-OmaSettingPlainTextValue -SecretReferenceValueId $SecretReferenceValueId if (![String]::IsNullOrEmpty($OmaSettingPlainTextValue)) @@ -165,20 +172,16 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent #endregion } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id - $assignmentResult = @() - foreach ($assignmentEntry in $AssignmentsValues) + + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $(if ($null -ne $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType) - {$assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString()}) - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -190,7 +193,8 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential - return $nullResult + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult + return $nullResult } } @@ -446,9 +450,14 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of the Intune Device Configuration Custom Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -468,6 +477,10 @@ function Test-TargetResource -Source ($source) ` -Target ($target) + if ($key -eq 'Assignments') + { + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } if (-Not $testResult) { $testResult = $false @@ -587,7 +600,12 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results if ($null -ne $Results.OmaSettings) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json index a9b8d6e3a0..4f57251847 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationCustomPolicyWindows10/settings.json @@ -5,7 +5,10 @@ "graph": { "delegated": { "read": [ - { + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], @@ -16,8 +19,11 @@ ] }, "application": { - "read": [ - { + "read": [ + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 index 5607bb05f1..6ee9ab4923 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.psm1 @@ -116,14 +116,19 @@ function Get-TargetResource -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration" ` } + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if(([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } + $Id = $getValue.Id Write-Verbose -Message "An Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName} was found." @@ -148,20 +153,15 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent #endregion } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id - $assignmentResult = @() - foreach ($assignmentEntry in $AssignmentsValues) + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $(if ($null -ne $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType) - {$assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString()}) - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -173,6 +173,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -447,9 +448,14 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of the Intune Device Configuration Defender For Endpoint Onboarding Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -469,6 +475,10 @@ function Test-TargetResource -Source ($source) ` -Target ($target) + if ($key -eq 'Assignments') + { + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } if (-Not $testResult) { $testResult = $false @@ -588,7 +598,12 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results if ($Results.Assignments) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json index fa063bd0d5..1ec45e354d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10/settings.json @@ -5,7 +5,10 @@ "graph": { "delegated": { "read": [ - { + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], @@ -17,7 +20,10 @@ }, "application": { "read": [ - { + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 index 133d05a210..d5cc43d318 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.psm1 @@ -160,14 +160,20 @@ function Get-TargetResource $getValue = Get-MgBetaDeviceManagementDeviceConfiguration ` -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue + + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Delivery Optimization Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if(([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Delivery Optimization Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } + $Id = $getValue.Id Write-Verbose -Message "An Intune Device Configuration Delivery Optimization Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName} was found." @@ -288,23 +294,15 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent #endregion } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id - $assignmentResult = @() - foreach ($assignmentEntry in $AssignmentsValues) + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $(if ($null -ne $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType) - { - $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString() - }) - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) - + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } catch @@ -315,6 +313,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -681,11 +680,16 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of the Intune Device Configuration Delivery Optimization Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -705,6 +709,11 @@ function Test-TargetResource -Source ($source) ` -Target ($target) + if ($key -eq 'Assignments') + { + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } + if (-Not $testResult) { $testResult = $false @@ -819,7 +828,12 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results if ( $null -ne $Results.BandwidthMode) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/settings.json index 7a4ac875c3..ad18510898 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 index 01120c5c19..319cce264d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10.psm1 @@ -108,14 +108,19 @@ function Get-TargetResource -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windowsDomainJoinConfiguration" ` } + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Domain Join Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if(([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Domain Join Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } + $Id = $getValue.Id Write-Verbose -Message "An Intune Device Configuration Domain Join Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName} was found." @@ -138,20 +143,15 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent #endregion } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id - $assignmentResult = @() - foreach ($assignmentEntry in $AssignmentsValues) + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $(if ($null -ne $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType) - {$assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString()}) - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -163,7 +163,8 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential - return $nullResult + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult + return $nullResult } } @@ -421,9 +422,14 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of the Intune Device Configuration Domain Join Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -443,6 +449,11 @@ function Test-TargetResource -Source ($source) ` -Target ($target) + if ($key -eq 'Assignments') + { + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } + if (-Not $testResult) { $testResult = $false @@ -562,7 +573,12 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results if ($Results.Assignments) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json index 283b168e60..2ebe5a545e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10/settings.json @@ -5,7 +5,10 @@ "graph": { "delegated": { "read": [ - { + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], @@ -17,7 +20,10 @@ }, "application": { "read": [ - { + { + "name": "Group.Read.All" + }, + { "name": "DeviceManagementConfiguration.Read.All" } ], diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10.psm1 index 1666e3262e..0ae5211805 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10.psm1 @@ -10,17 +10,17 @@ function Get-TargetResource $AccountName, [Parameter()] - [ValidateSet('userDefined','oneDay','threeDays','oneWeek','twoWeeks','oneMonth','unlimited')] + [ValidateSet('userDefined', 'oneDay', 'threeDays', 'oneWeek', 'twoWeeks', 'oneMonth', 'unlimited')] [System.String] $DurationOfEmailToSync, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress')] [System.String] $EmailAddressSource, [Parameter()] - [ValidateSet('userDefined','asMessagesArrive','manual','fifteenMinutes','thirtyMinutes','sixtyMinutes','basedOnMyUsage')] + [ValidateSet('userDefined', 'asMessagesArrive', 'manual', 'fifteenMinutes', 'thirtyMinutes', 'sixtyMinutes', 'basedOnMyUsage')] [System.String] $EmailSyncSchedule, @@ -49,17 +49,17 @@ function Get-TargetResource $CustomDomainName, [Parameter()] - [ValidateSet('fullDomainName','netBiosDomainName')] + [ValidateSet('fullDomainName', 'netBiosDomainName')] [System.String] $UserDomainNameSource, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress','samAccountName')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress', 'samAccountName')] [System.String] $UsernameAADSource, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress')] [System.String] $UsernameSource, @@ -132,7 +132,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -144,16 +144,22 @@ function Get-TargetResource -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue | Where-Object ` -FilterScript { ` - $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows10EasEmailProfileConfiguration" ` - } + $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10EasEmailProfileConfiguration' ` + } + + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Email Profile Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if (([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Email Profile Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } + $Id = $getValue.Id Write-Verbose -Message "An Intune Device Configuration Email Profile Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName} was found." @@ -222,20 +228,16 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent #endregion } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id - $assignmentResult = @() - foreach ($assignmentEntry in $AssignmentsValues) + + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + if ($graphAssignments.count -gt 0) { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $(if ($null -ne $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType) - {$assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString()}) - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -247,6 +249,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -262,17 +265,17 @@ function Set-TargetResource $AccountName, [Parameter()] - [ValidateSet('userDefined','oneDay','threeDays','oneWeek','twoWeeks','oneMonth','unlimited')] + [ValidateSet('userDefined', 'oneDay', 'threeDays', 'oneWeek', 'twoWeeks', 'oneMonth', 'unlimited')] [System.String] $DurationOfEmailToSync, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress')] [System.String] $EmailAddressSource, [Parameter()] - [ValidateSet('userDefined','asMessagesArrive','manual','fifteenMinutes','thirtyMinutes','sixtyMinutes','basedOnMyUsage')] + [ValidateSet('userDefined', 'asMessagesArrive', 'manual', 'fifteenMinutes', 'thirtyMinutes', 'sixtyMinutes', 'basedOnMyUsage')] [System.String] $EmailSyncSchedule, @@ -301,17 +304,17 @@ function Set-TargetResource $CustomDomainName, [Parameter()] - [ValidateSet('fullDomainName','netBiosDomainName')] + [ValidateSet('fullDomainName', 'netBiosDomainName')] [System.String] $UserDomainNameSource, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress','samAccountName')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress', 'samAccountName')] [System.String] $UsernameAADSource, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress')] [System.String] $UsernameSource, @@ -380,7 +383,7 @@ function Set-TargetResource if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Configuration Email Profile Policy for Windows10 with DisplayName {$DisplayName}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters @@ -395,7 +398,7 @@ function Set-TargetResource } } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10EasEmailProfileConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10EasEmailProfileConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = @() foreach ($assignment in $Assignments) @@ -405,7 +408,7 @@ function Set-TargetResource if ($policy.id) { - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $policy.id ` -Targets $assignmentsHash ` -Repository 'deviceManagement/deviceConfigurations' } @@ -414,7 +417,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Present') { Write-Verbose -Message "Updating the Intune Device Configuration Email Profile Policy for Windows10 with Id {$($currentInstance.Id)}" - $BoundParameters.Remove("Assignments") | Out-Null + $BoundParameters.Remove('Assignments') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters @@ -430,7 +433,7 @@ function Set-TargetResource } } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10EasEmailProfileConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10EasEmailProfileConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -466,17 +469,17 @@ function Test-TargetResource $AccountName, [Parameter()] - [ValidateSet('userDefined','oneDay','threeDays','oneWeek','twoWeeks','oneMonth','unlimited')] + [ValidateSet('userDefined', 'oneDay', 'threeDays', 'oneWeek', 'twoWeeks', 'oneMonth', 'unlimited')] [System.String] $DurationOfEmailToSync, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress')] [System.String] $EmailAddressSource, [Parameter()] - [ValidateSet('userDefined','asMessagesArrive','manual','fifteenMinutes','thirtyMinutes','sixtyMinutes','basedOnMyUsage')] + [ValidateSet('userDefined', 'asMessagesArrive', 'manual', 'fifteenMinutes', 'thirtyMinutes', 'sixtyMinutes', 'basedOnMyUsage')] [System.String] $EmailSyncSchedule, @@ -505,17 +508,17 @@ function Test-TargetResource $CustomDomainName, [Parameter()] - [ValidateSet('fullDomainName','netBiosDomainName')] + [ValidateSet('fullDomainName', 'netBiosDomainName')] [System.String] $UserDomainNameSource, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress','samAccountName')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress', 'samAccountName')] [System.String] $UsernameAADSource, [Parameter()] - [ValidateSet('userPrincipalName','primarySmtpAddress')] + [ValidateSet('userPrincipalName', 'primarySmtpAddress')] [System.String] $UsernameSource, @@ -581,9 +584,14 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of the Intune Device Configuration Email Profile Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -603,6 +611,11 @@ function Test-TargetResource -Source ($source) ` -Target ($target) + if ($key -eq 'Assignments') + { + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } + if (-Not $testResult) { $testResult = $false @@ -689,7 +702,7 @@ function Export-TargetResource -ErrorAction Stop | Where-Object ` -FilterScript { ` $_.AdditionalProperties.'@odata.type' -eq '#microsoft.graph.windows10EasEmailProfileConfiguration' ` - } + } #endregion $i = 1 @@ -711,18 +724,23 @@ function Export-TargetResource } Write-Host " |---[$i/$($getValue.Count)] $displayedKey" -NoNewline $params = @{ - Id = $config.Id - DisplayName = $config.DisplayName - Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret + Id = $config.Id + DisplayName = $config.DisplayName + Ensure = 'Present' + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + ApplicationSecret = $ApplicationSecret CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent + Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results if ($Results.Assignments) @@ -744,7 +762,7 @@ function Export-TargetResource -Credential $Credential if ($Results.Assignments) { - $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName "Assignments" -isCIMArray:$true + $currentDSCBlock = Convert-DSCStringParamToVariable -DSCBlock $currentDSCBlock -ParameterName 'Assignments' -IsCIMArray:$true } $dscContent += $currentDSCBlock @@ -758,7 +776,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/settings.json index 2dd5dfecf6..7f59aea637 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10/settings.json @@ -1,33 +1,38 @@ { "resourceName": "IntuneDeviceConfigurationEmailProfilePolicyWindows10", "description": "This resource configures an Intune Device Configuration Email Profile Policy for Windows10.", - "permissions": { - "graph": { - "delegated": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - }, - "application": { - "read": [ - { - "name": "DeviceManagementConfiguration.Read.All" - } - ], - "update": [ - { - "name": "DeviceManagementConfiguration.ReadWrite.All" - } - ] - } - } -} - + "permissions": { + "graph": { + "delegated": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + }, + "application": { + "read": [ + { + "name": "Group.Read.All" + }, + { + "name": "DeviceManagementConfiguration.Read.All" + } + ], + "update": [ + { + "name": "DeviceManagementConfiguration.ReadWrite.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 index c9b1f664a1..c03b541bdc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.psm1 @@ -1043,7 +1043,7 @@ function Get-TargetResource $getValue = $null #region resource generator code - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $Id -ErrorAction SilentlyContinue if ($null -eq $getValue) { @@ -1054,14 +1054,19 @@ function Get-TargetResource $getValue = Get-MgBetaDeviceManagementDeviceConfiguration ` -Filter "DisplayName eq '$DisplayName'" ` -ErrorAction SilentlyContinue + if ($null -eq $getValue) + { + Write-Verbose -Message "Could not find an Intune Device Configuration Endpoint Protection Policy for Windows10 with DisplayName {$DisplayName}" + return $nullResult + } + if (([array]$getValue).count -gt 1) + { + throw "A policy with a duplicated displayName {'$DisplayName'} was found - Ensure displayName is unique" + } } } #endregion - if ($null -eq $getValue) - { - Write-Verbose -Message "Could not find an Intune Device Configuration Endpoint Protection Policy for Windows10 with DisplayName {$DisplayName}" - return $nullResult - } + $Id = $getValue.Id Write-Verbose -Message "An Intune Device Configuration Endpoint Protection Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName} was found." @@ -1300,7 +1305,7 @@ function Get-TargetResource $myfirewallRules.Add('FilePath', $currentfirewallRules.filePath) if ($null -ne $currentfirewallRules.interfaceTypes) { - $myfirewallRules.Add('InterfaceTypes', $currentfirewallRules.interfaceTypes.toString()) + $myfirewallRules.Add('InterfaceTypes', $currentfirewallRules.interfaceTypes.toString() -split ',') } $myfirewallRules.Add('LocalAddressRanges', $currentfirewallRules.localAddressRanges) $myfirewallRules.Add('LocalPortRanges', $currentfirewallRules.localPortRanges) @@ -2618,22 +2623,16 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent #endregion } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id - $assignmentResult = @() - foreach ($assignmentEntry in $AssignmentsValues) - { - $assignmentValue = @{ - dataType = $assignmentEntry.Target.AdditionalProperties.'@odata.type' - deviceAndAppManagementAssignmentFilterType = $(if ($null -ne $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType) - { - $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterType.ToString() - }) - deviceAndAppManagementAssignmentFilterId = $assignmentEntry.Target.DeviceAndAppManagementAssignmentFilterId - groupId = $assignmentEntry.Target.AdditionalProperties.groupId - } - $assignmentResult += $assignmentValue + + $returnAssignments = @() + $graphAssignments = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + if ($graphAssignments.count -gt 0) + { + $returnAssignments += ConvertFrom-IntunePolicyAssignment ` + -IncludeDeviceFilter:$true ` + -Assignments ($graphAssignments) } - $results.Add('Assignments', $assignmentResult) + $results.Add('Assignments', $returnAssignments) return [System.Collections.Hashtable] $results } @@ -2645,6 +2644,7 @@ function Get-TargetResource -TenantId $TenantId ` -Credential $Credential + $nullResult = Clear-M365DSCAuthenticationParameter -BoundParameters $nullResult return $nullResult } } @@ -3704,11 +3704,24 @@ function Set-TargetResource $CreateParameters.$key = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $CreateParameters.$key } } + if ($CreateParameters.FirewallRules.count -gt 0) + { + $intuneFirewallRules = @() + foreach ($firewallRule in $CreateParameters.FirewallRules) + { + if ($firewallRule.interfaceTypes -gt 1) + { + $firewallRule.interfaceTypes = $firewallRule.interfaceTypes -join ',' + } + $intuneFirewallRules += $firewallRule + } + $CreateParameters.FirewallRules = $intuneFirewallRules + } #region resource generator code - $CreateParameters.Add("@odata.type", "#microsoft.graph.windows10EndpointProtectionConfiguration") + $CreateParameters.Add('@odata.type', '#microsoft.graph.windows10EndpointProtectionConfiguration') $policy = New-MgBetaDeviceManagementDeviceConfiguration -BodyParameter $CreateParameters $assignmentsHash = @() - foreach($assignment in $Assignments) + foreach ($assignment in $Assignments) { $assignmentsHash += Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $Assignment } @@ -3739,8 +3752,21 @@ function Set-TargetResource $UpdateParameters.$key = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $UpdateParameters.$key } } + if ($UpdateParameters.FirewallRules.count -gt 0) + { + $intuneFirewallRules = @() + foreach ($firewallRule in $UpdateParameters.FirewallRules) + { + if ($firewallRule.interfaceTypes -gt 1) + { + $firewallRule.interfaceTypes = $firewallRule.interfaceTypes -join ',' + } + $intuneFirewallRules += $firewallRule + } + $UpdateParameters.FirewallRules = $intuneFirewallRules + } #region resource generator code - $UpdateParameters.Add("@odata.type", "#microsoft.graph.windows10EndpointProtectionConfiguration") + $UpdateParameters.Add('@odata.type', '#microsoft.graph.windows10EndpointProtectionConfiguration') Update-MgBetaDeviceManagementDeviceConfiguration ` -DeviceConfigurationId $currentInstance.Id ` -BodyParameter $UpdateParameters @@ -4801,11 +4827,16 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of the Intune Device Configuration Endpoint Protection Policy for Windows10 with Id {$Id} and DisplayName {$DisplayName}" $CurrentValues = Get-TargetResource @PSBoundParameters + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $CurrentValues)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$displayName} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$displayName} will not be processed. Refer to the event viewer logs for more information." + } $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -4825,6 +4856,11 @@ function Test-TargetResource -Source ($source) ` -Target ($target) + if ($key -eq 'Assignments') + { + $testResult = Compare-M365DSCIntunePolicyAssignment -Source $source -Target $target + } + if (-Not $testResult) { $testResult = $false @@ -4939,7 +4975,12 @@ function Export-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $Results = Get-TargetResource @Params + $Results = Get-TargetResource @params + if (-not (Test-M365DSCAuthenticationParameter -BoundParameters $Results)) + { + Write-Verbose "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed" + throw "An error occured in Get-TargetResource, the policy {$($params.displayName)} will not be processed. Refer to the event viewer logs for more information." + } $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` -Results $Results if ( $null -ne $Results.BitLockerFixedDrivePolicy) @@ -6077,7 +6118,7 @@ function Export-TargetResource catch { if ($_.Exception -like '*401*' -or $_.ErrorDetails.Message -like "*`"ErrorCode`":`"Forbidden`"*" -or ` - $_.Exception -like "*Request not applicable to target tenant*") + $_.Exception -like '*Request not applicable to target tenant*') { Write-Host "`r`n $($Global:M365DSCEmojiYellowCircle) The current tenant is not registered for Intune." } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.schema.mof index fe67f8bd62..0ddd9c37aa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.schema.mof @@ -92,7 +92,7 @@ class MSFT_MicrosoftGraphWindowsFirewallRule [Write, Description("The display name of the rule. Does not need to be unique.")] String DisplayName; [Write, Description("Indicates whether edge traversal is enabled or disabled for this rule. The EdgeTraversal setting indicates that specific inbound traffic is allowed to tunnel through NATs and other edge devices using the Teredo tunneling technology. In order for this setting to work correctly, the application or service with the inbound firewall rule needs to support IPv6. The primary application of this setting allows listeners on the host to be globally addressable through a Teredo IPv6 address. New rules have the EdgeTraversal property disabled by default. Possible values are: notConfigured, blocked, allowed."), ValueMap{"notConfigured","blocked","allowed"}, Values{"notConfigured","blocked","allowed"}] String EdgeTraversal; [Write, Description("The full file path of an app that's affected by the firewall rule.")] String FilePath; - [Write, Description("The interface types of the rule. Possible values are: notConfigured, remoteAccess, wireless, lan."), ValueMap{"notConfigured","remoteAccess","wireless","lan"}, Values{"notConfigured","remoteAccess","wireless","lan"}] String InterfaceTypes; + [Write, Description("The interface types of the rule. Possible values are: notConfigured, remoteAccess, wireless, lan."), ValueMap{"notConfigured","remoteAccess","wireless","lan"}, Values{"notConfigured","remoteAccess","wireless","lan"}] String InterfaceTypes[]; [Write, Description("List of local addresses covered by the rule. Default is any address. Valid tokens include:'' indicates any local address. If present, this must be the only token included.A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask nor a network prefix is specified, the subnet mask defaults to 255.255.255.255.A valid IPv6 address.An IPv4 address range in the format of 'start address - end address' with no spaces included.An IPv6 address range in the format of 'start address - end address' with no spaces included.")] String LocalAddressRanges[]; [Write, Description("List of local port ranges. For example, '100-120', '200', '300-320'. If not specified, the default is All.")] String LocalPortRanges[]; [Write, Description("Specifies the list of authorized local users for the app container. This is a string in Security Descriptor Definition Language (SDDL) format.")] String LocalUserAuthorizations; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/settings.json index 31fc646302..eb9da4aa9e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10/settings.json @@ -5,6 +5,9 @@ "graph": { "delegated": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } @@ -17,6 +20,9 @@ }, "application": { "read": [ + { + "name": "Group.Read.All" + }, { "name": "DeviceManagementConfiguration.Read.All" } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 index aa52b4dc14..c886eb2c47 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10/MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10.psm1 @@ -835,7 +835,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 index 6fc23087bd..d192e2d32f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10.psm1 @@ -434,7 +434,7 @@ function Test-TargetResource $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 index f35fb0a9f5..2474d0a23d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10/MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10.psm1 @@ -583,7 +583,7 @@ function Test-TargetResource $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 index 72d379fc8e..035ce4243f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10.psm1 @@ -496,7 +496,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 index e0d9994c2b..b4c49e9221 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10/MSFT_IntuneDeviceConfigurationKioskPolicyWindows10.psm1 @@ -662,7 +662,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 index 63532eaf41..1f6af40b0f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10/MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10.psm1 @@ -429,7 +429,7 @@ function Test-TargetResource $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 index 234a3116a8..4aa9f586d9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10.psm1 @@ -616,7 +616,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 index 8d468a7d9b..a81a57a2bf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator.psm1 @@ -283,7 +283,14 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + if (-not [System.String]::IsNullOrEmpty($Id)) + { + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + } + else + { + $getValue = $null + } if ($null -eq $getValue) { @@ -370,11 +377,18 @@ function Get-TargetResource } if ($null -eq $getValue) { - Write-Verbose -Message "Nothing with id {$id} was found" + if (-not [String]::IsNullOrEmpty($Id)) + { + Write-Verbose -Message "Nothing with id {$Id} was found" + } + else + { + Write-Verbose -Message "Nothing with display name {$DisplayName} was found" + } return $nullResult } - Write-Verbose -Message "Found something with id {$id}" + Write-Verbose -Message "Found something with id {$($getValue.Id)}" $results = @{ #region resource generator code @@ -440,7 +454,7 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $getValue.Id $assignmentResult = @() foreach ($assignmentEntry in $AssignmentsValues) { @@ -1141,7 +1155,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 index 5a2cace7a0..00406eddde 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner/MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner.psm1 @@ -2352,7 +2352,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 index 72f8b9ab6e..fa71122dae 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject.psm1 @@ -135,7 +135,14 @@ function Get-TargetResource $nullResult.Ensure = 'Absent' try { - $getValue = $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + if (-not [System.String]::IsNullOrEmpty($Id)) + { + $getValue = Get-MgBetaDeviceManagementDeviceConfiguration -DeviceConfigurationId $id -ErrorAction SilentlyContinue + } + else + { + $getValue = $null + } #region resource generator code if ($null -eq $getValue) @@ -149,11 +156,19 @@ function Get-TargetResource if ($null -eq $getValue) { - Write-Verbose -Message "Nothing with id {$id} was found" + if (-not [String]::IsNullOrEmpty($Id)) + { + Write-Verbose -Message "Nothing with id {$Id} was found" + } + else + { + Write-Verbose -Message "Nothing with display name {$DisplayName} was found" + } + return $nullResult } - Write-Verbose -Message "Found something with id {$id}" + Write-Verbose -Message "Found something with id {$($getValue.Id)}" $results = @{ #region resource generator code @@ -183,7 +198,7 @@ function Get-TargetResource Managedidentity = $ManagedIdentity.IsPresent } - $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $Id + $assignmentsValues = Get-MgBetaDeviceManagementDeviceConfigurationAssignment -DeviceConfigurationId $getValue.Id $assignmentResult = @() foreach ($assignmentEntry in $AssignmentsValues) { @@ -589,41 +604,26 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false } $testResult = $true + #Compare Cim instances foreach ($key in $PSBoundParameters.Keys) { - if ($PSBoundParameters[$key].getType().Name -like '*CimInstance*') + $source = $PSBoundParameters.$key + $target = $CurrentValues.$key + if ($source.getType().Name -like '*CimInstance*') { - $CIMArraySource = @() - $CIMArrayTarget = @() - $CIMArraySource += $PSBoundParameters[$key] - $CIMArrayTarget += $CurrentValues.$key - if ($CIMArraySource.count -ne $CIMArrayTarget.count) - { - Write-Verbose -Message "Configuration drift:Number of items does not match: Source=$($CIMArraySource.count) Target=$($CIMArrayTarget.count)" - $testResult = $false - break - } - $i = 0 - foreach ($item in $CIMArraySource ) - { - $testResult = Compare-M365DSCComplexObject ` - -Source (Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $CIMArraySource[$i]) ` - -Target ($CIMArrayTarget[$i]) + $source = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $source + + $testResult = Compare-M365DSCComplexObject ` + -Source ($source) ` + -Target ($target) - $i++ - if (-Not $testResult) - { - $testResult = $false - break - } - } if (-Not $testResult) { $testResult = $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 index 66ee61a4f1..6aa6accccb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile/MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile.psm1 @@ -932,7 +932,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 index 96083ba513..da7cb7aeb0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 @@ -1207,7 +1207,7 @@ function Test-TargetResource $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 index ad15fbea40..6ebc245316 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyWindows10/MSFT_IntuneDeviceConfigurationPolicyWindows10.psm1 @@ -4616,7 +4616,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 index 49a1e9470d..2beee52d22 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyiOS/MSFT_IntuneDeviceConfigurationPolicyiOS.psm1 @@ -2944,7 +2944,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 index d4e2473c17..415aee5111 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.psm1 @@ -22,7 +22,7 @@ function Get-TargetResource [Parameter()] [ValidateSet('keyEncipherment','digitalSignature')] - [System.String] + [System.String[]] $KeyUsage, [Parameter()] @@ -73,6 +73,10 @@ function Get-TargetResource [System.String] $SubjectNameFormat, + [Parameter()] + [System.String] + $RootCertificateDisplayName, + [Parameter()] [System.String] $RootCertificateId, @@ -250,12 +254,16 @@ function Get-TargetResource } #endregion + $RootCertificate = Get-DeviceConfigurationPolicyRootCertificate -DeviceConfigurationPolicyId $getValue.Id + $RootCertificateId = $RootCertificate.Id + $RootCertificateDisplayName = $RootCertificate.DisplayName + $results = @{ #region resource generator code CertificateStore = $enumCertificateStore HashAlgorithm = $enumHashAlgorithm KeySize = $enumKeySize - KeyUsage = $enumKeyUsage + KeyUsage = $enumKeyUsage.Split(',') ScepServerUrls = $getValue.AdditionalProperties.scepServerUrls SubjectAlternativeNameFormatString = $getValue.AdditionalProperties.subjectAlternativeNameFormatString SubjectNameFormatString = $getValue.AdditionalProperties.subjectNameFormatString @@ -267,7 +275,8 @@ function Get-TargetResource RenewalThresholdPercentage = $getValue.AdditionalProperties.renewalThresholdPercentage SubjectAlternativeNameType = $enumSubjectAlternativeNameType SubjectNameFormat = $enumSubjectNameFormat - RootCertificateId = Get-DeviceConfigurationPolicyRootCertificateId -DeviceConfigurationPolicyId $getValue.Id + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = $RootCertificateDisplayName Description = $getValue.Description DisplayName = $getValue.DisplayName Id = $getValue.Id @@ -332,7 +341,7 @@ function Set-TargetResource [Parameter()] [ValidateSet('keyEncipherment','digitalSignature')] - [System.String] + [System.String[]] $KeyUsage, [Parameter()] @@ -383,6 +392,10 @@ function Set-TargetResource [System.String] $SubjectNameFormat, + [Parameter()] + [System.String] + $RootCertificateDisplayName, + [Parameter()] [System.String] $RootCertificateId, @@ -460,6 +473,7 @@ function Set-TargetResource $CreateParameters = ([Hashtable]$BoundParameters).clone() $CreateParameters = Rename-M365DSCCimInstanceParameter -Properties $CreateParameters $CreateParameters.Remove('Id') | Out-Null + $CreateParameters['keyUsage'] = $CreateParameters['keyUsage'] -join ',' $keys = (([Hashtable]$CreateParameters).clone()).Keys foreach ($key in $keys) @@ -469,6 +483,38 @@ function Set-TargetResource $CreateParameters.$key = Convert-M365DSCDRGComplexTypeToHashtable -ComplexObject $CreateParameters.$key } } + + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -DeviceConfigurationId $RootCertificateId ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + + if ($null -eq $RootCertificate) + { + Write-Verbose -Message "Could not find trusted root certificate with Id {$RootCertificateId}, searching by display name {$RootCertificateDisplayName}" + + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -Filter "DisplayName eq '$RootCertificateDisplayName'" ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + $RootCertificateId = $RootCertificate.Id + + if ($null -eq $RootCertificate) + { + throw "Could not find trusted root certificate with Id {$RootCertificateId} or display name {$RootCertificateDisplayName}" + } + + Write-Verbose -Message "Found trusted root certificate with Id {$($RootCertificate.Id)} and DisplayName {$($RootCertificate.DisplayName)}" + } + else + { + Write-Verbose -Message "Found trusted root certificate with Id {$RootCertificateId}" + } + #region resource generator code $CreateParameters.Add("rootCertificate@odata.bind", "https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations('$RootCertificateId')") $CreateParameters.Add("@odata.type", "#microsoft.graph.windows81SCEPCertificateProfile") @@ -492,11 +538,13 @@ function Set-TargetResource Write-Verbose -Message "Updating the Intune Device Configuration Scep Certificate Policy for Windows10 with Id {$($currentInstance.Id)}" $BoundParameters.Remove("Assignments") | Out-Null $BoundParameters.Remove('RootCertificateId') | Out-Null + $BoundParameters.Remove('RootCertificateDisplayName') | Out-Null $UpdateParameters = ([Hashtable]$BoundParameters).clone() $UpdateParameters = Rename-M365DSCCimInstanceParameter -Properties $UpdateParameters $UpdateParameters.Remove('Id') | Out-Null + $UpdateParameters['keyUsage'] = $UpdateParameters['keyUsage'] -join ',' $keys = (([Hashtable]$UpdateParameters).clone()).Keys foreach ($key in $keys) @@ -522,6 +570,37 @@ function Set-TargetResource -Repository 'deviceManagement/deviceConfigurations' #endregion + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -DeviceConfigurationId $RootCertificateId ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + + if ($null -eq $RootCertificate) + { + Write-Verbose -Message "Could not find trusted root certificate with Id {$RootCertificateId}, searching by display name {$RootCertificateDisplayName}" + + $RootCertificate = Get-MgBetaDeviceManagementDeviceConfiguration ` + -Filter "DisplayName eq '$RootCertificateDisplayName'" ` + -ErrorAction SilentlyContinue | ` + Where-Object -FilterScript { + $_.AdditionalProperties.'@odata.type' -eq "#microsoft.graph.windows81TrustedRootCertificate" + } + $RootCertificateId = $RootCertificate.Id + + if ($null -eq $RootCertificate) + { + throw "Could not find trusted root certificate with Id {$RootCertificateId} or display name {$RootCertificateDisplayName}" + } + + Write-Verbose -Message "Found trusted root certificate with Id {$($RootCertificate.Id)} and DisplayName {$($RootCertificate.DisplayName)}" + } + else + { + Write-Verbose -Message "Found trusted root certificate with Id {$RootCertificateId}" + } + Update-DeviceConfigurationPolicyRootCertificateId ` -DeviceConfigurationPolicyId $currentInstance.id ` -RootCertificateId $RootCertificateId @@ -559,7 +638,7 @@ function Test-TargetResource [Parameter()] [ValidateSet('keyEncipherment','digitalSignature')] - [System.String] + [System.String[]] $KeyUsage, [Parameter()] @@ -610,6 +689,10 @@ function Test-TargetResource [System.String] $SubjectNameFormat, + [Parameter()] + [System.String] + $RootCertificateDisplayName, + [Parameter()] [System.String] $RootCertificateId, @@ -678,7 +761,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false @@ -713,6 +796,10 @@ function Test-TargetResource $ValuesToCheck.Remove('ApplicationId') | Out-Null $ValuesToCheck.Remove('TenantId') | Out-Null $ValuesToCheck.Remove('ApplicationSecret') | Out-Null + if ($null -ne $ValuesToCheck.RootCertificateDisplayName) + { + $ValuesToCheck.Remove('RootCertificateId') | Out-Null + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" @@ -907,7 +994,7 @@ function Export-TargetResource } } -function Get-DeviceConfigurationPolicyRootCertificateId +function Get-DeviceConfigurationPolicyRootCertificate { [CmdletBinding()] [OutputType([System.String])] @@ -920,7 +1007,7 @@ function Get-DeviceConfigurationPolicyRootCertificateId $Uri = " https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations('$DeviceConfigurationPolicyId')/microsoft.graph.windows81SCEPCertificateProfile/rootCertificate" $result = Invoke-MgGraphRequest -Method Get -Uri $Uri -ErrorAction Stop - return $result.id + return $result } function Update-DeviceConfigurationPolicyRootCertificateId diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof index a97c29ff40..90c392fbe6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10.schema.mof @@ -27,7 +27,7 @@ class MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10 : OMI_BaseRes [Write, Description("Target store certificate. Possible values are: user, machine."), ValueMap{"user","machine"}, Values{"user","machine"}] String CertificateStore; [Write, Description("SCEP Hash Algorithm. Possible values are: sha1, sha2."), ValueMap{"sha1","sha2"}, Values{"sha1","sha2"}] String HashAlgorithm; [Write, Description("SCEP Key Size. Possible values are: size1024, size2048, size4096."), ValueMap{"size1024","size2048","size4096"}, Values{"size1024","size2048","size4096"}] String KeySize; - [Write, Description("SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature."), ValueMap{"keyEncipherment","digitalSignature"}, Values{"keyEncipherment","digitalSignature"}] String KeyUsage; + [Write, Description("SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature."), ValueMap{"keyEncipherment","digitalSignature"}, Values{"keyEncipherment","digitalSignature"}] String KeyUsage[]; [Write, Description("SCEP Server Url(s).")] String ScepServerUrls[]; [Write, Description("Custom String that defines the AAD Attribute.")] String SubjectAlternativeNameFormatString; [Write, Description("Custom format to use with SubjectNameFormat = Custom. Example: CN={{UserName}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US")] String SubjectNameFormatString; @@ -39,6 +39,7 @@ class MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10 : OMI_BaseRes [Write, Description("Certificate renewal threshold percentage. Valid values 1 to 99")] UInt32 RenewalThresholdPercentage; [Write, Description("Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier."), ValueMap{"none","emailAddress","userPrincipalName","customAzureADAttribute","domainNameService","universalResourceIdentifier"}, Values{"none","emailAddress","userPrincipalName","customAzureADAttribute","domainNameService","universalResourceIdentifier"}] String SubjectAlternativeNameType; [Write, Description("Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId."), ValueMap{"commonName","commonNameIncludingEmail","commonNameAsEmail","custom","commonNameAsIMEI","commonNameAsSerialNumber","commonNameAsAadDeviceId","commonNameAsIntuneDeviceId","commonNameAsDurableDeviceId"}, Values{"commonName","commonNameIncludingEmail","commonNameAsEmail","custom","commonNameAsIMEI","commonNameAsSerialNumber","commonNameAsAadDeviceId","commonNameAsIntuneDeviceId","commonNameAsDurableDeviceId"}] String SubjectNameFormat; + [Write, Description("Trusted Root Certificate DisplayName")] String RootCertificateDisplayName; [Write, Description("Trusted Root Certificate Id")] String RootCertificateId; [Write, Description("Admin provided description of the Device Configuration.")] String Description; [Key, Description("Admin provided name of the device configuration.")] String DisplayName; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 index 5cb9cffc30..35208d9c88 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10/MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10.psm1 @@ -473,7 +473,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 index 33c280def7..1fe34dd7e8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10/MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10.psm1 @@ -698,7 +698,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 index 39ca6a3373..c236ed5dab 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10/MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10.psm1 @@ -408,7 +408,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 index 0300372ebe..c9c4b7577d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10/MSFT_IntuneDeviceConfigurationVpnPolicyWindows10.psm1 @@ -936,7 +936,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 index f2b3f6f663..6aeb9cda9a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10/MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10.psm1 @@ -659,7 +659,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 index e21c224eb0..b2b60f743c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10/MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10.psm1 @@ -828,7 +828,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 index 2b1043cca7..0c90701912 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.psm1 @@ -57,6 +57,10 @@ function Get-TargetResource [System.String[]] $SelectedMobileAppIds, + [Parameter()] + [System.String[]] + $SelectedMobileAppNames, + [Parameter()] [System.Boolean] $ShowInstallationProgress, @@ -121,9 +125,16 @@ function Get-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion + Write-Verbose -Message "Getting configuration of the Intune Device Enrollment Status Page for Windows 10 with Id {$Id} and DisplayName {$DisplayName}" + $nullResult = $PSBoundParameters $nullResult.Ensure = 'Absent' + if ($PSBoundParameters.ContainsKey('SelectedMobileAppIds') -and $PSBoundParameters.ContainsKey('SelectedMobileAppNames')) + { + Write-Verbose -Message '[WARNING] Both SelectedMobileAppIds and SelectedMobileAppNames are specified. SelectedMobileAppNames will be ignored!' + } + $getValue = $null #region resource generator code $getValue = Get-MgBetaDeviceManagementDeviceEnrollmentConfiguration -DeviceEnrollmentConfigurationId $Id -ErrorAction SilentlyContinue ` @@ -169,7 +180,7 @@ function Get-TargetResource DisableUserStatusTrackingAfterFirstUser = $getValue.AdditionalProperties.disableUserStatusTrackingAfterFirstUser InstallProgressTimeoutInMinutes = $getValue.AdditionalProperties.installProgressTimeoutInMinutes InstallQualityUpdates = $getValue.AdditionalProperties.installQualityUpdates - SelectedMobileAppIds = $getValue.AdditionalProperties.selectedMobileAppIds + SelectedMobileAppNames = $getValue.AdditionalProperties.selectedMobileAppIds | ForEach-Object { (Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $_).DisplayName } ShowInstallationProgress = $getValue.AdditionalProperties.showInstallationProgress TrackInstallProgressForAutopilotOnly = $getValue.AdditionalProperties.trackInstallProgressForAutopilotOnly Priority = $getValue.Priority @@ -177,12 +188,6 @@ function Get-TargetResource DisplayName = $getValue.DisplayName Id = $getValue.Id Ensure = 'Present' - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - ApplicationSecret = $ApplicationSecret - CertificateThumbprint = $CertificateThumbprint - Managedidentity = $ManagedIdentity.IsPresent #endregion } $assignmentsValues = Get-MgBetaDeviceManagementDeviceEnrollmentConfigurationAssignment -DeviceEnrollmentConfigurationId $Id @@ -274,6 +279,10 @@ function Set-TargetResource [System.String[]] $SelectedMobileAppIds, + [Parameter()] + [System.String[]] + $SelectedMobileAppNames, + [Parameter()] [System.Boolean] $ShowInstallationProgress, @@ -321,7 +330,6 @@ function Set-TargetResource $ManagedIdentity ) - #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -334,9 +342,26 @@ function Set-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion + Write-Verbose -Message "Setting configuration of the Intune Device Enrollment Status Page for Windows 10 with Id {$Id} and DisplayName {$DisplayName}" + $currentInstance = Get-TargetResource @PSBoundParameters $PSBoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters + if ($PSBoundParameters.ContainsKey('SelectedMobileAppIds') -eq $false -and $PSBoundParameters.ContainsKey('SelectedMobileAppNames') -eq $true) + { + Write-Verbose -Message 'Converting SelectedMobileAppNames to SelectedMobileAppIds' + if ($PSBoundParameters.SelectedMobileAppNames.Count -ne 0) + { + [Array]$mobileAppIds = $SelectedMobileAppNames | ForEach-Object { (Get-MgBetaDeviceAppManagementMobileApp -Filter "DisplayName eq '$_'").Id } + $PSBoundParameters.SelectedMobileAppIds = $mobileAppIds + } + else + { + $PSBoundParameters.SelectedMobileAppIds = @() + } + $PSBoundParameters.Remove('SelectedMobileAppNames') | Out-Null + } + if ($Ensure -eq 'Present' -and $currentInstance.Ensure -eq 'Absent') { Write-Verbose -Message "Creating an Intune Device Enrollment Configuration for Windows10 with DisplayName {$DisplayName}" @@ -417,9 +442,12 @@ function Set-TargetResource $Uri = "https://graph.microsoft.com/beta/deviceManagement/deviceEnrollmentConfigurations/$($currentInstance.Id)/assign" Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop - Update-DeviceEnrollmentConfigurationPriority ` - -DeviceEnrollmentConfigurationId $currentInstance.id ` - -Priority $Priority + if ($PSBoundParameters.ContainsKey('Priority') -and $Priority -ne $currentInstance.Priority) + { + Update-DeviceEnrollmentConfigurationPriority ` + -DeviceEnrollmentConfigurationId $currentInstance.id ` + -Priority $Priority + } } #endregion } @@ -491,6 +519,10 @@ function Test-TargetResource [System.String[]] $SelectedMobileAppIds, + [Parameter()] + [System.String[]] + $SelectedMobileAppNames, + [Parameter()] [System.Boolean] $ShowInstallationProgress, @@ -538,7 +570,6 @@ function Test-TargetResource $ManagedIdentity ) - #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -551,13 +582,22 @@ function Test-TargetResource Add-M365DSCTelemetryEvent -Data $data #endregion - Write-Verbose -Message "Testing configuration of the Intune Device Enrollment Configuration for Windows10 with Id {$Id} and DisplayName {$DisplayName}" + Write-Verbose -Message "Testing configuration of the Intune Device Enrollment Status Page for Windows 10 with Id {$Id} and DisplayName {$DisplayName}" + $CurrentValues = Get-TargetResource @PSBoundParameters + + if ($PSBoundParameters.ContainsKey('SelectedMobileAppIds') -eq $true) + { + Write-Verbose -Message 'Converting SelectedMobileAppIds to SelectedMobileAppNames' + $PSBoundParameters.SelectedMobileAppNames = $SelectedMobileAppIds | ForEach-Object { (Get-MgBetaDeviceAppManagementMobileApp -MobileAppId $_).DisplayName } + $PSBoundParameters.Remove('SelectedMobileAppIds') | Out-Null + } + $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.schema.mof index b4b6ccf761..105738c8e1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/MSFT_IntuneDeviceEnrollmentStatusPageWindows10.schema.mof @@ -24,7 +24,8 @@ class MSFT_IntuneDeviceEnrollmentStatusPageWindows10 : OMI_BaseResource [Write, Description("Only show installation progress for first user post enrollment")] Boolean DisableUserStatusTrackingAfterFirstUser; [Write, Description("Set installation progress timeout in minutes")] UInt32 InstallProgressTimeoutInMinutes; [Write, Description("Allows quality updates installation during OOBE")] Boolean InstallQualityUpdates; - [Write, Description("Selected applications to track the installation status")] String SelectedMobileAppIds[]; + [Write, Description("Ids of selected applications to track the installation status. When this parameter is used, SelectedMobileAppNames is ignored")] String SelectedMobileAppIds[]; + [Write, Description("Names of selected applications to track the installation status. This parameter is ignored when SelectedMobileAppIds is also specified")] String SelectedMobileAppNames[]; [Write, Description("Show or hide installation progress to user")] Boolean ShowInstallationProgress; [Write, Description("Only show installation progress for Autopilot enrollment scenarios")] Boolean TrackInstallProgressForAutopilotOnly; [Write, Description("Priority is used when a user exists in multiple groups that are assigned enrollment configuration. Users are subject only to the configuration with the lowest priority value.")] UInt32 Priority; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/settings.json index 12ac8a15dc..0c1c8f9933 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceEnrollmentStatusPageWindows10/settings.json @@ -10,6 +10,9 @@ }, { "name": "DeviceManagementServiceConfig.Read.All" + }, + { + "name": "DeviceManagementApps.Read.All" } ], "update": [ @@ -18,6 +21,9 @@ }, { "name": "DeviceManagementServiceConfig.ReadWrite.All" + }, + { + "name": "DeviceManagementApps.Read.All" } ] }, @@ -28,6 +34,9 @@ }, { "name": "DeviceManagementServiceConfig.Read.All" + }, + { + "name": "DeviceManagementApps.Read.All" } ], "update": [ @@ -36,6 +45,9 @@ }, { "name": "DeviceManagementServiceConfig.ReadWrite.All" + }, + { + "name": "DeviceManagementApps.Read.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 index 45cfe819b4..ed583bbf21 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog/MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog.psm1 @@ -320,8 +320,8 @@ function Set-TargetResource -TemplateReferenceId $templateReferenceId Update-IntuneDeviceConfigurationPolicy ` - -DeviceConfigurationPolicyId $Identity ` - -Name $DisplayName ` + -DeviceConfigurationPolicyId $currentPolicy.Identity ` + -Name $currentPolicy.DisplayName ` -Description $Description ` -TemplateReferenceId $templateReferenceId ` -Platforms $platforms ` @@ -334,14 +334,14 @@ function Set-TargetResource { $assignmentsHash += Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $Assignment } - Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $Identity ` + Update-DeviceConfigurationPolicyAssignment -DeviceConfigurationPolicyId $currentPolicy.Identity ` -Targets $assignmentsHash #endregion } elseif ($Ensure -eq 'Absent' -and $currentPolicy.Ensure -eq 'Present') { Write-Verbose -Message "Removing Endpoint Protection Policy {$($currentPolicy.DisplayName)}" - Remove-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $Identity + Remove-MgBetaDeviceManagementConfigurationPolicy -DeviceManagementConfigurationPolicyId $currentPolicy.Identity } } @@ -430,7 +430,7 @@ function Test-TargetResource $ValuesToCheck.Remove('ApplicationSecret') | Out-Null $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message 'The policy was not found' return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 index ac20b8c259..9f2c6aa387 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntunePolicySets/MSFT_IntunePolicySets.psm1 @@ -469,7 +469,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 index 5cd954e832..722d111606 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleAssignment/MSFT_IntuneRoleAssignment.psm1 @@ -559,7 +559,7 @@ function Test-TargetResource } $PSBoundParameters.Set_Item('ResourceScopes', $ResourceScopes) - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 index 51e23548ee..3e87bef2be 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneRoleDefinition/MSFT_IntuneRoleDefinition.psm1 @@ -403,7 +403,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 index 062a372eaf..086def7299 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10/MSFT_IntuneSettingCatalogASRRulesPolicyWindows10.psm1 @@ -717,7 +717,7 @@ function Test-TargetResource Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message 'The policy was not found' return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 index 1a6ce88633..69f04ec597 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneSettingCatalogCustomPolicyWindows10/MSFT_IntuneSettingCatalogCustomPolicyWindows10.psm1 @@ -466,7 +466,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator.psm1 index 063e280aa2..585c1dd30c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator/MSFT_IntuneWiFiConfigurationPolicyAndroidDeviceAdministrator.psm1 @@ -474,7 +474,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 index 18122fecbc..c01b75fd75 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner.psm1 @@ -565,7 +565,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 index 1c43c44ddd..6357c3d4a6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile/MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile.psm1 @@ -472,7 +472,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 index f662b18c5e..a29cf75f7b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidForWork/MSFT_IntuneWifiConfigurationPolicyAndroidForWork.psm1 @@ -471,7 +471,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 index 35f605ec13..c11943e1e1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject/MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject.psm1 @@ -497,7 +497,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 index fa1376d8fa..f6dc4837b7 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyIOS/MSFT_IntuneWifiConfigurationPolicyIOS.psm1 @@ -551,7 +551,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 index fa8ad74a13..fcb78f7663 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyMacOS/MSFT_IntuneWifiConfigurationPolicyMacOS.psm1 @@ -538,7 +538,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 index 2dc45c9668..1c9deb1ac1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWifiConfigurationPolicyWindows10/MSFT_IntuneWifiConfigurationPolicyWindows10.psm1 @@ -581,7 +581,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 index 5b4a09bf94..b0e5578743 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined.psm1 @@ -541,7 +541,7 @@ function Test-TargetResource $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 index c9ee94540c..1db14bdbcc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined/MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined.psm1 @@ -540,7 +540,7 @@ function Test-TargetResource $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck $ValuesToCheck.Remove('Id') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 index bb6d409c7a..b6c6c8b3f5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled/MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled.psm1 @@ -836,7 +836,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 index c4968c1c6f..69120608bb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10.psm1 @@ -408,7 +408,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 index d1e424eab5..b97bc96f89 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10/MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10.psm1 @@ -971,7 +971,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 index 41367ee930..2eac85fe5f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/MSFT_M365DSCRuleEvaluation.psm1 @@ -205,56 +205,128 @@ function Test-TargetResource $result = ($instances.Length - $DSCConvertedInstances.Length) -eq 0 - if (-not [System.String]::IsNullOrEmpty($AfterRuleCountQuery)) + $message = [System.Text.StringBuilder]::New() + [void]$message.AppendLine("") + [void]$message.AppendLine(" $ResourceName") + [void]$message.AppendLine(" $RuleDefinition") + + if ($instances.Length -eq 0) + { + [array]$invalidInstances = $DSCConvertedInstances.ResourceInstanceName + [void]$message.AppendLine(" ") + [void]$message.AppendLine(" ") + } + else { - Write-Verbose -Message "Checking the After Rule Count" - $afterRuleCountQueryString = "`$instances.Length $AfterRuleCountQuery" - $afterRuleCountQueryBlock = [Scriptblock]::Create($afterRuleCountQueryString) - $result = [Boolean](Invoke-Command -ScriptBlock $afterRuleCountQueryBlock) - $message = [System.Text.StringBuilder]::New() - if ($instances.Length -eq 0) + if (-not [System.String]::IsNullOrEmpty($AfterRuleCountQuery)) { - [void]$message.AppendLine("No instances were found for the given Rule Definition.") + [void]$message.AppendLine(" ") + [void]$message.AppendLine(" $AfterRuleCountQuery") + + Write-Verbose -Message "Checking the After Rule Count Query" + $afterRuleCountQueryString = "`$instances.Length $AfterRuleCountQuery" + $afterRuleCountQueryBlock = [Scriptblock]::Create($afterRuleCountQueryString) + $result = [Boolean](Invoke-Command -ScriptBlock $afterRuleCountQueryBlock) + [array]$validInstances = $instances.ResourceInstanceName + [array]$invalidInstances = $DSCConvertedInstances.ResourceInstanceName | Where-Object -FilterScript { $_ -notin $validInstances } + + if (-not $result) + { + [void]$message.AppendLine(" False") + [void]$message.AppendLine(" ") + if ($validInstances.Count -gt 0) + { + [void]$message.AppendLine(" ") + foreach ($validInstance in $validInstances) + { + [void]$message.AppendLine(" [$ResourceName]$validInstance") + } + [void]$message.AppendLine(" ") + } + else + { + [void]$message.AppendLine(" ") + } + } + else + { + [void]$message.AppendLine(" True") + [void]$message.AppendLine(" ") + [void]$message.AppendLine(" ") + foreach ($validInstance in $validInstances) + { + [void]$message.AppendLine(" [$ResourceName]$validInstance") + } + [void]$message.AppendLine(" ") + } } - elseif (-not $result) + else { - $invalidInstancesLogNames = '' - foreach ($invalidInstance in $instances) + [void]$message.AppendLine(" ") + + $compareInstances = @() + $compareInstances += Compare-Object -ReferenceObject $DSCConvertedInstances.ResourceInstanceName -DifferenceObject $instances.ResourceInstanceName -IncludeEqual + if ($compareInstances.Count -gt 0) + { + [array]$validInstances = $($compareInstances | Where-Object -FilterScript { $_.SideIndicator -eq '==' }).InputObject + [array]$invalidInstances = $($compareInstances | Where-Object -FilterScript { $_.SideIndicator -eq '<=' }).InputObject + } + else { - $invalidInstancesLogNames += "[$ResourceName]$($invalidInstance.ResourceInstanceName)`r`n" + [array]$validInstances = @() + [array]$invalidInstances = [array]$DSCConvertedInstances.ResourceInstanceName } - [void]$message.AppendLine("The following resource instance(s) failed a rule validation:`r`n$invalidInstancesLogNames") - [void]$message.AppendLine("`r`nRuleDefinition:`r`n$RuleDefinition") - [void]$message.AppendLine("`r`AfterRuleCountQuery:`r`n$AfterRuleCountQuery") - Add-M365DSCEvent -Message $message.ToString() ` - -EventType 'RuleEvaluation' ` - -EntryType 'Warning' ` - -EventID 1 -Source $CurrentResourceName + if ($validInstances.Count -gt 0) + { + [void]$message.AppendLine(" ") + foreach ($validInstance in $validInstances) + { + [void]$message.AppendLine(" [$ResourceName]$validInstance") + } + [void]$message.AppendLine(" ") + } + else + { + [void]$message.AppendLine(" ") + } } } - elseif (-not $result) + + # Log drifts for each invalid instances found. + if ($invalidInstances.Count -gt 0) { - $invalidInstances = Compare-Object -ReferenceObject $DSCConvertedInstances.ResourceInstanceName -DifferenceObject $instances.ResourceInstanceName - # Log drifts for each invalid instances found. - $invalidInstancesLogNames = '' + [void]$message.AppendLine(" ") foreach ($invalidInstance in $invalidInstances) { - $invalidInstancesLogNames += "[$ResourceName]$($invalidInstance.InputObject)`r`n" + [void]$message.AppendLine(" [$ResourceName]$invalidInstance") } + [void]$message.AppendLine(" ") + } + else + { + [void]$message.AppendLine(" ") + } + [void]$message.AppendLine("") - if (-not $result) - { - $message = [System.Text.StringBuilder]::New() - [void]$message.AppendLine("The following resource instance(s) failed a rule validation:`r`n$invalidInstancesLogNames") - [void]$message.AppendLine("`r`nRuleDefinition:`r`n$RuleDefinition") - Add-M365DSCEvent -Message $message.ToString() ` - -EventType 'RuleEvaluation' ` - -EntryType 'Warning' ` - -EventID 1 -Source $CurrentResourceName - } + $Parameters = @{ + Message = $message.ToString() + EventType = 'RuleEvaluation' + EventID = 1 + Source = $CurrentResourceName } + if (-not $result) + { + $Parameters.Add('EntryType', 'Warning') + } + else + { + $Parameters.Add('EntryType', 'Information') + } + Add-M365DSCEvent @Parameters + Write-Verbose -Message "Test-TargetResource returned $result" + return $result } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/settings.json index f62031d967..33f37bf249 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_M365DSCRuleEvaluation/settings.json @@ -1,5 +1,5 @@ { - "resourceName": "AADTenantDetails", + "resourceName": "M365DSCRuleEvaluation", "description": "This resource configures the Azure AD Tenant Details.", "roles": { "read": [], diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json index fbf73c095e..3ccc87b04c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgSettings/settings.json @@ -1,16 +1,19 @@ { - "resourceName": "O365OrgCustomizationSetting", + "resourceName": "O365OrgSettings", "description": "", "permissions": { "graph": { "delegated": { "read": [ { - "name": "Application.Read.All" + "name": "Application.ReadWrite.All" }, { "name": "ReportSettings.Read.All" }, + { + "name": "OrgSettings-Microsoft365Install.Read.All" + }, { "name": "OrgSettings-Forms.Read.All" }, @@ -31,6 +34,9 @@ { "name": "ReportSettings.ReadWrite.All" }, + { + "name": "OrgSettings-Microsoft365Install.ReadWrite.All" + }, { "name": "OrgSettings-Forms.ReadWrite.All" }, @@ -48,11 +54,14 @@ "application": { "read": [ { - "name": "Application.Read.All" + "name": "Application.ReadWrite.All" }, { "name": "ReportSettings.Read.All" }, + { + "name": "OrgSettings-Microsoft365Install.Read.All" + }, { "name": "OrgSettings-Forms.Read.All" }, @@ -77,7 +86,7 @@ "name": "ReportSettings.ReadWrite.All" }, { - "name": "83f7232f-763c-47b2-a097-e35d2cbe1da5" + "name": "OrgSettings-Microsoft365Install.ReadWrite.All" }, { "name": "OrgSettings-Forms.ReadWrite.All" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof index 206f322fa3..1794528c44 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCAutoSensitivityLabelRule/MSFT_SCAutoSensitivityLabelRule.schema.mof @@ -1,11 +1,11 @@ [ClassVersion("1.0.0")] -Class MSFT_SCHeaderPattern +class MSFT_SCHeaderPattern { [Required, Description("Name of the header pattern")] String Name; [Required, Description("Regular expressions for the pattern")] String Values[]; }; [ClassVersion("1.0.0")] -Class MSFT_SCDLPSensitiveInformation +class MSFT_SCDLPSensitiveInformation { [Required, Description("Name of the Sensitive Information Content")] String name; [Write, Description("Id of the Sensitive Information Content")] String id; @@ -16,14 +16,14 @@ Class MSFT_SCDLPSensitiveInformation [Write, Description("Maximum Count value for the Sensitive Information")] String maxcount; }; [ClassVersion("1.0.0")] -Class MSFT_SCDLPLabel +class MSFT_SCDLPLabel { [Required, Description("Name of the Sensitive Label")] String name; [Write, Description("Id of the Sensitive Information label")] String id; [Write, Description("Type of the Sensitive Information label")] String type; }; [ClassVersion("1.0.0")] -Class MSFT_SCDLPContainsSensitiveInformationGroup +class MSFT_SCDLPContainsSensitiveInformationGroup { [Write, Description("Sensitive Information Content Types"),EmbeddedInstance("MSFT_SCDLPSensitiveInformation")] String SensitiveInformation[]; [Write, Description("Sensitive Information Labels"),EmbeddedInstance("MSFT_SCDLPLabel")] String Labels[]; @@ -31,7 +31,7 @@ Class MSFT_SCDLPContainsSensitiveInformationGroup [Required, Description("Operator"),ValueMap{"And","Or"}, Values{"And","Or"}] String Operator; }; [ClassVersion("1.0.0")] -Class MSFT_SCDLPContainsSensitiveInformation +class MSFT_SCDLPContainsSensitiveInformation { [Write, Description("Sensitive Information Content Types"),EmbeddedInstance("MSFT_SCDLPSensitiveInformation")] String SensitiveInformation[]; [Write, Description("Groups of sensitive information types."),EmbeddedInstance("MSFT_SCDLPContainsSensitiveInformationGroup")] String Groups[]; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof index 28cbaae9dd..c8544dc6c8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCComplianceTag/MSFT_SCComplianceTag.schema.mof @@ -1,5 +1,5 @@ [ClassVersion("1.0.0")] -Class MSFT_SCFilePlanProperty +class MSFT_SCFilePlanProperty { [Write, Description("File plan department. Can get list by running Get-FilePlanPropertyDepartment.")] String FilePlanPropertyDepartment; [Write, Description("File plan Authority. Can get list by running Get-FilePlanPropertyAuthority.")] String FilePlanPropertyAuthority; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof index b8c38f51da..e827a0ecfa 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SCDLPComplianceRule/MSFT_SCDLPComplianceRule.schema.mof @@ -1,5 +1,5 @@ [ClassVersion("1.0.0")] -Class MSFT_SCDLPSensitiveInformation +class MSFT_SCDLPSensitiveInformation { [Required, Description("Name of the Sensitive Information Content")] String name; [Write, Description("Id of the Sensitive Information Content")] String id; @@ -10,14 +10,14 @@ Class MSFT_SCDLPSensitiveInformation [Write, Description("Maximum Count value for the Sensitive Information")] String maxcount; }; [ClassVersion("1.0.0")] -Class MSFT_SCDLPLabel +class MSFT_SCDLPLabel { [Required, Description("Name of the Sensitive Label")] String name; [Write, Description("Id of the Sensitive Information label")] String id; [Write, Description("Type of the Sensitive Information label")] String type; }; [ClassVersion("1.0.0")] -Class MSFT_SCDLPContainsSensitiveInformationGroup +class MSFT_SCDLPContainsSensitiveInformationGroup { [Write, Description("Sensitive Information Content Types"),EmbeddedInstance("MSFT_SCDLPSensitiveInformation")] String SensitiveInformation[]; [Write, Description("Sensitive Information Labels"),EmbeddedInstance("MSFT_SCDLPLabel")] String Labels[]; @@ -25,7 +25,7 @@ Class MSFT_SCDLPContainsSensitiveInformationGroup [Required, Description("Operator"),ValueMap{"And","Or"}, Values{"And","Or"}] String Operator; }; [ClassVersion("1.0.0")] -Class MSFT_SCDLPContainsSensitiveInformation +class MSFT_SCDLPContainsSensitiveInformation { [Write, Description("Sensitive Information Content Types"),EmbeddedInstance("MSFT_SCDLPSensitiveInformation")] String SensitiveInformation[]; [Write, Description("Groups of sensitive information types."),EmbeddedInstance("MSFT_SCDLPContainsSensitiveInformationGroup")] String Groups[]; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 index 8a6deac065..202a98956e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.psm1 @@ -29,14 +29,6 @@ function Get-TargetResource [System.UInt32] $IPAddressWACTokenLifetime, - [Parameter()] - [System.Boolean] - $CommentsOnSitePagesDisabled, - - [Parameter()] - [System.Boolean] - $SocialBarOnSitePagesDisabled, - [Parameter()] [System.Boolean] $DisallowInfectedFileDownload, @@ -88,7 +80,12 @@ function Get-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess', 'ProtectionLevel')] + [System.String] + $ConditionalAccessPolicy ) Write-Verbose -Message 'Getting configuration of SharePoint Online Access Control Settings' @@ -122,8 +119,6 @@ function Get-TargetResource IPAddressEnforcement = $SPOAccessControlSettings.IPAddressEnforcement IPAddressAllowList = $SPOAccessControlSettings.IPAddressAllowList IPAddressWACTokenLifetime = $SPOAccessControlSettings.IPAddressWACTokenLifetime - CommentsOnSitePagesDisabled = $SPOAccessControlSettings.CommentsOnSitePagesDisabled - SocialBarOnSitePagesDisabled = $SPOAccessControlSettings.SocialBarOnSitePagesDisabled DisallowInfectedFileDownload = $SPOAccessControlSettings.DisallowInfectedFileDownload ExternalServicesEnabled = $SPOAccessControlSettings.ExternalServicesEnabled EmailAttestationRequired = $SPOAccessControlSettings.EmailAttestationRequired @@ -137,6 +132,7 @@ function Get-TargetResource CertificateThumbprint = $CertificateThumbprint Managedidentity = $ManagedIdentity.IsPresent Ensure = 'Present' + ConditionalAccessPolicy = $SPOAccessControlSettings.ConditionalAccessPolicy } } catch @@ -186,14 +182,6 @@ function Set-TargetResource [System.UInt32] $IPAddressWACTokenLifetime, - [Parameter()] - [System.Boolean] - $CommentsOnSitePagesDisabled, - - [Parameter()] - [System.Boolean] - $SocialBarOnSitePagesDisabled, - [Parameter()] [System.Boolean] $DisallowInfectedFileDownload, @@ -245,7 +233,12 @@ function Set-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess', 'ProtectionLevel')] + [System.String] + $ConditionalAccessPolicy ) Write-Verbose -Message 'Setting configuration of SharePoint Online Access Control Settings' @@ -318,14 +311,6 @@ function Test-TargetResource [System.UInt32] $IPAddressWACTokenLifetime, - [Parameter()] - [System.Boolean] - $CommentsOnSitePagesDisabled, - - [Parameter()] - [System.Boolean] - $SocialBarOnSitePagesDisabled, - [Parameter()] [System.Boolean] $DisallowInfectedFileDownload, @@ -377,7 +362,12 @@ function Test-TargetResource [Parameter()] [Switch] - $ManagedIdentity + $ManagedIdentity, + + [Parameter()] + [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess', 'ProtectionLevel')] + [System.String] + $ConditionalAccessPolicy ) #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -408,12 +398,11 @@ function Test-TargetResource 'IPAddressEnforcement', ` 'IPAddressAllowList', ` 'IPAddressWACTokenLifetime', ` - 'CommentsOnSitePagesDisabled', ` - 'SocialBarOnSitePagesDisabled', ` 'DisallowInfectedFileDownload', ` 'ExternalServicesEnabled', ` 'EmailAttestationRequired', ` - 'EmailAttestationReAuthDays') + 'EmailAttestationReAuthDays', + 'ConditionalAccessPolicy') Write-Verbose -Message "Test-TargetResource returned $TestResult" diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof index 2d4ab4ac32..0362970f0d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOAccessControlSettings/MSFT_SPOAccessControlSettings.schema.mof @@ -7,8 +7,6 @@ class MSFT_SPOAccessControlSettings : OMI_BaseResource [Write, Description("Allows access from network locations that are defined by an administrator.")] boolean IPAddressEnforcement; [Write, Description("Configures multiple IP addresses or IP address ranges (IPv4 or IPv6). Use commas to separate multiple IP addresses or IP address ranges.")] string IPAddressAllowList; [Write, Description("Office webapps TokenLifeTime in minutes")] uint32 IPAddressWACTokenLifetime; - [Write, Description("When this feature is set to true, comments on site pages will be disabled")] boolean CommentsOnSitePagesDisabled; - [Write, Description("Disables or enables the Social Bar. It will give users the ability to like a page, see the number of views, likes, and comments on a page, and see the people who have liked a page.")] boolean SocialBarOnSitePagesDisabled; [Write, Description("Prevents the Download button from being displayed on the Virus Found warning page.")] boolean DisallowInfectedFileDownload; [Write, Description("Enables external services for a tenant. External services are defined as services that are not in the Office 365 datacenters.")] boolean ExternalServicesEnabled; [Write, Description("Sets email attestation to required")] boolean EmailAttestationRequired; @@ -22,4 +20,5 @@ class MSFT_SPOAccessControlSettings : OMI_BaseResource [Write, Description("Path to certificate used in service principal usually a PFX file.")] String CertificatePath; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; + [Write, Description("Blocks or limits access to SharePoint and OneDrive content from un-managed devices."), ValueMap{"AllowFullAccess","AllowLimitedAccess","BlockAccess","ProtectionLevel"}, Values{"AllowFullAccess","AllowLimitedAccess","BlockAccess","ProtectionLevel"}] string ConditionalAccessPolicy; }; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 index 2f2d0fbbee..3ef77434e9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.psm1 @@ -82,11 +82,6 @@ function Get-TargetResource [System.String] $MarkNewFilesSensitiveByDefault, - [Parameter()] - [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess')] - [System.String] - $ConditionalAccessPolicy, - [Parameter()] [System.Guid[]] $DisabledWebPartIds, @@ -95,6 +90,10 @@ function Get-TargetResource [System.Boolean] $IsFluidEnabled, + [Parameter()] + [System.Boolean] + $SocialBarOnSitePagesDisabled, + [Parameter()] [System.Boolean] $CommentsOnSitePagesDisabled, @@ -188,8 +187,8 @@ function Get-TargetResource HideDefaultThemes = $SPOTenantSettings.HideDefaultThemes HideSyncButtonOnTeamSite = $SPOTenantSettings.HideSyncButtonOnTeamSite MarkNewFilesSensitiveByDefault = $SPOTenantSettings.MarkNewFilesSensitiveByDefault - ConditionalAccessPolicy = $SPOTenantSettings.ConditionalAccessPolicy DisabledWebPartIds = [String[]]$SPOTenantSettings.DisabledWebPartIds + SocialBarOnSitePagesDisabled = $SPOTenantSettings.SocialBarOnSitePagesDisabled CommentsOnSitePagesDisabled = $SPOTenantSettings.CommentsOnSitePagesDisabled Credential = $Credential ApplicationId = $ApplicationId @@ -302,15 +301,14 @@ function Set-TargetResource [System.String] $MarkNewFilesSensitiveByDefault, - [Parameter()] - [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess')] - [System.String] - $ConditionalAccessPolicy, - [Parameter()] [System.Guid[]] $DisabledWebPartIds, + [Parameter()] + [System.Boolean] + $SocialBarOnSitePagesDisabled, + [Parameter()] [System.Boolean] $CommentsOnSitePagesDisabled, @@ -473,15 +471,14 @@ function Test-TargetResource [System.String] $MarkNewFilesSensitiveByDefault, - [Parameter()] - [ValidateSet('AllowFullAccess', 'AllowLimitedAccess', 'BlockAccess')] - [System.String] - $ConditionalAccessPolicy, - [Parameter()] [System.Guid[]] $DisabledWebPartIds, + [Parameter()] + [System.Boolean] + $SocialBarOnSitePagesDisabled, + [Parameter()] [System.Boolean] $CommentsOnSitePagesDisabled, @@ -562,8 +559,8 @@ function Test-TargetResource 'HideDefaultThemes', ` 'HideSyncButtonOnTeamSite', ` 'MarkNewFilesSensitiveByDefault', ` - 'ConditionalAccessPolicy', ` 'DisabledWebPartIds', ` + 'SocialBarOnSitePagesDisabled', ` 'CommentsOnSitePagesDisabled' ) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof index ef55bc0421..cb618af21c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof @@ -20,8 +20,8 @@ class MSFT_SPOTenantSettings : OMI_BaseResource [Write, Description("Defines if the default themes are visible or hidden")] boolean HideDefaultThemes; [Write, Description("To enable or disable Sync button on Team sites")] boolean HideSyncButtonOnTeamSite; [Write, Description("Allow or block external sharing until at least one Office DLP policy scans the content of the file."), ValueMap{"AllowExternalSharing","BlockExternalSharing"}, Values{"AllowExternalSharing","BlockExternalSharing"}] string MarkNewFilesSensitiveByDefault; - [Write, Description("Allow or Block Conditional Access Policy on the SharePoint Tenant"), ValueMap{"AllowFullAccess", "AllowLimitedAccess", "BlockAccess"}, Values{"AllowFullAccess", "AllowLimitedAccess", "BlockAccess"}] string ConditionalAccessPolicy; [Write, Description("Provide GUID for the Web Parts that are to be disabled on the Sharepoint Site")] string DisabledWebPartIds[]; + [Write, Description("Disables or enables the Social Bar. It will give users the ability to like a page, see the number of views, likes, and comments on a page, and see the people who have liked a page.")] boolean SocialBarOnSitePagesDisabled; [Write, Description("Set to false to enable a comment section on all site pages, users who have access to the pages can leave comments. Set to true to disable this feature.")] boolean CommentsOnSitePagesDisabled; [Write, Description("Only accepted value is 'Present'."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("Credentials of the account to authenticate with."), EmbeddedInstance("MSFT_Credential")] string Credential; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof index c7e6b7c3c2..e93badc7b0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTheme/MSFT_SPOTheme.schema.mof @@ -1,5 +1,5 @@ [ClassVersion("1.0.0")] -Class MSFT_SPOThemePaletteProperty +class MSFT_SPOThemePaletteProperty { [Write, Description("Name of the property.")] String Property; [Write, Description("Color value in Hexadecimal.")] String Value; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof index 12871174d0..eee5aa8cb4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOUserProfileProperty/MSFT_SPOUserProfileProperty.schema.mof @@ -1,5 +1,5 @@ [ClassVersion("1.0.0")] -Class MSFT_SPOUserProfilePropertyInstance +class MSFT_SPOUserProfilePropertyInstance { [Write, Description("Name of the User Profile Property.")] String Key; [Write, Description("Value of the User Profile Property.")] String Value; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/MSFT_TeamsAppPermissionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/MSFT_TeamsAppPermissionPolicy.psm1 index 2d827e4c6b..8ad284fa21 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/MSFT_TeamsAppPermissionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/MSFT_TeamsAppPermissionPolicy.psm1 @@ -360,7 +360,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json index 577d81ca16..eccfc5b5b6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppPermissionPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 index 6e99c8ba52..cbc9ad23f1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/MSFT_TeamsAppSetupPolicy.psm1 @@ -360,7 +360,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json index f358c5184a..cf65623433 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAppSetupPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/MSFT_TeamsAudioConferencingPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/MSFT_TeamsAudioConferencingPolicy.psm1 index 43a53564cd..01e0cd925e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/MSFT_TeamsAudioConferencingPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/MSFT_TeamsAudioConferencingPolicy.psm1 @@ -269,7 +269,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json index 02459e9dbb..315e33218f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsAudioConferencingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/MSFT_TeamsCallHoldPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/MSFT_TeamsCallHoldPolicy.psm1 index 1df4ef83b1..c337cb990f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/MSFT_TeamsCallHoldPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/MSFT_TeamsCallHoldPolicy.psm1 @@ -269,7 +269,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json index c0ba8680fe..0a02727b6d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallHoldPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/MSFT_TeamsCallParkPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/MSFT_TeamsCallParkPolicy.psm1 index ed6ad7db1e..c9e83bc4f1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/MSFT_TeamsCallParkPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/MSFT_TeamsCallParkPolicy.psm1 @@ -308,7 +308,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json index 6740f367ef..46844aa6e1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallParkPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 index bedf6c253f..45cb5d2119 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/MSFT_TeamsCallQueue.psm1 @@ -249,8 +249,18 @@ function Get-TargetResource $nullReturn.Ensure = 'Absent' try { - $queue = Get-CsCallQueue -NameFilter $Name ` - -ErrorAction SilentlyContinue | Where-Object -FilterScript {$_.Name -eq $Name} + if (-not $Script:ExportMode) + { + Write-Host -Message "Getting Office 365 queue $Name" + $queue = Get-CsCallQueue -NameFilter $Name ` + -ErrorAction SilentlyContinue | Where-Object -FilterScript {$_.Name -eq $Name} + } + else + { + Write-Host -Message "Retrieving queue $Name from the exported instances" + $queue = $Script:exportedInstances | Where-Object -FilterScript {$_.Name -eq $Name} + } + if ($null -eq $queue) { diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json index 64fe70d0ef..00003096ca 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallQueue/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json index 0b8110a144..8879faeb06 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCallingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.schema.mof index 62c2b473b9..4006282247 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelTab/MSFT_TeamsChannelTab.schema.mof @@ -1,16 +1,16 @@ [ClassVersion("1.0.0.0"), FriendlyName("TeamsChannelTab")] class MSFT_TeamsChannelTab : OMI_BaseResource { - [Key, Description("Display Name of the Channel Tab.")]String DisplayName; - [Key, Description("Display Name of the Team.")]String TeamName; - [Key, Description("Display Name of the Channel.")]String ChannelName; - [Write, Description("Unique Id of the Team of the instance on the source tenant.")]String TeamId; - [Write, Description("Id of the Teams App associated with the custom tab.")]String TeamsApp; - [Write, Description("Index of the sort order for the custom tab.")]UInt32 SortOrderIndex; - [Write, Description("Url of the website linked to the Channel Tab.")]String WebSiteUrl; - [Write, Description("Url of the content linked to the Channel Tab.")]String ContentUrl; - [Write, Description("Url of the location used to remove the app.")]String RemoveUrl; - [Write, Description("Id of the Entity linked to the Channel Tab.")]String EntityId; + [Key, Description("Display Name of the Channel Tab.")] String DisplayName; + [Key, Description("Display Name of the Team.")] String TeamName; + [Key, Description("Display Name of the Channel.")] String ChannelName; + [Write, Description("Unique Id of the Team of the instance on the source tenant.")] String TeamId; + [Write, Description("Id of the Teams App associated with the custom tab.")] String TeamsApp; + [Write, Description("Index of the sort order for the custom tab.")] UInt32 SortOrderIndex; + [Write, Description("Url of the website linked to the Channel Tab.")] String WebSiteUrl; + [Write, Description("Url of the content linked to the Channel Tab.")] String ContentUrl; + [Write, Description("Url of the location used to remove the app.")] String RemoveUrl; + [Write, Description("Id of the Entity linked to the Channel Tab.")] String EntityId; [Write, Description("Present ensures the Tab exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("Credentials of the Teams Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json index e03f33559c..156a518f63 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsChannelsPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json index 80fc97c6bb..b841c9e6c6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsClientConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/MSFT_TeamsComplianceRecordingPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/MSFT_TeamsComplianceRecordingPolicy.psm1 index 3cd4f041a4..48943215f6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/MSFT_TeamsComplianceRecordingPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/MSFT_TeamsComplianceRecordingPolicy.psm1 @@ -317,7 +317,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json index 93d00a00ad..24bbf15a2f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsComplianceRecordingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/MSFT_TeamsCortanaPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/MSFT_TeamsCortanaPolicy.psm1 index 9000814b1a..dee926e57f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/MSFT_TeamsCortanaPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/MSFT_TeamsCortanaPolicy.psm1 @@ -272,7 +272,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json index 5751ac389c..1e54208f4c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsCortanaPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json index f69501007c..215b531525 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsDialInConferencingTenantSettings/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallRoutingPolicy/MSFT_TeamsEmergencyCallRoutingPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallRoutingPolicy/MSFT_TeamsEmergencyCallRoutingPolicy.schema.mof index 0a7d6ed6da..5808a36d8d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallRoutingPolicy/MSFT_TeamsEmergencyCallRoutingPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallRoutingPolicy/MSFT_TeamsEmergencyCallRoutingPolicy.schema.mof @@ -1,5 +1,5 @@ [ClassVersion("1.0.0")] -Class MSFT_TeamsEmergencyNumber +class MSFT_TeamsEmergencyNumber { [Write, Description("Specifies the emergency phone number.")] String EmergencyDialString; [Write, Description("For each Teams emergency number, you can specify zero or more emergency dial masks. A dial mask is a number that you want to translate into the value of the emergency dial number value when it is dialed.")] String EmergencyDialMask; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json index db23adfa8b..a55c81a8a4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEmergencyCallingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/MSFT_TeamsEnhancedEncryptionPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/MSFT_TeamsEnhancedEncryptionPolicy.psm1 index 2fc0ef8df9..8afa511b18 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/MSFT_TeamsEnhancedEncryptionPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/MSFT_TeamsEnhancedEncryptionPolicy.psm1 @@ -282,7 +282,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json index ed291895d7..daa1172c7f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEnhancedEncryptionPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json index b8a36afd9d..052f6182a9 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsEventsPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json index d8dc2dfae9..d0337ae301 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFederationConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 index 3bd7721982..ceedd36578 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 @@ -324,7 +324,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json index 6668c9de46..4c276464d8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/MSFT_TeamsFilesPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/MSFT_TeamsFilesPolicy.psm1 index ec3d0c3539..651812f721 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/MSFT_TeamsFilesPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/MSFT_TeamsFilesPolicy.psm1 @@ -275,7 +275,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json index 8eb20a3b38..738a57bc27 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFilesPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 index 7ab2957bbc..79dde04e60 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/MSFT_TeamsGroupPolicyAssignment.psm1 @@ -384,27 +384,24 @@ function Export-TargetResource } $dscContent = [System.Text.StringBuilder]::new() $j = 1 - $totalCount = $instances.Length foreach ($item in $instances) { [array]$Group = Find-CsGroup -SearchQuery $item.GroupId -ExactMatchOnly $true - if ($null -eq $totalCount) + if ($null -eq $Group -or $null -eq $Group.DisplayName) { - $totalCount = 1 + $Message = "Group with Id {$($item.GroupId)} could not be found, skipping assignment" + Write-Host $Message + New-M365DSCLogEntry -Message "Error during Export: $Message" ` + -Source $($MyInvocation.MyCommand.Source) ` + -TenantId $TenantId ` + -Credential $Credential + + continue } - if ($totalCount -Eq 0) - { - $Message = "GPA The CSsGroup with ID {$($item.GroupId)} could not be found" - New-M365DSCLogEntry -Message $Message ` - -Source $MyInvocation.MyCommand.ModuleName - Write-Error $Message - $groupDisplayName = "" - } else { - $groupDisplayName = $Group[0].DisplayName - } - Write-Host " |---[$j/$totalCount] GroupPolicyAssignment {$($Group[0].DisplayName)}" -NoNewline + + Write-Host " |---[$j/$($instances.Length)] GroupPolicyAssignment {$($Group.DisplayName)-$($item.PolicyType)}" -NoNewline $results = @{ - GroupDisplayName = $groupDisplayName + GroupDisplayName = $Group.DisplayName GroupId = $item.GroupId PolicyType = $item.PolicyType PolicyName = $item.PolicyName diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json index 71d9d50fb6..2da9dc49bf 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGroupPolicyAssignment/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json index 902494401a..a326647bf5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestCallingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.psm1 index 60f8ca4e9b..af8fff6740 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.psm1 @@ -27,6 +27,10 @@ function Get-TargetResource [System.Boolean] $AllowMeetNow, + [Parameter()] + [System.Boolean] + $AllowTranscription, + [Parameter()] [System.Management.Automation.PSCredential] $Credential, @@ -79,6 +83,7 @@ function Get-TargetResource LiveCaptionsEnabledType = $config.LiveCaptionsEnabledType ScreenSharingMode = $config.ScreenSharingMode AllowMeetNow = $config.AllowMeetNow + AllowTranscription = $config.AllowTranscription Credential = $Credential ApplicationId = $ApplicationId TenantId = $TenantId @@ -127,6 +132,10 @@ function Set-TargetResource [System.Boolean] $AllowMeetNow, + [Parameter()] + [System.Boolean] + $AllowTranscription, + [Parameter()] [System.Management.Automation.PSCredential] $Credential, @@ -204,6 +213,10 @@ function Test-TargetResource [System.Boolean] $AllowMeetNow, + [Parameter()] + [System.Boolean] + $AllowTranscription, + [Parameter()] [System.Management.Automation.PSCredential] $Credential, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.schema.mof index 98510798c3..d5781e1917 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/MSFT_TeamsGuestMeetingConfiguration.schema.mof @@ -6,6 +6,7 @@ class MSFT_TeamsGuestMeetingConfiguration : OMI_BaseResource [Write, Description("Determines whether real-time captions are available for guests in Teams meetings."), ValueMap{"Disabled","DisabledUserOverride"}, Values{"Disabled","DisabledUserOverride"}] string LiveCaptionsEnabledType; [Write, Description("Determines the mode in which guests can share a screen in calls or meetings. Set this to SingleApplication to allow the user to share an application at a given point in time. Set this to EntireScreen to allow the user to share anything on their screens. Set this to Disabled to prohibit the user from sharing their screens."), ValueMap{"Disabled","EntireScreen","SingleApplication"}, Values{"Disabled","EntireScreen","SingleApplication"}] string ScreenSharingMode; [Write, Description("Determines whether guests can start ad-hoc meetings. Set this to TRUE to allow guests to start ad-hoc meetings. Set this to FALSE to prohibit guests from starting ad-hoc meetings.")] boolean AllowMeetNow; + [Write, Description("Determines whether guests can enable post-meeting captions and transcriptions in meetings. Set this to TRUE to allow. Set this to FALSE to prohibit.")] boolean AllowTranscription; [Write, Description("Credentials of the Teams Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com")] String TenantId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json index a93b6b9a53..74a075d298 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMeetingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json index daf2772dc1..e0fb501874 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsGuestMessagingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/MSFT_TeamsIPPhonePolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/MSFT_TeamsIPPhonePolicy.psm1 index 9171d265f6..8fc3bc586c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/MSFT_TeamsIPPhonePolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/MSFT_TeamsIPPhonePolicy.psm1 @@ -346,7 +346,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json index 60e07fed7c..f6ae4193eb 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsIPPhonePolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json index ffabcd4e7d..b34b17d280 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json index 432676cf64..2900ffb062 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingBroadcastPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json index 984857cb67..21c86a0dce 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json index 32c8428a98..6ddc930616 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMeetingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json index 5db17c3de8..cada36dde0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMessagingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.psm1 index 173998fe7f..ae8ae9056f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.psm1 @@ -304,7 +304,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json index 36a2ba660c..fdc0920ac6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.psm1 index 1bd6fdb1e2..2b20e62aa6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.psm1 @@ -282,7 +282,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json index b9f4fee0ec..0bf17bd572 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json index 7faa945073..3548e00137 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoiceUser/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json index ce987abcaf..a76fc4a517 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json index ef7c36a88d..954e881fa2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOnlineVoicemailUserSettings/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json index c98543bb2b..7e12b8b9f1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsOrgWideAppSettings/settings.json @@ -1,5 +1,5 @@ { - "resourceName": "TeamsUpgradeConfiguration", + "resourceName": "TeamsOrgWideAppSettings", "description": "", "roles": { "read": [ @@ -16,8 +16,16 @@ "update": [] }, "application": { - "read": [], - "update": [] + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [ + { + "name": "Organization.Read.All" + } + ] } } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json index 7f3188173e..a95c14abe1 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsPstnUsage/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 index ccbc63bbab..21fe23aae8 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/MSFT_TeamsShiftsPolicy.psm1 @@ -351,7 +351,7 @@ function Test-TargetResource $ValuesToCheck.Remove('Identity') | Out-Null $ValuesToCheck.Remove('EnableShiftPresence') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json index e123113879..66fb222829 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsShiftsPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 index f100145246..3e8b02e1ca 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/MSFT_TeamsTeam.psm1 @@ -15,7 +15,7 @@ function Get-TargetResource [Parameter()] [System.String] - [ValidateLength(1, 1024)] + [ValidateLength(0, 1024)] $Description, [Parameter()] @@ -178,7 +178,9 @@ function Get-TargetResource Write-Verbose -Message "Getting Team {$DisplayName} Owners" [array]$Owners = Get-TeamUser -GroupId $team.GroupId | Where-Object { $_.Role -eq 'owner' } - if ($null -eq $Owners) { # Without Users, Get-TeamUser return null instead on empty array + if ($null -eq $Owners) + { + # Without Users, Get-TeamUser return null instead on empty array $Owners = @() } @@ -252,7 +254,7 @@ function Set-TargetResource [Parameter()] [System.String] - [ValidateLength(1, 1024)] + [ValidateLength(0, 1024)] $Description, [Parameter()] @@ -426,22 +428,23 @@ function Set-TargetResource { $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftGraph' ` -InboundParameters $PSBoundParameters - $group = New-MgGroup -DisplayName $DisplayName -GroupTypes 'Unified' -MailEnabled $true -SecurityEnabled $true -MailNickname $MailNickName + $group = New-MgGroup -DisplayName $DisplayName -GroupTypes 'Unified' -MailEnabled -SecurityEnabled -MailNickname $MailNickName -ErrorAction Stop $currentOwner = (($CurrentParameters.Owner)[0]) Write-Verbose -Message "Retrieving Group Owner {$currentOwner}" - $ownerUser = Get-MgUser -Search $currentOwner + $ownerUser = Get-MgUser -Search $currentOwner -ConsistencyLevel eventual + $ownerOdataID = "https://graph.microsoft.com/v1.0/directoryObjects/$($ownerUser.Id)" - Write-Verbose -Message "Adding Owner {$($ownerUser.ObjectId)} to Group {$($group.Id)}" + Write-Verbose -Message "Adding Owner {$($ownerUser.Id)} to Group {$($group.Id)}" try { - New-MgGroupOwnerByRef -GroupId $group.Id -RefObjectId $ownerUser.ObjectId -ErrorAction Stop + New-MgGroupOwnerByRef -GroupId $group.Id -OdataId $ownerOdataID -ErrorAction Stop } catch { Write-Verbose -Message 'Adding Owner - Sleeping for 15 seconds' Start-Sleep -Seconds 15 - New-MgGroupOwnerByRef -GroupId $group.Id -RefObjectId $ownerUser.ObjectId + New-MgGroupOwnerByRef -GroupId $group.Id -OdataId $ownerOdataID -ErrorAction Stop } try @@ -452,7 +455,7 @@ function Set-TargetResource { Write-Verbose -Message 'Creating Team - Sleeping for 15 seconds' Start-Sleep -Seconds 15 - New-Team -GroupId $group.Id + New-Team -GroupId $group.Id -ErrorAction Stop } } else @@ -502,7 +505,7 @@ function Test-TargetResource [Parameter()] [System.String] - [ValidateLength(1, 1024)] + [ValidateLength(0, 1024)] $Description, [Parameter()] @@ -711,29 +714,33 @@ function Export-TargetResource Write-Host "`r`n" -NoNewline foreach ($team in $teams) { - Write-Host " |---[$i/$($teams.Length)] $($team.DisplayName)" -NoNewline - $params = @{ - DisplayName = $team.DisplayName - GroupID = $team.GroupId - Credential = $Credential - ApplicationId = $ApplicationId - TenantId = $TenantId - CertificateThumbprint = $CertificateThumbprint - ManagedIdentity = $ManagedIdentity.IsPresent + # Skip Teams without DisplayName (orphaned/deleted Teams) because the Get method cannot be called without a display name + if ($null -ne $team.DisplayName -and $team.DisplayName -ne '') + { + Write-Host " |---[$i/$($teams.Length)] $($team.DisplayName)" -NoNewline + $params = @{ + DisplayName = $team.DisplayName + GroupID = $team.GroupId + Credential = $Credential + ApplicationId = $ApplicationId + TenantId = $TenantId + CertificateThumbprint = $CertificateThumbprint + ManagedIdentity = $ManagedIdentity.IsPresent + } + $Results = Get-TargetResource @Params + $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` + -Results $Results + $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` + -ConnectionMode $ConnectionMode ` + -ModulePath $PSScriptRoot ` + -Results $Results ` + -Credential $Credential + $dscContent += $currentDSCBlock + Save-M365DSCPartialExport -Content $currentDSCBlock ` + -FileName $Global:PartialExportFileName + $i++ + Write-Host $Global:M365DSCEmojiGreenCheckMark } - $Results = Get-TargetResource @Params - $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode ` - -Results $Results - $currentDSCBlock = Get-M365DSCExportContentForResource -ResourceName $ResourceName ` - -ConnectionMode $ConnectionMode ` - -ModulePath $PSScriptRoot ` - -Results $Results ` - -Credential $Credential - $dscContent += $currentDSCBlock - Save-M365DSCPartialExport -Content $currentDSCBlock ` - -FileName $Global:PartialExportFileName - $i++ - Write-Host $Global:M365DSCEmojiGreenCheckMark } return $dscContent diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json index 00f8da9c9c..b0a859acdd 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTeam/settings.json @@ -9,23 +9,59 @@ "graph": { "delegated": { "read": [], - "update": [ + "update": [] + }, + "application": { + "read": [ { - "name": "Group.ReadWrite.All" + "name": "Organization.Read.All" }, { "name": "User.Read.All" + }, + { + "name": "Group.ReadWrite.All" + }, + { + "name": "AppCatalog.ReadWrite.All" + }, + { + "name": "TeamSettings.ReadWrite.All" + }, + { + "name": "Channel.Delete.All" + }, + { + "name": "ChannelSettings.ReadWrite.All" + }, + { + "name": "ChannelMember.ReadWrite.All" } - ] - }, - "application": { - "read": [], + ], "update": [ { - "name": "Group.ReadWrite.All" + "name": "Organization.Read.All" }, { "name": "User.Read.All" + }, + { + "name": "Group.ReadWrite.All" + }, + { + "name": "AppCatalog.ReadWrite.All" + }, + { + "name": "TeamSettings.ReadWrite.All" + }, + { + "name": "Channel.Delete.All" + }, + { + "name": "ChannelSettings.ReadWrite.All" + }, + { + "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json index 930b841931..65cd70b275 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTemplatesPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 index 3d7c71a490..6a40bf274d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.psm1 @@ -97,8 +97,6 @@ function Get-TargetResource Identity = $Identity.Replace('Tag:', '') Description = $config.Description NormalizationRules = $rules - ExternalAccessPrefix = $config.ExternalAccessPrefix - OptimizeDeviceDialing = $config.OptimizeDeviceDialing SimpleName = $config.SimpleName Credential = $Credential Ensure = 'Present' @@ -195,6 +193,19 @@ function Set-TargetResource #endregion $CurrentValues = Get-TargetResource @PSBoundParameters + $PSBoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters + if ($PSBoundParameters.ContainsKey('OptimizeDeviceDialing')) + { + $PSBoundParameters.Remove('OptimizeDeviceDialing') | Out-Null + + Write-Verbose -Message "Parameter OptimizeDeviceDialing has been deprecated and must not be used, removing it from PSBoundParameters." + } + if ($PSBoundParameters.ContainsKey('ExternalAccessPrefix')) + { + $PSBoundParameters.Remove('ExternalAccessPrefix') | Out-Null + + Write-Verbose -Message "Parameter ExternalAccessPrefix has been deprecated and must not be used, removing it from PSBoundParameters." + } if ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Absent') { @@ -215,25 +226,13 @@ function Set-TargetResource $AllRules += $ruleObject } - $NewParameters = $PSBoundParameters - $NewParameters.Remove('Credential') | Out-Null - $NewParameters.Remove('ApplicationId') | Out-Null - $NewParameters.Remove('TenantId') | Out-Null - $NewParameters.Remove('CertificateThumbprint') | Out-Null - $NewParameters.Remove('Ensure') | Out-Null - $NewParameters.Remove('ManagedIdentity') | Out-Null - $NewParameters.NormalizationRules = @{Add = $AllRules } + $PSBoundParameters.NormalizationRules = @{ Add = $AllRules } - New-CsTenantDialPlan @NewParameters + New-CsTenantDialPlan @PSBoundParameters } elseif ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Present') { Write-Verbose -Message "Tenant Dial Plan {$Identity} already exists. Updating it." - $SetParameters = $PSBoundParameters - $SetParameters.Remove('Credential') | Out-Null - $SetParameters.Remove('Ensure') | Out-Null - $SetParameters.Remove('SimpleName') | Out-Null - $SetParameters.Remove('ManagedIdentity') | Out-Null $desiredRules = @() foreach ($rule in $NormalizationRules) @@ -262,7 +261,7 @@ function Set-TargetResource -Translation $ruleToAdd.Translation ` -InMemory Write-Verbose 'VoiceNormalizationRule created' - Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{Add = $ruleObject } + Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{ Add = $ruleObject } Write-Verbose 'Updated the Tenant Dial Plan' } foreach ($ruleToRemove in $differences.RulesToRemove) @@ -277,7 +276,7 @@ function Set-TargetResource { Write-Verbose "Removing VoiceNormalizationRule {$($ruleToRemove.Identity)}" Write-Verbose 'VoiceNormalizationRule created' - Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{Remove = $ruleObject } + Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{ Remove = $ruleObject } Write-Verbose 'Updated the Tenant Dial Plan' } } @@ -292,14 +291,14 @@ function Set-TargetResource if ($null -ne $ruleObject) { Write-Verbose "Updating VoiceNormalizationRule {$($ruleToUpdate.Identity)}" - Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{Remove = $ruleObject } + Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{ Remove = $ruleObject } $ruleObject = New-CsVoiceNormalizationRule -Identity "Global/$($ruleToUpdate.Identity.Replace('Tag:', ''))" ` -Description $ruleToUpdate.Description ` -Pattern $ruleToUpdate.Pattern ` -Translation $ruleToUpdate.Translation ` -InMemory Write-Verbose 'VoiceNormalizationRule Updated' - Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{Add = $ruleObject } + Set-CsTenantDialPlan -Identity $Identity -NormalizationRules @{ Add = $ruleObject } Write-Verbose 'Updated the Tenant Dial Plan' } } @@ -307,7 +306,7 @@ function Set-TargetResource elseif ($Ensure -eq 'Absent' -and $CurrentValues.Ensure -eq 'Present') { Write-Verbose -Message "Tenant Dial Plan {$Identity} exists and shouldn't. Removing it." - Remove-CsTenantDialPlan -Identity $Identity -Confirm:$false + Remove-CsTenantDialPlan -Identity $Identity } } @@ -383,6 +382,18 @@ function Test-TargetResource Write-Verbose -Message 'Testing configuration of Teams Guest Calling' $CurrentValues = Get-TargetResource @PSBoundParameters + if ($PSBoundParameters.ContainsKey('OptimizeDeviceDialing')) + { + $PSBoundParameters.Remove('OptimizeDeviceDialing') | Out-Null + + Write-Verbose -Message "Parameter OptimizeDeviceDialing has been deprecated and must not be used, removing it from PSBoundParameters." + } + if ($PSBoundParameters.ContainsKey('ExternalAccessPrefix')) + { + $PSBoundParameters.Remove('ExternalAccessPrefix') | Out-Null + + Write-Verbose -Message "Parameter ExternalAccessPrefix has been deprecated and must not be used, removing it from PSBoundParameters." + } Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" @@ -646,20 +657,20 @@ function Get-M365DSCNormalizationRulesAsString { return $null } - $currentProperty = '@(' + $currentProperty = "@(`r`n" foreach ($rule in $params) { - $currentProperty += "MSFT_TeamsVoiceNormalizationRule{`r`n" + $currentProperty += " MSFT_TeamsVoiceNormalizationRule{`r`n" foreach ($key in $rule.Keys) { if ($key -eq 'Priority') { - $currentProperty += ' ' + $key + ' = ' + $rule[$key] + "`r`n" + $currentProperty += ' ' + $key + ' = ' + $rule[$key] + "`r`n" } elseif ($key -eq 'IsInternalExtension') { - $currentProperty += ' ' + $key + " = `$" + $rule[$key] + "`r`n" + $currentProperty += ' ' + $key + " = `$" + $rule[$key] + "`r`n" } else { @@ -668,12 +679,13 @@ function Get-M365DSCNormalizationRulesAsString { $value = $value.Replace("'", "''") } - $currentProperty += ' ' + $key + " = '" + $value + "'`r`n" + $currentProperty += ' ' + $key + " = '" + $value + "'`r`n" } } - $currentProperty += ' }' + $currentProperty += " }`r`n" } - $currentProperty += ')' + $currentProperty += ' )' + return $currentProperty } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.schema.mof index ced75f065d..94c3b028e5 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/MSFT_TeamsTenantDialPlan.schema.mof @@ -1,5 +1,5 @@ [ClassVersion("1.0.0")] -Class MSFT_TeamsVoiceNormalizationRule +class MSFT_TeamsVoiceNormalizationRule { [Write, Description("A unique identifier for the rule. The Identity specified must include the scope followed by a slash and then the name; for example: site:Redmond/Rule1, where site:Redmond is the scope and Rule1 is the name. The name portion will automatically be stored in the Name property. You cannot specify values for Identity and Name in the same command.")] String Identity; [Write, Description("The order in which rules are applied. A phone number might match more than one rule. This parameter sets the order in which the rules are tested against the number.")] UInt32 Priority; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json index 97e8cd9738..7cd9f6f960 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantDialPlan/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/MSFT_TeamsTenantNetworkRegion.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/MSFT_TeamsTenantNetworkRegion.psm1 index 5a540e70a8..e9e8b34834 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/MSFT_TeamsTenantNetworkRegion.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/MSFT_TeamsTenantNetworkRegion.psm1 @@ -269,7 +269,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json index a15ecdb7ee..73ceee74ee 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkRegion/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/MSFT_TeamsTenantNetworkSite.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/MSFT_TeamsTenantNetworkSite.psm1 index 19ae116587..9613fc5995 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/MSFT_TeamsTenantNetworkSite.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/MSFT_TeamsTenantNetworkSite.psm1 @@ -347,7 +347,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json index 5744117c04..9964a6c676 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSite/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/MSFT_TeamsTenantNetworkSubnet.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/MSFT_TeamsTenantNetworkSubnet.psm1 index aad8b6b03f..504a3e3e60 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/MSFT_TeamsTenantNetworkSubnet.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/MSFT_TeamsTenantNetworkSubnet.psm1 @@ -282,7 +282,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json index 91cd91a901..6e5f9a2ed3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantNetworkSubnet/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/MSFT_TeamsTenantTrustedIPAddress.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/MSFT_TeamsTenantTrustedIPAddress.psm1 index 17a6d293e3..c9cbf4195b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/MSFT_TeamsTenantTrustedIPAddress.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/MSFT_TeamsTenantTrustedIPAddress.psm1 @@ -271,7 +271,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json index 3e5b195cdd..1ff8eda6ba 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTenantTrustedIPAddress/settings.json @@ -9,5 +9,24 @@ "Teams Administrator" ] }, - "permissions": [] + "permissions": { + "graph": { + "delegated": { + "read": [], + "update": [] + }, + "application": { + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [ + { + "name": "Organization.Read.All" + } + ] + } + } + } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/MSFT_TeamsTranslationRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/MSFT_TeamsTranslationRule.psm1 index d1766a867f..13af6a3230 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/MSFT_TeamsTranslationRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/MSFT_TeamsTranslationRule.psm1 @@ -282,7 +282,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json index 9f39a6b7d4..81b9cc1e06 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsTranslationRule/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/MSFT_TeamsUnassignedNumberTreatment.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/MSFT_TeamsUnassignedNumberTreatment.psm1 index 80356fbeaf..03714aa3d3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/MSFT_TeamsUnassignedNumberTreatment.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/MSFT_TeamsUnassignedNumberTreatment.psm1 @@ -311,7 +311,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json index dd94199bdc..8dd2e125fe 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUnassignedNumberTreatment/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json index a2492103b3..1d93d16c77 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpdateManagementPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json index 5e06cb2af3..8f51aaedff 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradeConfiguration/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json index 3183036251..168d5f2898 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUpgradePolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json index 5f96938eab..316f1aabb6 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserCallingSettings/settings.json @@ -16,8 +16,16 @@ "update": [] }, "application": { - "read": [], - "update": [] + "read": [ + { + "name": "Organization.Read.All" + } + ], + "update": [ + { + "name": "Organization.Read.All" + } + ] } } } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json index 8dc4e8a2fa..a401206d90 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsUserPolicyAssignment/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/MSFT_TeamsVdiPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/MSFT_TeamsVdiPolicy.psm1 index 1fc10c12d8..8ab19dcffc 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/MSFT_TeamsVdiPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/MSFT_TeamsVdiPolicy.psm1 @@ -269,7 +269,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json index 8b7863510a..adff164f18 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVdiPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 index 0e93d5c877..80213e353e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/MSFT_TeamsVoiceRoute.psm1 @@ -171,6 +171,7 @@ function Set-TargetResource [Switch] $ManagedIdentity ) + #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -191,7 +192,7 @@ function Set-TargetResource $notFoundUsageList = @() foreach ($usage in $OnlinePstnUsages) { - if ( -not ($existingUsages -match $usage)) + if (-not ($existingUsages -match $usage)) { $notFoundUsageList += $usage } @@ -208,34 +209,27 @@ function Set-TargetResource $notFoundGatewayList = @() foreach ($gateway in $OnlinePstnGatewayList) { - if ( -not ($existingGateways -match $gateway)) + if (-not ($existingGateways -match $gateway)) { $notFoundGatewayList += $gateway } } - if ($notFoundUsageList) + if ($notFoundGatewayList) { $notFoundGateways = $notFoundGatewayList -join ',' - throw "Please create the Voice Gateway object(s) ($notFoundGateways) using `"TeamsVoiceRoute`"" + throw "Please create the Voice Gateway object(s) ($notFoundGateways) using cmdlet `"New-CsOnlinePSTNGateway`"" } Write-Verbose -Message "Setting Voice Route {$Identity}" $CurrentValues = Get-TargetResource @PSBoundParameters - - $SetParameters = $PSBoundParameters - $SetParameters.Remove('Ensure') | Out-Null - $SetParameters.Remove('Credential') | Out-Null - $SetParameters.Remove('ApplicationId') | Out-Null - $SetParameters.Remove('TenantId') | Out-Null - $SetParameters.Remove('CertificateThumbprint') | Out-Null - $SetParameters.Remove('ManagedIdentity') | Out-Null + $PSBoundParameters = Remove-M365DSCAuthenticationParameter -BoundParameters $PSBoundParameters if ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Absent') { Write-Verbose -Message "Creating a new Voice Route {$Identity}" - New-CsOnlineVoiceRoute @SetParameters + New-CsOnlineVoiceRoute @PSBoundParameters } elseif ($Ensure -eq 'Present' -and $CurrentValues.Ensure -eq 'Present') { @@ -244,12 +238,12 @@ function Set-TargetResource into the Set-CsOnlineVoiceRoute cmdlet. #> Write-Verbose -Message "Updating settings for Voice Route {$Identity}" - Set-CsOnlineVoiceRoute @SetParameters + Set-CsOnlineVoiceRoute @PSBoundParameters } elseif ($Ensure -eq 'Absent' -and $CurrentValues.Ensure -eq 'Present') { Write-Verbose -Message "Removing existing Voice Route {$Identity}" - Remove-CsOnlineVoiceRoute -Identity $Identity -Confirm:$false + Remove-CsOnlineVoiceRoute -Identity $Identity } } @@ -308,6 +302,7 @@ function Test-TargetResource [Switch] $ManagedIdentity ) + #Ensure the proper dependencies are installed in the current environment. Confirm-M365DSCDependencies @@ -323,16 +318,31 @@ function Test-TargetResource Write-Verbose -Message "Testing configuration of Voice Route {$Identity}" $CurrentValues = Get-TargetResource @PSBoundParameters + $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() + $ValuesToCheck = Remove-M365DSCAuthenticationParameter -BoundParameters $ValuesToCheck - Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" - Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $PSBoundParameters)" + if ($CurrentValues.Ensure -ne $Ensure) + { + Write-Verbose -Message "Test-TargetResource returned $false" + return $false + } + if ($CurrentValues.Ensure -eq 'Absent' -and $Ensure -eq 'Absent') + { + Write-Verbose -Message "Test-TargetResource returned $true" + return $true + } + $TestResult = $true - $ValuesToCheck = $PSBoundParameters + Write-Verbose -Message "Current Values: $(Convert-M365DscHashtableToString -Hashtable $CurrentValues)" + Write-Verbose -Message "Target Values: $(Convert-M365DscHashtableToString -Hashtable $ValuesToCheck)" - $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` - -Source $($MyInvocation.MyCommand.Source) ` - -DesiredValues $PSBoundParameters ` - -ValuesToCheck $ValuesToCheck.Keys + if ($TestResult) + { + $TestResult = Test-M365DSCParameterState -CurrentValues $CurrentValues ` + -Source $($MyInvocation.MyCommand.Source) ` + -DesiredValues $PSBoundParameters ` + -ValuesToCheck $ValuesToCheck.Keys + } Write-Verbose -Message "Test-TargetResource returned $TestResult" @@ -365,6 +375,7 @@ function Export-TargetResource [Switch] $ManagedIdentity ) + $InformationPreference = 'Continue' $ConnectionMode = New-M365DSCConnection -Workload 'MicrosoftTeams' ` diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json index 234e57b78a..741fe4ab9f 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoute/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json index 3e98c36a43..63ce1df103 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsVoiceRoutingPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/MSFT_TeamsWorkloadPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/MSFT_TeamsWorkloadPolicy.psm1 index a19d66bff3..875b9f54db 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/MSFT_TeamsWorkloadPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/MSFT_TeamsWorkloadPolicy.psm1 @@ -334,7 +334,7 @@ function Test-TargetResource $ValuesToCheck = ([Hashtable]$PSBoundParameters).Clone() $ValuesToCheck.Remove('Identity') | Out-Null - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json index 2fdbdb1053..1e851bdd4e 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsWorkloadPolicy/settings.json @@ -19,53 +19,11 @@ "read": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ], "update": [ { "name": "Organization.Read.All" - }, - { - "name": "User.Read.All" - }, - { - "name": "Group.ReadWrite.All" - }, - { - "name": "AppCatalog.ReadWrite.All" - }, - { - "name": "TeamSettings.ReadWrite.All" - }, - { - "name": "Channel.Delete.All" - }, - { - "name": "ChannelSettings.ReadWrite.All" - }, - { - "name": "ChannelMember.ReadWrite.All" } ] } diff --git a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 index 7183bc25aa..12ba5a5ce4 100644 --- a/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 +++ b/Modules/Microsoft365DSC/Dependencies/Manifest.psd1 @@ -2,7 +2,7 @@ Dependencies = @( @{ ModuleName = 'DSCParser' - RequiredVersion = '1.4.0.2' + RequiredVersion = '2.0.0.2' }, @{ ModuleName = 'ExchangeOnlineManagement' @@ -10,71 +10,71 @@ }, @{ ModuleName = 'Microsoft.Graph.Applications' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Authentication' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Devices.CorporateManagement' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Administration' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DeviceManagement.Enrollment' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.DirectoryManagement' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.Governance' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Identity.SignIns' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Reports' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.Teams' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.DeviceManagement.Administration' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Beta.DirectoryObjects' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Groups' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Planner' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Users' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.Graph.Users.Actions' - RequiredVersion = '2.14.1' + RequiredVersion = '2.15.0' }, @{ ModuleName = 'Microsoft.PowerApps.Administration.PowerShell' @@ -82,11 +82,11 @@ }, @{ ModuleName = 'MicrosoftTeams' - RequiredVersion = '5.9.0' + RequiredVersion = '6.0.0' }, @{ ModuleName = "MSCloudLoginAssistant" - RequiredVersion = "1.1.13" + RequiredVersion = "1.1.14" }, @{ ModuleName = 'PnP.PowerShell' diff --git a/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/1-Create.ps1 b/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/1-Create.ps1 index 5c764b636b..c8cd6045bb 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/1-Create.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/1-Create.ps1 @@ -13,7 +13,7 @@ Configuration Example ) Import-DscResource -ModuleName Microsoft365DSC - + $Domain = $Credscredential.Username.Split('@')[1] node localhost { AADAdministrativeUnit 'TestUnit' @@ -23,7 +23,17 @@ Configuration Example MembershipRule = "(user.country -eq `"Canada`")" MembershipRuleProcessingState = 'On' MembershipType = 'Dynamic' - Ensure = 'Present' + ScopedRoleMembers = @( + MSFT_MicrosoftGraphScopedRoleMembership + { + RoleName = 'User Administrator' + RoleMemberInfo = MSFT_MicrosoftGraphMember + { + Identity = "admin@$Domain" + Type = "User" + } + } + ) Credential = $Credscredential } } diff --git a/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/2-Update.ps1 index dde9416d5f..c9f01960e9 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/2-Update.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/2-Update.ps1 @@ -13,16 +13,28 @@ Configuration Example ) Import-DscResource -ModuleName Microsoft365DSC - + $Domain = $Credscredential.Username.Split('@')[1] node localhost { AADAdministrativeUnit 'TestUnit' { DisplayName = 'Test-Unit' + Description = 'Test Description Updated' # Updated Property + Visibility = 'HiddenMembership' # Updated Property MembershipRule = "(user.country -eq `"US`")" # Updated Property MembershipRuleProcessingState = 'On' MembershipType = 'Dynamic' - Ensure = 'Present' + ScopedRoleMembers = @( + MSFT_MicrosoftGraphScopedRoleMembership + { + RoleName = 'User Administrator' + RoleMemberInfo = MSFT_MicrosoftGraphMember + { + Identity = "AdeleV@$Domain" # Updated Property + Type = "User" + } + } + ) Credential = $Credscredential } } diff --git a/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/3-Remove.ps1 b/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/3-Remove.ps1 index 354f73cf2c..ae31a25232 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/3-Remove.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/AADAdministrativeUnit/3-Remove.ps1 @@ -13,7 +13,7 @@ Configuration Example ) Import-DscResource -ModuleName Microsoft365DSC - + $Domain = $Credscredential.Username.Split('@')[1] node localhost { AADAdministrativeUnit 'TestUnit' diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/1-Create.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/1-Create.ps1 index 3c71726bab..b58921fed5 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/1-Create.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/1-Create.ps1 @@ -17,7 +17,7 @@ Configuration Example { EXOMailTips 'OrgWideMailTips' { - Organization = $Domain + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True MailTipsGroupMetricsEnabled = $True MailTipsLargeAudienceThreshold = 100 diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/2-Update.ps1 index 172deb2c04..95cafdbc6c 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/2-Update.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/2-Update.ps1 @@ -17,7 +17,7 @@ Configuration Example { EXOMailTips 'OrgWideMailTips' { - Organization = $Domain + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True MailTipsGroupMetricsEnabled = $False # Updated Property MailTipsLargeAudienceThreshold = 100 diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/3-Remove.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/3-Remove.ps1 index d4e681aa7d..3a010d19d9 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/3-Remove.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/EXOMailTips/3-Remove.ps1 @@ -17,9 +17,9 @@ Configuration Example { EXOMailTips 'OrgWideMailTips' { - Organization = $Domain - Ensure = "Absent" - Credential = $Credscredential + IsSingleInstance = 'Yes' + Ensure = "Absent" + Credential = $Credscredential } } } diff --git a/Modules/Microsoft365DSC/Examples/Resources/EXOOfflineAddressBook/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/EXOOfflineAddressBook/2-Update.ps1 index 0fe9391578..9957b25583 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/EXOOfflineAddressBook/2-Update.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/EXOOfflineAddressBook/2-Update.ps1 @@ -20,8 +20,8 @@ Configuration Example { Name = "Integration Address Book" AddressLists = @('\All Users') - DiffRetentionPeriod = "30" - IsDefault = $false # Updated Property + DiffRetentionPeriod = "60" # Updated Property + IsDefault = $true Ensure = "Present" Credential = $Credscredential } diff --git a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 index ad945407c9..ea3febcd48 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/1-Create.ps1 @@ -43,7 +43,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 25; ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 index ee0f026049..93e40032e6 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/IntuneDeviceConfigurationSCEPCertificatePolicyWindows10/2-Update.ps1 @@ -43,7 +43,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 30; # Updated Property ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/Modules/Microsoft365DSC/Examples/Resources/SPOAccessControlSettings/1-ConfigureSPOAccessControlSettings.ps1 b/Modules/Microsoft365DSC/Examples/Resources/SPOAccessControlSettings/1-ConfigureSPOAccessControlSettings.ps1 index 74fc36bcd4..95417cc094 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/SPOAccessControlSettings/1-ConfigureSPOAccessControlSettings.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/SPOAccessControlSettings/1-ConfigureSPOAccessControlSettings.ps1 @@ -21,8 +21,6 @@ Configuration Example StartASiteFormUrl = "https://contoso.sharepoint.com" IPAddressEnforcement = $false IPAddressWACTokenLifetime = 15 - CommentsOnSitePagesDisabled = $false - SocialBarOnSitePagesDisabled = $false DisallowInfectedFileDownload = $false ExternalServicesEnabled = $true EmailAttestationRequired = $false diff --git a/Modules/Microsoft365DSC/Examples/Resources/SPOTenantSettings/1-ConfigureSPOTenantSettings.ps1 b/Modules/Microsoft365DSC/Examples/Resources/SPOTenantSettings/1-ConfigureSPOTenantSettings.ps1 index 33c934c987..31f07cb4df 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/SPOTenantSettings/1-ConfigureSPOTenantSettings.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/SPOTenantSettings/1-ConfigureSPOTenantSettings.ps1 @@ -16,25 +16,27 @@ Configuration Example { SPOTenantSettings 'ConfigureTenantSettings' { - IsSingleInstance = "Yes" + IsSingleInstance = 'Yes' MinCompatibilityLevel = 16 MaxCompatibilityLevel = 16 SearchResolveExactEmailOrUPN = $false OfficeClientADALDisabled = $false LegacyAuthProtocolsEnabled = $true - SignInAccelerationDomain = "" + SignInAccelerationDomain = '' UsePersistentCookiesForExplorerView = $false UserVoiceForFeedbackEnabled = $true PublicCdnEnabled = $false - PublicCdnAllowedFileTypes = "CSS,EOT,GIF,ICO,JPEG,JPG,JS,MAP,PNG,SVG,TTF,WOFF" + PublicCdnAllowedFileTypes = 'CSS,EOT,GIF,ICO,JPEG,JPG,JS,MAP,PNG,SVG,TTF,WOFF' UseFindPeopleInPeoplePicker = $false NotificationsInSharePointEnabled = $true OwnerAnonymousNotification = $true ApplyAppEnforcedRestrictionsToAdHocRecipients = $true FilePickerExternalImageSearchEnabled = $true HideDefaultThemes = $false - MarkNewFilesSensitiveByDefault = "AllowExternalSharing" - Ensure = "Present" + MarkNewFilesSensitiveByDefault = 'AllowExternalSharing' + CommentsOnSitePagesDisabled = $false + SocialBarOnSitePagesDisabled = $false + Ensure = 'Present' Credential = $Credscredential } } diff --git a/Modules/Microsoft365DSC/Examples/Resources/TeamsGuestMeetingConfiguration/1-ConfigureTeamsGuestMeeting.ps1 b/Modules/Microsoft365DSC/Examples/Resources/TeamsGuestMeetingConfiguration/1-ConfigureTeamsGuestMeeting.ps1 index 3924d19555..e3e1994f44 100644 --- a/Modules/Microsoft365DSC/Examples/Resources/TeamsGuestMeetingConfiguration/1-ConfigureTeamsGuestMeeting.ps1 +++ b/Modules/Microsoft365DSC/Examples/Resources/TeamsGuestMeetingConfiguration/1-ConfigureTeamsGuestMeeting.ps1 @@ -16,11 +16,13 @@ Configuration Example { TeamsGuestMeetingConfiguration 'TeamsGuestMeetingConfiguration' { - Identity = "Global" - AllowIPVideo = $True - AllowMeetNow = $True - ScreenSharingMode = "EntireScreen" - Credential = $Credscredential + Identity = 'Global' + AllowIPVideo = $true + LiveCaptionsEnabledType = 'Disabled' + ScreenSharingMode = 'EntireScreen' + AllowMeetNow = $true + AllowTranscription = $true + Credential = $Credscredential } } } diff --git a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 index 78deeb1f7e..a9410d2fec 100644 --- a/Modules/Microsoft365DSC/Microsoft365DSC.psd1 +++ b/Modules/Microsoft365DSC/Microsoft365DSC.psd1 @@ -3,7 +3,7 @@ # # Generated by: Microsoft Corporation # -# Generated on: 2024-02-21 +# Generated on: 2024-03-13 @{ @@ -11,7 +11,7 @@ # RootModule = '' # Version number of this module. - ModuleVersion = '1.24.221.1' + ModuleVersion = '1.24.313.1' # Supported PSEditions # CompatiblePSEditions = @() @@ -78,7 +78,8 @@ 'Modules/M365DSCUtil.psm1', 'Modules/M365DSCDRGUtil.psm1', 'Modules/EncodingHelpers/M365DSCEmojis.psm1', - 'Modules/EncodingHelpers/M365DSCStringEncoding.psm1' + 'Modules/EncodingHelpers/M365DSCStringEncoding.psm1', + 'Modules/M365DSCConfigurationHelper.psm1' ) # Functions to export from this module, for best performance, do not use wildcards and do not delete the entry, use an empty array if there are no functions to export. @@ -91,6 +92,7 @@ 'Export-M365DSCConfiguration', 'Export-M365DSCDiagnosticData', 'Get-M365DSCNotificationEndPointRegistration', + 'Get-M365DSCEvaluationRulesForConfiguration', 'Import-M365DSCDependencies', 'New-M365DSCDeltaReport', 'New-M365DSCNotificationEndPointRegistration', @@ -140,38 +142,117 @@ IconUri = 'https://github.com/microsoft/Microsoft365DSC/blob/Dev/Modules/Microsoft365DSC/Dependencies/Images/Logo.png?raw=true' # ReleaseNotes of this module - ReleaseNotes = '* AADApplication - * Expose the description field in the resource. - * AADConditionalAccessPolicy - * Fixing issue where Membership kinds no longer accepted empty values. - ROLLING BACK [#4344](https://github.com/microsoft/Microsoft365DSC/issues/4344) - FIXES [#4347](https://github.com/microsoft/Microsoft365DSC/issues/4347) - * Throws an error if role, user or group was not found in the Set method. - FIXES [#4342](https://github.com/microsoft/Microsoft365DSC/issues/4342) - * EXOAuthenticationPolicyAssignment - * Improved performance by using a filter to retrieve assignments. - * Export now retrieves the user principal name instead of the user id. - * EXOAvailabilityConfig - * Export now retrieves the user principal name instead of the user id. - * EXOCASMailboxPlan - * Added the DisplayName property. - * EXODataClassification - * Added logic to retrieve by name in the GET method if no match found by id. - * EXOMailboxAutoReplyConfiguration - * Added the owner property. - * EXOMailboxPlan - * Added the DisplayName property. - * EXOMailboxSettings - * Export now retrieves instances by User Principal Name instead of GUID. - * EXOPlace - * Added the DisplayName property. - * EXORecipientPermission - * Export now retrieves instances by User Principal Name instead of GUID. - * EXOSharedMailbox - * Added the Identity parameter. + ReleaseNotes = '* AADGroup + * Fixed issue when filtering groups by display name + FIXES [#4394](https://github.com/microsoft/Microsoft365DSC/issues/4394) + * Fixed issue where group owners were removed from existing groups when unspecified in the config + FIXES [#4390](https://github.com/microsoft/Microsoft365DSC/issues/4390) + * EXOAcceptedDomain + * Update regular expression to support domains with digits + FIXES [#4446](https://github.com/microsoft/Microsoft365DSC/issues/4446) + * EXOHostedContentFilterPolicy + * Add support for IntraOrgFilterState parameter + FIXES [#4424](https://github.com/microsoft/Microsoft365DSC/issues/4424) + * EXOHostedContentFilterRule + * Fixed issue in case of different names of filter rule and filter policy + FIXES [#4401](https://github.com/microsoft/Microsoft365DSC/issues/4401) + * EXOIntraOrganizationConnector + * Fixed issue with TargetSharingEpr + FIXES [#4381](https://github.com/microsoft/Microsoft365DSC/issues/4381) + * IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneAccountProtectionLocalUserGroupMembershipPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneAccountProtectionPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneAntivirusPolicyWindows10SettingCatalog + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneAppConfigurationPolicy + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneApplicationControlPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneASRRulesPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceCompliancePolicyAndroid + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceCompliancePolicyAndroidDeviceOwner + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceCompliancePolicyAndroidWorkProfile + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceCompliancePolicyiOs + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceCompliancePolicyMacOS + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceCompliancePolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceConfigurationCustomPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceConfigurationDomainJoinPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceConfigurationEmailProfilePolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * IntuneDeviceConfigurationEndpointProtectionPolicyWindows10 + * Added support for assignment GroupDisplayName and improve error handling from + Get-TargetResource + * Fixed an issue with the parameter InterfaceTypes from firewallrules defined + as a string instead of string[] + * IntuneDeviceConfigurationPKCSCertificatePolicyWindows10 + * Add property RootCertificateDisplayName in order to support assigning root + certificates by display name since their Ids in a blueprint might be from a + different source tenant + FIXES [#3965](https://github.com/microsoft/Microsoft365DSC/issues/3965) + * IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator + * Fixed policy assignment retrieval when Id is from other tenant, bogus or + null + FIXES [#3970](https://github.com/microsoft/Microsoft365DSC/issues/3970) + * IntuneDeviceConfigurationPolicyAndroidOpenSourceProject + * Fixed policy assignment retrieval when Id is from other tenant, bogus or + null + FIXES [#3971](https://github.com/microsoft/Microsoft365DSC/issues/3971) + * Fixed compare logic for CIM instances in Test-TargetResource + * M365DSCRuleEvaluation + * Fix issue when it didnt find any matching resources and it tried to make a + comparison + * O365OrgSettings + * Add read permission for extracting M365 apps installation settings instead + of extracting them only with read/write permissions + FIXES [#4418](https://github.com/microsoft/Microsoft365DSC/issues/4418) + * TeamsVoiceRoute + * Fix policy removal and also comparison in Test-TargetResource + * DEPENDENCIES + * Updated DSCParser to version 1.4.0.4. + * Updated Microsoft.Graph to version 2.15.0. + * Updated MicrosoftTeams to version 6.0.0. * MISC - * Uninstall-M365DSCOutdatedDependencies - * Outdated Microsoft365DSC-modules are now removed in their entirety.' + * Enhancement to obfuscate password from verbose logging and avoid empty lines + FIXES [#4392](https://github.com/microsoft/Microsoft365DSC/issues/4392) + * Fix example in documentation for Update-M365DSCAzureAdApplication + * Added support for groupDisplayName to all devices and all users groups' # Flag to indicate whether the module requires explicit user acceptance for install/update # RequireLicenseAcceptance = $false diff --git a/Modules/Microsoft365DSC/Modules/M365DSCConfigurationHelper.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCConfigurationHelper.psm1 new file mode 100644 index 0000000000..ae63a74b80 --- /dev/null +++ b/Modules/Microsoft365DSC/Modules/M365DSCConfigurationHelper.psm1 @@ -0,0 +1,161 @@ +<# +.SYNOPSIS + Get the evaluation rules for guarding a given configuration. +.DESCRIPTION + This function will return all the evaluation rules for a given configuration either as a new configuration file or as a list of rules that can be used in a configuration to guard the resources. +.PARAMETER ConfigurationPath + The path to the configuration file. +.PARAMETER OutputPath + The path to the output file. If not provided, the function will return the evaluation rules as a string. +#> +function Get-M365DSCEvaluationRulesForConfiguration +{ + [CmdletBinding()] + [OutputType([System.String], ParameterSetName = 'Plaintext')] + [OutputType([System.Void], ParameterSetName = 'Configuration')] + param ( + [Parameter(ParameterSetName = ('Configuration', 'Plaintext'), Mandatory = $true)] + [string] + $ConfigurationPath, + + [Parameter(ParameterSetName = 'Configuration')] + [string] + $OutputPath, + + [Parameter(ParameterSetName = ('Configuration', 'Plaintext'), Mandatory = $true)] + [ValidateSet('ServicePrincipalWithThumbprint', 'ServicePrincipalWithSecret', 'ServicePrincipalWithPath', 'CredentialsWithTenantId', 'CredentialsWithApplicationId', 'Credentials', 'ManagedIdentity')] + [System.String] + $ConnectionMode + ) + + $configurationAsObject = ConvertTo-DSCObject -Path $ConfigurationPath + + $groupCondition = { + $_.ResourceName + } + + $groupedObjects = $configurationAsObject | Group-Object $groupCondition + + $M365DSCRuleEvaluationBlock = @' + # region Evaluation Rules + # This block contains the evaluation rules for the configuration. + # It is used to guard the resources in the configuration. + + # endregion +'@ + + switch ($ConnectionMode) + { + 'ServicePrincipalWithThumbprint' + { + $authentication = @" + ApplicationId = `$ConfigurationData.NonNodeData.ApplicationId + TenantId = `$ConfigurationData.NonNodeData.OrganizationName + CertificateThumbprint = `$ConfigurationData.NonNodeData.CertificateThumbprint +"@ + } + 'ServicePrincipalWithSecret' + { + $authentication = @" + ApplicationId = `$ConfigurationData.NonNodeData.ApplicationId + TenantId = `$ConfigurationData.NonNodeData.OrganizationName + CertificatePassword = `$CertificatePassword +"@ + } + 'ServicePrincipalWithPath' + { + $authentication = @" + ApplicationId = `$ConfigurationData.NonNodeData.ApplicationId + TenantId = `$ConfigurationData.NonNodeData.OrganizationName + CertificatePath = `$ConfigurationData.NonNodeData.CertificatePath +"@ + } + 'CredentialsWithTenantId' + { + $authentication = @" + Credential = `$CredsCredential + TenantId = `$ConfigurationData.NonNodeData.OrganizationName +"@ + } + 'CredentialsWithApplicationId' + { + $authentication = @" + Credential = `$CredsCredential + ApplicationId = `$ConfigurationData.NonNodeData.ApplicationId + TenantId = `$ConfigurationData.NonNodeData.OrganizationName +"@ + } + 'ManagedIdentity' + { + $authentication = @" + ManagedIdentity = `$true +"@ + } + 'Credentials' + { + $authentication = @" + Credential = `$CredsCredential +"@ + } + } + + $M365DSCRuleEvaluationResourceBlock = @' + M365DSCRuleEvaluation '' + { + ResourceName = '' + RuleDefinition = "*" + AfterRuleCountQuery = "-eq " + + } +'@ + + $resultConfiguration = @() + foreach ($group in $groupedObjects) + { + $resultConfiguration += $M365DSCRuleEvaluationResourceBlock -replace '', $group.Name -replace '', $group.Count -replace '', $authentication + } + + $M365DSCRuleEvaluationString = $M365DSCRuleEvaluationBlock -replace '', ($resultConfiguration -join "`n") + + if ($PSBoundParameters.Keys.Contains('OutputPath')) + { + if (-not (Test-Path -Path $OutputPath)) + { + New-Item -Path $OutputPath -ItemType File -Force | Out-Null + } + + $DSCString = @" + # Generated with Microsoft365DSC + # For additional information on how to use Microsoft365DSC, please visit https://aka.ms/M365DSC + param ( + ) + + Configuration M365TenantConfig + { + param ( + ) + + $OrganizationName = $ConfigurationData.NonNodeData.OrganizationName + + Import-DscResource -ModuleName 'Microsoft365DSC' + + Node localhost + { + + } + } + + M365TenantConfig -ConfigurationData .\ConfigurationData.psd1 +"@ + + $M365DSCRuleEvaluationString = $DSCString -replace '', $M365DSCRuleEvaluationString + + $M365DSCRuleEvaluationString | Out-File -FilePath $OutputPath + } + else + { + return $M365DSCRuleEvaluationString + } +} + +Export-ModuleMember -Function Get-M365DSCEvaluationRulesForConfiguration diff --git a/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 index afcfc6264b..3c92111b1f 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCDRGUtil.psm1 @@ -208,7 +208,10 @@ function Get-M365DSCDRGComplexTypeToHashtable { $hash = Get-M365DSCDRGComplexTypeToHashtable -ComplexObject $ComplexObject.$keyName - $results.Add($keyName, $hash) + if ($null -ne $hash -and $hash.Keys.Count -gt 0) + { + $results.Add($keyName, $hash) + } } else { @@ -1153,9 +1156,21 @@ function ConvertFrom-IntunePolicyAssignment $group = Get-MgGroup -GroupId ($groupId) -ErrorAction SilentlyContinue if ($null -ne $group) { - $hashAssignment.add('groupDisplayName', $group.DisplayName) + $groupDisplayName = $group.DisplayName } } + if ($dataType -eq '#microsoft.graph.allLicensedUsersAssignmentTarget') + { + $groupDisplayName = 'All users' + } + if ($dataType -eq '#microsoft.graph.allDevicesAssignmentTarget') + { + $groupDisplayName = 'All devices' + } + if ($null -ne $groupDisplayName) + { + $hashAssignment.add('groupDisplayName', $groupDisplayName) + } if ($IncludeDeviceFilter) { if ($null -ne $assignment.Target.DeviceAndAppManagementAssignmentFilterType) @@ -1206,20 +1221,30 @@ function ConvertTo-IntunePolicyAssignment $group = Get-MgGroup -GroupId ($assignment.groupId) -ErrorAction SilentlyContinue if ($null -eq $group) { - $group = Get-MgGroup -Filter "DisplayName eq '$($assignment.groupDisplayName)'" -ErrorAction SilentlyContinue - if ($null -eq $group) + if ($assignment.groupDisplayName) { - $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it could not be found in the directory.`r`n" - $message += "Please update your DSC resource extract with the correct groupId or groupDisplayName." - write-verbose -Message $message - $target = $null + $group = Get-MgGroup -Filter "DisplayName eq '$($assignment.groupDisplayName)'" -ErrorAction SilentlyContinue + if ($null -eq $group) + { + $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it could not be found in the directory.`r`n" + $message += "Please update your DSC resource extract with the correct groupId or groupDisplayName." + write-verbose -Message $message + $target = $null + } + if ($group -and $group.count -gt 1) + { + $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it is not unique in the directory.`r`n" + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." + write-verbose -Message $message + $group = $null + $target = $null + } } - if ($group -and $group.count -gt 1) + else { - $message = "Skipping assignment for the group with DisplayName {$($assignment.groupDisplayName)} as it is not unique in the directory.`r`n" + $message = "Skipping assignment for the group with Id {$($assignment.groupId)} as it could not be found in the directory.`r`n" $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." write-verbose -Message $message - $group = $null $target = $null } } @@ -1298,7 +1323,11 @@ function Update-DeviceConfigurationPolicyAssignment [Parameter()] [ValidateSet('v1.0','beta')] [System.String] - $APIVersion = 'beta' + $APIVersion = 'beta', + + [Parameter()] + [System.String] + $RootIdentifier = 'assignments' ) try @@ -1315,7 +1344,41 @@ function Update-DeviceConfigurationPolicyAssignment } if ($target.groupId) { - $formattedTarget.Add('groupId',$target.groupId) + $group = Get-MgGroup -GroupId ($target.groupId) -ErrorAction SilentlyContinue + if ($null -eq $group) + { + if ($target.groupDisplayName) + { + $group = Get-MgGroup -Filter "DisplayName eq '$($target.groupDisplayName)'" -ErrorAction SilentlyContinue + if ($null -eq $group) + { + $message = "Skipping assignment for the group with DisplayName {$($target.groupDisplayName)} as it could not be found in the directory.`r`n" + $message += "Please update your DSC resource extract with the correct groupId or groupDisplayName." + write-verbose -Message $message + $target = $null + } + if ($group -and $group.count -gt 1) + { + $message = "Skipping assignment for the group with DisplayName {$($target.groupDisplayName)} as it is not unique in the directory.`r`n" + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." + write-verbose -Message $message + $group = $null + $target = $null + } + } + else + { + $message = "Skipping assignment for the group with Id {$($target.groupId)} as it could not be found in the directory.`r`n" + $message += "Please update your DSC resource extract with the correct groupId or a unique group DisplayName." + write-verbose -Message $message + $target = $null + } + } + #Skipping assignment if group not found from either groupId or groupDisplayName + if ($null -ne $group) + { + $formattedTarget.add('groupId',$group.Id) + } } if ($target.collectionId) { @@ -1331,8 +1394,10 @@ function Update-DeviceConfigurationPolicyAssignment } $deviceManagementPolicyAssignments += @{'target' = $formattedTarget} } - $body = @{'assignments' = $deviceManagementPolicyAssignments} | ConvertTo-Json -Depth 20 - write-verbose -Message $body + + $body = @{$RootIdentifier = $deviceManagementPolicyAssignments} | ConvertTo-Json -Depth 20 + Write-Verbose -Message $body + Invoke-MgGraphRequest -Method POST -Uri $Uri -Body $body -ErrorAction Stop } catch diff --git a/Modules/Microsoft365DSC/Modules/M365DSCLogEngine.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCLogEngine.psm1 index c74ae10c10..15ed9d16ac 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCLogEngine.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCLogEngine.psm1 @@ -251,7 +251,8 @@ function Add-M365DSCEvent $MessageText = "Could not write to event log Source {$Source} EntryType {$EntryType} Message {$Message}" # Check call stack to prevent indefinite loop between New-M365DSCLogEntry and this function - if ((Get-PSCallStack)[1].FunctionName -ne 'New-M365DSCLogEntry') + if ((Get-PSCallStack)[1].FunctionName -ne 'New-M365DSCLogEntry' -and ` + -not $_.ToString().Contains('EventLog access is not supported on this platform.')) { New-M365DSCLogEntry -Exception $_ -Message $MessageText ` -Source '[M365DSCLogEngine]' ` diff --git a/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 index 0e2a98ed35..c70fc07579 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCReport.psm1 @@ -6,28 +6,28 @@ This function creates a new Markdown document from the specified exported config Internal, Hidden #> -Function New-M365DSCConfigurationToMarkdown - { - [CmdletBinding()] - [OutputType([System.String])] - param - ( - [Parameter()] - [Array] - $ParsedContent, - - [Parameter()] - [System.String] - $OutputPath, - - [Parameter()] - [System.String] - $TemplateName, - - [Parameter()] - [Switch] - $SortProperties - ) +function New-M365DSCConfigurationToMarkdown +{ + [CmdletBinding()] + [OutputType([System.String])] + param + ( + [Parameter()] + [Array] + $ParsedContent, + + [Parameter()] + [System.String] + $OutputPath, + + [Parameter()] + [System.String] + $TemplateName, + + [Parameter()] + [Switch] + $SortProperties + ) $crlf = "`r`n" if ([System.String]::IsNullOrEmpty($TemplateName)) @@ -44,7 +44,7 @@ Function New-M365DSCConfigurationToMarkdown { # Create a new table for each resource $percentage = [math]::Round(($currentCount / $totalCount) * 100, 2) - Write-Progress -Activity 'Processing generated DSC Object' -Status ("{0:N2} completed - $($resource.ResourceName)" -f $percentage) -PercentComplete $percentage + Write-Progress -Activity 'Processing generated DSC Object' -Status ("{0:N2}% completed - $($resource.ResourceName)" -f $percentage) -PercentComplete $percentage $fullMD += "## " + $resource.ResourceInstanceName + $crlf $fullMD += "|Item|Value|`r`n" @@ -180,7 +180,7 @@ function New-M365DSCConfigurationToHTML foreach ($resource in $parsedContent) { $percentage = [math]::Round(($currentCount / $totalCount) * 100, 2) - Write-Progress -Activity 'Processing generated DSC Object' -Status ("{0:N2} completed - $($resource.ResourceName)" -f $percentage) -PercentComplete $percentage + Write-Progress -Activity 'Processing generated DSC Object' -Status ("{0:N2}% completed - $($resource.ResourceName)" -f $percentage) -PercentComplete $percentage $partHTML = "
" $partHTML += "
" @@ -216,17 +216,39 @@ function New-M365DSCConfigurationToHTML $value = "`$Null" if ($null -ne $resource.$property) { - if ($resource.$property.GetType().Name -eq 'Object[]') + if ($resource.$property.GetType().Name -eq 'Object[]' -or ` + $resource.$property.GetType().Name -eq 'Hashtable') { - if ($resource.$property -and ($resource.$property[0].GetType().Name -eq 'Hashtable' -or - $resource.$property[0].GetType().Name -eq 'OrderedDictionary')) + if ($resource.$property -and ` + ($resource.$property.GetType().Name -eq 'Hashtable' -or ` + $resource.$property[0].GetType().Name -eq 'Hashtable') + ) { $value = '' foreach ($entry in $resource.$property) { foreach ($key in $entry.Keys) { - $value += "
  • $key = $($entry.$key)
    • " + if ($key -ne 'CIMInstance') + { + if ($entry.$key.GetType().Name -eq 'Hashtable' -or ` + $entry.$key.GetType().Name -eq 'Object[]') + { + foreach ($subItem in $entry.$key) + { + $value += "" + foreach ($subkey in $subItem.Keys) + { + $value += "" + } + $value += "
    $key
    $subkey$($subItem.$subKey)
    " + } + } + else + { + $value += "
  • $key = $($entry.$key)
    • " + } + } } $value += '
    ' } @@ -745,8 +767,10 @@ function Compare-M365DSCConfigurations [array]$driftProperties = @() foreach ($property in $instance.Keys) { - if ($null -eq $destinationResourceInstance."$property" -or $null -ne (Compare-Object -ReferenceObject ($instance."$property")` - -DifferenceObject ($destinationResourceInstance."$property"))) + if ($null -eq $destinationResourceInstance."$property" -or ` + (-not [System.String]::IsNullOrEmpty($instance."$property") -and + $null -ne (Compare-Object -ReferenceObject ($instance."$property")` + -DifferenceObject ($destinationResourceInstance."$property")))) { $driftProperties += @{ ParameterName = $property @@ -812,8 +836,9 @@ function Compare-M365DSCConfigurations } # Needs to be a separate nested if statement otherwise the ReferenceObject can be null and it will error out; elseif ($destinationResource.ContainsKey($destinationPropertyName) -eq $false -or (-not [System.String]::IsNullOrEmpty($propertyName) -and - $null -ne (Compare-Object -ReferenceObject ($sourceResource.$propertyName)` - -DifferenceObject ($destinationResource.$destinationPropertyName))) -and + (-not [System.String]::IsNullOrEmpty($sourceResource.$propertyName) -and + $null -ne (Compare-Object -ReferenceObject ($sourceResource.$propertyName)` + -DifferenceObject ($destinationResource.$destinationPropertyName)))) -and -not ([System.String]::IsNullOrEmpty($destinationResource.$destinationPropertyName) -and [System.String]::IsNullOrEmpty($sourceResource.$propertyName))) { if ($null -eq $drift -and (-not $IsBlueprintAssessment -or $destinationResource.ContainsKey($destinationPropertyName))) @@ -897,8 +922,10 @@ function Compare-M365DSCConfigurations $innerDrift = $null foreach ($property in $instance.Keys) { - if ($null -eq $sourceResourceInstance."$property" -or $null -ne (Compare-Object -ReferenceObject ($instance."$property")` - -DifferenceObject ($sourceResourceInstance."$property"))) + if ($null -eq $sourceResourceInstance."$property" -or ` + (-not [System.String]::IsNullOrEmpty($instance."$property") -and ` + $null -ne (Compare-Object -ReferenceObject ($instance."$property")` + -DifferenceObject ($sourceResourceInstance."$property")))) { # Make sure we haven't already added this drift in the delta return object to prevent duplicates. $existing = $delta | Where-Object -FilterScript {$_.ResourceName -eq $destinationResource.ResourceName -and ` @@ -1229,6 +1256,10 @@ function Get-M365DSCResourceKey { return @('OrgWideAccount') } + elseif ($Resource.ResourceName -eq 'TeamsGroupPolicyAssignment') + { + return @('GroupDisplayName', 'PolicyType') + } elseif ($mandatoryParameters.count -eq 1) { # returning the only mandatory parameter name @@ -1389,7 +1420,7 @@ function New-M365DSCDeltaReport -ExcludedResources $ExcludedResources ` -IsBluePrintAssessment $true } - Else + else { $Delta = Compare-M365DSCConfigurations ` -Source $Source ` @@ -1671,7 +1702,7 @@ function New-M365DSCDeltaReport $sourceValue = "" $sourceValue += "" - if ($drift.ValueInSource.GetType().Name -ne 'OrderedDictionary') + if ($drift.ValueInSource.GetType().Name -ne 'Hashtable') { $valueForSource = $drift.ValueInSource $sourceValue += "" diff --git a/Modules/Microsoft365DSC/Modules/M365DSCSchemaHandler.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCSchemaHandler.psm1 new file mode 100644 index 0000000000..0bba042793 --- /dev/null +++ b/Modules/Microsoft365DSC/Modules/M365DSCSchemaHandler.psm1 @@ -0,0 +1,75 @@ +function New-M365DSCSchemaDefinition +{ + [CmdletBinding()] + param ( + ) + + $schemaFiles = Get-ChildItem -Path '.\Modules\Microsoft365DSC\DSCResources\*.schema.mof' -Recurse + + $classInfoList = @() + + $classesList = @() + + foreach ($file in $schemaFiles) + { + Write-Verbose -Message $file.Name + $mofContent = Get-Content $file.FullName -Raw + + # Match class definitions + $classMatches = [regex]::Matches($mofContent, 'class\s+(\w+)(?:\s*:\s*\w+)?\s*(\{.*?\});', 'Singleline') + + foreach ($classMatch in $classMatches) + { + $className = $classMatch.Groups[1].Value + $classBody = $classMatch.Groups[2].Value + + if (-not $classesList.Contains($className)) + { + $classesList += $className + + # Match property definitions + $propertyMatches = [regex]::Matches($classBody, '\[(Key|Write|Required),\s*Description\("((?:[^"]|\\")*)"\)(?:\s*,\s*(?:ValueMap\{[^}]*\}\s*,\s*Values\{[^}]*\}|Values\{[^}]*\}\s*,\s*ValueMap\{[^}]*\}))?(?:,\s*EmbeddedInstance\("(\w+)"\))?\]?\s*(\w+)\s+(\w+)(\[\])?\s*;', @('Singleline', [System.Text.RegularExpressions.RegexOptions]::IgnoreCase)) + + $propertyInfoList = @() + + foreach ($propertyMatch in $propertyMatches) + { + $propertyKeyOrWrite = $propertyMatch.Groups[1].Value + $propertyDescription = $propertyMatch.Groups[2].Value + $embeddedInstanceType = $propertyMatch.Groups[3].Value + $propertyType = $propertyMatch.Groups[4].Value + $propertyName = $propertyMatch.Groups[5].Value + $isArray = $propertyMatch.Groups[6].Success + + if ($embeddedInstanceType) + { + $propertyType = $embeddedInstanceType + } + + if ($isArray) + { + $propertyType = $propertyType + '[]' + } + + $propertyInfoList += @{ + CIMType = $propertyType + Name = $propertyName + #IsArray = $isArray + Option = $propertyKeyOrWrite + } + + } + + $classInfoList += [ordered] @{ + ClassName = $className + Parameters = $propertyInfoList + } + } + } + + } + + $jsonContent = ConvertTo-Json $classInfoList -Depth 99 + Set-Content -Value $jsonContent -Path '.\Modules\Microsoft365DSC\SchemaDefinition.json' + +} diff --git a/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 index dda43e2796..15f1e908c3 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCTelemetryEngine.psm1 @@ -91,59 +91,68 @@ function Add-M365DSCTelemetryEvent $Data.Remove('Principal') | Out-Null # Capture PowerShell Version Info - $Data.Add('PSMainVersion', $PSVersionTable.PSVersion.Major.ToString() + '.' + $PSVersionTable.PSVersion.Minor.ToString()) - $Data.Add('PSVersion', $PSVersionTable.PSVersion.ToString()) - $Data.Add('PSEdition', $PSVersionTable.PSEdition.ToString()) + if (-not $Data.Keys.Contains('PSMainVersion')) + { + $Data.Add('PSMainVersion', $PSVersionTable.PSVersion.Major.ToString() + '.' + $PSVersionTable.PSVersion.Minor.ToString()) + } + if (-not $Data.Keys.Contains('PSVersion')) + { + $Data.Add('PSVersion', $PSVersionTable.PSVersion.ToString()) + } + if (-not $Data.Keys.Contains('PSEdition')) + { + $Data.Add('PSEdition', $PSVersionTable.PSEdition.ToString()) + } - if ($null -ne $PSVersionTable.BuildVersion) + if ($null -ne $PSVersionTable.BuildVersion -and -not $Data.Keys.Contains('PSBuildVersion')) { $Data.Add('PSBuildVersion', $PSVersionTable.BuildVersion.ToString()) } - if ($null -ne $PSVersionTable.CLRVersion) + if ($null -ne $PSVersionTable.CLRVersion -and -not $Data.Keys.Contains('PSCLRVersion')) { $Data.Add('PSCLRVersion', $PSVersionTable.CLRVersion.ToString()) } # Capture Console/Host Information - if ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION) + if ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Console') } - elseif ($host.Name -eq 'Windows PowerShell ISE Host') + elseif ($host.Name -eq 'Windows PowerShell ISE Host' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'ISE') } - elseif ($host.Name -eq 'ConsoleHost' -and $null -ne $env:WT_SESSION) + elseif ($host.Name -eq 'ConsoleHost' -and $null -ne $env:WT_SESSION -and -not $Data.Keys.Contains('PowerShellAgent')) { - $Data.Add('PowerShellAgent', 'Windows Terminal') + $Data.Add('PowerShellAgent', 'Windows Terminal' -and -not $Data.Keys.Contains('PowerShellAgent')) } elseif ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION -and ` - $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'build') + $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'build' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Azure DevOPS') $Data.Add('AzureDevOPSPipelineType', 'Build') $Data.Add('AzureDevOPSAgent', $env:POWERSHELL_DISTRIBUTION_CHANNEL) } elseif ($host.Name -eq 'ConsoleHost' -and $null -eq $env:WT_SESSION -and ` - $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'release') + $null -ne $env:BUILD_BUILDID -and $env:SYSTEM -eq 'release' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Azure DevOPS') $Data.Add('AzureDevOPSPipelineType', 'Release') $Data.Add('AzureDevOPSAgent', $env:POWERSHELL_DISTRIBUTION_CHANNEL) } elseif ($host.Name -eq 'Default Host' -and ` - $null -ne $env:APPSETTING_FUNCTIONS_EXTENSION_VERSION) + $null -ne $env:APPSETTING_FUNCTIONS_EXTENSION_VERSION -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Azure Function') $Data.Add('AzureFunctionWorkerVersion', $env:FUNCTIONS_WORKER_RUNTIME_VERSION) } - elseif ($host.Name -eq 'CloudShell') + elseif ($host.Name -eq 'CloudShell' -and -not $Data.Keys.Contains('PowerShellAgent')) { $Data.Add('PowerShellAgent', 'Cloud Shell') } - if ($null -ne $Data.Resource) + if ($null -ne $Data.Resource -and -not $Data.Keys.Contains('Resource')) { if ($Data.Resource.StartsWith('MSFT_AAD') -or $Data.Resource.StartsWith('AAD')) { diff --git a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 index 1dca1435e2..2c18e4de0f 100644 --- a/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 +++ b/Modules/Microsoft365DSC/Modules/M365DSCUtil.psm1 @@ -128,7 +128,7 @@ function Convert-M365DscHashtableToString ) $values = @() - $parametersToObfuscate = @('ApplicationId', 'ApplicationSecret', 'TenantId', 'CertificateThumbprint', 'CertificatePath', 'CertificatePassword', 'Credential') + $parametersToObfuscate = @('ApplicationId', 'ApplicationSecret', 'TenantId', 'CertificateThumbprint', 'CertificatePath', 'CertificatePassword', 'Credential', 'Password') foreach ($pair in $Hashtable.GetEnumerator()) { try @@ -172,7 +172,7 @@ function Convert-M365DscHashtableToString } [array]::Sort($values) - return ($values -join "`r`n") + return ($values -join [Environment]::NewLine) } <# @@ -577,6 +577,19 @@ function Test-M365DSCParameterState #endregion $returnValue = $true + $TenantName = Get-M365DSCTenantNameFromParameterSet -ParameterSet $DesiredValues + + #region Telemetry - Evaluation + $dataEvaluation = [System.Collections.Generic.Dictionary[[String], [String]]]::new() + $dataEvaluation.Add('Resource', "$Source") + $dataEvaluation.Add('Method', 'Test-TargetResource') + $dataEvaluation.Add('Tenant', $TenantName) + $ValuesToCheckData = $ValuesToCheck | Where-Object -FilterScript {$_ -ne 'Verbose'} + $dataEvaluation.Add('Parameters', $ValuesToCheckData -join "`r`n") + $dataEvaluation.Add('ParametersCount', $ValuesToCheckData.Length) + Add-M365DSCTelemetryEvent -Type 'DriftEvaluation' -Data $dataEvaluation + #endregion + $DriftedParameters = @{} $DriftObject = @{ DriftInfo = @{} @@ -941,7 +954,6 @@ function Test-M365DSCParameterState { $EventMessage = [System.Text.StringBuilder]::New() $EventMessage.Append("`r`n") | Out-Null - $TenantName = Get-M365DSCTenantNameFromParameterSet -ParameterSet $DesiredValues Write-Verbose -Message "Found Tenant Name: $TenantName" $EventMessage.Append(" `r`n") | Out-Null $EventMessage.Append(" `r`n") | Out-Null @@ -951,7 +963,6 @@ function Test-M365DSCParameterState $DriftObject.Add('Tenant', $TenantName) $driftedData.Add('Resource', $source.Split('_')[1]) $DriftObject.Add('Resource', $source.Split('_')[1]) - $driftedData.Add('Event', 'DriftedParameter') # If custom App Insights is specified, allow for the current and desired values to be captured; # ISSUE #1222 @@ -1218,6 +1229,7 @@ function Export-M365DSCConfiguration [Switch] $Validate ) + $currentStartDateTime = [System.DateTime]::Now $Global:M365DSCExportInProgress = $true $Global:MaximumFunctionCount = 32767 @@ -1395,6 +1407,11 @@ function Export-M365DSCConfiguration $Global:M365DSCExportedResourceInstancesNames = $null $Global:M365DSCExportInProgress = $false + $data = [System.Collections.Generic.Dictionary[[String], [String]]]::new() + $data.Add('Tenant', $Tenant) + $data.Add('M365DSCExportId', $currentExportID) + $timeTaken = [System.DateTime]::Now.Subtract($currentStartDateTime) + $data.Add('TotalSeconds',$timeTaken.TotalSeconds) Add-M365DSCTelemetryEvent -Type 'ExportCompleted' -Data $data } @@ -3361,38 +3378,47 @@ function Get-M365DSCExportContentForResource $Results = Format-M365DSCString -Properties $Results ` -ResourceName $ResourceName + if ($Script:AllM365DscResources.Count -eq 0) + { + $Script:AllM365DscResources = Get-DscResource -Module 'Microsoft365Dsc' + } + $primaryKey = '' - if ($Results.ContainsKey('IsSingleInstance')) + $Resource = $Script:AllM365DscResources.Where({ $_.Name -eq $ResourceName }) + $Keys = $Resource.Properties.Where({ $_.IsMandatory }) | ` + Select-Object -ExpandProperty Name + if ($Keys.Contains('IsSingleInstance')) { $primaryKey = '' } - elseif ($Results.ContainsKey('DisplayName')) + elseif ($Keys.Contains('DisplayName')) { $primaryKey = $Results.DisplayName } - elseif ($Results.ContainsKey('Identity')) - { - $primaryKey = $Results.Identity - } - elseif ($Results.ContainsKey('Id')) - { - $primaryKey = $Results.Id - } - elseif ($Results.ContainsKey('Name')) + elseif ($Keys.Contains('Name')) { $primaryKey = $Results.Name } - elseif ($Results.ContainsKey('Title')) + elseif ($Keys.Contains('Title')) { $primaryKey = $Results.Title } - elseif ($Results.ContainsKey('CdnType')) + elseif ($Keys.Contains('Identity')) + { + $primaryKey = $Results.Identity + } + elseif ($Keys.Contains('Id')) { - $primaryKey = $Results.CdnType + $primaryKey = $Results.Id } - elseif ($Results.ContainsKey('Usage')) + + if ([String]::IsNullOrEmpty($primaryKey) -and ` + -not $Keys.Contains('IsSingleInstance')) { - $primaryKey = $Results.Usage + foreach ($Key in $Keys) + { + $primaryKey += $Results.$Key + } } $instanceName = $ResourceName @@ -4407,6 +4433,75 @@ function Remove-M365DSCAuthenticationParameter return $BoundParameters } +<# +.Description +This function clears the authentication parameters from the hashtable. + +.Functionality +Internal +#> +function Clear-M365DSCAuthenticationParameter +{ + [CmdletBinding()] + [OutputType([System.Collections.Hashtable])] + param( + [Parameter(Mandatory = $true)] + [System.Collections.Hashtable] + $BoundParameters + ) + + $BoundParameters.Credential = $null + $BoundParameters.ApplicationId = $null + $BoundParameters.ApplicationSecret = $null + $BoundParameters.TenantId = $null + $BoundParameters.CertificatePassword = $null + $BoundParameters.CertificatePath = $null + $BoundParameters.CertificateThumbprint = $null + $BoundParameters.ManagedIdentity = $null + + return $BoundParameters +} +<# +.Description +This function validate if the authentication parameters from the hashtable have been cleared. + +.Functionality +Internal +#> +function Test-M365DSCAuthenticationParameter +{ + [CmdletBinding()] + [OutputType([System.Boolean])] + param( + [Parameter(Mandatory = $true)] + [System.Collections.Hashtable] + $BoundParameters + ) + + $authenticationParameterList = @( + 'Credential' + 'ApplicationId' + 'ApplicationSecret' + 'TenantId' + 'CertificatePassword' + 'CertificatePath' + 'CertificateThumbprint' + 'ManagedIdentity' + ) + + $containsAuthenticationParameter = $false + foreach ($parameter in $authenticationParameterList) + { + if ($null -ne $BoundParameters.$parameter) + { + $containsAuthenticationParameter = $true + break + } + } + + return $containsAuthenticationParameter +} + <# .Description This function analyzes an M365DSC configuration file and returns information about potential issues (e.g., duplicate primary keys). @@ -4596,6 +4691,7 @@ function Sync-M365DSCParameter Export-ModuleMember -Function @( 'Assert-M365DSCBlueprint', + 'Clear-M365DSCAuthenticationParameter', 'Confirm-ImportedCmdletIsAvailable', 'Confirm-M365DSCDependencies', 'Convert-M365DscHashtableToString', @@ -4629,6 +4725,7 @@ Export-ModuleMember -Function @( 'Set-EXOSafeAttachmentRule', 'Set-EXOSafeLinksRule', 'Split-ArrayByParts', + 'Test-M365DSCAuthenticationParameter' 'Test-M365DSCDependenciesForNewVersions', 'Test-M365DSCModuleValidity', 'Test-M365DSCParameterState', diff --git a/Modules/Microsoft365DSC/SchemaDefinition.json b/Modules/Microsoft365DSC/SchemaDefinition.json new file mode 100644 index 0000000000..2150b813ec --- /dev/null +++ b/Modules/Microsoft365DSC/SchemaDefinition.json @@ -0,0 +1,41207 @@ +[ + { + "ClassName": "MSFT_MicrosoftGraphMember", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Type", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphScopedRoleMembership", + "Parameters": [ + { + "CIMType": "String", + "Name": "RoleName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphMember", + "Name": "RoleMemberInfo", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAdministrativeUnit", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Visibility", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MembershipType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MembershipRule", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MembershipRuleProcessingState", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphMember[]", + "Name": "Members", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphScopedRoleMembership[]", + "Name": "ScopedRoleMembers", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADApplicationPermission", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SourceAPI", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Type", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AdminConsentGranted", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADApplication", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ObjectId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AvailableToOtherTenants", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GroupMembershipClaims", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Homepage", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "IdentifierUris", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsFallbackPublicClient", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "KnownClientApplications", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "LogoutURL", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PublicClient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ReplyURLs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Owners", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADApplicationPermission[]", + "Name": "Permissions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAttributeSet", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaxAttributesPerSet", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationContextClassReference", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsAvailable", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphRegistrationEnforcement", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphAuthenticationMethodsRegistrationCampaign", + "Name": "AuthenticationMethodsRegistrationCampaign", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphAuthenticationMethodsRegistrationCampaign", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SnoozeDurationInDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetedAuthenticationMethod", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphSystemCredentialPreferences", + "Parameters": [ + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "PolicyMigrationState", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PolicyVersion", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ReconfirmationInDays", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphregistrationEnforcement", + "Name": "RegistrationEnforcement", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphsystemCredentialPreferences", + "Name": "SystemCredentialPreferences", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphMicrosoftAuthenticatorFeatureSettings", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration", + "Name": "CompanionAppAllowedState", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration", + "Name": "DisplayAppInformationRequiredState", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration", + "Name": "DisplayLocationInformationRequiredState", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration", + "Name": "NumberMatchingRequiredState", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphAuthenticationMethodFeatureConfiguration", + "Parameters": [ + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyAuthenticatorFeatureTarget", + "Name": "ExcludeTarget", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyAuthenticatorFeatureTarget", + "Name": "IncludeTarget", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyAuthenticatorFeatureTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyAuthenticatorExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyAuthenticatorIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyAuthenticator", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphmicrosoftAuthenticatorFeatureSettings", + "Name": "FeatureSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsSoftwareOathEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyAuthenticatorExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyAuthenticatorIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyEmailExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyEmailIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyEmail", + "Parameters": [ + { + "CIMType": "String", + "Name": "AllowExternalIdToUseEmailOtp", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyEmailExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyEmailIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphFido2KeyRestrictions", + "Parameters": [ + { + "CIMType": "String[]", + "Name": "AaGuids", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnforcementType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsEnforced", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyFido2ExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyFido2IncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyFido2", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "IsAttestationEnforced", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsSelfServiceRegistrationAllowed", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphfido2KeyRestrictions", + "Name": "KeyRestrictions", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyFido2ExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyFido2IncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicySmsExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicySmsIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicySms", + "Parameters": [ + { + "CIMType": "MSFT_AADAuthenticationMethodPolicySmsExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicySmsIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicySoftwareExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicySoftwareIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicySoftware", + "Parameters": [ + { + "CIMType": "MSFT_AADAuthenticationMethodPolicySoftwareExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicySoftwareIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyTemporaryExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyTemporaryIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyTemporary", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "DefaultLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefaultLifetimeInMinutes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsUsableOnce", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumLifetimeInMinutes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumLifetimeInMinutes", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyTemporaryExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyTemporaryIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyVoiceExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyVoiceIncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyVoice", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "IsOfficePhoneAllowed", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyVoiceExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyVoiceIncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphX509CertificateAuthenticationModeConfiguration", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphX509CertificateRule[]", + "Name": "Rules", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "X509CertificateAuthenticationDefaultMode", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphX509CertificateRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identifier", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "X509CertificateAuthenticationMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "X509CertificateRuleType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphX509CertificateUserBinding", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserProperty", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "X509CertificateField", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyX509ExcludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyX509IncludeTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "isRegistrationRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationMethodPolicyX509", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphx509CertificateAuthenticationModeConfiguration", + "Name": "AuthenticationModeConfiguration", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphx509CertificateUserBinding[]", + "Name": "CertificateUserBindings", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyX509ExcludeTarget[]", + "Name": "ExcludeTargets", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADAuthenticationMethodPolicyX509IncludeTarget[]", + "Name": "IncludeTargets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthenticationStrengthPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedCombinations", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADAuthorizationPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowedToSignUpEmailBasedSubscriptions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowedToUseSSPR", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowEmailVerifiedUsersToJoinOrganization", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowInvitesFrom", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockMsolPowershell", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefaultUserRoleAllowedToCreateApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefaultUserRoleAllowedToCreateSecurityGroups", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefaultUserRoleAllowedToReadBitlockerKeysForOwnedDevice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefaultUserRoleAllowedToCreateTenants", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefaultUserRoleAllowedToReadOtherUsers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GuestUserRole", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PermissionGrantPolicyIdsAssignedToDefaultUserRole", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADConditionalAccessPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeApplications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationsFilter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationsFilterMode", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludeApplications", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeUserActions", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeUsers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludeUsers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeGroups", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludeGroups", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeRoles", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludeRoles", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeGuestOrExternalUserTypes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IncludeExternalTenantsMembershipKind", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeExternalTenantsMembers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludeGuestOrExternalUserTypes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExcludeExternalTenantsMembershipKind", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludeExternalTenantsMembers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludePlatforms", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludePlatforms", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludeLocations", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludeLocations", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceFilterMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceFilterRule", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "UserRiskLevels", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SignInRiskLevels", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ClientAppTypes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GrantControlOperator", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BuiltInControls", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationEnforcedRestrictionsIsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CloudAppSecurityIsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CloudAppSecurityType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SignInFrequencyValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TermsOfUse", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "CustomAuthenticationFactors", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SignInFrequencyType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SignInFrequencyIsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SignInFrequencyInterval", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersistentBrowserIsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PersistentBrowserMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationStrength", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AuthenticationContexts", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedCloudEndpoints", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicyTarget", + "Parameters": [ + { + "CIMType": "String", + "Name": "Target", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicyTargetConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "AccessType", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyTarget[]", + "Name": "Targets", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Parameters": [ + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyTargetConfiguration", + "Name": "Applications", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyTargetConfiguration", + "Name": "UsersAndGroups", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicyInboundTrust", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "IsCompliantDeviceAccepted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsHybridAzureADJoinedDeviceAccepted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsMfaAccepted", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicyConfigurationDefault", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BCollaborationInbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BCollaborationOutbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BDirectConnectInbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BDirectConnectOutbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyInboundTrust", + "Name": "InboundTrust", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicyAutomaticUserConsentSettings", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "InboundAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutboundAllowed", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADCrossTenantAccessPolicyConfigurationPartner", + "Parameters": [ + { + "CIMType": "String", + "Name": "PartnerTenantId", + "Option": "Key" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BCollaborationInbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BCollaborationOutbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BDirectConnectInbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyB2BSetting", + "Name": "B2BDirectConnectOutbound", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyAutomaticUserConsentSettings", + "Name": "AutomaticUserConsentSettings", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADCrossTenantAccessPolicyInboundTrust", + "Name": "InboundTrust", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AccessPackageResourceRoleScope", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AccessPackageResourceOriginId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AccessPackageResourceRoleDisplayName", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADEntitlementManagementAccessPackage", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CatalogId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsHidden", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsRoleScopesVisible", + "Option": "Write" + }, + { + "CIMType": "MSFT_AccessPackageResourceRoleScope[]", + "Name": "AccessPackageResourceRoleScopes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncompatibleAccessPackages", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AccessPackagesIncompatibleWith", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncompatibleGroups", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphassignmentreviewsettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "AccessReviewTimeoutBehavior", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DurationInDays", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsAccessRecommendationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsApprovalJustificationRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecurrenceType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ReviewerType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphuserset[]", + "Name": "Reviewers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartDateTime", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphuserset", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsBackup", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ManagerLevel", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccesspackagequestion", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsAnswerEditable", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsRequired", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Sequence", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccessPackageLocalizedContent", + "Name": "QuestionText", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccessPackageAnswerChoice[]", + "Name": "Choices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowsMultipleSelection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RegexPattern", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsSingleLineQuestion", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccessPackageLocalizedContent", + "Parameters": [ + { + "CIMType": "String", + "Name": "DefaultText", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccessPackageLocalizedText[]", + "Name": "LocalizedTexts", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccessPackageLocalizedText", + "Parameters": [ + { + "CIMType": "String", + "Name": "Text", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LanguageCode", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccessPackageAnswerChoice", + "Parameters": [ + { + "CIMType": "String", + "Name": "ActualValue", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccessPackageLocalizedContent", + "Name": "displayValue", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphapprovalsettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "ApprovalMode", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapprovalstage1[]", + "Name": "ApprovalStages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsApprovalRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsApprovalRequiredForExtension", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsRequestorJustificationRequired", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphapprovalstage1", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "ApprovalStageTimeOutInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EscalationTimeInMinutes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsApproverJustificationRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsEscalationEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphuserset[]", + "Name": "PrimaryApprovers", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphuserset[]", + "Name": "EscalationApprovers", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphrequestorsettings", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AcceptRequests", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphuserset[]", + "Name": "AllowedRequestors", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ScopeType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphcustomextensionhandler", + "Parameters": [ + { + "CIMType": "String", + "Name": "CustomExtensionId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Stage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADEntitlementManagementAccessPackageAssignmentPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AccessPackageId", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphassignmentreviewsettings", + "Name": "AccessReviewSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CanExtend", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DurationInDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExpirationDateTime", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccesspackagequestion[]", + "Name": "Questions", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapprovalsettings", + "Name": "RequestApprovalSettings", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphrequestorsettings", + "Name": "RequestorSettings", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphcustomextensionhandler[]", + "Name": "CustomExtensionHandlers", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADEntitlementManagementAccessPackageCatalog", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CatalogStatus", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CatalogType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsExternallyVisible", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccesspackageresourceattribute", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphaccesspackageresourceattributedestination", + "Name": "AttributeDestination", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AttributeName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccesspackageresourceattributesource", + "Name": "AttributeSource", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsEditable", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsPersistedOnAssignmentRemoval", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccesspackageresourceattributedestination", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccesspackageresourceattributesource", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccessPackageResourceAttributeQuestion", + "Name": "Question", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphaccessPackageResourceAttributeQuestion", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsSingleLine", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RegexPattern", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Sequence", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccessPackageLocalizedContent", + "Name": "QuestionText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowsMultipleSelection", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccessPackageAnswerChoice[]", + "Name": "Choices", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADEntitlementManagementAccessPackageCatalogResource", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CatalogId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AddedBy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AddedOn", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphaccesspackageresourceattribute[]", + "Name": "Attributes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsPendingOnboarding", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OriginId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OriginSystem", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ResourceType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Url", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADEntitlementManagementConnectedOrganizationIdentitySource", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalTenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CloudInstance", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DomainName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IssuerUri", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADEntitlementManagementConnectedOrganization", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADEntitlementManagementConnectedOrganizationIdentitySource[]", + "Name": "IdentitySources", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExternalSponsors", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "InternalSponsors", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADExternalIdentityPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowDeletedIdentitiesDataRemoval", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "allowExternalIdentitiesToLeave", + "Option": "Required" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADGroupLicense", + "Parameters": [ + { + "CIMType": "String[]", + "Name": "DisabledPlans", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SkuId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADGroup", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "MailNickname", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Owners", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Members", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "GroupTypes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MembershipRule", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MembershipRuleProcessingState", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityEnabled", + "Option": "Required" + }, + { + "CIMType": "Boolean", + "Name": "MailEnabled", + "Option": "Required" + }, + { + "CIMType": "Boolean", + "Name": "IsAssignableToRole", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AssignedToRole", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Visibility", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADGroupLicense[]", + "Name": "AssignedLicenses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADGroupLifecyclePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "UInt32", + "Name": "GroupLifetimeInDays", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "ManagedGroupTypes", + "Option": "Required" + }, + { + "CIMType": "String[]", + "Name": "AlternateNotificationEmails", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADGroupsNamingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "PrefixSuffixNamingRequirement", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "CustomBlockedWordsList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADGroupsSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "EnableGroupCreation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableMIPLabels", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowGuestsToBeGroupOwner", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowGuestsToAccessGroups", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GuestUsageGuidelinesUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GroupCreationAllowedGroupName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowToAddGuests", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UsageGuidelinesUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADNamedLocationPolicy", + "Parameters": [ + { + "CIMType": "string", + "Name": "OdataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "IpRanges", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsTrusted", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "CountriesAndRegions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CountryLookupMethod", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IncludeUnknownCountriesAndRegions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleDefinition", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ResourceScopes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsEnabled", + "Option": "Required" + }, + { + "CIMType": "String[]", + "Name": "RolePermissions", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "TemplateId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Version", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrenceRange", + "Parameters": [ + { + "CIMType": "String", + "Name": "endDate", + "Option": "Required" + }, + { + "CIMType": "UInt32", + "Name": "numberOfOccurrences", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "recurrenceTimeZone", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "startDate", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "type", + "Option": "Required" + } + ] + }, + { + "ClassName": "MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrencePattern", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "dayOfMonth", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "daysOfWeek", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "firstDayOfWeek", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "index", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "interval", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "month", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "type", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrence", + "Parameters": [ + { + "CIMType": "MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrencePattern", + "Name": "pattern", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrenceRange", + "Name": "range", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleEligibilityScheduleRequestScheduleExpiration", + "Parameters": [ + { + "CIMType": "String", + "Name": "duration", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "endDateTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "type", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleEligibilityScheduleRequestSchedule", + "Parameters": [ + { + "CIMType": "MSFT_AADRoleEligibilityScheduleRequestScheduleExpiration", + "Name": "expiration", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADRoleEligibilityScheduleRequestScheduleRecurrence", + "Name": "recurrence", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "startDateTime", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleEligibilityScheduleRequestTicketInfo", + "Parameters": [ + { + "CIMType": "String", + "Name": "ticketNumber", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ticketSystem", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleEligibilityScheduleRequest", + "Parameters": [ + { + "CIMType": "String", + "Name": "Principal", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "RoleDefinition", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "PrincipalType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DirectoryScopeId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppScopeId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Action", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsValidationOnly", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Justification", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADRoleEligibilityScheduleRequestSchedule", + "Name": "ScheduleInfo", + "Option": "Write" + }, + { + "CIMType": "MSFT_AADRoleEligibilityScheduleRequestTicketInfo", + "Name": "TicketInfo", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADRoleSetting", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActivationMaxDuration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActivationReqJustification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActivationReqTicket", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActivationReqMFA", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApprovaltoActivate", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ActivateApprover", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PermanentEligibleAssignmentisExpirationRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExpireEligibleAssignment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PermanentActiveAssignmentisExpirationRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExpireActiveAssignment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AssignmentReqMFA", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AssignmentReqJustification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ElegibilityAssignmentReqMFA", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ElegibilityAssignmentReqJustification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAlertNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EligibleAlertNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAlertNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAssigneeNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EligibleAssigneeNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAssigneeNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleApproveNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EligibleApproveNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleApproveNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveAlertNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ActiveAlertNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveAlertNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveAssigneeNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ActiveAssigneeNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveAssigneeNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveApproveNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ActiveApproveNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveApproveNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAssignmentAlertNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EligibleAssignmentAlertNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAssignmentAlertNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAssignmentAssigneeNotificationDefaultRecipient", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EligibleAssignmentAssigneeNotificationAdditionalRecipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EligibleAssignmentAssigneeNotificationOnlyCritical", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AuthenticationContextRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationContextName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationContextId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADSecurityDefaults", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADServicePrincipalRoleAssignment", + "Parameters": [ + { + "CIMType": "String", + "Name": "PrincipalType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADServicePrincipal", + "Parameters": [ + { + "CIMType": "String", + "Name": "AppId", + "Option": "Key" + }, + { + "CIMType": "MSFT_AADServicePrincipalRoleAssignment[]", + "Name": "AppRoleAssignedTo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ObjectID", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AlternativeNames", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AccountEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppRoleAssignmentRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ErrorUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Homepage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LogoutUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PublisherName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ReplyUrls", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SamlMetadataUrl", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ServicePrincipalNames", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ServicePrincipalType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Tags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADSocialIdentityProvider", + "Parameters": [ + { + "CIMType": "String", + "Name": "ClientId", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ClientSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IdentityProviderType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADTenantDetails", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "MarketingNotificationEmails", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SecurityComplianceNotificationMails", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SecurityComplianceNotificationPhones", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TechnicalNotificationMails", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADTokenLifetimePolicy", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Definition", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsOrganizationDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_AADUser", + "Parameters": [ + { + "CIMType": "String", + "Name": "UserPrincipalName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FirstName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LastName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Roles", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UsageLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "LicenseAssignment", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Password", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "City", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Country", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Department", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Fax", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MobilePhone", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Office", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordNeverExpires", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordPolicies", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PhoneNumber", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PostalCode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreferredLanguage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StreetAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Title", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAcceptedDomain", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DomainType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MatchSubDomains", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutboundOnly", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOActiveSyncDeviceAccessRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AccessLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Characteristic", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QueryString", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAddressBookPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "AddressLists", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GlobalAddressList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OfflineAddressBook", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoomList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAddressList", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCompany", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute1", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute10", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute11", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute12", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute13", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute14", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute15", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute2", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute3", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute4", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute5", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute6", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute7", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute8", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute9", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalDepartment", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalStateOrProvince", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludedRecipients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientFilter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAntiPhishPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PhishThresholdLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationFailAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetedUserProtectionAction", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableFirstContactSafetyTips", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableMailboxIntelligence", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableMailboxIntelligenceProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableOrganizationDomainsProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSimilarDomainsSafetyTips", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSimilarUsersSafetyTips", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSpoofIntelligence", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableTargetedDomainsProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableTargetedUserProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableUnauthenticatedSender", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableUnusualCharactersSafetyTips", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableViaTag", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MakeDefault", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludedDomains", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludedSenders", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HonorDmarcPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ImpersonationProtectionState", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MailboxIntelligenceProtectionAction", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MailboxIntelligenceProtectionActionRecipients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MailboxIntelligenceQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SpoofQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TargetedDomainActionRecipients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetedDomainProtectionAction", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TargetedDomainsToProtect", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetedDomainQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TargetedUserActionRecipients", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TargetedUsersToProtect", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetedUserQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAntiPhishRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AntiPhishPolicy", + "Option": "Required" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOApplicationAccessPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AccessRight", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AppID", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PolicyScopeGroupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAtpPolicyForO365", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSafeDocsOpen", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableATPForSPOTeamsODB", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSafeDocs", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAuthenticationPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthActiveSync", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthAutodiscover", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthImap", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthMapi", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthOfflineAddressBook", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthOutlookService", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthPop", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthPowershell", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthReportingWebServices", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthRpc", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthSmtp", + "Option": "write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBasicAuthWebServices", + "Option": "write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAuthenticationPolicyAssignment", + "Parameters": [ + { + "CIMType": "String", + "Name": "UserName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AuthenticationPolicyName", + "Option": "write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAvailabilityAddressSpace", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AccessMethod", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Credentials", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ForestName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetAutodiscoverEpr", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetServiceEpr", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetTenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOAvailabilityConfig", + "Parameters": [ + { + "CIMType": "String", + "Name": "OrgWideAccount", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOCalendarProcessing", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AddAdditionalResponse", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdditionalResponse", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AddNewRequestsTentatively", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AddOrganizerToSubject", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllBookInPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowConflicts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowRecurringMeetings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllRequestInPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllRequestOutOfPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutomateProcessing", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BookingType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "BookingWindowInDays", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BookInPolicy", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ConflictPercentageAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeleteAttachments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeleteComments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeleteNonCalendarItems", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeleteSubject", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableAutoRelease", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableResponseDetails", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnforceCapacity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnforceSchedulingHorizon", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ForwardRequestsToDelegates", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumConflictInstances", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumDurationInMinutes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumDurationInMinutes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OrganizerInfo", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PostReservationMaxClaimTimeInMinutes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ProcessExternalMeetingMessages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemoveCanceledMeetings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemoveForwardedMeetingNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemoveOldMeetingMessages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemovePrivateProperty", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RequestInPolicy", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RequestOutOfPolicy", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ResourceDelegates", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScheduleOnlyDuringWorkHours", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TentativePendingApproval", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOCASMailboxPlan", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveSyncEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ImapEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OwaMailboxPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PopEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOCASMailboxSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "ActiveSyncAllowedDeviceIDs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ActiveSyncBlockedDeviceIDs", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveSyncDebugLogging", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveSyncEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActiveSyncMailboxPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveSyncSuppressReadReceipt", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsAllowEntourage", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EwsAllowList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsAllowMacOutlook", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsAllowOutlook", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EwsApplicationAccessPolicy", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EwsBlockList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ImapEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ImapMessagesRetrievalMimeFormat", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ImapForceICalForCalendarRetrievalOption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ImapSuppressReadReceipt", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ImapUseProtocolDefaults", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MacOutlookEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MAPIEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OneWinNativeOutlookEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutlookMobileEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OWAEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OWAforDevicesEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OwaMailboxPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PopEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PopForceICalForCalendarRetrievalOption", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PopMessagesRetrievalMimeFormat", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PopSuppressReadReceipt", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PopUseProtocolDefaults", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PublicFolderClientAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ShowGalAsDefaultView", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmtpClientAuthenticationDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UniversalOutlookEnabled", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOClientAccessRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Action", + "Option": "Required" + }, + { + "CIMType": "String[]", + "Name": "AnyOfAuthenticationTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfClientIPAddressesOrRanges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfProtocols", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptAnyOfAuthenticationTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptAnyOfClientIPAddressesOrRanges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptAnyOfProtocols", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptUsernameMatchesAnyOfPatterns", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RuleScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserRecipientFilter", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "UsernameMatchesAnyOfPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXODataClassification", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Fingerprints", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Locale", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXODataEncryptionPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "AzureKeyIDs", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PermanentDataPurgeContact", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PermanentDataPurgeReason", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXODistributionGroup", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Alias", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BccBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BypassNestedModerationEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HiddenGroupMembershipEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ManagedBy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MemberDepartRestriction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MemberJoinRestriction", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Members", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ModeratedBy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ModerationEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Notes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OrganizationalUnit", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrimarySmtpAddress", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireSenderAuthenticationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RoomList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AcceptMessagesOnlyFrom", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AcceptMessagesOnlyFromDLMembers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AcceptMessagesOnlyFromSendersOrMembers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute1", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute2", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute3", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute4", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute5", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute6", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute7", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute8", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute9", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute10", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute11", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute12", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute13", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute14", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute15", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EmailAddresses", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "GrantSendOnBehalfTo", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HiddenFromAddressListsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SendOofMessageToOriginatorEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SendModerationNotifications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Type", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXODkimSigningConfig", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BodyCanonicalization", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HeaderCanonicalization", + "Option": "Write" + }, + { + "CIMType": "Uint16", + "Name": "KeySize", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOEmailAddressPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnabledEmailAddressTemplates", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnabledPrimarySMTPAddressTemplate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ManagedByFilter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOGlobalAddressList", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCompany", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute1", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute10", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute11", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute12", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute13", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute14", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute15", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute2", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute3", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute4", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute5", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute6", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute7", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute8", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalCustomAttribute9", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalDepartment", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConditionalStateOrProvince", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncludedRecipients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientFilter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOGroupSettings", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "AcceptMessagesOnlyFromSendersOrMembers", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "AccessType", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AlwaysSubscribeMembersToCalendarEvents", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "AuditLogAgeLimit", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AutoSubscribeNewMembers", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "CalendarMemberReadOnly", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Classification", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ConnectorsEnabled", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute1", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute2", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute3", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute4", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute5", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute6", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute7", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute8", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute9", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute10", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute11", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute12", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute13", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute14", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "CustomAttribute15", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DataEncryptionPolicy", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "EmailAddresses", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ExtensionCustomAttribute1", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ExtensionCustomAttribute2", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ExtensionCustomAttribute3", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ExtensionCustomAttribute4", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ExtensionCustomAttribute5", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "GrantSendOnBehalfTo", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "HiddenFromAddressListsEnabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "HiddenFromExchangeClientsEnabled", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "InformationBarrierMode", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "IsMemberAllowedToEditContent", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Language", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MailboxRegion", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MailTip", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MailTipTranslations", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MaxReceiveSize", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MaxSendSize", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "ModeratedBy", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ModerationEnabled", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Notes", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "PrimarySmtpAddress", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "RejectMessagesFromSendersOrMembers", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "RequireSenderAuthenticationEnabled", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SensitivityLabelId", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "SubscriptionEnabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "UnifiedGroupWelcomeMessageEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOHostedConnectionFilterPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSafeList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IPAllowList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IPBlockList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MakeDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOHostedContentFilterPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AddXHeaderValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedSenderDomains", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedSenders", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlockedSenderDomains", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlockedSenders", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BulkQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BulkSpamAction", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "BulkThreshold", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DownloadLink", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableEndUserSpamNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableLanguageBlockList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableRegionBlockList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EndUserSpamNotificationCustomSubject", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EndUserSpamNotificationFrequency", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EndUserSpamNotificationLanguage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HighConfidencePhishAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HighConfidencePhishQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HighConfidenceSpamAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HighConfidenceSpamQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IncreaseScoreWithBizOrInfoUrls", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IncreaseScoreWithImageLinks", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IncreaseScoreWithNumericIps", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IncreaseScoreWithRedirectToOtherPort", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InlineSafetyTipsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IntraOrgFilterState", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "LanguageBlockList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MakeDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamBulkMail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamEmbedTagsInHtml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamEmptyMessages", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamFormTagsInHtml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamFramesInHtml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamFromAddressAuthFail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamJavaScriptInHtml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamNdrBackscatter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamObjectTagsInHtml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamSensitiveWordList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamSpfRecordHardFail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MarkAsSpamWebBugsInHtml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ModifySubjectValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PhishSpamAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PhishQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SpamQuarantineTag", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "QuarantineRetentionPeriod", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RedirectToRecipients", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RegionBlockList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SpamAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TestModeAction", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TestModeBccToRecipients", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PhishZapEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SpamZapEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOHostedContentFilterRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "HostedContentFilterPolicy", + "Option": "Required" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOHostedOutboundSpamFilterPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BccSuspiciousOutboundAdditionalRecipients", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BccSuspiciousOutboundMail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NotifyOutboundSpam", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "NotifyOutboundSpamRecipients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientLimitInternalPerHour", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientLimitPerDay", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientLimitExternalPerHour", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActionWhenThresholdReached", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutoForwardingMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOHostedOutboundSpamFilterRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "HostedOutboundSpamFilterPolicy", + "Option": "Required" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFrom", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "From", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FromMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOInboundConnector", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "AssociatedAcceptedDomains", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CloudServicesMailEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConnectorSource", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConnectorType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EFSkipIPs", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EFSkipLastIP", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EFUsers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireTls", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RestrictDomainsToCertificate", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RestrictDomainsToIPAddresses", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderDomains", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderIPAddresses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TlsSenderCertificateName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TreatMessagesAsInternal", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOIntraOrganizationConnector", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DiscoveryEndpoint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TargetAddressDomains", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetSharingEpr", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOIRMConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AutomaticServiceUpdateEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AzureRMSLicensingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DecryptAttachmentForEncryptOnly", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EDiscoverySuperUserEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnablePdfEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InternalLicensingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "JournalReportDecryptionEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "LicensingLocation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RejectIfRecipientHasNoRights", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RMSOnlineKeySharingLocation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SimplifiedClientAccessDoNotForwardDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SimplifiedClientAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SimplifiedClientAccessEncryptOnlyDisabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TransportDecryptionSetting", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOJournalRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "JournalEmailAddress", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Recipient", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RuleScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMailboxAutoReplyConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Owner", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoDeclineFutureRequestsWhenOOF", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutoReplyState", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CreateOOFEvent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeclineAllEventsForScheduledOOF", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeclineEventsForScheduledOOF", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeclineMeetingMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EndTime", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EventsToDeleteIDs", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalAudience", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InternalMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OOFEventSubject", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMailboxCalendarFolder", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DetailLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PublishDateRangeFrom", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PublishDateRangeTo", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PublishEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchableUrlEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SharedCalendarSyncStartDate", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMailboxPermission", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "AccessRights", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "User", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "InheritanceType", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Owner", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Deny", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMailboxPlan", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IssueWarningQuota", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxReceiveSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxSendSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProhibitSendQuota", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProhibitSendReceiveQuota", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetainDeletedItemsFor", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetentionPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoleAssignmentPolicy", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMailboxSettings", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "TimeZone", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Locale", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMailContact", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ExternalEmailAddress", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Alias", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FirstName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Initials", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LastName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MacAttachmentFormat", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MessageBodyFormat", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MessageFormat", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ModeratedBy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ModerationEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OrganizationalUnit", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SendModerationNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UsePreferMessageFormat", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute1", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute2", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute3", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute4", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute5", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute6", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute7", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute8", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute9", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute10", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute11", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute12", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute13", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute14", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomAttribute15", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExtensionCustomAttribute1", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExtensionCustomAttribute2", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExtensionCustomAttribute3", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExtensionCustomAttribute4", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExtensionCustomAttribute5", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMailTips", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsAllTipsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsGroupMetricsEnabled", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MailTipsLargeAudienceThreshold", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsMailboxSourcedTipsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsExternalRecipientsTipsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMalwareFilterPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomExternalBody", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomExternalSubject", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomFromAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomFromName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomInternalBody", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomInternalSubject", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CustomNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableExternalSenderAdminNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableFileFilter", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableInternalSenderAdminNotifications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalSenderAdminAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FileTypeAction", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FileTypes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InternalSenderAdminAddress", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MakeDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QuarantineTag", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ZapEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMalwareFilterRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MalwareFilterPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOManagementRole", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Parent", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOManagementRoleAssignment", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Role", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "App", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Policy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecurityGroup", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "User", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomRecipientWriteScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomResourceScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExclusiveRecipientWriteScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientAdministrativeUnitScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientOrganizationalUnitScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientRelativeWriteScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMessageClassification", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ClassificationID", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayPrecedence", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PermissionMenuVisible", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientDescription", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RetainClassificationEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SenderDescription", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOMobileDeviceMailboxPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowApplePushNotifications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowBluetooth", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBrowser", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCamera", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowConsumerEmail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowDesktopSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowExternalDeviceManagement", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowGooglePushNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowHTMLEmail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowInternetSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowIrDA", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMobileOTAUpdate", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMicrosoftPushNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowNonProvisionableDevices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPOPIMAPEmail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowRemoteDesktop", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSimplePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowSMIMEEncryptionAlgorithmNegotiation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSMIMESoftCerts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowStorageCard", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowTextMessaging", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUnsignedApplications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUnsignedInstallationPackages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowWiFi", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AlphanumericPasswordRequired", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ApprovedApplicationList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AttachmentsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceEncryptionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DevicePolicyRefreshInterval", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IrmEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxAttachmentSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxCalendarAgeFilter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxEmailAgeFilter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxEmailBodyTruncationSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxEmailHTMLBodyTruncationSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxInactivityTimeLock", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxPasswordFailedAttempts", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinPasswordComplexCharacters", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinPasswordLength", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordExpiration", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordHistory", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRecoveryEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireDeviceEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireEncryptedSMIMEMessages", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RequireEncryptionSMIMEAlgorithm", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireManualSyncWhenRoaming", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RequireSignedSMIMEAlgorithm", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireSignedSMIMEMessages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireStorageCardEncryption", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "UnapprovedInROMApplicationList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UNCAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WSSAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOOfflineAddressBook", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "AddressLists", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConfiguredAttributes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DiffRetentionPeriod", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOOMEConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "BackgroundColor", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisclaimerText", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EmailText", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ExternalMailExpiryInDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IntroductionText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OTPEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PortalText", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrivacyStatementUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ReadButtonText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SocialIdSignIn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOOnPremisesOrganization", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "HybridDomains", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InboundConnector", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OutboundConnector", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OrganizationName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OrganizationGuid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OrganizationRelationship", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOOrganizationConfig", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "ActivityBasedAuthenticationTimeoutEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActivityBasedAuthenticationTimeoutInterval", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActivityBasedAuthenticationTimeoutWithSingleSignOnEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsForOfficeEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AsyncSendEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AuditDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutodiscoverPartialDirSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoExpandingArchive", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockMoveMessagesForGroupFolders", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsAddressEntryRestricted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsAuthEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsBlockedWordsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsCreationOfCustomQuestionsRestricted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsExposureOfStaffDetailsRestricted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsMembershipApprovalRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsNamingPolicyEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BookingsNamingPolicyPrefix", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsNamingPolicyPrefixEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BookingsNamingPolicySuffix", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsNamingPolicySuffixEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsNotesEntryRestricted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsPaymentsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsPhoneNumberEntryRestricted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsSearchEngineIndexDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsSmsMicrosoftEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsSocialSharingRestricted", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ByteEncoderTypeFor7BitCharsets", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ComplianceMLBgdCrawlEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectorsActionableMessagesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectorsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectorsEnabledForOutlook", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectorsEnabledForSharepoint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectorsEnabledForTeams", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectorsEnabledForYammer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CustomerLockboxEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultAuthenticationPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultGroupAccessType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefaultMinutesToReduceLongEventsBy", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefaultMinutesToReduceShortEventsBy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultPublicFolderAgeLimit", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultPublicFolderDeletedItemRetention", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultPublicFolderIssueWarningQuota", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultPublicFolderMaxItemSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultPublicFolderMovedItemRetention", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultPublicFolderProhibitPostQuota", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DirectReportsGroupAutoCreationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisablePlusAddressInRecipients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DistributionGroupDefaultOU", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DistributionGroupNameBlockedWordsList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DistributionGroupNamingPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ElcProcessingDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableOutlookEvents", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EndUserDLUpgradeFlowsDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsAllowEntourage", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EwsAllowList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsAllowMacOutlook", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsAllowOutlook", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EwsApplicationAccessPolicy", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EwsBlockList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EwsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExchangeNotificationEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeNotificationRecipients", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FindTimeAttendeeAuthenticationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FindTimeAutoScheduleDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FindTimeLockPollForAttendeesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FindTimeOnlineMeetingOptionDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FocusedInboxOn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HierarchicalAddressBookRoot", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IPListBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsGroupFoldersAndRulesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsGroupMemberAllowedToEditContent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LeanPopoutEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LinkPreviewEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsAllTipsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsExternalRecipientsTipsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsGroupMetricsEnabled", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MailTipsLargeAudienceThreshold", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsMailboxSourcedTipsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MaskClientIpInReceivedHeadersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MatchSenderOrganizerProperties", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessageHighlightsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessageRecallEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessageRemindersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MobileAppEducationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OAuth2ClientProfileEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OnlineMeetingsByDefaultEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutlookGifPickerDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutlookMobileGCCRestrictionsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutlookPayEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutlookTextPredictionDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PublicComputersDetectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PublicFoldersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PublicFolderShowClientControl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ReadTrackingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RecallReadMessagesEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemotePublicFolderMailboxes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SendFromAliasEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SharedDomainEmailAddressFlowEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ShortenEventScopeDefault", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SiteMailboxCreationURL", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmtpActionableMessagesEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VisibleMeetingUpdateProperties", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WebPushNotificationsDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WebSuggestedRepliesDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkspaceTenantEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOOrganizationRelationship", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "ArchiveAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeliveryReportEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DomainNames", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FreeBusyAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FreeBusyAccessLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FreeBusyAccessScope", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailboxMoveEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MailboxMoveCapability", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MailboxMovePublishedScopes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MailTipsAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MailTipsAccessLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MailTipsAccessScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OauthApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OrganizationContact", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PhotosEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetApplicationUri", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetAutodiscoverEpr", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetOwaURL", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetSharingEpr", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOOutboundConnector", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseMXRecord", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConnectorSource", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConnectorType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomains", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SmartHosts", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TlsDomain", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TlsSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsTransportRuleScoped", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RouteAllMessagesViaOnPremises", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CloudServicesMailEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllAcceptedDomains", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SenderRewritingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TestMode", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ValidationRecipients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOOwaMailboxPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ActionForUnknownFileAndMIMETypes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveSyncIntegrationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AdditionalAccountsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AdditionalStorageProvidersAvailable", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllAddressListsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCopyContactsToDeviceAddressBook", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedFileTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedMimeTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlockedFileTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlockedMimeTypes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BookingsMailboxCreationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ChangeSettingsAccountEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassicAttachmentsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConditionalAccessPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultTheme", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DirectFileAccessOnPrivateComputersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DirectFileAccessOnPublicComputersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableFacebook", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisplayPhotosEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExplicitLogonEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExternalImageProxyEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalSPMySiteHostURL", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FeedbackEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ForceSaveAttachmentFilteringEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ForceSaveFileTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ForceSaveMimeTypes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ForceWacViewingFirstOnPrivateComputers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ForceWacViewingFirstOnPublicComputers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FreCardsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GlobalAddressListEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GroupCreationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InstantMessagingEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InstantMessagingType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InterestingCalendarsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InternalSPMySiteHostURL", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IRMEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ItemsToOtherAccountsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsDefault", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "JournalEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalEventsEnabled", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "LogonAndErrorLanguage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessagePreviewsDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NotesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NpsSurveysEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OneWinNativeOutlookEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OrganizationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OnSendAddinsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OutboundCharset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutlookBetaToggleEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OWALightEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersonalAccountsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersonalAccountCalendarsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PhoneticSupportEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PlacesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PremiumClientEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrintWithoutDownloadEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ProjectMocaEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PublicFoldersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RecoverDeletedItemsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ReferenceAttachmentsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemindersAndNotificationsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ReportJunkEmailEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RulesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SatisfactionEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SaveAttachmentsToCloudEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchFoldersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SetPhotoEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetPhotoURL", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ShowOnlineArchiveEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SignaturesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SkipCreateUnifiedGroupCustomSharepointClassification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TeamSnapCalendarsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TextMessagingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ThemeSelectionEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UMIntegrationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseGB18030", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseISO885915", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UserVoiceEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WacEditingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WacExternalServicesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WacOMEXEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WacViewingOnPrivateComputersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WacViewingOnPublicComputersEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WeatherEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WebPartsFrameOptionsType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOPartnerApplication", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ApplicationIdentifier", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AcceptSecurityIdentifierInformation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AccountType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LinkedAccount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOPerimeterConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "GatewayIPAddresses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOPlace", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AudioDeviceName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Building", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Capacity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "City", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CountryOrRegion", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Desks", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayDeviceName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Floor", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FloorLabel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GeoCoordinates", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsWheelChairAccessible", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Label", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MTREnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ParentId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ParentType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Phone", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PostalCode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Street", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Tags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VideoDeviceName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOPolicyTipConfig", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOQuarantinePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "UInt32", + "Name": "EndUserQuarantinePermissionsValue", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ESNEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MultiLanguageCustomDisclaimer", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MultiLanguageSenderName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MultiLanguageSetting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OrganizationBrandingEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EndUserSpamNotificationFrequency", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QuarantinePolicyType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EndUserSpamNotificationFrequencyInDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomDisclaimer", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EndUserSpamNotificationCustomFromAddress", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EsnCustomSubject", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXORecipientPermission", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Trustee", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "AccessRights", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXORemoteDomain", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "DomainName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedOOFType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoForwardEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoReplyEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ByteEncoderTypeFor7BitCharsets", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CharacterSet", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContentType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeliveryReportEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisplaySenderName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsInternal", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "LineWrapSize", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MeetingForwardNotificationEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NDREnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NonMimeCharacterSet", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreferredInternetCodePageForShiftJis", + "Option": "Write" + }, + { + "CIMType": "sint32", + "Name": "RequiredCharsetCoverage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TargetDeliveryDomain", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TNEFEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TrustedMailInboundEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TrustedMailOutboundEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseSimpleDisplayName", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOReportSubmissionPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "DisableQuarantineReportingOption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableCustomNotificationSender", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableOrganizationBranding", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableReportToMicrosoft", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableThirdPartyAddress", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableUserEmailNotification", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "JunkReviewResultMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotJunkReviewResultMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotificationFooterMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotificationSenderAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PhishingReviewResultMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PostSubmitMessage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PostSubmitMessageEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PostSubmitMessageTitle", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreSubmitMessage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PreSubmitMessageEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreSubmitMessageTitle", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ReportJunkAddresses", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ReportJunkToCustomizedAddress", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ReportNotJunkAddresses", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ReportNotJunkToCustomizedAddress", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ReportPhishAddresses", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ReportPhishToCustomizedAddress", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ThirdPartyReportAddresses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOReportSubmissionRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOResourceConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "ResourcePropertySchema", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXORoleAssignmentPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsDefault", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Roles", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXORoleGroup", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Members", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Roles", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOSafeAttachmentPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Action", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActionOnError", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enable", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QuarantineTag", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Redirect", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RedirectAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOSafeAttachmentRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "SafeAttachmentPolicy", + "Option": "Required" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOSafeLinksPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdminDisplayName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowClickThrough", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomNotificationText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeliverMessageAfterScan", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DoNotRewriteUrls", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableForInternalSenders", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableOrganizationBranding", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSafeLinksForOffice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSafeLinksForTeams", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSafeLinksForEmail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableUrlRewrite", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScanUrls", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TrackClicks", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseTranslatedNotificationText", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOSafeLinksRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SafeLinksPolicy", + "Option": "Required" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOSharedMailbox", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "PrimarySMTPAddress", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Alias", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "EmailAddresses", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOSharingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "Default", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Domains", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOTransportConfig", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AddressBookPolicyRoutingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowLegacyTLSClients", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClearCategories", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConvertDisclaimerWrapperToEml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DSNConversionMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExternalDelayDsnEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalDsnDefaultLanguage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExternalDsnLanguageDetectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalDsnReportingAuthority", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExternalDsnSendHtml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalPostmasterAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HeaderPromotionModeSetting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InternalDelayDsnEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InternalDsnDefaultLanguage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InternalDsnLanguageDetectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InternalDsnReportingAuthority", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InternalDsnSendHtml", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "JournalMessageExpirationDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "JournalingReportNdrTo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaxRecipientEnvelopeLimit", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ReplyAllStormBlockDurationHours", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ReplyAllStormDetectionMinimumRecipients", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ReplyAllStormDetectionMinimumReplies", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ReplyAllStormProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Rfc2231EncodingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmtpClientAuthenticationDisabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_EXOTransportRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ADComparisonAttribute", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ADComparisonOperator", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActivationDate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AddManagerAsRecipientType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddToRecipients", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfCcHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfCcHeaderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfRecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfRecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfToCcHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfToCcHeaderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfToHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfToHeaderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyClassification", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyHtmlDisclaimerFallbackAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyHtmlDisclaimerLocation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyHtmlDisclaimerText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplyOME", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyRightsProtectionCustomizationTemplate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyRightsProtectionTemplate", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttachmentContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttachmentExtensionMatchesWords", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AttachmentHasExecutableContent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AttachmentIsPasswordProtected", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AttachmentIsUnsupported", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttachmentMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttachmentNameMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AttachmentProcessingLimitExceeded", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttachmentPropertyContainsWords", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AttachmentSizeOver", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BetweenMemberOf1", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BetweenMemberOf2", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlindCopyTo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ContentCharacterSetContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "CopyTo", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeleteMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DlpPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfADComparisonAttribute", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfADComparisonOperator", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfCcHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfCcHeaderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfRecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfRecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfToCcHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfToCcHeaderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfToHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfToHeaderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAttachmentContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAttachmentExtensionMatchesWords", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfAttachmentHasExecutableContent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfAttachmentIsPasswordProtected", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfAttachmentIsUnsupported", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAttachmentMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAttachmentNameMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAttachmentPropertyContainsWords", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfAttachmentProcessingLimitExceeded", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfAttachmentSizeOver", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfBetweenMemberOf1", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfBetweenMemberOf2", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfContentCharacterSetContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFrom", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfFromScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfHasClassification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfHasNoClassification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfHasSenderOverride", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfHeaderContainsMessageHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfHeaderContainsWords", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfHeaderMatchesMessageHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfHeaderMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfManagerAddresses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfManagerForEvaluatedUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfMessageTypeMatches", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfMessageContainsDataClassifications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfMessageSizeOver", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientADAttributeContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientADAttributeMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientInSenderList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfSCLOver", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderADAttributeContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderADAttributeMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderInRecipientList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderIpRanges", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfSenderManagementRelationship", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfSentToScope", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectOrBodyContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectOrBodyMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfWithImportance", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExpiryDate", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "From", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FromAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FromAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FromMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FromScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GenerateIncidentReport", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GenerateNotification", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HasClassification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HasNoClassification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HasSenderOverride", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HeaderContainsMessageHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "HeaderContainsWords", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HeaderMatchesMessageHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "HeaderMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncidentReportContent", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ManagerAddresses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ManagerForEvaluatedUser", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MessageContainsDataClassifications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MessageSizeOver", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MessageTypeMatches", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Mode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ModerateMessageByManager", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ModerateMessageByUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotifySender", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrependSubject", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Quarantine", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientADAttributeContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientADAttributeMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecipientAddressType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientInSenderList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RedirectMessageTo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RejectMessageEnhancedStatusCode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RejectMessageReasonText", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RemoveHeader", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemoveOME", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemoveOMEv2", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemoveRMSAttachmentEncryption", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RouteMessageOutboundConnector", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RouteMessageOutboundRequireTls", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RuleErrorAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RuleSubType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SCLOver", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderADAttributeContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderADAttributeMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SenderAddressLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderDomainIs", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SenderInRecipientList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderIpRanges", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SenderManagementRelationship", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SentToScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetAuditSeverity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetHeaderName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetHeaderValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetSCL", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StopRuleProcessing", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectOrBodyContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectOrBodyMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WithImportance", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments", + "Parameters": [ + { + "CIMType": "String", + "Name": "dataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "collectionId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "BackupDirectory", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordAgeDays_AAD", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordAgeDays", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordExpirationProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "AdEncryptedPasswordHistorySize", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AdPasswordEncryptionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdPasswordEncryptionPrincipal", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdministratorAccountName", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordComplexity", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PostAuthenticationActions", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PostAuthenticationResetDelay", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicyAssignments", + "Parameters": [ + { + "CIMType": "String", + "Name": "dataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "collectionId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAccountProtectionLocalUserGroupCollection", + "Parameters": [ + { + "CIMType": "String", + "Name": "Action", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "LocalGroups", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Members", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserSelectionType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneAccountProtectionLocalUserGroupCollection[]", + "Name": "LocalUserGroupCollection", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAccountProtectionPolicyAssignments", + "Parameters": [ + { + "CIMType": "String", + "Name": "dataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "collectionId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAccountProtectionPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneAccountProtectionPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WindowsHelloForBusinessBlocked", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinMaximumLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinLowercaseCharactersUsage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinUppercaseCharactersUsage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinSpecialCharactersUsage", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinExpirationInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinPreviousBlockCount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PinRecoveryEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityDeviceRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UnlockWithBiometricsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnhancedAntiSpoofingForFacialFeaturesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseCertificatesForOnPremisesAuthEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseSecurityKeyForSignin", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceGuardLocalSystemAuthorityCredentialGuardSettings", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_DeviceManagementConfigurationPolicyAssignments", + "Parameters": [ + { + "CIMType": "String", + "Name": "dataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "collectionId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAntivirusPolicyWindows10SettingCatalog", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tamperprotection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disableaccountprotectionui", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disableappbrowserui", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablecleartpmbutton", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disabledevicesecurityui", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablefamilyui", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablehealthui", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablenetworkui", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disableenhancednotifications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disabletpmfirmwareupdatewarning", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablevirusui", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "hideransomwaredatarecovery", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "hidewindowssecuritynotificationareacontrol", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "enablecustomizedtoasts", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "enableinappcustomization", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "companyname", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "email", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "phone", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "url", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowarchivescanning", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowbehaviormonitoring", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowcloudprotection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowemailscanning", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowfullscanonmappednetworkdrives", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowfullscanremovabledrivescanning", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowintrusionpreventionsystem", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowioavprotection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowrealtimemonitoring", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowscanningnetworkfiles", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowscriptscanning", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowuseruiaccess", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "avgcpuloadfactor", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "checkforsignaturesbeforerunningscan", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "cloudblocklevel", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "cloudextendedtimeout", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "daystoretaincleanedmalware", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablecatchupfullscan", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablecatchupquickscan", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "enablelowcpupriority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "enablenetworkprotection", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "excludedextensions", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "excludedpaths", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "excludedprocesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "puaprotection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "engineupdateschannel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "platformupdateschannel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "securityintelligenceupdateschannel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "realtimescandirection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "scanparameter", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "schedulequickscantime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "schedulescanday", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "schedulescantime", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "signatureupdatefallbackorder", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "signatureupdatefilesharessources", + "Option": "Write" + }, + { + "CIMType": "sInt32", + "Name": "signatureupdateinterval", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "submitsamplesconsent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disablelocaladminmerge", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "allowonaccessprotection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "lowseveritythreats", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "moderateseveritythreats", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "severethreats", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "highseveritythreats", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "templateId", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAppConfigurationPolicyCustomSetting", + "Parameters": [ + { + "CIMType": "String", + "Name": "name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "value", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAppConfigurationPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneAppConfigurationPolicyCustomSetting[]", + "Name": "CustomSettings", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneApplicationControlPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppLockerApplicationControl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmartScreenBlockOverrideForFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmartScreenEnableInshell", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAppProtectionPolicyAndroid", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodOfflineBeforeAccessCheck", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodOnlineBeforeAccessCheck", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedInboundDataTransferSources", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedOutboundDataTransferDestinations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OrganizationalCredentialsRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedOutboundClipboardSharingLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DataBackupBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceComplianceRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedBrowserToOpenLinksRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SaveAsBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodOfflineBeforeWipeIsEnforced", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PinRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableAppPinIfDevicePinIsSet", + "Option": "write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumPinRetries", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SimplePinBlocked", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumPinLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinCharacterSet", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedDataStorageLocations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ContactSyncBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodBeforePinReset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrintBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireClass3Biometrics", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequirePinAfterBiometricChange", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FingerprintBlocked", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Apps", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludedGroups", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ManagedBrowser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumRequiredAppVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumRequiredOSVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumRequiredPatchVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWarningAppVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWarningOSVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWarningPatchVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppGroupType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsAssigned", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EncryptAppData", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableAppEncryptionIfDeviceEncryptionIsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomBrowserDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomBrowserPackageId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAppProtectionPolicyiOS", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodOfflineBeforeAccessCheck", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodOnlineBeforeAccessCheck", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedInboundDataTransferSources", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedOutboundDataTransferDestinations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OrganizationalCredentialsRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedOutboundClipboardSharingLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DataBackupBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceComplianceRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedBrowserToOpenLinksRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SaveAsBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodOfflineBeforeWipeIsEnforced", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PinRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableAppPinIfDevicePinIsSet", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumPinRetries", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SimplePinBlocked", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumPinLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinCharacterSet", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedDataStorageLocations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ContactSyncBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PeriodBeforePinReset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrintBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FingerprintBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FaceIdBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ManagedBrowser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumRequiredAppVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWarningAppVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumRequiredOSVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWarningOSVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumRequiredSdkVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWipeOSVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWipeAppVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppActionIfDeviceComplianceRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppActionIfMaximumPinRetriesExceeded", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinRequiredInsteadOfBiometricTimeout", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "AllowedOutboundClipboardSharingExceptionLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotificationRestriction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetedAppManagementLevels", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppDataEncryptionType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExemptedAppProtocols", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinimumWipeSdkVersion", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedIosDeviceModels", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppActionIfIosDeviceModelNotAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FilterOpenInToOnlyManagedApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableProtectionOfManagedOutboundOpenInData", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ProtectInboundDataFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomBrowserProtocol", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Apps", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludedGroups", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneASRRulesPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProcessCreationType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedRansomewareProtectionType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockPersistenceThroughWmiType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ScriptObfuscatedMacroCodeType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OfficeMacroCodeAllowWin32ImportsType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OfficeAppsLaunchChildProcessType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GuardMyFoldersType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UntrustedUSBProcessType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttackSurfaceReductionExcludedPaths", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UntrustedExecutableType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OfficeCommunicationAppsLaunchChildProcess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EmailContentExecutionType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ScriptDownloadedPayloadExecutionType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AdditionalGuardedFolders", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdobeReaderLaunchChildProcess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OfficeAppsExecutableContentCreationOrLaunchType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreventCredentialStealingType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OfficeAppsOtherProcessInjectionType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "GuardedFoldersAllowedAppPaths", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneAttackSurfaceReductionRulesPolicyWindows10ConfigManager", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttackSurfaceReductionOnlyExclusions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockAbuseOfExploitedVulnerableSignedDrivers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockAdobeReaderFromCreatingChildProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockAllOfficeApplicationsFromCreatingChildProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockExecutableContentFromEmailClientAndWebmail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockExecutionOfPotentiallyObfuscatedScripts", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockOfficeApplicationsFromCreatingExecutableContent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockOfficeCommunicationAppFromCreatingChildProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockPersistenceThroughWMIEventSubscription", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockProcessCreationsFromPSExecAndWMICommands", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockUntrustedUnsignedProcessesThatRunFromUSB", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockWin32APICallsFromOfficeMacros", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UseAdvancedProtectionAgainstRansomware", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ControlledFolderAccessProtectedFolders", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ControlledFolderAccessAllowedApplications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnableControlledFolderAccess", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceAndAppManagementAssignmentFilter", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Rule", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCategory", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCleanupRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Key" + }, + { + "CIMType": "UInt32", + "Name": "DeviceInactivityBeforeRetirementInDays", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCompliancePolicyAndroid", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequired", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RequiredPasswordComplexity", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityPreventInstallAppsFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityDisableUsbDebugging", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireVerifyApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceThreatProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityBlockJailbrokenDevices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityBlockDeviceAdministratorManagedDevices", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinAndroidSecurityPatchLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireSafetyNetAttestationBasicIntegrity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireSafetyNetAttestationCertifiedDevice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireGooglePlayServices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireUpToDateSecurityProviders", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireCompanyPortalAppIntegrity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConditionStatementId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RestrictedApps", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoleScopeTagIds", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCompliancePolicyAndroidDeviceOwner", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceThreatProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireSafetyNetAttestationBasicIntegrity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireSafetyNetAttestationCertifiedDevice", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "osMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "osMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "passwordRequired", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "passwordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordPreviousPasswordCountToBlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireIntuneAppIntegrity", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RoleScopeTagIds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCompliancePolicyAndroidWorkProfile", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequired", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityPreventInstallAppsFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityDisableUsbDebugging", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireVerifyApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceThreatProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityBlockJailbrokenDevices", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinAndroidSecurityPatchLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireSafetyNetAttestationBasicIntegrity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireSafetyNetAttestationCertifiedDevice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireGooglePlayServices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireUpToDateSecurityProviders", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireCompanyPortalAppIntegrity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecurityRequiredAndroidSafetyNetEvaluationType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoleScopeTagIds", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_appListItem", + "Parameters": [ + { + "CIMType": "String", + "Name": "name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "publisher", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "appStoreUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "appId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCompliancePolicyiOs", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasscodeBlockSimple", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasscodeExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasscodeMinimumLength", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasscodeMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasscodeMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasscodePreviousPasscodeBlockCount", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasscodeMinimumCharacterSetCount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasscodeRequiredType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasscodeRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumBuildVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumBuildVersion", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityBlockJailbrokenDevices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceThreatProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedEmailProfileRequired", + "Option": "Write" + }, + { + "CIMType": "MSFT_appListItem[]", + "Name": "RestrictedApps", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCompliancePolicyMacOS", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockSimple", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinimumCharacterSetCount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumBuildVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumBuildVersion", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SystemIntegrityProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceThreatProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireEncryption", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GatekeeperAllowedAppSource", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallBlockAllIncoming", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallEnableStealthMode", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceCompliancePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockSimple", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequiredToUnlockFromIdle", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinimumCharacterSetCount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireHealthyDeviceReport", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MobileOsMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MobileOsMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EarlyLaunchAntiMalwareDriverEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BitLockerEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecureBootEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CodeIntegrityEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActiveFirewallRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderVersion", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SignatureOutOfDate", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RTPEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AntivirusRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AntiSpywareRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceThreatProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceThreatProtectionRequiredSecurityLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConfigurationManagerComplianceRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TPMRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceCompliancePolicyScript", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ValidOperatingSystemBuildRanges", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneGroupPolicyDefinitionValueDefinition", + "Parameters": [ + { + "CIMType": "String", + "Name": "CategoryPath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ClassType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExplainText", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GroupPolicyCategoryId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HasRelatedDefinitions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinDeviceCspVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MinUserCspVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PolicyType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SupportedOn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneGroupPolicyDefinitionValue", + "Parameters": [ + { + "CIMType": "String", + "Name": "ConfigurationType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneGroupPolicyDefinitionValueDefinition", + "Name": "Definition", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneGroupPolicyDefinitionValuePresentationValue[]", + "Name": "PresentationValues", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneGroupPolicyDefinitionValuePresentationValue", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "BooleanValue", + "Option": "Write" + }, + { + "CIMType": "Uint64", + "Name": "DecimalValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StringValue", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneGroupPolicyDefinitionValuePresentationValueKeyValuePair[]", + "Name": "KeyValuePairValues", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "StringValues", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PresentationDefinitionId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PresentationDefinitionLabel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneGroupPolicyDefinitionValuePresentationValueKeyValuePair", + "Parameters": [ + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "PolicyConfigurationIngestionType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneGroupPolicyDefinitionValue[]", + "Name": "DefinitionValues", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphOmaSetting", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsEncrypted", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OmaUri", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecretReferenceValueId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FileName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsReadOnly", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationCustomPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "MSFT_MicrosoftGraphomaSetting[]", + "Name": "OmaSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AdvancedThreatProtectionAutoPopulateOnboardingBlob", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionOffboardingBlob", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionOffboardingFilename", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionOnboardingBlob", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AdvancedThreatProtectionOnboardingFilename", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSampleSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableExpeditedTelemetryReporting", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeliveryOptimizationBandwidth", + "Parameters": [ + { + "CIMType": "UInt64", + "Name": "MaximumDownloadBandwidthInKilobytesPerSecond", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "MaximumUploadBandwidthInKilobytesPerSecond", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeliveryOptimizationBandwidthBusinessHoursLimit", + "Name": "BandwidthBackgroundPercentageHours", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeliveryOptimizationBandwidthBusinessHoursLimit", + "Name": "BandwidthForegroundPercentageHours", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumBackgroundBandwidthPercentage", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumForegroundBandwidthPercentage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeliveryOptimizationBandwidthBusinessHoursLimit", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "BandwidthBeginBusinessHours", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "BandwidthEndBusinessHours", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "BandwidthPercentageDuringBusinessHours", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "BandwidthPercentageOutsideBusinessHours", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeliveryOptimizationGroupIdSource", + "Parameters": [ + { + "CIMType": "String", + "Name": "GroupIdCustom", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GroupIdSourceOption", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeliveryOptimizationMaxCacheSize", + "Parameters": [ + { + "CIMType": "UInt64", + "Name": "MaximumCacheSizeInGigabytes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumCacheSizePercentage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10", + "Parameters": [ + { + "CIMType": "UInt64", + "Name": "BackgroundDownloadFromHttpDelayInSeconds", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeliveryOptimizationBandwidth", + "Name": "BandwidthMode", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "CacheServerBackgroundDownloadFallbackToHttpDelayInSeconds", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "CacheServerForegroundDownloadFallbackToHttpDelayInSeconds", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "CacheServerHostNames", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeliveryOptimizationMode", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "ForegroundDownloadFromHttpDelayInSeconds", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeliveryOptimizationGroupIdSource", + "Name": "GroupIdSource", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumCacheAgeInDays", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeliveryOptimizationMaxCacheSize", + "Name": "MaximumCacheSize", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumBatteryPercentageAllowedToUpload", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumDiskSizeAllowedToPeerInGigabytes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumFileSizeToCacheInMegabytes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumRamAllowedToPeerInGigabytes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ModifyCacheLocation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RestrictPeerSelectionBy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VpnPeerCaching", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationDomainJoinPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "ActiveDirectoryDomainName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ComputerNameStaticPrefix", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ComputerNameSuffixRandomCharCount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OrganizationalUnit", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationEmailProfilePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "AccountName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DurationOfEmailToSync", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EmailAddressSource", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EmailSyncSchedule", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HostName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireSsl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SyncCalendar", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SyncContacts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SyncTasks", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomDomainName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserDomainNameSource", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UsernameAADSource", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UsernameSource", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphBitLockerFixedDrivePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "EncryptionMethod", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphBitLockerRecoveryOptions", + "Name": "RecoveryOptions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireEncryptionForWriteAccess", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphBitLockerRecoveryOptions", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "BlockDataRecoveryAgent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableBitLockerAfterRecoveryInformationToStore", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableRecoveryInformationSaveToStore", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HideRecoveryOptions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecoveryInformationToStore", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecoveryKeyUsage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RecoveryPasswordUsage", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphBitLockerRemovableDrivePolicy", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "BlockCrossOrganizationWriteAccess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EncryptionMethod", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireEncryptionForWriteAccess", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphBitLockerSystemDrivePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "EncryptionMethod", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MinimumPinLength", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrebootRecoveryEnableMessageAndUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrebootRecoveryMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrebootRecoveryUrl", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphBitLockerRecoveryOptions", + "Name": "RecoveryOptions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartupAuthenticationBlockWithoutTpmChip", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartupAuthenticationRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartupAuthenticationTpmKeyUsage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartupAuthenticationTpmPinAndKeyUsage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartupAuthenticationTpmPinUsage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartupAuthenticationTpmUsage", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDefenderDetectedMalwareActions", + "Parameters": [ + { + "CIMType": "String", + "Name": "HighSeverity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LowSeverity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ModerateSeverity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SevereSeverity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsFirewallNetworkProfile", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AuthorizedApplicationRulesFromGroupPolicyMerged", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AuthorizedApplicationRulesFromGroupPolicyNotMerged", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectionSecurityRulesFromGroupPolicyMerged", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectionSecurityRulesFromGroupPolicyNotMerged", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FirewallEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GlobalPortRulesFromGroupPolicyMerged", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GlobalPortRulesFromGroupPolicyNotMerged", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InboundConnectionsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InboundConnectionsRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InboundNotificationsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InboundNotificationsRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IncomingTrafficBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IncomingTrafficRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutboundConnectionsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OutboundConnectionsRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PolicyRulesFromGroupPolicyMerged", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PolicyRulesFromGroupPolicyNotMerged", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecuredPacketExemptionAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecuredPacketExemptionBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StealthModeBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StealthModeRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UnicastResponsesToMulticastBroadcastsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UnicastResponsesToMulticastBroadcastsRequired", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsFirewallRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Action", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeTraversal", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FilePath", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "InterfaceTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "LocalAddressRanges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "LocalPortRanges", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalUserAuthorizations", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PackageFamilyName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProfileTypes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Protocol", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoteAddressRanges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemotePortRanges", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ServiceName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TrafficDirection", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementUserRightsSetting", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementUserRightsLocalUserOrGroup[]", + "Name": "LocalUsersOrGroups", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "State", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementUserRightsLocalUserOrGroup", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecurityIdentifier", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationEndpointProtectionPolicyWindows10", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowCameraMicrophoneRedirection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowFileSaveOnHost", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowPersistence", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowPrintToLocalPrinters", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowPrintToNetworkPrinters", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowPrintToPDF", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowPrintToXPS", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardAllowVirtualGPU", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationGuardBlockClipboardSharing", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationGuardBlockFileTransfer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardBlockNonEnterpriseContent", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ApplicationGuardCertificateThumbprints", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationGuardEnabledOptions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplicationGuardForceAuditing", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppLockerApplicationControl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BitLockerAllowStandardUserEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BitLockerDisableWarningForOtherDiskEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BitLockerEnableStorageCardEncryptionOnMobile", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BitLockerEncryptDevice", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphbitLockerFixedDrivePolicy", + "Name": "BitLockerFixedDrivePolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BitLockerRecoveryPasswordRotation", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphbitLockerRemovableDrivePolicy", + "Name": "BitLockerRemovableDrivePolicy", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphbitLockerSystemDrivePolicy", + "Name": "BitLockerSystemDrivePolicy", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderAdditionalGuardedFolders", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderAdobeReaderLaunchChildProcess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderAdvancedRansomewareProtectionType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowBehaviorMonitoring", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowCloudProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowEndUserAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowIntrusionPreventionSystem", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowOnAccessProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowRealTimeMonitoring", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowScanArchiveFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowScanDownloads", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowScanNetworkFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowScanRemovableDrivesDuringFullScan", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderAllowScanScriptsLoadedInInternetExplorer", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderAttackSurfaceReductionExcludedPaths", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderBlockEndUserAccess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderBlockPersistenceThroughWmiType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderCheckForSignaturesBeforeRunningScan", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderCloudBlockLevel", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderCloudExtendedTimeoutInSeconds", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderDaysBeforeDeletingQuarantinedMalware", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdefenderDetectedMalwareActions", + "Name": "DefenderDetectedMalwareActions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableBehaviorMonitoring", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableCatchupFullScan", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableCatchupQuickScan", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableCloudProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableIntrusionPreventionSystem", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableOnAccessProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableRealTimeMonitoring", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableScanArchiveFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableScanDownloads", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableScanNetworkFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableScanRemovableDrivesDuringFullScan", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableScanScriptsLoadedInInternetExplorer", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderEmailContentExecution", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderEmailContentExecutionType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderEnableLowCpuPriority", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderEnableScanIncomingMail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderEnableScanMappedNetworkDrivesDuringFullScan", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderExploitProtectionXml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderExploitProtectionXmlFileName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderFileExtensionsToExclude", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderFilesAndFoldersToExclude", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderGuardedFoldersAllowedAppPaths", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderGuardMyFoldersType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderNetworkProtectionType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeAppsExecutableContentCreationOrLaunch", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeAppsExecutableContentCreationOrLaunchType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeAppsLaunchChildProcess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeAppsLaunchChildProcessType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeAppsOtherProcessInjection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeAppsOtherProcessInjectionType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeCommunicationAppsLaunchChildProcess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeMacroCodeAllowWin32Imports", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderOfficeMacroCodeAllowWin32ImportsType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderPotentiallyUnwantedAppAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderPreventCredentialStealingType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderProcessCreation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderProcessCreationType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderProcessesToExclude", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScanDirection", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderScanMaxCpuPercentage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScanType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScheduledQuickScanTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScheduledScanDay", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScheduledScanTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScriptDownloadedPayloadExecution", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScriptDownloadedPayloadExecutionType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScriptObfuscatedMacroCode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScriptObfuscatedMacroCodeType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterBlockExploitProtectionOverride", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableAccountUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableAppBrowserUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableClearTpmUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableFamilyUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableHardwareUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableHealthUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableNetworkUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableNotificationAreaUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableRansomwareUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableSecureBootUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableTroubleshootingUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableVirusUI", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSecurityCenterHelpEmail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSecurityCenterHelpPhone", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSecurityCenterHelpURL", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSecurityCenterITContactDisplay", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSecurityCenterNotificationsFromApp", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSecurityCenterOrganizationDisplayName", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderSignatureUpdateIntervalInHours", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSubmitSamplesConsentType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderUntrustedExecutable", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderUntrustedExecutableType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderUntrustedUSBProcess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderUntrustedUSBProcessType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceGuardEnableSecureBootWithDMA", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceGuardEnableVirtualizationBasedSecurity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceGuardLaunchSystemGuard", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceGuardLocalSystemAuthorityCredentialGuardSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceGuardSecureBootWithDMA", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DmaGuardDeviceEnumerationPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallBlockStatefulFTP", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FirewallCertificateRevocationListCheckMethod", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "FirewallIdleTimeoutForSecurityAssociationInSeconds", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallIPSecExemptionsAllowDHCP", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallIPSecExemptionsAllowICMP", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallIPSecExemptionsAllowNeighborDiscovery", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallIPSecExemptionsAllowRouterDiscovery", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallIPSecExemptionsNone", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FirewallMergeKeyingModuleSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FirewallPacketQueueingMethod", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FirewallPreSharedKeyEncodingMethod", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsFirewallNetworkProfile", + "Name": "FirewallProfileDomain", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsFirewallNetworkProfile", + "Name": "FirewallProfilePrivate", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsFirewallNetworkProfile", + "Name": "FirewallProfilePublic", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsFirewallRule[]", + "Name": "FirewallRules", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LanManagerAuthenticationLevel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LanManagerWorkstationDisableInsecureGuestLogons", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsAdministratorAccountName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsAdministratorElevationPromptBehavior", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsAllowPKU2UAuthenticationRequests", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManager", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsAllowUIAccessApplicationElevation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsAllowUIAccessApplicationsForSecureLocations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsAllowUndockWithoutHavingToLogon", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsBlockMicrosoftAccounts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsBlockRemoteLogonWithBlankPassword", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsBlockRemoteOpticalDriveAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsBlockUsersInstallingPrinterDrivers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsClearVirtualMemoryPageFile", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsClientDigitallySignCommunicationsAlways", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDetectApplicationInstallationsAndPromptForElevation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDisableAdministratorAccount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDisableGuestAccount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDisableServerDigitallySignCommunicationsAlways", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDoNotRequireCtrlAltDel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsGuestAccountName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsHideLastSignedInUser", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsHideUsernameAtSignIn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsInformationDisplayedOnLockScreen", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsInformationShownOnLockScreen", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsLogOnMessageText", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsLogOnMessageTitle", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "LocalSecurityOptionsMachineInactivityLimit", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "LocalSecurityOptionsMachineInactivityLimitInMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsOnlyElevateSignedExecutables", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsSmartCardRemovalBehavior", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalSecurityOptionsStandardUserElevationPromptBehavior", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsUseAdminApprovalMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsUseAdminApprovalModeForAdministrators", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocalSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmartScreenBlockOverrideForFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmartScreenEnableInShell", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsAccessCredentialManagerAsTrustedCaller", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsActAsPartOfTheOperatingSystem", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsAllowAccessFromNetwork", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsBackupData", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsBlockAccessFromNetwork", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsChangeSystemTime", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsCreateGlobalObjects", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsCreatePageFile", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsCreatePermanentSharedObjects", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsCreateSymbolicLinks", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsCreateToken", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsDebugPrograms", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsDelegation", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsDenyLocalLogOn", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsGenerateSecurityAudits", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsImpersonateClient", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsIncreaseSchedulingPriority", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsLoadUnloadDrivers", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsLocalLogOn", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsLockMemory", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsManageAuditingAndSecurityLogs", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsManageVolumes", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsModifyFirmwareEnvironment", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsModifyObjectLabels", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsProfileSingleProcess", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsRemoteDesktopServicesLogOn", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsRemoteShutdown", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsRestoreData", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementUserRightsSetting", + "Name": "UserRightsTakeOwnership", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WindowsDefenderTamperProtection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "XboxServicesAccessoryManagementServiceStartupMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "XboxServicesEnableXboxGameSaveTask", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "XboxServicesLiveAuthManagerServiceStartupMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "XboxServicesLiveGameSaveServiceStartupMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "XboxServicesLiveNetworkingServiceStartupMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationFirmwareInterfacePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Bluetooth", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BootFromBuiltInNetworkAdapters", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BootFromExternalMedia", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Cameras", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ChangeUefiSettingsPermission", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FrontCamera", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InfraredCamera", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Microphone", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MicrophonesAndSpeakers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NearFieldCommunication", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Radios", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RearCamera", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SdCard", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SimultaneousMultiThreading", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UsbTypeAPort", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VirtualizationOfCpuAndIO", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WakeOnLAN", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WakeOnPower", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFi", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WindowsPlatformBinaryTable", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WirelessWideAreaNetwork", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationHealthMonitoringConfigurationPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "AllowDeviceHealthMonitoring", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConfigDeviceHealthMonitoringCustomScope", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ConfigDeviceHealthMonitoringScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationIdentityProtectionPolicyWindows10", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "EnhancedAntiSpoofingForFacialFeaturesEnabled", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinExpirationInDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinLowercaseCharactersUsage", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinMaximumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinPreviousBlockCount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PinRecoveryEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinSpecialCharactersUsage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PinUppercaseCharactersUsage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityDeviceRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UnlockWithBiometricsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseCertificatesForOnPremisesAuthEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseSecurityKeyForSignin", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsHelloForBusinessBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationImportedPfxCertificatePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "IntendedPurpose", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateValidityPeriodScale", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "CertificateValidityPeriodValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KeyStorageProvider", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "RenewalThresholdPercentage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectAlternativeNameType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectNameFormat", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsKioskProfile", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphWindowsKioskAppConfiguration", + "Name": "AppConfiguration", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProfileId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProfileName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphWindowsKioskUser[]", + "Name": "UserAccountsConfiguration", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsKioskAppConfiguration", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AllowAccessToDownloadsFolder", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphWindowsKioskAppBase[]", + "Name": "Apps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisallowDesktopApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ShowTaskBar", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuLayoutXml", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphWindowsKioskUWPApp", + "Name": "UwpApp", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphWindowsKioskWin32App", + "Name": "Win32App", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsKioskAppBase", + "Parameters": [ + { + "CIMType": "String", + "Name": "AppType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoLaunch", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartLayoutTileSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DesktopApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DesktopApplicationLinkPath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Path", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppUserModelId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContainedAppId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ClassicAppPath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeKiosk", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EdgeKioskIdleTimeoutMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeKioskType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeNoFirstRun", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsKioskUWPApp", + "Parameters": [ + { + "CIMType": "String", + "Name": "AppId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppUserModelId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContainedAppId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoLaunch", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartLayoutTileSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DesktopApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DesktopApplicationLinkPath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Path", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ClassicAppPath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeKiosk", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EdgeKioskIdleTimeoutMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeKioskType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeNoFirstRun", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsKioskWin32App", + "Parameters": [ + { + "CIMType": "String", + "Name": "ClassicAppPath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeKiosk", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EdgeKioskIdleTimeoutMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeKioskType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeNoFirstRun", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoLaunch", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartLayoutTileSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DesktopApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DesktopApplicationLinkPath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Path", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppUserModelId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContainedAppId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsKioskUser", + "Parameters": [ + { + "CIMType": "String", + "Name": "GroupName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GroupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserPrincipalName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsKioskForceUpdateSchedule", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "DayofMonth", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DayofWeek", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Recurrence", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RunImmediatelyIfAfterStartDateTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartDateTime", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationKioskPolicyWindows10", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "EdgeKioskEnablePublicBrowsing", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "KioskBrowserBlockedUrlExceptions", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "KioskBrowserBlockedURLs", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskBrowserDefaultUrl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskBrowserEnableEndSessionButton", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskBrowserEnableHomeButton", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskBrowserEnableNavigationButtons", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "KioskBrowserRestartOnIdleTimeInMinutes", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsKioskProfile[]", + "Name": "KioskProfiles", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsKioskForceUpdateSchedule", + "Name": "WindowsKioskForceUpdateSchedule", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsNetworkIsolationPolicy", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphProxiedDomain1[]", + "Name": "EnterpriseCloudResources", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseInternalProxyServers", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphIpRange1[]", + "Name": "EnterpriseIPRanges", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseIPRangesAreAuthoritative", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseNetworkDomainNames", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EnterpriseProxyServers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseProxyServersAreAuthoritative", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "NeutralDomainResources", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphProxiedDomain1", + "Parameters": [ + { + "CIMType": "String", + "Name": "IpAddressOrFQDN", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Proxy", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphIpRange1", + "Parameters": [ + { + "CIMType": "String", + "Name": "CidrAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LowerAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UpperAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationNetworkBoundaryPolicyWindows10", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphwindowsNetworkIsolationPolicy", + "Name": "WindowsNetworkIsolationPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphCustomSubjectAlternativeName", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SanType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphExtendedKeyUsage", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ObjectIdentifier", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPkcsCertificatePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "CertificateStore", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateTemplateName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificationAuthority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificationAuthorityName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphcustomSubjectAlternativeName[]", + "Name": "CustomSubjectAlternativeNames", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphextendedKeyUsage[]", + "Name": "ExtendedKeyUsages", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectAlternativeNameFormatString", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectNameFormatString", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateValidityPeriodScale", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "CertificateValidityPeriodValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KeyStorageProvider", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "RenewalThresholdPercentage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectAlternativeNameType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectNameFormat", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphapplistitem", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "appId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "appStoreUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "publisher", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceAdministrator", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsBlockClipboardSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsBlockCopyPaste", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsBlockYouTube", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "AppsHideList", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "AppsInstallAllowList", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "AppsLaunchBlockList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CameraBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockDataRoaming", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockMessaging", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockVoiceRoaming", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockWiFiTethering", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CompliantAppListType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "CompliantAppsList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DateAndTimeBlockChanges", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceSharingAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DiagnosticDataBlockSubmission", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FactoryResetBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GoogleAccountBlockAutoSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GooglePlayStoreBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "KioskModeApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockSleepButton", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockVolumeButtons", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocationServicesBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NfcBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockFingerprintUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockTrustAgents", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PowerOffBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RequiredPasswordComplexity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireVerifyApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageBlockGoogleBackup", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageBlockRemovableStorage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireDeviceEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireRemovableStorageEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VoiceAssistantBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VoiceDialingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WebBrowserBlockAutofill", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WebBrowserBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WebBrowserBlockJavaScript", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WebBrowserBlockPopups", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WebBrowserCookieSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WiFiBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphandroiddeviceowneruserfacingmessage", + "Parameters": [ + { + "CIMType": "String", + "Name": "defaultMessage", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphkeyvaluepair[]", + "Name": "localizedMessages", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphkeyvaluepair", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphandroiddeviceownerglobalproxy", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "proxyAutoConfigURL", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "excludedHosts", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "host", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "port", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodeapppositionitem", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodehomescreenitem", + "Name": "item", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "position", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodehomescreenitem", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "folderIdentifier", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "folderName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodefolderitem[]", + "Name": "items", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "className", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "package", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "label", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "link", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodemanagedfolder", + "Parameters": [ + { + "CIMType": "String", + "Name": "folderIdentifier", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "folderName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodefolderitem[]", + "Name": "items", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodefolderitem", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "className", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "package", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "label", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "link", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphandroiddeviceownersystemupdatefreezeperiod", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "endDay", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "endMonth", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "startDay", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "startMonth", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPolicyAndroidDeviceOwner", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AccountsBlockModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsAllowInstallFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppsAutoUpdatePolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppsDefaultPermissionPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsRecommendSkippingFirstUseHints", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "AzureAdSharedDeviceDataClearApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockConfiguration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockContactSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CameraBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockWiFiTethering", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CertificateCredentialConfigurationDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CrossProfilePoliciesAllowCopyPaste", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CrossProfilePoliciesAllowDataSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CrossProfilePoliciesShowWorkContactsInPersonalProfile", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DataRoamingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DateTimeConfigurationBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceowneruserfacingmessage", + "Name": "DetailedHelpText", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceowneruserfacingmessage", + "Name": "DeviceOwnerLockScreenMessage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnrollmentProfile", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FactoryResetBlocked", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FactoryResetDeviceAdministratorEmails", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceownerglobalproxy", + "Name": "GlobalProxy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GoogleAccountsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskCustomizationDeviceSettingsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskCustomizationPowerButtonActionsBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskCustomizationStatusBar", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskCustomizationSystemErrorWarnings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskCustomizationSystemNavigation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAppOrderEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodeapppositionitem[]", + "Name": "KioskModeAppPositions", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "KioskModeApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAppsInFolderOrderedByName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBluetoothConfigurationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeDebugMenuEasyAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeExitCode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeFlashlightConfigurationEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeFolderIcon", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "KioskModeGridHeight", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "KioskModeGridWidth", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeIconSize", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeLockHomeScreen", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceownerkioskmodemanagedfolder[]", + "Name": "KioskModeManagedFolders", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeManagedHomeScreenAutoSignout", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "KioskModeManagedHomeScreenInactiveSignOutDelayInSeconds", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "KioskModeManagedHomeScreenInactiveSignOutNoticeInSeconds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeManagedHomeScreenPinComplexity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeManagedHomeScreenPinRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeManagedHomeScreenPinRequiredToResume", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeManagedHomeScreenSignInBackground", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeManagedHomeScreenSignInBrandingLogo", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeManagedHomeScreenSignInEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeManagedSettingsEntryDisabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeMediaVolumeConfigurationEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeScreenOrientation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeScreenSaverConfigurationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeScreenSaverDetectMediaDisabled", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "KioskModeScreenSaverDisplayTimeInSeconds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeScreenSaverImageUrl", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "KioskModeScreenSaverStartDelayInSeconds", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeShowAppNotificationBadge", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeShowDeviceInfo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeUseManagedHomeScreenApp", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeVirtualHomeButtonEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeVirtualHomeButtonType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeWallpaperUrl", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "KioskModeWifiAllowedSsids", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeWiFiConfigurationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrophoneForceMute", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftLauncherConfigurationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftLauncherCustomWallpaperAllowUserModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftLauncherCustomWallpaperEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MicrosoftLauncherCustomWallpaperImageUrl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftLauncherDockPresenceAllowUserModification", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MicrosoftLauncherDockPresenceConfiguration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftLauncherFeedAllowUserModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftLauncherFeedEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MicrosoftLauncherSearchBarPlacementConfiguration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NetworkEscapeHatchAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NfcBlockOutgoingBeam", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockKeyguard", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PasswordBlockKeyguardFeatures", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumLetterCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumLowerCaseCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumNonLetterCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumNumericCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumSymbolCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumUpperCaseCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordPreviousPasswordCountToBlock", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequireUnlock", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersonalProfileAppsAllowInstallFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersonalProfileCameraBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "PersonalProfilePersonalApplications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PersonalProfilePlayStoreMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersonalProfileScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PlayStoreMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityCommonCriteriaModeEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityDeveloperSettingsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireVerifyApps", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceowneruserfacingmessage", + "Name": "ShortHelpText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StatusBarBlocked", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "StayOnModes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageAllowUsb", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageBlockExternalMedia", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageBlockUsbFileTransfer", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphandroiddeviceownersystemupdatefreezeperiod[]", + "Name": "SystemUpdateFreezePeriods", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SystemUpdateInstallType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SystemUpdateWindowEndMinutesAfterMidnight", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SystemUpdateWindowStartMinutesAfterMidnight", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SystemWindowsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UsersBlockAdd", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UsersBlockRemove", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VolumeBlockAdjustment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VpnAlwaysOnLockdownMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VpnAlwaysOnPackageIdentifier", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WifiBlockEditConfigurations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WifiBlockEditPolicyDefinedConfigurations", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordMinimumLetterCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordMinimumLowerCaseCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordMinimumNonLetterCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordMinimumNumericCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordMinimumSymbolCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordMinimumUpperCaseCharacters", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordPreviousPasswordCountToBlock", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WorkProfilePasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WorkProfilePasswordRequireUnlock", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WorkProfilePasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPolicyAndroidOpenSourceProject", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsBlockInstallFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockConfiguration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CameraBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FactoryResetBlocked", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityAllowDebuggingFeatures", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageBlockExternalMedia", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageBlockUsbFileTransfer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WifiBlockEditConfigurations", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPolicyAndroidWorkProfile", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockFaceUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockFingerprintUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockIrisUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "passwordBlockTrustAgents", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "PasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RequiredPasswordComplexity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileAllowAppInstallsFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WorkProfileDataSharingType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockNotificationsWhileDeviceLocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockAddingAccounts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBluetoothEnableContactSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockScreenCapture", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockCrossProfileCallerId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockCamera", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockCrossProfileContactsSearch", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockCrossProfileCopyPaste", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WorkProfileDefaultAppPermissionPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfilePasswordBlockFaceUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfilePasswordBlockFingerprintUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfilePasswordBlockIrisUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfilePasswordBlockTrustAgents", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinNumericCharacters", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinNonLetterCharacters", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinLetterCharacters", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinLowerCaseCharacters", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinUpperCaseCharacters", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinSymbolCharacters", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Uint32", + "Name": "WorkProfilePasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WorkProfilePasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WorkProfileRequiredPasswordComplexity", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileRequirePassword", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityRequireVerifyApps", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VpnAlwaysOnPackageIdentifier", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VpnEnableAlwaysOnLockdownMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileAllowWidgets", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WorkProfileBlockPersonalAppInstallsFromUnknownSources", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingaustralia", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingcanada", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingfrance", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratinggermany", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingireland", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingjapan", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingnewzealand", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingunitedkingdom", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmediacontentratingunitedstates", + "Parameters": [ + { + "CIMType": "String", + "Name": "movieRating", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "tvRating", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphiosnetworkusagerule", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "cellularDataBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "cellularDataBlockWhenRoaming", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "managedApps", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPolicyIOS", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AccountBlockModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ActivationLockAllowWhenSupervised", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirDropBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirDropForceUnmanagedDropTarget", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirPlayForcePairingPasswordForOutgoingRequests", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirPrintBlockCredentialsStorage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirPrintBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirPrintBlockiBeaconDiscovery", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirPrintForceTrustedTLS", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppClipsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppleNewsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplePersonalizedAdsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppleWatchBlockPairing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppleWatchForceWristDetection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppRemovalBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "AppsSingleAppModeList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppStoreBlockAutomaticDownloads", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppStoreBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppStoreBlockInAppPurchases", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppStoreBlockUIAppInstallation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppStoreRequirePassword", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "AppsVisibilityList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppsVisibilityListType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoFillForceAuthentication", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutoUnlockBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockSystemAppRemoval", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CameraBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockDataRoaming", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockGlobalBackgroundFetchWhileRoaming", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockPerAppDataModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockPersonalHotspot", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockPersonalHotspotModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockPlanModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockVoiceRoaming", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CertificatesBlockUntrustedTlsCertificates", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomAppBlockRemoteScreenObservation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomAppForceUnpromptedScreenObservation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomForceAutomaticallyJoinClasses", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomForceRequestPermissionToLeaveClasses", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomForceUnpromptedAppAndDeviceLock", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CompliantAppListType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitem[]", + "Name": "CompliantAppsList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConfigurationProfileBlockChanges", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ContactsAllowManagedToUnmanagedWrite", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ContactsAllowUnmanagedToManagedRead", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ContinuousPathKeyboardBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DateAndTimeForceSetAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefinitionLookupBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceBlockEnableRestrictions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceBlockEraseContentAndSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceBlockNameModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DiagnosticDataBlockSubmission", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DiagnosticDataBlockSubmissionModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DocumentsBlockManagedDocumentsInUnmanagedApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DocumentsBlockUnmanagedDocumentsInManagedApps", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EmailInDomainSuffixes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseAppBlockTrust", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseAppBlockTrustModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseBookBlockBackup", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseBookBlockMetadataSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EsimBlockModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FaceTimeBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FilesNetworkDriveAccessBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FilesUsbDriveAccessBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FindMyDeviceInFindMyAppBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FindMyFriendsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FindMyFriendsInFindMyAppBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GameCenterBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GamingBlockGameCenterFriends", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GamingBlockMultiplayer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HostPairingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IBooksStoreBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IBooksStoreBlockErotica", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockActivityContinuation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockBackup", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockDocumentSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockManagedAppsSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockPhotoLibrary", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockPhotoStreamSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockSharedPhotoStream", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudPrivateRelayBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudRequireEncryptedBackup", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ITunesBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ITunesBlockExplicitContent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ITunesBlockMusicService", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ITunesBlockRadio", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeyboardBlockAutoCorrect", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeyboardBlockDictation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeyboardBlockPredictive", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeyboardBlockShortcuts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeyboardBlockSpellCheck", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeychainBlockCloudSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowAssistiveSpeak", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowAssistiveTouchSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowAutoLock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowColorInversionSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowRingerSwitch", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowScreenRotation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowSleepButton", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowTouchscreen", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowVoiceControlModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowVoiceOverSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowVolumeButtons", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeAllowZoomSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeAppStoreUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeAppType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockAutoLock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockRingerSwitch", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockScreenRotation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockSleepButton", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockTouchscreen", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeBlockVolumeButtons", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeBuiltInAppId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeEnableVoiceControl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskModeManagedAppId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeRequireAssistiveTouch", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeRequireColorInversion", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeRequireMonoAudio", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeRequireVoiceOver", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KioskModeRequireZoom", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenBlockControlCenter", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenBlockNotificationView", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenBlockPassbook", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenBlockTodayView", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedPasteboardRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MediaContentRatingApps", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingaustralia", + "Name": "MediaContentRatingAustralia", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingcanada", + "Name": "MediaContentRatingCanada", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingfrance", + "Name": "MediaContentRatingFrance", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratinggermany", + "Name": "MediaContentRatingGermany", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingireland", + "Name": "MediaContentRatingIreland", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingjapan", + "Name": "MediaContentRatingJapan", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingnewzealand", + "Name": "MediaContentRatingNewZealand", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingunitedkingdom", + "Name": "MediaContentRatingUnitedKingdom", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmediacontentratingunitedstates", + "Name": "MediaContentRatingUnitedStates", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessagesBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphiosnetworkusagerule[]", + "Name": "NetworkUsageRules", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NfcBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NotificationsBlockSettingsModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OnDeviceOnlyDictationForced", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OnDeviceOnlyTranslationForced", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasscodeBlockFingerprintModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasscodeBlockFingerprintUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasscodeBlockModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasscodeBlockSimple", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasscodeExpirationDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasscodeMinimumCharacterSetCount", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasscodeMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasscodeMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasscodeMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasscodePreviousPasscodeBlockCount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasscodeRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasscodeRequiredType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasscodeSignInFailureCountBeforeWipe", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockAirDropSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockAutoFill", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockProximityRequests", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PkiBlockOTAUpdates", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PodcastsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrivacyForceLimitAdTracking", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ProximityBlockSetupToNewDevice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SafariBlockAutofill", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SafariBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SafariBlockJavaScript", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SafariBlockPopups", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SafariCookieSettings", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SafariManagedDomains", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SafariPasswordAutoFillDomains", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SafariRequireFraudWarning", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SharedDeviceBlockTemporarySessions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiriBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiriBlockedWhenLocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiriBlockUserGeneratedContent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiriRequireProfanityFilter", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SoftwareUpdatesEnforcedDelayInDays", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SoftwareUpdatesForceDelayed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SpotlightBlockInternetResults", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UnpairedExternalBootToRecoveryAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UsbRestrictedModeBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VoiceDialingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VpnBlockCreation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WallpaperBlockModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WiFiConnectOnlyToConfiguredNetworks", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WiFiConnectToAllowedNetworksOnlyForced", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WifiPowerOnForced", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphapplistitemMacOS", + "Parameters": [ + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "appId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "appStoreUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "name", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "publisher", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmacosprivacyaccesscontrolitem", + "Parameters": [ + { + "CIMType": "String", + "Name": "accessibility", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "addressBook", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmacosappleeventreceiver[]", + "Name": "appleEventsAllowedReceivers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "blockCamera", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "blockListenEvent", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "blockMicrophone", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "blockScreenCapture", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "calendar", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "codeRequirement", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "displayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "fileProviderPresence", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "identifier", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "identifierType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "mediaLibrary", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "photos", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "postEvent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "reminders", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "speechRecognition", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "staticCodeValidation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "systemPolicyAllFiles", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "systemPolicyDesktopFolder", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "systemPolicyDocumentsFolder", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "systemPolicyDownloadsFolder", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "systemPolicyNetworkVolumes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "systemPolicyRemovableVolumes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "systemPolicySystemAdminFiles", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphmacosappleeventreceiver", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "allowed", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "codeRequirement", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "identifier", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "identifierType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPolicyMacOS", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AddingGameCenterFriendsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AirDropBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppleWatchBlockAutoUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CameraBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomAppBlockRemoteScreenObservation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomAppForceUnpromptedScreenObservation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomForceAutomaticallyJoinClasses", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomForceRequestPermissionToLeaveClasses", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClassroomForceUnpromptedAppAndDeviceLock", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CompliantAppListType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphapplistitemMacOS[]", + "Name": "CompliantAppsList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ContentCachingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefinitionLookupBlocked", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EmailInDomainSuffixes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EraseContentAndSettingsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GameCenterBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockActivityContinuation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockAddressBook", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockBookmarks", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockCalendar", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockDocumentSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockMail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockNotes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockPhotoLibrary", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudBlockReminders", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudDesktopAndDocumentsBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ICloudPrivateRelayBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ITunesBlockFileSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ITunesBlockMusicService", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeyboardBlockDictation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "KeychainBlockCloudSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MultiplayerGamingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockAirDropSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockAutoFill", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockFingerprintUnlock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockProximityRequests", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockSimple", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMaximumAttemptCount", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumCharacterSetCount", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinutesOfInactivityBeforeLock", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinutesUntilFailedLoginReset", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphmacosprivacyaccesscontrolitem[]", + "Name": "PrivacyAccessControls", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SafariBlockAutofill", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SoftwareUpdateMajorOSDeferredInstallDelayInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SoftwareUpdateMinorOSDeferredInstallDelayInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SoftwareUpdateNonOSDeferredInstallDelayInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SoftwareUpdatesEnforcedDelayInDays", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SpotlightBlockInternetResults", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "TouchIdTimeoutInHours", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "UpdateDelayPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WallpaperModificationBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDefenderDetectedMalwareActions1", + "Parameters": [ + { + "CIMType": "String", + "Name": "HighSeverity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LowSeverity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ModerateSeverity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SevereSeverity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphEdgeHomeButtonConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "HomeButtonCustomURL", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphEdgeSearchEngineBase", + "Parameters": [ + { + "CIMType": "String", + "Name": "EdgeSearchEngineType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeSearchEngineOpenSearchXmlUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindows10NetworkProxyServer", + "Parameters": [ + { + "CIMType": "String", + "Name": "Address", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Exceptions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseForLocalAddresses", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindows10AppsForceUpdateSchedule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Recurrence", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RunImmediatelyIfAfterStartDateTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartDateTime", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationPolicyWindows10", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AccountsBlockAddingNonMicrosoftAccountEmail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActivateAppsWithVoice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AntiTheftModeBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppManagementMSIAllowUserControlOverInstall", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppManagementMSIAlwaysInstallWithElevatedPrivileges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AppManagementPackageFamilyNamesToLaunchAfterLogOn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppsAllowTrustedAppsSideloading", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsBlockWindowsStoreOriginatedApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AuthenticationAllowSecondaryDevice", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationPreferredAzureADTenantDomainName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationWebSignIn", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BluetoothAllowedServices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockAdvertising", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockDiscoverableMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockPrePairing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BluetoothBlockPromptedProximalConnections", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CameraBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockDataWhenRoaming", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockVpn", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CellularBlockVpnWhenRoaming", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CellularData", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CertificatesBlockManualRootCertificateInstallation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConfigureTimeZone", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectedDevicesServiceBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CopyPasteBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CortanaBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CryptographyAllowFipsAlgorithmPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DataProtectionBlockDirectMemoryAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderBlockEndUserAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderBlockOnAccessProtection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderCloudBlockLevel", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderCloudExtendedTimeout", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderCloudExtendedTimeoutInSeconds", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderDaysBeforeDeletingQuarantinedMalware", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdefenderDetectedMalwareActions1", + "Name": "DefenderDetectedMalwareActions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableCatchupFullScan", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderDisableCatchupQuickScan", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderFileExtensionsToExclude", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderFilesAndFoldersToExclude", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderMonitorFileActivity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderPotentiallyUnwantedAppAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderPotentiallyUnwantedAppActionSetting", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefenderProcessesToExclude", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderPromptForSampleSubmission", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderRequireBehaviorMonitoring", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderRequireCloudProtection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderRequireNetworkInspectionSystem", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderRequireRealTimeMonitoring", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScanArchiveFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScanDownloads", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScanIncomingMail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScanMappedNetworkDrivesDuringFullScan", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderScanMaxCpu", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScanNetworkFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScanRemovableDrivesDuringFullScan", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScanScriptsLoadedInInternetExplorer", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScanType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScheduledQuickScanTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderScheduledScanTime", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DefenderScheduleScanEnableLowCpuPriority", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DefenderSignatureUpdateIntervalInHours", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSubmitSamplesConsentType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefenderSystemScanSchedule", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeveloperUnlockSetting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceManagementBlockFactoryResetOnMobile", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DeviceManagementBlockManualUnenroll", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DiagnosticsDataSubmissionMode", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DisplayAppListWithGdiDPIScalingTurnedOff", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DisplayAppListWithGdiDPIScalingTurnedOn", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeAllowStartPagesModification", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockAccessToAboutFlags", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockAddressBarDropdown", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockAutofill", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockCompatibilityList", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockDeveloperTools", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockEditFavorites", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockExtensions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockFullScreenMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockInPrivateBrowsing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockJavaScript", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockLiveTileDataCollection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockPasswordManager", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockPopups", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockPrelaunch", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockPrinting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockSavingHistory", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockSearchEngineCustomization", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockSearchSuggestions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockSendingDoNotTrackHeader", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockSendingIntranetTrafficToInternetExplorer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockSideloadingExtensions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockTabPreloading", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeBlockWebContentOnNewTabPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeClearBrowsingDataOnExit", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeCookiePolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeDisableFirstRunPage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeEnterpriseModeSiteListLocation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeFavoritesBarVisibility", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeFavoritesListLocation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeFirstRunUrl", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphedgeHomeButtonConfiguration", + "Name": "EdgeHomeButtonConfiguration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeHomeButtonConfigurationEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EdgeHomepageUrls", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeKioskModeRestriction", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EdgeKioskResetAfterIdleTimeInMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeNewTabPageURL", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeOpensWith", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgePreventCertificateErrorOverride", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EdgeRequiredExtensionPackageFamilyNames", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeRequireSmartScreen", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphedgeSearchEngineBase", + "Name": "EdgeSearchEngine", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeSendIntranetTrafficToInternetExplorer", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeShowMessageWhenOpeningInternetExplorerSites", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EdgeSyncFavoritesWithInternetExplorer", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EdgeTelemetryForMicrosoft365Analytics", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableAutomaticRedeployment", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EnergySaverOnBatteryThresholdPercentage", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EnergySaverPluggedInThresholdPercentage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseCloudPrintDiscoveryEndPoint", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EnterpriseCloudPrintDiscoveryMaxLimit", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseCloudPrintMopriaDiscoveryResourceIdentifier", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseCloudPrintOAuthAuthority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseCloudPrintOAuthClientIdentifier", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseCloudPrintResourceIdentifier", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExperienceBlockDeviceDiscovery", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExperienceBlockErrorDialogWhenNoSIM", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExperienceBlockTaskSwitcher", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExperienceDoNotSyncBrowserSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FindMyFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "GameDvrBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InkWorkspaceAccess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InkWorkspaceAccessState", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InkWorkspaceBlockSuggestedApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InternetSharingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LocationServicesBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LockScreenActivateAppsWithVoice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenAllowTimeoutConfiguration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenBlockActionCenterNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenBlockCortana", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LockScreenBlockToastNotifications", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "LockScreenTimeoutInSeconds", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "LogonBlockFastUserSwitching", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessagingBlockMMS", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessagingBlockRichCommunicationServices", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MessagingBlockSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftAccountBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftAccountBlockSettingsSync", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MicrosoftAccountSignInAssistantSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NetworkProxyApplySettingsDeviceWide", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkProxyAutomaticConfigurationUrl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NetworkProxyDisableAutoDetect", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindows10NetworkProxyServer", + "Name": "NetworkProxyServer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NfcBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OneDriveDisableFileSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordBlockSimple", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordExpirationDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumAgeInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumCharacterSetCount", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinimumLength", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordMinutesOfInactivityBeforeScreenTimeout", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordPreviousPasswordBlockCount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequired", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PasswordRequiredType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PasswordRequireWhenResumeFromIdleState", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PasswordSignInFailureCountBeforeFactoryReset", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PersonalizationDesktopImageUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PersonalizationLockScreenImageUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerButtonActionOnBattery", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerButtonActionPluggedIn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerHybridSleepOnBattery", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerHybridSleepPluggedIn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerLidCloseActionOnBattery", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerLidCloseActionPluggedIn", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerSleepButtonActionOnBattery", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PowerSleepButtonActionPluggedIn", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrinterBlockAddition", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrinterDefaultName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PrinterNames", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrivacyAdvertisingId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrivacyAutoAcceptPairingAndConsentPrompts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrivacyBlockActivityFeed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrivacyBlockInputPersonalization", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrivacyBlockPublishUserActivities", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PrivacyDisableLaunchExperience", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ResetProtectionModeBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SafeSearchFilter", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ScreenCaptureBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchBlockDiacritics", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchBlockWebResults", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchDisableAutoLanguageDetection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchDisableIndexerBackoff", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchDisableIndexingEncryptedItems", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchDisableIndexingRemovableDrive", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchDisableLocation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchDisableUseLocation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchEnableAutomaticIndexSizeManangement", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SearchEnableRemoteQueries", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SecurityBlockAzureADJoinedDevicesAutoEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockAccountsPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockAddProvisioningPackage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockAppsPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockChangeLanguage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockChangePowerSleep", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockChangeRegion", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockChangeSystemTime", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockDevicesPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockEaseOfAccessPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockEditDeviceName", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockGamingPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockNetworkInternetPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockPersonalizationPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockPrivacyPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockRemoveProvisioningPackage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockSettingsApp", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockSystemPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockTimeLanguagePage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockUpdateSecurityPage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SharedUserAppDataAllowed", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SmartScreenAppInstallControl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmartScreenBlockPromptOverride", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmartScreenBlockPromptOverrideForFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SmartScreenEnableAppInstallControl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartBlockUnpinningAppsFromTaskbar", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuAppListVisibility", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideChangeAccountSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideFrequentlyUsedApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideHibernate", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideLock", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHidePowerButton", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideRecentJumpLists", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideRecentlyAddedApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideRestartOptions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideShutDown", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideSignOut", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideSleep", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideSwitchAccount", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StartMenuHideUserTile", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuLayoutEdgeAssetsXml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuLayoutXml", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderDocuments", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderDownloads", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderFileExplorer", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderHomeGroup", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderMusic", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderNetwork", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderPersonalFolder", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderPictures", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StartMenuPinnedFolderVideos", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageBlockRemovableStorage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRequireMobileDeviceEncryption", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRestrictAppDataToSystemVolume", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StorageRestrictAppInstallToSystemVolume", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SystemTelemetryProxyServer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TaskManagerBlockEndTask", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TenantLockdownRequireNetworkDuringOutOfBoxExperience", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UninstallBuiltInApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UsbBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VoiceRecordingBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WebRtcBlockLocalhostIpAddress", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WiFiBlockAutomaticConnectHotspots", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WiFiBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WiFiBlockManualConfiguration", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "WiFiScanInterval", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindows10AppsForceUpdateSchedule", + "Name": "Windows10AppsForceUpdateSchedule", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsSpotlightBlockConsumerSpecificFeatures", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsSpotlightBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsSpotlightBlockOnActionCenter", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsSpotlightBlockTailoredExperiences", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsSpotlightBlockThirdPartyNotifications", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsSpotlightBlockWelcomeExperience", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsSpotlightBlockWindowsTips", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WindowsSpotlightConfigureOnLockScreen", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsStoreBlockAutoUpdate", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsStoreBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WindowsStoreEnablePrivateStoreOnly", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WirelessDisplayBlockProjectionToThisDevice", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WirelessDisplayBlockUserInputFromReceiver", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WirelessDisplayRequirePinForPairing", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationScepCertificatePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "CertificateStore", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HashAlgorithm", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KeySize", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "KeyUsage", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ScepServerUrls", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectAlternativeNameFormatString", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectNameFormatString", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphcustomSubjectAlternativeName[]", + "Name": "CustomSubjectAlternativeNames", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphextendedKeyUsage[]", + "Name": "ExtendedKeyUsages", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateValidityPeriodScale", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "CertificateValidityPeriodValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KeyStorageProvider", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "RenewalThresholdPercentage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectAlternativeNameType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectNameFormat", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RootCertificateDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RootCertificateId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationSecureAssessmentPolicyWindows10", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AllowPrinting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowScreenCapture", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowTextSuggestion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AssessmentAppUserModelId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConfigurationAccount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConfigurationAccountType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LaunchUri", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalGuestAccountName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphSharedPCAccountManagerPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "AccountDeletionPolicy", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "CacheAccountsAboveDiskFreePercentage", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "InactiveThresholdDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "RemoveAccountsBelowDiskFreePercentage", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationSharedMultiDevicePolicyWindows10", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphsharedPCAccountManagerPolicy", + "Name": "AccountManagerPolicy", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedAccounts", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowLocalStorage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableAccountManager", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableEduPolicies", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisablePowerPolicies", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableSignInOnResume", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FastFirstSignIn", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "IdleTimeBeforeSleepInSeconds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskAppDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "KioskAppUserModelId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocalStorage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaintenanceStartTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetAccountManager", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetEduPolicies", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SetPowerPolicies", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SignInOnResume", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationTrustedCertificatePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "CertFileName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DestinationStore", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TrustedRootCertificate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindows10AssociatedApps", + "Parameters": [ + { + "CIMType": "String", + "Name": "AppType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Identifier", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphCryptographySuite", + "Parameters": [ + { + "CIMType": "String", + "Name": "AuthenticationTransformConstants", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CipherTransformConstants", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DhGroup", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EncryptionMethod", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IntegrityCheckMethod", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PfsGroup", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphVpnDnsRule", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AutoTrigger", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Persistent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyServerUri", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Servers", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindows10VpnProxyServer", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "BypassProxyServerForLocalAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Address", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutomaticConfigurationScriptUrl", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Port", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutomaticallyDetectProxySettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphVpnRoute", + "Parameters": [ + { + "CIMType": "String", + "Name": "DestinationPrefix", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PrefixSize", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphVpnTrafficRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "AppId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AppType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Claims", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphIPv4Range[]", + "Name": "LocalAddressRanges", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphNumberRange[]", + "Name": "LocalPortRanges", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Protocols", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphIPv4Range[]", + "Name": "RemoteAddressRanges", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphNumberRange[]", + "Name": "RemotePortRanges", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoutingPolicyType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VpnTrafficDirection", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphIPv4Range", + "Parameters": [ + { + "CIMType": "String", + "Name": "LowerAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UpperAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CidrAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphNumberRange", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "LowerNumber", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "UpperNumber", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphVpnServer", + "Parameters": [ + { + "CIMType": "String", + "Name": "Address", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsDefaultServer", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationVpnPolicyWindows10", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphwindows10AssociatedApps[]", + "Name": "AssociatedApps", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationMethod", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConnectionType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphcryptographySuite", + "Name": "CryptographySuite", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphvpnDnsRule[]", + "Name": "DnsRules", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DnsSuffixes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EapXml", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableAlwaysOn", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableConditionalAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableDeviceTunnel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableDnsRegistration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSingleSignOnWithAlternateCertificate", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableSplitTunneling", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MicrosoftTunnelSiteId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OnlyAssociatedAppsCanUseConnection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProfileTarget", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindows10VpnProxyServer", + "Name": "ProxyServer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RememberUserCredentials", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphvpnRoute[]", + "Name": "Routes", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphextendedKeyUsage", + "Name": "SingleSignOnEku", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SingleSignOnIssuerHash", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphvpnTrafficRule[]", + "Name": "TrafficRules", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TrustedNetworkDomains", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WindowsInformationProtectionDomain", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConnectionName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomXml", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphvpnServer[]", + "Name": "ServerCollection", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationWindowsTeamPolicyWindows10", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AzureOperationalInsightsBlockTelemetry", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AzureOperationalInsightsWorkspaceId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AzureOperationalInsightsWorkspaceKey", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAppBlockAutoLaunch", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MaintenanceWindowBlocked", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaintenanceWindowDurationInHours", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaintenanceWindowStartTime", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MiracastBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MiracastChannel", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MiracastRequirePin", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockMyMeetingsAndFiles", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockSessionResume", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SettingsBlockSigninSuggestions", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SettingsDefaultVolume", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SettingsScreenTimeoutInMinutes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SettingsSessionTimeoutInMinutes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SettingsSleepTimeoutInMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WelcomeScreenBackgroundImageUrl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WelcomeScreenBlockAutomaticWakeUp", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WelcomeScreenMeetingInformation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "SupportsScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceConfigurationWiredNetworkPolicyWindows10", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "AuthenticationBlockPeriodInMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationMethod", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "AuthenticationPeriodInSeconds", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "AuthenticationRetryDelayPeriodInSeconds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AuthenticationType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CacheCredentials", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableUserPromptForServerValidation", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EapolStartPeriodInSeconds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EapType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enforce8021X", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ForceFIPSCompliance", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InnerAuthenticationProtocolForEAPTTLS", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumAuthenticationFailures", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaximumEAPOLStartMessages", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OuterIdentityPrivacyTemporaryValue", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PerformServerValidation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RequireCryptographicBinding", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecondaryAuthenticationMethod", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TrustedServerCertificateNames", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RootCertificatesForServerValidationIds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IdentityCertificateForClientAuthenticationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecondaryIdentityCertificateForClientAuthenticationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RootCertificateForClientValidationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecondaryRootCertificateForClientValidationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceEnrollmentLimitRestriction", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Limit", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_DeviceEnrollmentPlatformRestriction", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "PlatformBlocked", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersonalDeviceEnrollmentBlocked", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMinimumVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OsMaximumVersion", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlockedManufacturers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlockedSkus", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceEnrollmentPlatformRestriction", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceEnrollmentConfigurationType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "IosRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "WindowsRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "WindowsHomeSkuRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "WindowsMobileRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "AndroidRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "AndroidForWorkRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "MacRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceEnrollmentPlatformRestriction", + "Name": "MacOSRestriction", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneDeviceEnrollmentStatusPageWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowDeviceResetOnInstallFailure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowDeviceUseOnInstallFailure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowLogCollectionOnInstallFailure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowNonBlockingAppInstallation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockDeviceSetupRetryByUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomErrorMessage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableUserStatusTrackingAfterFirstUser", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "InstallProgressTimeoutInMinutes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "InstallQualityUpdates", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SelectedMobileAppIds", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SelectedMobileAppNames", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ShowInstallationProgress", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TrackInstallProgressForAutopilotOnly", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneEndpointDetectionAndResponsePolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SampleSharing", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConfigurationType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConfigurationBlob", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneExploitProtectionPolicyWindows10SettingCatalog", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExploitProtectionSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "disallowexploitprotectionoverride", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_DeviceManagementConfigurationPolicyItems", + "Parameters": [ + { + "CIMType": "String", + "Name": "dataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "payloadId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "displayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "itemType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "guidedDeploymentTags", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntunePolicySets", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "GuidedDeploymentTags", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RoleScopeTags", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyItems[]", + "Name": "Items", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneRoleAssignment", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "ResourceScopes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ResourceScopesDisplayNames", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ScopeType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Members", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MembersDisplayNames", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoleDefinition", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoleDefinitionDisplayName", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneRoleDefinition", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "IsBuiltIn", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "allowedResourceActions", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "notAllowedResourceActions", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "roleScopeTagIds", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneSettingCatalogASRRulesPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AttackSurfaceReductionOnlyExclusions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockAbuseOfExploitedVulnerableSignedDrivers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockAdobeReaderFromCreatingChildProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockAllOfficeApplicationsFromCreatingChildProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockCredentialStealingFromWindowsLocalSecurityAuthoritySubsystem", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockExecutableContentFromEmailClientAndWebmail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockExecutableFilesRunningUnlessTheyMeetPrevalenceAgeTrustedListCriterion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockExecutionOfPotentiallyObfuscatedScripts", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockJavaScriptOrVBScriptFromLaunchingDownloadedExecutableContent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockOfficeApplicationsFromCreatingExecutableContent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockOfficeApplicationsFromInjectingCodeIntoOtherProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockOfficeCommunicationAppFromCreatingChildProcesses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockPersistenceThroughWMIEventSubscription", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockProcessCreationsFromPSExecAndWMICommands", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockUntrustedUnsignedProcessesThatRunFromUSB", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockWebShellCreationForServers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockWin32APICallsFromOfficeMacros", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UseAdvancedProtectionAgainstRansomware", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ControlledFolderAccessProtectedFolders", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ControlledFolderAccessAllowedApplications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnableControlledFolderAccess", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationPolicyTemplateReference", + "Parameters": [ + { + "CIMType": "String", + "Name": "TemplateDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TemplateDisplayVersion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TemplateFamily", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TemplateId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationSetting", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingInstance", + "Name": "SettingInstance", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingInstance", + "Parameters": [ + { + "CIMType": "String", + "Name": "SettingDefinitionId", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingInstanceTemplateReference", + "Name": "SettingInstanceTemplateReference", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationChoiceSettingValue[]", + "Name": "ChoiceSettingCollectionValue", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationChoiceSettingValue", + "Name": "ChoiceSettingValue", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationGroupSettingValue[]", + "Name": "GroupSettingCollectionValue", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationGroupSettingValue", + "Name": "GroupSettingValue", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSimpleSettingValue[]", + "Name": "SimpleSettingCollectionValue", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSimpleSettingValue", + "Name": "SimpleSettingValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingInstanceTemplateReference", + "Parameters": [ + { + "CIMType": "String", + "Name": "SettingInstanceTemplateId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationChoiceSettingValue", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingInstance[]", + "Name": "Children", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingValueTemplateReference", + "Name": "SettingValueTemplateReference", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingValueTemplateReference", + "Parameters": [ + { + "CIMType": "String", + "Name": "settingValueTemplateId", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "useTemplateDefault", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationGroupSettingValue", + "Parameters": [ + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingInstance[]", + "Name": "Children", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingValueTemplateReference", + "Name": "SettingValueTemplateReference", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphDeviceManagementConfigurationSimpleSettingValue", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "IntValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StringValue", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ValueState", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingValueTemplateReference", + "Name": "SettingValueTemplateReference", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphDeviceManagementConfigurationSettingInstance[]", + "Name": "Children", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneSettingCatalogCustomPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Platforms", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Technologies", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementConfigurationPolicyTemplateReference", + "Name": "TemplateReference", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphdeviceManagementConfigurationSetting[]", + "Name": "Settings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyAndroidDeviceAdministrator", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseDeviceOwner", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreSharedKey", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PreSharedKeyIsSet", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyAutomaticConfigurationUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyExclusionList", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyManualAddress", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ProxyManualPort", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxySettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyAndroidEnterpriseWorkProfile", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyAndroidForWork", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyAndroidOpenSourceProject", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreSharedKey", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PreSharedKeyIsSet", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyIOS", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableMacAddressRandomization", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreSharedKey", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyAutomaticConfigurationUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyManualAddress", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ProxyManualPort", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxySettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyMacOS", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreSharedKey", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyAutomaticConfigurationUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyManualAddress", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ProxyManualPort", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxySettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WiFiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWifiConfigurationPolicyWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectAutomatically", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectToPreferredNetwork", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConnectWhenNetworkNameIsHidden", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ForceFIPSCompliance", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MeteredConnectionLimit", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreSharedKey", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyAutomaticConfigurationUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxyManualAddress", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ProxyManualPort", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProxySetting", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ssid", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WifiSecurityType", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsEnrollmentStatusScreenSettings", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AllowDeviceUseBeforeProfileAndAppInstallComplete", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowDeviceUseOnInstallFailure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowLogCollectionOnInstallFailure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockDeviceSetupRetryByUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomErrorMessage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HideInstallationProgress", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "InstallProgressTimeoutInMinutes", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphOutOfBoxExperienceSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "DeviceUsageType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HideEscapeLink", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HideEULA", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HidePrivacySettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SkipKeyboardSelectionPage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADHybridJoined", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "HybridAzureADJoinSkipConnectivityCheck", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceNameTemplate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "EnableWhiteGlove", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsEnrollmentStatusScreenSettings", + "Name": "EnrollmentStatusScreenSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExtractHardwareHash", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Language", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ManagementServiceAppId", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphoutOfBoxExperienceSettings", + "Name": "OutOfBoxExperienceSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsEnrollmentStatusScreenSettings1", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "AllowDeviceUseBeforeProfileAndAppInstallComplete", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowDeviceUseOnInstallFailure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowLogCollectionOnInstallFailure", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockDeviceSetupRetryByUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomErrorMessage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HideInstallationProgress", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "InstallProgressTimeoutInMinutes", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphOutOfBoxExperienceSettings1", + "Parameters": [ + { + "CIMType": "String", + "Name": "DeviceUsageType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HideEscapeLink", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HideEULA", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HidePrivacySettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SkipKeyboardSelectionPage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWindowsAutopilotDeploymentProfileAzureADJoined", + "Parameters": [ + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceNameTemplate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeviceType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "EnableWhiteGlove", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsEnrollmentStatusScreenSettings1", + "Name": "EnrollmentStatusScreenSettings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExtractHardwareHash", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Language", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ManagementServiceAppId", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphoutOfBoxExperienceSettings1", + "Name": "OutOfBoxExperienceSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolledPolicyAssignments", + "Parameters": [ + { + "CIMType": "String", + "Name": "dataType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "deviceAndAppManagementAssignmentFilterId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "groupDisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "collectionId", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsInformationProtectionDataRecoveryCertificate", + "Parameters": [ + { + "CIMType": "String", + "Name": "Certificate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExpirationDateTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectName", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsInformationProtectionResourceCollection", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Resources", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsInformationProtectionIPRangeCollection", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphIpRange[]", + "Name": "Ranges", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphIpRange", + "Parameters": [ + { + "CIMType": "String", + "Name": "CidrAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LowerAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UpperAddress", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsInformationProtectionProxiedDomainCollection", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphProxiedDomain[]", + "Name": "ProxiedDomains", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphProxiedDomain", + "Parameters": [ + { + "CIMType": "String", + "Name": "IpAddressOrFQDN", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Proxy", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsInformationProtectionApp", + "Parameters": [ + { + "CIMType": "Boolean", + "Name": "Denied", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ProductName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PublisherName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BinaryName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BinaryVersionHigh", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BinaryVersionLow", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolled", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AzureRightsManagementServicesAllowed", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionDataRecoveryCertificate", + "Name": "DataRecoveryCertificate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnforcementLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnterpriseDomain", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionResourceCollection[]", + "Name": "EnterpriseInternalProxyServers", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionIPRangeCollection[]", + "Name": "EnterpriseIPRanges", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseIPRangesAreAuthoritative", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionResourceCollection[]", + "Name": "EnterpriseNetworkDomainNames", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionResourceCollection[]", + "Name": "EnterpriseProtectedDomainNames", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionProxiedDomainCollection[]", + "Name": "EnterpriseProxiedDomains", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionResourceCollection[]", + "Name": "EnterpriseProxyServers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnterpriseProxyServersAreAuthoritative", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionApp[]", + "Name": "ExemptApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IconsVisible", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IndexingEncryptedStoresOrItemsBlocked", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionResourceCollection[]", + "Name": "NeutralDomainResources", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionApp[]", + "Name": "ProtectedApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ProtectionUnderLockConfigRequired", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RevokeOnUnenrollDisabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RightsManagementServicesTemplateId", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsInformationProtectionResourceCollection[]", + "Name": "SmbAutoEncryptedFileExtensions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_IntuneWindowsInformationProtectionPolicyWindows10MdmEnrolledPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsUpdateRolloutSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "OfferEndDateTimeInUTC", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "OfferIntervalInDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OfferStartDateTimeInUTC", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWindowsUpdateForBusinessFeatureUpdateProfileWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FeatureUpdateVersion", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsUpdateRolloutSettings", + "Name": "RolloutSettings", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_MicrosoftGraphWindowsUpdateInstallScheduleType", + "Parameters": [ + { + "CIMType": "String", + "Name": "ActiveHoursEnd", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActiveHoursStart", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ScheduledInstallDay", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ScheduledInstallTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "odataType", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_IntuneWindowsUpdateForBusinessRingUpdateProfileWindows10", + "Parameters": [ + { + "CIMType": "String", + "Name": "Id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowWindows11Upgrade", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutomaticUpdateMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutoRestartNotificationDismissal", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BusinessReadyUpdatesOnly", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DeadlineForFeatureUpdatesInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DeadlineForQualityUpdatesInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "DeadlineGracePeriodInDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DeliveryOptimizationMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DriversExcluded", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EngagedRestartDeadlineInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EngagedRestartSnoozeScheduleInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "EngagedRestartTransitionScheduleInDays", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "FeatureUpdatesDeferralPeriodInDays", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FeatureUpdatesPaused", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FeatureUpdatesPauseExpiryDateTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FeatureUpdatesPauseStartDate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FeatureUpdatesRollbackStartDateTime", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "FeatureUpdatesRollbackWindowInDays", + "Option": "Write" + }, + { + "CIMType": "MSFT_MicrosoftGraphwindowsUpdateInstallScheduleType", + "Name": "InstallationSchedule", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftUpdateServiceAllowed", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PostponeRebootUntilAfterDeadline", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrereleaseFeatures", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "QualityUpdatesDeferralPeriodInDays", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "QualityUpdatesPaused", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QualityUpdatesPauseExpiryDateTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QualityUpdatesPauseStartDate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QualityUpdatesRollbackStartDateTime", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ScheduleImminentRestartWarningInMinutes", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ScheduleRestartWarningInHours", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SkipChecksBeforeRestart", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UpdateNotificationLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UpdateWeeks", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserPauseAccess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UserWindowsUpdateScanAccess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_DeviceManagementConfigurationPolicyAssignments[]", + "Name": "Assignments", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_M365DSCRuleEvaluation", + "Parameters": [ + { + "CIMType": "String", + "Name": "ResourceName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "RuleDefinition", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "AfterRuleCountQuery", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_O365AdminAuditLogConfig", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "UnifiedAuditLogIngestionEnabled", + "Option": "Required" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_O365Group", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "MailNickName", + "Option": "Key" + }, + { + "CIMType": "string[]", + "Name": "ManagedBy", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "Members", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_O365OrgCustomizationSetting", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_O365OrgSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AppsAndServicesIsAppAndServicesTrialEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AppsAndServicesIsOfficeStoreEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "CortanaEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DynamicsCustomerVoiceIsInOrgFormsPhishingScanEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DynamicsCustomerVoiceIsRecordIdentityByDefaultEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DynamicsCustomerVoiceIsRestrictedSurveyAccessEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FormsIsBingImageSearchEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FormsIsExternalSendFormEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FormsIsExternalShareCollaborationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FormsIsExternalShareResultEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FormsIsExternalShareTemplateEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FormsIsInOrgFormsPhishingScanEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "FormsIsRecordIdentityByDefaultEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "M365WebEnableUsersToOpenFilesFrom3PStorage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MicrosoftVivaBriefingEmail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VivaInsightsWebExperience", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VivaInsightsDigestEmail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VivaInsightsOutlookAddInAndInlineSuggestions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VivaInsightsScheduleSendSuggestions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PlannerAllowCalendarSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ToDoIsExternalJoinEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ToDoIsExternalShareEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ToDoIsPushNotificationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AdminCenterReportDisplayConcealedNames", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InstallationOptionsUpdateChannel", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "InstallationOptionsAppsForWindows", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "InstallationOptionsAppsForMac", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_O365SearchAndIntelligenceConfigurations", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "ItemInsightsIsEnabledInOrganization", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ItemInsightsDisabledForGroup", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PersonInsightsIsEnabledInOrganization", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PersonInsightsDisabledForGroup", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_ODSettings", + "Parameters": [ + { + "CIMType": "string", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "uint32", + "Name": "OneDriveStorageQuota", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "OrphanedPersonalSitesRetentionPeriod", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OneDriveForGuestsEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NotifyOwnersWhenInvitationsAccepted", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NotificationsInOneDriveForBusinessEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ODBMembersCanShare", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ODBAccessRequests", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockMacSync", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableReportProblemDialog", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TenantRestrictionEnabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DomainGuids", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludedFileExtensions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GrooveBlockOption", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PlannerBucket", + "Parameters": [ + { + "CIMType": "string", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "PlanId", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "BucketId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PlannerPlan", + "Parameters": [ + { + "CIMType": "string", + "Name": "Title", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "OwnerGroup", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PlannerTaskAttachment", + "Parameters": [ + { + "CIMType": "String", + "Name": "Alias", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Uri", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Type", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PlannerTaskChecklistItem", + "Parameters": [ + { + "CIMType": "String", + "Name": "Title", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Completed", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PlannerTask", + "Parameters": [ + { + "CIMType": "string", + "Name": "PlanId", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Title", + "Option": "Key" + }, + { + "CIMType": "string[]", + "Name": "Categories", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "AssignedUsers", + "Option": "Write" + }, + { + "CIMType": "MSFT_PlannerTaskAttachment[]", + "Name": "Attachments", + "Option": "Write" + }, + { + "CIMType": "MSFT_PlannerTaskChecklistItem[]", + "Name": "Checklist", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Notes", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Bucket", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "TaskId", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "StartDateTime", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DueDateTime", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PercentComplete", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ConversationThreadId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PPPowerAppsEnvironment", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Location", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "EnvironmentSKU", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PPTenantRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "TenantName", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Direction", + "Option": "Required" + } + ] + }, + { + "ClassName": "MSFT_PPTenantIsolationSettings", + "Parameters": [ + { + "CIMType": "string", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_PPTenantRule[]", + "Name": "Rules", + "Option": "Write" + }, + { + "CIMType": "MSFT_PPTenantRule[]", + "Name": "RulesToInclude", + "Option": "Write" + }, + { + "CIMType": "MSFT_PPTenantRule[]", + "Name": "RulesToExclude", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_PPTenantSettings", + "Parameters": [ + { + "CIMType": "string", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "WalkMeOptOut", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableNPSCommentsReachout", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableNewsletterSendout", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableEnvironmentCreationByNonAdminUsers", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisablePortalsCreationByNonAdminUsers", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableSurveyFeedback", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableTrialEnvironmentCreationByNonAdminUsers", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableCapacityAllocationByEnvironmentAdmins", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableSupportTicketsVisibleByAllUsers", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableDocsSearch", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableCommunitySearch", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableBingVideoSearch", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableShareWithEveryone", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "EnableGuestsToMake", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "ShareWithColleaguesUserLimit", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCAuditConfigurationPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Workload", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCAutoSensitivityLabelPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplySensitivityLabel", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeSender", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeSenderException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeSenderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeSenderMemberOfException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Mode", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OneDriveLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddOneDriveLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveOneDriveLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddOneDriveLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveOneDriveLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OneDriveLocationException", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddSharePointLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveSharePointLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddSharePointLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveSharePointLocation", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCHeaderPattern", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Required" + }, + { + "CIMType": "String[]", + "Name": "Values", + "Option": "Required" + } + ] + }, + { + "ClassName": "MSFT_SCDLPSensitiveInformation", + "Parameters": [ + { + "CIMType": "String", + "Name": "name", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "maxconfidence", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "minconfidence", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "classifiertype", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "mincount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "maxcount", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCDLPLabel", + "Parameters": [ + { + "CIMType": "String", + "Name": "name", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "id", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "type", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCDLPContainsSensitiveInformationGroup", + "Parameters": [ + { + "CIMType": "MSFT_SCDLPSensitiveInformation[]", + "Name": "SensitiveInformation", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCDLPLabel[]", + "Name": "Labels", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Operator", + "Option": "Required" + } + ] + }, + { + "ClassName": "MSFT_SCDLPContainsSensitiveInformation", + "Parameters": [ + { + "CIMType": "MSFT_SCDLPSensitiveInformation[]", + "Name": "SensitiveInformation", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCDLPContainsSensitiveInformationGroup[]", + "Name": "Groups", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Operator", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCAutoSensitivityLabelRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Policy", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "AccessScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AnyOfRecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AnyOfRecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCDLPContainsSensitiveInformation", + "Name": "ContentContainsSensitiveInformation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContentExtensionMatchesWords", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Disabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DocumentIsPasswordProtected", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DocumentIsUnsupported", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfAccessScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfAnyOfRecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfAnyOfRecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCDLPContainsSensitiveInformation", + "Name": "ExceptIfContentContainsSensitiveInformation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfContentExtensionMatchesWords", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfDocumentIsPasswordProtected", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfDocumentIsUnsupported", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFrom", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfFromAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfFromAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfHeaderMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfProcessingLimitExceeded", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderIPRanges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExceptIfSubjectMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FromAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FromAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCHeaderPattern", + "Name": "HeaderMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ProcessingLimitExceeded", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ReportSeverityLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RuleErrorAction", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SenderIPRanges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SubjectMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Workload", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCCaseHoldPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Case", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PublicFolderLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCCaseHoldRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Policy", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContentMatchQuery", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Disabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCComplianceCase", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Status", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCComplianceSearch", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Case", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowNotFoundExchangeLocationsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContentMatchQuery", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocationExclusion", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "HoldNames", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IncludeUserAppContent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Language", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PublicFolderLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocationExclusion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCComplianceSearchAction", + "Parameters": [ + { + "CIMType": "String", + "Name": "Action", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "SearchName", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "FileTypeExclusionsForUnindexedItems", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableDedupe", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IncludeCredential", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IncludeSharePointDocumentVersions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PurgeType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RetryOnError", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ActionScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCFilePlanProperty", + "Parameters": [ + { + "CIMType": "String", + "Name": "FilePlanPropertyDepartment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FilePlanPropertyAuthority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FilePlanPropertyCategory", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FilePlanPropertyCitation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FilePlanPropertyReferenceId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "FilePlanPropertySubCategory", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCComplianceTag", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EventType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsRecordLabel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Notes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Regulatory", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCFilePlanProperty", + "Name": "FilePlanProperty", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ReviewerEmail", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetentionDuration", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetentionAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetentionType", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCDeviceConditionalAccessPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCDeviceConfigurationPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCDLPCompliancePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EndpointDlpLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "EndpointDlpLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OnPremisesScannerDlpLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OnPremisesScannerDlpLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PowerBIDlpLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PowerBIDlpLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ThirdPartyAppDlpLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ThirdPartyAppDlpLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeSenderMemberOf", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeSenderMemberOfException", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Mode", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OneDriveLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OneDriveLocationException", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TeamsLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TeamsLocationException", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCDLPComplianceRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Policy", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "AccessScope", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "BlockAccess", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockAccessScope", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCDLPContainsSensitiveInformation", + "Name": "ContentContainsSensitiveInformation", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCDLPContainsSensitiveInformation", + "Name": "ExceptIfContentContainsSensitiveInformation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ContentPropertyContainsWords", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Disabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "GenerateAlert", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "GenerateIncidentReport", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "IncidentReportContent", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "NotifyAllowOverride", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotifyEmailCustomText", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotifyPolicyTipCustomText", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "NotifyUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ReportSeverityLevel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RuleErrorAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfRecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AnyOfRecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RemoveRMSTemplate", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "StopPolicyProcessing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DocumentIsUnsupported", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfDocumentIsUnsupported", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "HasSenderOverride", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfHasSenderOverride", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ProcessingLimitExceeded", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfProcessingLimitExceeded", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DocumentIsPasswordProtected", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ExceptIfDocumentIsPasswordProtected", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "MessageTypeMatches", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FromScope", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromScope", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectOrBodyContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SubjectOrBodyMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ContentCharacterSetContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DocumentNameMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DocumentNameMatchesWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfRecipientAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfAnyOfRecipientAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfContentCharacterSetContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfContentPropertyContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfDocumentNameMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfDocumentNameMatchesWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfFromAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FromAddressContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "FromAddressMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfMessageTypeMatches", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfRecipientDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderDomainIs", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSenderIPRanges", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSentTo", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectOrBodyContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfSubjectOrBodyMatchesPatterns", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DocumentContainsWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SentToMemberOf", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ContentIsNotLabeled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SetHeader", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ContentExtensionMatchesWords", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExceptIfContentExtensionMatchesWords", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCFilePlanPropertyAuthority", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCFilePlanPropertyCategory", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCFilePlanPropertyCitation", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "CitationUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CitationJurisdiction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCFilePlanPropertyDepartment", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCFilePlanPropertyReferenceId", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCFilePlanPropertySubCategory", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Category", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCLabelSetting", + "Parameters": [ + { + "CIMType": "String", + "Name": "Key", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Value", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCLabelPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCLabelSetting[]", + "Name": "AdvancedSettings", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ModernGroupLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ModernGroupLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Labels", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddExchangeLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddModernGroupLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddModernGroupLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AddLabels", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveExchangeLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveModernGroupLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveModernGroupLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "RemoveLabels", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCProtectionAlert", + "Parameters": [ + { + "CIMType": "String[]", + "Name": "AlertBy", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AlertFor", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AggregationType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Category", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Disabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Filter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "NotificationCulture", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NotificationEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "NotifyUserOnFilterMatch", + "Option": "Write" + }, + { + "CIMType": "DateTime", + "Name": "NotifyUserSuppressionExpiryDate", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "NotifyUserThrottleThreshold", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "NotifyUserThrottleWindow", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "NotifyUser", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Operation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PrivacyManagementScopedSensitiveInformationTypes", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PrivacyManagementScopedSensitiveInformationTypesForCounting", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "PrivacyManagementScopedSensitiveInformationTypesThreshold", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Severity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ThreatType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Threshold", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "TimeWindow", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "VolumeThreshold", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCRetentionCompliancePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DynamicScopeLocation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExchangeLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ModernGroupLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ModernGroupLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OneDriveLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OneDriveLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PublicFolderLocation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RestrictiveRetention", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SharePointLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SkypeLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "SkypeLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TeamsChannelLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TeamsChannelLocationException", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TeamsChatLocation", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "TeamsChatLocationException", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCRetentionComplianceRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Policy", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExpirationDateOption", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ExcludedItemClasses", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContentMatchQuery", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetentionComplianceAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetentionDuration", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RetentionDurationDisplayHint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCRetentionEventType", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCSecurityFilter", + "Parameters": [ + { + "CIMType": "String", + "Name": "FilterName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Action", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Users", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Filters", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Region", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCLabelLocaleSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "localeKey", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCLabelSetting[]", + "Name": "LabelSettings", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCSensitivityLabel", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCLabelSetting[]", + "Name": "AdvancedSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Write" + }, + { + "CIMType": "MSFT_SCLabelLocaleSettings[]", + "Name": "LocaleSettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ParentId", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Tooltip", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyContentMarkingFooterAlignment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplyContentMarkingFooterEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyContentMarkingFooterFontColor", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ApplyContentMarkingFooterFontSize", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ApplyContentMarkingFooterMargin", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyContentMarkingFooterText", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyContentMarkingHeaderAlignment", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplyContentMarkingHeaderEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyContentMarkingHeaderFontColor", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ApplyContentMarkingHeaderFontSize", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ApplyContentMarkingHeaderMargin", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyContentMarkingHeaderText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ApplyWaterMarkingEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyWaterMarkingFontColor", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "ApplyWaterMarkingFontSize", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyWaterMarkingLayout", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplyWaterMarkingText", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "ContentType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EncryptionContentExpiredOnDateInDaysOrNever", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EncryptionDoNotForward", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EncryptionEncryptOnly", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EncryptionEnabled", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "EncryptionOfflineAccessDays", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EncryptionPromptUser", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EncryptionProtectionType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EncryptionRightsDefinitions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EncryptionRightsUrl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiteAndGroupProtectionAllowAccessToGuestUsers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiteAndGroupProtectionAllowEmailFromGuestUsers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiteAndGroupProtectionAllowFullAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiteAndGroupProtectionAllowLimitedAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiteAndGroupProtectionBlockAccess", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SiteAndGroupProtectionEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SiteAndGroupProtectionPrivacy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SiteAndGroupExternalSharingControlType", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCSupervisoryReviewPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Reviewers", + "Option": "Required" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SCSupervisoryReviewRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Policy", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Condition", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SamplingRate", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOAccessControlSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "DisplayStartASiteOption", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "StartASiteFormUrl", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "IPAddressEnforcement", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "IPAddressAllowList", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "IPAddressWACTokenLifetime", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisallowInfectedFileDownload", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ExternalServicesEnabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "EmailAttestationRequired", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "EmailAttestationReAuthDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ConditionalAccessPolicy", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOApp", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Path", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "Publish", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "Overwrite", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOBrowserIdleSignout", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SignOutAfter", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WarnAfter", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOHomeSite", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Url", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOHubSite", + "Parameters": [ + { + "CIMType": "string", + "Name": "Url", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Title", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "LogoUrl", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "RequiresJoinApproval", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "AllowedToJoin", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SiteDesignId", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOOrgAssetsLibrary", + "Parameters": [ + { + "CIMType": "String", + "Name": "LibraryUrl", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "CdnType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ThumbnailUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOPropertyBag", + "Parameters": [ + { + "CIMType": "String", + "Name": "Url", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Key", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSearchManagedProperty", + "Parameters": [ + { + "CIMType": "string", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Type", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "Searchable", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "FullTextIndex", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "FullTextContext", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "Queryable", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "Retrievable", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowMultipleValues", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Refinable", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Sortable", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "Safe", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "Aliases", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "TokenNormalization", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "CompleteMatching", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "LanguageNeutralTokenization", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "FinerQueryTokenization", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "MappedCrawledProperties", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "CompanyNameExtraction", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSearchResultSource", + "Parameters": [ + { + "CIMType": "string", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Protocol", + "Option": "Required" + }, + { + "CIMType": "string", + "Name": "SourceURL", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Type", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "QueryTransform", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ShowPartialSearch", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "UseAutoDiscover", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSharingSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "SharingCapability", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MySiteSharingCapability", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ShowEveryoneClaim", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ShowAllUsersClaim", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ShowEveryoneExceptExternalUsersClaim", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ProvisionSharedWithEveryoneFolder", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "EnableGuestSignInAcceleration", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "BccExternalSharingInvitations", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "BccExternalSharingInvitationsList", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "RequireAnonymousLinksExpireInDays", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "SharingAllowedDomainList", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "SharingBlockedDomainList", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SharingDomainRestrictionMode", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DefaultSharingLinkType", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "PreventExternalUsersFromResharing", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ShowPeoplePickerSuggestionsForGuestUsers", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "FileAnonymousLinkType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "FolderAnonymousLinkType", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "NotifyOwnersWhenItemsReshared", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DefaultLinkPermission", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "RequireAcceptingAccountMatchInvitedAccount", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ExternalUserExpirationRequired", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "ExternalUserExpireInDays", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSite", + "Parameters": [ + { + "CIMType": "string", + "Name": "Url", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Title", + "Option": "Required" + }, + { + "CIMType": "string", + "Name": "Owner", + "Option": "Required" + }, + { + "CIMType": "uint32", + "Name": "TimeZoneId", + "Option": "Required" + }, + { + "CIMType": "string", + "Name": "Template", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "HubUrl", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DisableFlows", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SharingCapability", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "StorageMaximumLevel", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "StorageWarningLevel", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowSelfServiceUpgrade", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "CommentsOnSitePagesDisabled", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DefaultLinkPermission", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DefaultSharingLinkType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DisableAppViews", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "DisableCompanyWideSharingLinks", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "LocaleId", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "DenyAddAndCustomizePages", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "RestrictedToRegion", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SharingAllowedDomainList", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SharingBlockedDomainList", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SharingDomainRestrictionMode", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ShowPeoplePickerSuggestionsForGuestUsers", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "AnonymousLinkExpirationInDays", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "SocialBarOnSitePagesDisabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "OverrideTenantAnonymousLinkExpirationPolicy", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSiteAuditSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "Url", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AuditFlags", + "Option": "Required" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSiteDesign", + "Parameters": [ + { + "CIMType": "string", + "Name": "Title", + "Option": "Key" + }, + { + "CIMType": "string[]", + "Name": "SiteScriptNames", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "WebTemplate", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsDefault", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "PreviewImageAltText", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "PreviewImageUrl", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "Version", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSiteDesignRights", + "Parameters": [ + { + "CIMType": "string", + "Name": "SiteDesignTitle", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Rights", + "Option": "Key" + }, + { + "CIMType": "string[]", + "Name": "UserPrincipals", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSiteGroup", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Url", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Owner", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "PermissionLevels", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOSiteScript", + "Parameters": [ + { + "CIMType": "string", + "Name": "Title", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Content", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOStorageEntity", + "Parameters": [ + { + "CIMType": "string", + "Name": "Key", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "EntityScope", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Value", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Comment", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "SiteUrl", + "Option": "Required" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOTenantCdnEnabled", + "Parameters": [ + { + "CIMType": "String", + "Name": "CdnType", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "Enable", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOTenantCDNPolicy", + "Parameters": [ + { + "CIMType": "string", + "Name": "CDNType", + "Option": "Key" + }, + { + "CIMType": "string[]", + "Name": "ExcludeRestrictedSiteClassifications", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "IncludeFileExtensions", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOTenantSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "uint32", + "Name": "MinCompatibilityLevel", + "Option": "Write" + }, + { + "CIMType": "uint32", + "Name": "MaxCompatibilityLevel", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "SearchResolveExactEmailOrUPN", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "OfficeClientADALDisabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "LegacyAuthProtocolsEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SignInAccelerationDomain", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "UsePersistentCookiesForExplorerView", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "UserVoiceForFeedbackEnabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "PublicCdnEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PublicCdnAllowedFileTypes", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "UseFindPeopleInPeoplePicker", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "NotificationsInSharePointEnabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "OwnerAnonymousNotification", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "ApplyAppEnforcedRestrictionsToAdHocRecipients", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "FilePickerExternalImageSearchEnabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "HideDefaultThemes", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "HideSyncButtonOnTeamSite", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MarkNewFilesSensitiveByDefault", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "DisabledWebPartIds", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "SocialBarOnSitePagesDisabled", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "CommentsOnSitePagesDisabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOThemePaletteProperty", + "Parameters": [ + { + "CIMType": "String", + "Name": "Property", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOTheme", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "IsInverted", + "Option": "Write" + }, + { + "CIMType": "MSFT_SPOThemePaletteProperty[]", + "Name": "Palette", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "CertificatePassword", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificatePath", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOUserProfilePropertyInstance", + "Parameters": [ + { + "CIMType": "String", + "Name": "Key", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Value", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_SPOUserProfileProperty", + "Parameters": [ + { + "CIMType": "String", + "Name": "UserName", + "Option": "Key" + }, + { + "CIMType": "MSFT_SPOUserProfilePropertyInstance[]", + "Name": "Properties", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "ApplicationSecret", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsAppPermissionPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GlobalCatalogAppsType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrivateCatalogAppsType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultCatalogAppsType", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "GlobalCatalogApps", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PrivateCatalogApps", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DefaultCatalogApps", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsAppSetupPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AppPresetList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AppPresetMeetingList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PinnedAppBarApps", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "PinnedMessageBarApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserPinning", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSideLoading", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsAudioConferencingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowTollFreeDialin", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MeetingInvitePhoneNumbers", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsCallHoldPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AudioFileId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsCallingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPrivateCalling", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowVoicemail", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCallGroups", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowDelegation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCallForwardingToUser", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCallForwardingToPhone", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowCallRedirect", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSIPDevicesCalling", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowWebPSTNCalling", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PreventTollBypass", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BusyOnBusyEnabledType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "CallRecordingExpirationDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MusicOnHoldEnabledType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SafeTransferEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCloudRecordingForCalls", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowTranscriptionforCalling", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LiveCaptionsEnabledTypeForCalling", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutoAnswerEnabledType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SpamFilteringEnabledType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsCallParkPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowCallPark", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "ParkTimeoutSeconds", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "PickupRangeEnd", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "PickupRangeStart", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsCallQueue", + "Parameters": [ + { + "CIMType": "String", + "Name": "Name", + "Option": "Key" + }, + { + "CIMType": "UInt16", + "Name": "AgentAlertTime", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowOptOut", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "DistributionLists", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseDefaultMusicOnHold", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WelcomeMusicAudioFileId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MusicOnHoldAudioFileId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowActionTarget", + "Option": "Write" + }, + { + "CIMType": "UInt16", + "Name": "OverflowThreshold", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutAction", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutActionTarget", + "Option": "Write" + }, + { + "CIMType": "UInt16", + "Name": "TimeoutThreshold", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoutingMethod", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "PresenceBasedRouting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ConferenceMode", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "Users", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LanguageId", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OboResourceAccountIds", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowDisconnectTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowDisconnectAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectPersonTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectPersonAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectVoiceAppTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectVoiceAppAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectPhoneNumberTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectPhoneNumberAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectVoicemailTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowRedirectVoicemailAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowSharedVoicemailTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OverflowSharedVoicemailAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableOverflowSharedVoicemailTranscription", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutDisconnectTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutDisconnectAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectPersonTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectPersonAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectVoiceAppTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectVoiceAppAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectPhoneNumberTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectPhoneNumberAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectVoicemailTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutRedirectVoicemailAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutSharedVoicemailTextToSpeechPrompt", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TimeoutSharedVoicemailAudioFilePrompt", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableTimeoutSharedVoicemailTranscription", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ChannelId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ChannelUserObjectId", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AuthorizedUsers", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsChannel", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "TeamName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "GroupID", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "NewDisplayName", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsChannelsPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowChannelSharingToExternalUser", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowOrgWideTeamCreation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnablePrivateTeamDiscovery", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPrivateChannelCreation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSharedChannelCreation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserToParticipateInExternalSharedChannel", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsChannelTab", + "Parameters": [ + { + "CIMType": "String", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "TeamName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "ChannelName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "TeamId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsApp", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "SortOrderIndex", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WebSiteUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ContentUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RemoveUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EntityId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsClientConfiguration", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "AllowBox", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowDropBox", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowEmailIntoChannel", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowGoogleDrive", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowGuestUser", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowOrganizationTab", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowResourceAccountSendMessage", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowScopedPeopleSearchandAccess", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowShareFile", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowSkypeBusinessInterop", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowEgnyte", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ContentPin", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ResourceAccountContentAccess", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "RestrictedSenderList", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsComplianceRecordingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "ComplianceRecordingApplications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableComplianceRecordingAudioNotificationForCalls", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "Enabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "WarnUserOnRemoval", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsCortanaPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "CortanaVoiceInvocationMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsDialInConferencingTenantSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowPSTNOnlyMeetingsByDefault", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutomaticallyMigrateUserMeetings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutomaticallyReplaceAcpProvider", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AutomaticallySendEmailsToUsers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableDialOutJoinConfirmation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableEntryExitNotifications", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EntryExitAnnouncementsType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaskPstnNumbersType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "PinLength", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsEmergencyCallingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnhancedEmergencyServiceDisclaimer", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalLocationLookupMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotificationDialOutNumber", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotificationGroup", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NotificationMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsEmergencyNumber", + "Parameters": [ + { + "CIMType": "String", + "Name": "EmergencyDialString", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EmergencyDialMask", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OnlinePSTNUsage", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsEmergencyCallRoutingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_TeamsEmergencyNumber[]", + "Name": "EmergencyNumbers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowEnhancedEmergencyServices", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsEnhancedEncryptionPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "CallingEndtoEndEncryptionEnabledType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MeetingEndToEndEncryption", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsEventsPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowEmailEditing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowEventIntegrations", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowWebinars", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowTownhalls", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedQuestionTypesInRegistrationForm", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedTownhallTypesForRecordingPublish", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedWebinarTypesForRecordingPublish", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EventAccessType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TownhallChatExperience", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "UseMicrosoftECDN", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsFederationConfiguration", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowFederatedUsers", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "AllowedDomains", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "BlockedDomains", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPublicUsers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowTeamsConsumer", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowTeamsConsumerInbound", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "TreatDiscoveredPartnersAsUnverified", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "SharedSipAddressSpace", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "RestrictTeamsConsumerToExternalUserProfiles", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsFeedbackPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "UserInitiatedMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ReceiveSurveysMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowScreenshotCollection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowEmailCollection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowLogCollection", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableFeatureSuggestions", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsFilesPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "NativeFileEntryPoints", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SPChannelFilesTab", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsGroupPolicyAssignment", + "Parameters": [ + { + "CIMType": "string", + "Name": "GroupDisplayName", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "GroupId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PolicyType", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "PolicyName", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsGuestCallingConfiguration", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowPrivateCalling", + "Option": "Required" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsGuestMeetingConfiguration", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "AllowIPVideo", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "LiveCaptionsEnabledType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ScreenSharingMode", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowMeetNow", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowTranscription", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsGuestMessagingConfiguration", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserEditMessage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserDeleteMessage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserChat", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserDeleteChat", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "GiphyRatingType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMemes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowStickers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowGiphy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowImmersiveReader", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsIPPhonePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "AllowBetterTogether", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowHomeScreen", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowHotDesking", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "HotDeskingIdleTimeoutInMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SearchOnCommonAreaPhoneMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SignInMode", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsMeetingBroadcastConfiguration", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "SupportURL", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSdnProviderForBroadcastMeeting", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SdnProviderName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SdnLicenseId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SdnApiTemplateUrl", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SdnApiToken", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsMeetingBroadcastPolicy", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowBroadcastScheduling", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowBroadcastTranscription", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BroadcastAttendeeVisibilityMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BroadcastRecordingMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsMeetingConfiguration", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "LogoURL", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LegalURL", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "HelpURL", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CustomFooterText", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableAnonymousJoin", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableQoS", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ClientAudioPort", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ClientAudioPortRange", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ClientVideoPort", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ClientVideoPortRange", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ClientAppSharingPort", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ClientMediaPortRangeEnabled", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "ClientAppSharingPortRange", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsMeetingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowChannelMeetingScheduling", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMeetNow", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPrivateMeetNow", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MeetingChatEnabledType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LiveCaptionsEnabledType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowIPAudio", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowIPVideo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowEngagementReport", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IPAudioMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IPVideoMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowAnonymousUsersToDialOut", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowAnonymousUsersToStartMeeting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPrivateMeetingScheduling", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AutoAdmittedUsers", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPSTNUsersToBypassLobby", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCloudRecording", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowRecordingStorageOutsideRegion", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DesignatedPresenterRoleMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowOutlookAddIn", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPowerPointSharing", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowParticipantGiveRequestControl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowExternalParticipantGiveRequestControl", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowSharedNotes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowWhiteboard", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowTranscription", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MediaBitRateKb", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ScreenSharingMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "VideoFiltersMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowOrganizersToOverrideLobbySettings", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PreferredMeetingProviderForIslandsMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowNDIStreaming", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowUserToJoinExternalMeeting", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EnrollUserOverride", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoomAttributeUserOverride", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "StreamingAttendeeMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsCameraFarEndPTZMode", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMeetingReactions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "WhoCanRegister", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowAnnotations", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowAnonymousUsersToJoinMeeting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMeetingCoach", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMeetingRegistration", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowNetworkConfigurationSettingsLookup", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowWatermarkForCameraVideo", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowWatermarkForScreenSharing", + "Option": "Write" + }, + { + "CIMType": "SInt32", + "Name": "NewMeetingRecordingExpirationDays", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowCartCaptionsScheduling", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowDocumentCollaboration", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowedStreamingMediaInput", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "BlockedAnonymousJoinClientTypes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ChannelRecordingDownload", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExplicitRecordingConsent", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ForceStreamingAttendeeMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "InfoShownInReportMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LiveInterpretationEnabledType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LiveStreamingMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MeetingInviteLanguages", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "QnAEngagementMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "RoomPeopleNameUserOverride", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SpeakerAttributionMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsMessagingPolicy", + "Parameters": [ + { + "CIMType": "string", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "boolean", + "Name": "AllowCommunicationComplianceEndUserReporting", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowFluidCollaborate", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowSecurityEndUserReporting", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowGiphy", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowMemes", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowOwnerDeleteMessage", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowUserEditMessage", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowSmartCompose", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowSmartReply", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowStickers", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowUrlPreviews", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowUserChat", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowUserDeleteMessage", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowUserTranslation", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowImmersiveReader", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowRemoveUser", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowPriorityMessages", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowUserDeleteChat", + "Option": "Write" + }, + { + "CIMType": "boolean", + "Name": "AllowVideoMessages", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "GiphyRatingType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ReadReceiptsEnabledType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "ChannelsInChatListEnabledType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "AudioMessageEnabledType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Tenant", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsMobilityPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IPAudioMobileMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "IPVideoMobileMode", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MobileDialerPreference", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsNetworkRoamingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowIPVideo", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "UInt64", + "Name": "MediaBitRateKb", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsOnlineVoicemailPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "EnableEditingCallAnswerRulesSetting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableTranscription", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableTranscriptionProfanityMasking", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableTranscriptionTranslation", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "MaximumRecordingLength", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PrimarySystemPromptLanguage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SecondarySystemPromptLanguage", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ShareData", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsOnlineVoicemailUserSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "CallAnswerRule", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultGreetingPromptOverwrite", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "DefaultOofGreetingPromptOverwrite", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OofGreetingEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OofGreetingFollowAutomaticRepliesEnabled", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OofGreetingFollowCalendarEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "PromptLanguage", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ShareData", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TransferTarget", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "VoicemailEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsOnlineVoiceUser", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "LocationID", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TelephoneNumber", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsOrgWideAppSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "IsSideloadedAppsInteractionEnabled", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsPstnUsage", + "Parameters": [ + { + "CIMType": "String", + "Name": "Usage", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsShiftsPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "UInt64", + "Name": "AccessGracePeriodMinutes", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AccessType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableScheduleOwnerPermissions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableShiftPresence", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ShiftNoticeFrequency", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ShiftNoticeMessageCustom", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ShiftNoticeMessageType", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTeam", + "Parameters": [ + { + "CIMType": "string", + "Name": "DisplayName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "GroupID", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "MailNickName", + "Option": "Write" + }, + { + "CIMType": "string[]", + "Name": "Owner", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Visibility", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowAddRemoveApps", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowGiphy", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "GiphyContentRating", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowStickersAndMemes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCustomMemes", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserEditMessages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowUserDeleteMessages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowOwnerDeleteMessages", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowDeleteChannels", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCreateUpdateRemoveConnectors", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCreateUpdateRemoveTabs", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowTeamMentions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowChannelMentions", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowGuestCreateUpdateChannels", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowGuestDeleteChannels", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCreateUpdateChannels", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ShowInTeamsSearchAndSuggestions", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTemplatesPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "HiddenTemplates", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsVoiceNormalizationRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Pattern", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Translation", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsInternalExtension", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTenantDialPlan", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "MSFT_TeamsVoiceNormalizationRule[]", + "Name": "NormalizationRules", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalAccessPrefix", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "OptimizeDeviceDialing", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SimpleName", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTenantNetworkRegion", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "CentralSite", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTenantNetworkSite", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EmergencyCallingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "EmergencyCallRoutingPolicy", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "EnableLocationBasedRouting", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "LocationPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkRegionID", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkRoamingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SiteAddress", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTenantNetworkSubnet", + "Parameters": [ + { + "CIMType": "UInt32", + "Name": "MaskBits", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NetworkSiteID", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTenantTrustedIPAddress", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "MaskBits", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsTranslationRule", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Pattern", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Translation", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsUnassignedNumberTreatment", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Pattern", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Target", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TargetType", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "TreatmentPriority", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsUpdateManagementPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowManagedUpdates", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowPreview", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "AllowPublicPreview", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "UpdateDayOfWeek", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UpdateTime", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UpdateTimeOfDay", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UseNewTeamsClient", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsUpgradeConfiguration", + "Parameters": [ + { + "CIMType": "String", + "Name": "IsSingleInstance", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "DownloadTeams", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "SfBMeetingJoinUx", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsUpgradePolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "Users", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "MigrateMeetingsToTeams", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsUser", + "Parameters": [ + { + "CIMType": "string", + "Name": "TeamName", + "Option": "Key" + }, + { + "CIMType": "string", + "Name": "User", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Role", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsUserCallingSettings", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "GroupNotificationOverride", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CallGroupOrder", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "CallGroupTargets", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsUnansweredEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UnansweredDelay", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UnansweredTarget", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "UnansweredTargetType", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "IsForwardingEnabled", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ForwardingType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ForwardingTargetType", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ForwardingTarget", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsUserPolicyAssignment", + "Parameters": [ + { + "CIMType": "string", + "Name": "User", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "CallingLineIdentity", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ExternalAccessPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OnlineVoicemailPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "OnlineVoiceRoutingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsAppPermissionPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsAppSetupPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsAudioConferencingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsCallHoldPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsCallingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsCallParkPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsChannelsPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsEmergencyCallingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsEmergencyCallRoutingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsEnhancedEncryptionPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsEventsPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsMeetingBroadcastPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsMeetingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsMessagingPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsMobilityPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsUpdateManagementPolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TeamsUpgradePolicy", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantDialPlan", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsVdiPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "DisableAudioVideoInCallsAndMeetings", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "DisableCallsAndMeetings", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsVoiceRoute", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "NumberPattern", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OnlinePstnGatewayList", + "Option": "Write" + }, + { + "CIMType": "String[]", + "Name": "OnlinePstnUsages", + "Option": "Write" + }, + { + "CIMType": "UInt32", + "Name": "Priority", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsVoiceRoutingPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "String[]", + "Name": "OnlinePstnUsages", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + }, + { + "ClassName": "MSFT_TeamsWorkloadPolicy", + "Parameters": [ + { + "CIMType": "String", + "Name": "Identity", + "Option": "Key" + }, + { + "CIMType": "Boolean", + "Name": "AllowCalling", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowCallingPinned", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMeeting", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMeetingPinned", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMessaging", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "AllowMessagingPinned", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "Description", + "Option": "Write" + }, + { + "CIMType": "string", + "Name": "Ensure", + "Option": "Write" + }, + { + "CIMType": "MSFT_Credential", + "Name": "Credential", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "ApplicationId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "TenantId", + "Option": "Write" + }, + { + "CIMType": "String", + "Name": "CertificateThumbprint", + "Option": "Write" + }, + { + "CIMType": "Boolean", + "Name": "ManagedIdentity", + "Option": "Write" + } + ] + } +] diff --git a/README.md b/README.md index 0108add004..4ca478af56 100644 --- a/README.md +++ b/README.md @@ -45,7 +45,11 @@ This is the branch containing the latest release. No contributions should be mad [![AzureCloud - Full-Circle - TEAMS](https://github.com/microsoft/Microsoft365DSC/actions/workflows/AzureCloud%20-%20Full-Circle%20-%20TEAMS.yml/badge.svg)](https://github.com/microsoft/Microsoft365DSC/actions/workflows/AzureCloud%20-%20Full-Circle%20-%20TEAMS.yml) -[![AzureCloud - Integration](https://github.com/microsoft/Microsoft365DSC/actions/workflows/AzureCloud%20-%20Integration.yml/badge.svg)](https://github.com/microsoft/Microsoft365DSC/actions/workflows/AzureCloud%20-%20Integration.yml) +[![Global - Integration - AAD](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Global%20-%20Integration%20-%20AAD.yml/badge.svg)](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Global%20-%20Integration%20-%20AAD.yml) + +[![Global - Integration - EXO](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Global%20-%20Integration%20-%20EXO.yml/badge.svg)](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Global%20-%20Integration%20-%20EXO.yml) + +[![Global - Integration - INTUNE](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Global%20-%20Integration%20-%20INTUNE.yml/badge.svg)](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Global%20-%20Integration%20-%20INTUNE.yml) [![Unit Tests](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Unit%20Tests.yml/badge.svg)](https://github.com/microsoft/Microsoft365DSC/actions/workflows/Unit%20Tests.yml) diff --git a/ResourceGenerator/Module.Template.psm1 b/ResourceGenerator/Module.Template.psm1 index 1c1a8b5afd..541e34e93c 100644 --- a/ResourceGenerator/Module.Template.psm1 +++ b/ResourceGenerator/Module.Template.psm1 @@ -258,7 +258,7 @@ function Test-TargetResource $CurrentValues = Get-TargetResource @PSBoundParameters $ValuesToCheck = ([Hashtable]$PSBoundParameters).clone() - if ($CurrentValues.Ensure -ne $PSBoundParameters.Ensure) + if ($CurrentValues.Ensure -ne $Ensure) { Write-Verbose -Message "Test-TargetResource returned $false" return $false diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 index 088923b9ee..918571ce7a 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.AAD.Create.Tests.ps1 @@ -25,7 +25,17 @@ MembershipRule = "(user.country -eq `"Canada`")" MembershipRuleProcessingState = 'On' MembershipType = 'Dynamic' - Ensure = 'Present' + ScopedRoleMembers = @( + MSFT_MicrosoftGraphScopedRoleMembership + { + RoleName = 'User Administrator' + RoleMemberInfo = MSFT_MicrosoftGraphMember + { + Identity = "admin@$Domain" + Type = "User" + } + } + ) Credential = $Credscredential } AADApplication 'AADApp1' diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Create.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Create.Tests.ps1 index 7f5f58570e..b1b1aca5d5 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Create.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Create.Tests.ps1 @@ -344,7 +344,7 @@ } EXOMailTips 'OrgWideMailTips' { - Organization = $Domain + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True MailTipsGroupMetricsEnabled = $True MailTipsLargeAudienceThreshold = 100 diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Update.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Update.Tests.ps1 index fc2fbae073..8b35477834 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Update.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.EXO.Update.Tests.ps1 @@ -675,8 +675,8 @@ { Name = "Integration Address Book" AddressLists = @('\All Users') - DiffRetentionPeriod = "30" - IsDefault = $false # Updated Property + DiffRetentionPeriod = "60" # Updated Property + IsDefault = $true Ensure = "Present" Credential = $Credscredential } diff --git a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 index a9463d7e84..d524887a3e 100644 --- a/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 +++ b/Tests/Integration/Microsoft365DSC/M365DSCIntegration.INTUNE.Create.Tests.ps1 @@ -1697,7 +1697,7 @@ HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 25; ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 b/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 index d4f856f750..7a21fd4b45 100644 --- a/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 +++ b/Tests/QA/Microsoft365DSC.SettingsJson.Tests.ps1 @@ -15,7 +15,7 @@ Describe -Name 'Successfully import Settings.json files' { } } -Describe -Name 'Successfully validate all used permissions in Settings.json files' { +Describe -Name 'Successfully validate all used permissions in Settings.json files ' { BeforeAll { $data = Invoke-WebRequest -Uri 'https://graphpermissions.azurewebsites.net/api/GetPermissionList' $roles = $data.Content.Split('|')[0].Split(',') @@ -25,7 +25,7 @@ Describe -Name 'Successfully validate all used permissions in Settings.json file $delegated = $data.Content.Split('|')[1].Split(',') } - It "Permissions used in settings.json file for '' should exist" -TestCases $settingsFiles { + It "Permissions used in settings.json file for '' should exist" -TestCases $settingsFiles { $json = Get-Content -Path $FullName -Raw $settings = ConvertFrom-Json -InputObject $json foreach ($permission in $settings.permissions.graph.application.read) @@ -33,10 +33,65 @@ Describe -Name 'Successfully validate all used permissions in Settings.json file # Only validate non-GUID (hidden) permissions. $ObjectGuid = [System.Guid]::empty # There is an issue where the GUI shows Tasks.Read.All but the OAuth value is actually Tasks.Read - if (-not [System.Guid]::TryParse($permission.Name ,[System.Management.Automation.PSReference]$ObjectGuid) -and + if (-not [System.Guid]::TryParse($permission.Name , [System.Management.Automation.PSReference]$ObjectGuid) -and $permission.Name -ne 'Tasks.Read.All') { - $permission.Name | Should -BeIn $roles + $permission.Name | Should -BeIn $roles -ErrorAction Continue + } + } + foreach ($permission in $settings.permissions.graph.application.write) + { + # Only validate non-GUID (hidden) permissions. + $ObjectGuid = [System.Guid]::empty + if (-not [System.Guid]::TryParse($permission.Name , [System.Management.Automation.PSReference]$ObjectGuid)) + { + $permission.Name | Should -BeIn $roles -ErrorAction Continue + } + } + } + + It "Should use the least permissions for ''" -TestCase $settingsFiles { + $json = Get-Content -Path $FullName -Raw + $settings = ConvertFrom-Json -InputObject $json + + $allowedPermissions = @() + + if ($settings.ResourceName -like 'Teams*') + { + $allowedPermissions = @( + 'Organization.Read.All', + 'User.Read.All', + 'Group.ReadWrite.All', + 'AppCatalog.ReadWrite.All', + 'TeamSettings.ReadWrite.All', + 'Channel.Delete.All', + 'ChannelSettings.ReadWrite.All', + 'ChannelMember.ReadWrite.All' + ) + } + + if ($settings.ResourceName -like 'AADAuthenticationMethod*' -or $settings.ResourceName -eq 'AADAuthenticationStrengthPolicy') + { + $allowedPermissions = @( + 'Policy.ReadWrite.AuthenticationMethod' + ) + } + + if ($settings.ResourceName -eq 'O365OrgSettings') + { + $allowedPermissions = @( + 'Application.ReadWrite.All' + ) + } + + foreach ($permission in $settings.permissions.graph.application.read) + { + $ObjectGuid = [System.Guid]::empty + # There is an issue where the GUI shows Tasks.Read.All but the OAuth value is actually Tasks.Read + if (-not [System.Guid]::TryParse($permission.Name , [System.Management.Automation.PSReference]$ObjectGuid) -and + $permission.Name -ne 'Tasks.Read.All' -and -not ($permission.Name -in $allowedPermissions)) + { + $permission.Name | Should -BeLike '*.Read.*' -ErrorAction Continue } } } diff --git a/Tests/TestHarness.psm1 b/Tests/TestHarness.psm1 index bcfbdc4cb9..4eb369f6e9 100644 --- a/Tests/TestHarness.psm1 +++ b/Tests/TestHarness.psm1 @@ -68,17 +68,17 @@ function Invoke-TestHarness $testsToRun += @( $commonTestFiles.FullName ) $filesToExecute = @() - if ($DscTestsPath -ne "") - { - $filesToExecute += $DscTestsPath - } - else - { - foreach ($testToRun in $testsToRun) - { - $filesToExecute += $testToRun - } - } + if ($DscTestsPath -ne '') + { + $filesToExecute += $DscTestsPath + } + else + { + foreach ($testToRun in $testsToRun) + { + $filesToExecute += $testToRun + } + } $Params = [ordered]@{ Path = $filesToExecute @@ -94,6 +94,9 @@ function Invoke-TestHarness Output = @{ Verbosity = 'Normal' } + Should = @{ + ErrorAction = 'Continue' + } } if ([String]::IsNullOrEmpty($TestResultsFile) -eq $false) @@ -169,6 +172,9 @@ function Invoke-QualityChecksHarness Output = @{ Verbosity = 'Detailed' } + Should = @{ + ErrorAction = 'Continue' + } } $results = Invoke-Pester -Configuration $Configuration diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAdministrativeUnit.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAdministrativeUnit.Tests.ps1 index d9766a734b..99a2807bec 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAdministrativeUnit.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.AADAdministrativeUnit.Tests.ps1 @@ -151,7 +151,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { It 'Should return Values from the Get method' { (Get-TargetResource @testParams).Ensure | Should -Be 'Present' } - + It 'Should return false from the Test method' { Test-TargetResource @testParams | Should -Be $false } @@ -161,6 +161,39 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Should -Invoke -CommandName Invoke-MgGraphRequest -Exactly 1 } } + + Context -Name 'The AU exists and values are already in desired state - without ID/Ensure' -Fixture { + BeforeAll { + $testParams = @{ + Description = 'FakeStringValue2' + DisplayName = 'FakeStringValue2' + Credential = $Credential + } + + Mock -CommandName Get-MgBetaDirectoryAdministrativeUnit -MockWith { + return @{ + Description = 'FakeStringValue2' + DisplayName = 'FakeStringValue2' + Id = 'FakeStringValue2' + } + } + Mock -CommandName Get-MgBetaDirectoryAdministrativeUnitMember -MockWith { + return $null + } + Mock -CommandName Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember -MockWith { + return $null + } + } + + It 'Should return Values from the Get method' { + (Get-TargetResource @testParams).Ensure | Should -Be 'Present' + } + + It 'Should return true from the Test method' { + Test-TargetResource @testParams | Should -Be $true + } + } + Context -Name 'The AU Exists and Values are already in the desired state' -Fixture { BeforeAll { $testParams = @{ diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOMailTips.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOMailTips.Tests.ps1 index f7a8f5cb63..e266eba092 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOMailTips.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.EXOMailTips.Tests.ps1 @@ -40,7 +40,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'MailTips are Disabled and should be Enabled' -Fixture { BeforeAll { $testParams = @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True Ensure = 'Present' Credential = $Credential @@ -73,7 +73,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'MailTipsGroupMetricsEnabled are Disabled and should be Enabled' -Fixture { BeforeAll { $testParams = @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsGroupMetricsEnabled = $True Ensure = 'Present' Credential = $Credential @@ -106,7 +106,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'MailTipsLargeAudienceThreshold are 25 and should be 50' -Fixture { BeforeAll { $testParams = @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsLargeAudienceThreshold = 50 Ensure = 'Present' Credential = $Credential @@ -139,7 +139,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'MailTipsMailboxSourcedTipsEnabled are Disabled and should be Enabled' -Fixture { BeforeAll { $testParams = @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsMailboxSourcedTipsEnabled = $True Ensure = 'Present' Credential = $Credential @@ -168,7 +168,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'MailTipsExternalRecipientsTipsEnabled are Disabled and should be Enabled' -Fixture { BeforeAll { $testParams = @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsExternalRecipientsTipsEnabled = $True Ensure = 'Present' Credential = $Credential @@ -201,7 +201,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'MailTips are Enabled and should be Enabled' -Fixture { BeforeAll { $testParams = @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True MailTipsLargeAudienceThreshold = 10 MailTipsMailboxSourcedTipsEnabled = $True @@ -234,7 +234,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'Organization Configuration is null' -Fixture { BeforeAll { $testParams = @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True Ensure = 'Present' Credential = $Credential @@ -260,7 +260,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-OrganizationConfig -MockWith { return @{ - Organization = 'contoso.onmicrosoft.com' + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True MailTipsGroupMetricsEnabled = $True MailTipsLargeAudienceThreshold = $True diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.Tests.ps1 index 2ed971ac91..6913e720b6 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.Tests.ps1 @@ -73,7 +73,23 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { } }) } - + Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicyAssignment -MockWith { + return @(@{ + Id = '12345-12345-12345-12345-12345' + Source = 'direct' + SourceId = '12345-12345-12345-12345-12345' + Target = @{ + DeviceAndAppManagementAssignmentFilterId = '12345-12345-12345-12345-12345' + DeviceAndAppManagementAssignmentFilterType = 'none' + AdditionalProperties = @( + @{ + '@odata.type' = '#microsoft.graph.exclusionGroupAssignmentTarget' + groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' + } + ) + } + }) + } # Mock Write-Host to hide output during the tests Mock -CommandName Write-Host -MockWith { } @@ -84,10 +100,10 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name "When the instance doesn't already exist" -Fixture { BeforeAll { $testParams = @{ - Assignments = @( + Assignments = [CimInstance[]]@( (New-CimInstance -ClassName MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' - CollectionId = '26d60dd1-fab6-47bf-8656-358194c1a49d' + groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' } -ClientOnly) ) Credential = $Credential @@ -123,7 +139,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Assignments = [CimInstance[]]@( (New-CimInstance -ClassName MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' - CollectionId = '26d60dd1-fab6-47bf-8656-358194c1a49d' + groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' } -ClientOnly) ) Credential = $Credential @@ -139,29 +155,27 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' Description = 'My Test Description' Name = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - children = @() - value = "device_vendor_msft_laps_policies_backupdirectory_1" + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + choiceSettingValue = @{ + children = @() + value = "device_vendor_msft_laps_policies_backupdirectory_1" + } } } + AdditionalProperties = $null } - AdditionalProperties = $null } } + Mock -CommandName Update-DeviceManagementConfigurationPolicy -MockWith { } } @@ -191,7 +205,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Assignments = [CimInstance[]]@( (New-CimInstance -ClassName MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' - CollectionId = '26d60dd1-fab6-47bf-8656-358194c1a49d' + groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' } -ClientOnly) ) BackupDirectory = '1' @@ -202,27 +216,24 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' Description = 'My Test Description' Name = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - children = @() - value = "device_vendor_msft_laps_policies_backupdirectory_1" + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + choiceSettingValue = @{ + children = @() + value = "device_vendor_msft_laps_policies_backupdirectory_1" + } } } + AdditionalProperties = $null } - AdditionalProperties = $null } } } @@ -238,7 +249,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Assignments = @( (New-CimInstance -ClassName MSFT_IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' - CollectionId = '26d60dd1-fab6-47bf-8656-358194c1a49d' + groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' } -ClientOnly) ) Credential = $Credential @@ -253,27 +264,24 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' Description = 'My Test Description' Name = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - children = @() - value = "device_vendor_msft_laps_policies_backupdirectory_1" + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + choiceSettingValue = @{ + children = @() + value = "device_vendor_msft_laps_policies_backupdirectory_1" + } } } + AdditionalProperties = $null } - AdditionalProperties = $null } } } @@ -308,27 +316,24 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { TemplateReference = @{ TemplateId = 'adc46e5a-f4aa-4ff6-aeff-4f27bc525796_1' } - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - children = @() - value = "device_vendor_msft_laps_policies_backupdirectory_1" + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_laps_policies_backupdirectory' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'a3270f64-e493-499d-8900-90290f61ed8a' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + choiceSettingValue = @{ + children = @() + value = "device_vendor_msft_laps_policies_backupdirectory_1" + } } } + AdditionalProperties = $null } - AdditionalProperties = $null } } } diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalUserGroupMembershipPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalUserGroupMembershipPolicy.Tests.ps1 index d7c738d6a1..f7d1a937f2 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalUserGroupMembershipPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionLocalUserGroupMembershipPolicy.Tests.ps1 @@ -68,7 +68,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name "When the instance doesn't already exist" -Fixture { BeforeAll { $testParams = @{ - Assignments = @( + Assignments = [ciminstance[]]@( (New-CimInstance -ClassName MSFT_IntuneAccountProtectionLocalUserGroupMembershipPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' DeviceAndAppManagementAssignmentFilterType = 'none' @@ -80,7 +80,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { DisplayName = 'My Test' Ensure = 'Present' Identity = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - LocalUserGroupCollection = @( + LocalUserGroupCollection = [ciminstance[]]@( (New-CimInstance -ClassName MSFT_IntuneAccountProtectionLocalUserGroupCollection -Property @{ LocalGroups = @('administrators', 'users') Members = @('S-1-12-1-1167842105-1150511762-402702254-1917434032') @@ -124,7 +124,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { DisplayName = 'My Test' Ensure = 'Present' Identity = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - LocalUserGroupCollection = @( + LocalUserGroupCollection = [ciminstance[]]@( (New-CimInstance -ClassName MSFT_IntuneAccountProtectionLocalUserGroupCollection -Property @{ LocalGroups = @('administrators') Members = @('S-1-12-1-1167842105-1150511762-402702254-1917434032') @@ -139,78 +139,77 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' Description = 'My Test Description' Name = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - groupSettingCollectionValue = @( - @{ - children = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' - 'groupSettingCollectionValue' = @( - @{ - 'children' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' - 'children' = @( + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + groupSettingCollectionValue = @( + @{ + children = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' + 'groupSettingCollectionValue' = @( + @{ + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' + 'simpleSettingCollectionValue' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' + 'value' = 'Non-existant value' + } + ) + } + ) + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_remove_update' + 'children' = @() + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' + 'choiceSettingCollectionValue' = @( @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' - 'simpleSettingCollectionValue' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' - 'value' = 'Non-existant value' - } - ) + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_users' + 'children' = @() } ) } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_remove_update' - 'children' = @() - } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' - 'choiceSettingCollectionValue' = @( - @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_users' - 'children' = @() - } - ) - } - ) - } - ) - } - ) - } - ) + ) + } + ) + } + ) + } + ) + } } + AdditionalProperties = $null } - AdditionalProperties = $null } } + + Mock -CommandName Update-DeviceManagementConfigurationPolicy -MockWith { } } @@ -259,76 +258,73 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' Description = 'My Test Description' Name = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - groupSettingCollectionValue = @( - @{ - children = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' - 'groupSettingCollectionValue' = @( - @{ - 'children' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' - 'children' = @( + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + groupSettingCollectionValue = @( + @{ + children = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' + 'groupSettingCollectionValue' = @( + @{ + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' + 'simpleSettingCollectionValue' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' + 'value' = 'S-1-12-1-1167842105-1150511762-402702254-1917434032' + } + ) + } + ) + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_add_update' + 'children' = @() + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' + 'choiceSettingCollectionValue' = @( @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' - 'simpleSettingCollectionValue' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' - 'value' = 'S-1-12-1-1167842105-1150511762-402702254-1917434032' - } - ) + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_administrators' + 'children' = @() } ) } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_add_update' - 'children' = @() - } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' - 'choiceSettingCollectionValue' = @( - @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_administrators' - 'children' = @() - } - ) - } - ) - } - ) - } - ) - } - ) + ) + } + ) + } + ) + } + ) + } } + AdditionalProperties = $null } - AdditionalProperties = $null } } } @@ -368,76 +364,73 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' Description = 'My Test Description' Name = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - groupSettingCollectionValue = @( - @{ - children = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' - 'groupSettingCollectionValue' = @( - @{ - 'children' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' - 'children' = @( + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + groupSettingCollectionValue = @( + @{ + children = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' + 'groupSettingCollectionValue' = @( + @{ + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' + 'simpleSettingCollectionValue' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' + 'value' = 'S-1-12-1-1167842105-1150511762-402702254-1917434032' + } + ) + } + ) + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_add_update' + 'children' = @() + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' + 'choiceSettingCollectionValue' = @( @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' - 'simpleSettingCollectionValue' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' - 'value' = 'S-1-12-1-1167842105-1150511762-402702254-1917434032' - } - ) + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_administrators' + 'children' = @() } ) } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_add_update' - 'children' = @() - } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' - 'choiceSettingCollectionValue' = @( - @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_administrators' - 'children' = @() - } - ) - } - ) - } - ) - } - ) - } - ) + ) + } + ) + } + ) + } + ) + } } + AdditionalProperties = $null } - AdditionalProperties = $null } } } @@ -472,80 +465,77 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { TemplateReference = @{ TemplateId = '5dd36540-eb22-4e7e-b19c-2a07772ba627_1' } - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - groupSettingCollectionValue = @( - @{ - children = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' - 'groupSettingCollectionValue' = @( - @{ - 'children' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' - 'children' = @( + Settings = @{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_policy_config_localusersandgroups_configure' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = 'de06bec1-4852-48a0-9799-cf7b85992d45' + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + groupSettingCollectionValue = @( + @{ + children = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationGroupSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup' + 'groupSettingCollectionValue' = @( + @{ + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_userselectiontype_users' + 'children' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' + 'simpleSettingCollectionValue' = @( + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' + 'value' = 'S-1-12-1-1167842105-1150511762-402702254-1917434032' + } + ) + } + ) + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' + 'choiceSettingValue' = @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_add_update' + 'children' = @() + } + }, + @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' + 'choiceSettingCollectionValue' = @( + @{ + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_administrators' + 'children' = @() + }, @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationSimpleSettingCollectionInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_users' - 'simpleSettingCollectionValue' = @( - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationStringSettingValue' - 'value' = 'S-1-12-1-1167842105-1150511762-402702254-1917434032' - } - ) + 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_users' + 'children' = @() } ) } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action' - 'choiceSettingValue' = @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_action_add_update' - 'children' = @() - } - }, - @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - 'settingDefinitionId' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc' - 'choiceSettingCollectionValue' = @( - @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_administrators' - 'children' = @() - }, - @{ - 'value' = 'device_vendor_msft_policy_config_localusersandgroups_configure_groupconfiguration_accessgroup_desc_users' - 'children' = @() - } - ) - } - ) - } - ) - } - ) - } - ) + ) + } + ) + } + ) + } + ) + } } + AdditionalProperties = $null } - AdditionalProperties = $null } } } diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionPolicy.Tests.ps1 index 19e09bc2af..ce354ae843 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAccountProtectionPolicy.Tests.ps1 @@ -68,18 +68,33 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { } } - Mock -CommandName Get-MgBetaDeviceManagementIntentAssignment -MockWith { - return @(@{ - target = @{ - deviceAndAppManagementAssignmentFilterType = 'none' - deviceAndAppManagementAssignmentFilterId = $null - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.exclusionGroupAssignmentTarget' - groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' - } - } - }) + Mock -CommandName Get-MgBetaDeviceManagementIntent -MockWith { + return @{ + Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' + Description = 'My Test Description' + DisplayName = 'My Test' + Assignments = @(@{ + target = @{ + deviceAndAppManagementAssignmentFilterType = 'none' + deviceAndAppManagementAssignmentFilterId = $null + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.exclusionGroupAssignmentTarget' + groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' + } + } + }) + Settings = @(@{ + Id = 0 + DefinitionId = 'deviceConfiguration--windowsIdentityProtectionConfiguration_useSecurityKeyForSignin' + ValueJson = 'true' + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementBooleanSettingInstance' + value = $true + } + }) + } } + Mock -CommandName Update-DeviceConfigurationPolicyAssignment -MockWith { } @@ -142,27 +157,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { DisplayName = 'My Test' Ensure = 'Present' Identity = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - UseSecurityKeyForSignin = $true - } - - Mock -CommandName Get-MgBetaDeviceManagementIntent -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - DisplayName = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementIntentSetting -MockWith { - return @(@{ - Id = 0 - DefinitionId = 'deviceConfiguration--windowsIdentityProtectionConfiguration_useSecurityKeyForSignin' - ValueJson = 'false' - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementBooleanSettingInstance' - value = $false - } - }) + UseSecurityKeyForSignin = $false } Mock -CommandName Update-MgBetaDeviceManagementIntent -MockWith { } @@ -201,26 +196,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { } -ClientOnly) ) } - - Mock -CommandName Get-MgBetaDeviceManagementIntent -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - DisplayName = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementIntentSetting -MockWith { - return @(@{ - Id = 0 - DefinitionId = 'deviceConfiguration--windowsIdentityProtectionConfiguration_useSecurityKeyForSignin' - ValueJson = 'true' - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementBooleanSettingInstance' - value = $true - } - }) - } } It 'Should return true from the Test method' { @@ -244,26 +219,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Ensure = 'Absent' Identity = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' } - - Mock -CommandName Get-MgBetaDeviceManagementIntent -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - DisplayName = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementIntentSetting -MockWith { - return @(@{ - Id = 0 - DefinitionId = 'deviceConfiguration--windowsIdentityProtectionConfiguration_useSecurityKeyForSignin' - ValueJson = 'false' - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementBooleanSettingInstance' - value = $false - } - }) - } } It 'Should return Present from the Get method' { @@ -287,26 +242,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { $testParams = @{ Credential = $Credential } - - Mock -CommandName Get-MgBetaDeviceManagementIntent -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - DisplayName = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementIntentSetting -MockWith { - return @(@{ - Id = 0 - DefinitionId = 'deviceConfiguration--windowsIdentityProtectionConfiguration_useSecurityKeyForSignin' - ValueJson = 'false' - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementBooleanSettingInstance' - value = $false - } - }) - } } It 'Should Reverse Engineer resource from the Export method' { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAntivirusPolicyWindows10SettingCatalog.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAntivirusPolicyWindows10SettingCatalog.Tests.ps1 index 74d382be01..11e38dfd2d 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAntivirusPolicyWindows10SettingCatalog.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAntivirusPolicyWindows10SettingCatalog.Tests.ps1 @@ -47,25 +47,64 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { TemplateId = 'd02f2162-fcac-48db-9b7b-b0a3f160d2c2_1' } } - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicyAssignment -MockWith { + + Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicy -MockWith { return @{ - Id = '12345-12345-12345-12345-12345' - Source = 'direct' - SourceId = '12345-12345-12345-12345-12345' - Target = @{ - DeviceAndAppManagementAssignmentFilterId = '12345-12345-12345-12345-12345' - DeviceAndAppManagementAssignmentFilterType = 'none' - AdditionalProperties = @( - @{ - '@odata.type' = '#microsoft.graph.exclusionGroupAssignmentTarget' - groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' - } - ) + Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' + Description = 'My Test Description' + Name = 'My Test' + TemplateReference = @{ + TemplateId = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1' + TemplateFamily = 'endpointSecurityAntivirus' } + Settings = @(@{ + Id = 0 + SettingDefinitions = $null + SettingInstance = @{ + SettingDefinitionId = 'device_vendor_msft_policy_config_defender_allowarchivescanning' + SettingInstanceTemplateReference = @{ + SettingInstanceTemplateId = '7c5c9cde-f74d-4d11-904f-de4c27f72d89' + AdditionalProperties = $null + } + AdditionalProperties = @{ + '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' + choiceSettingValue = @{ + value = 'device_vendor_msft_policy_config_defender_allowarchivescanning_0' #drift + settingValueTemplateReference = @{ + settingValueTemplateId = '9ead75d4-6f30-4bc5-8cc5-ab0f999d79f0' + useTemplateDefault = $false + } + children = $null + } + } + + } + AdditionalProperties = $null + }) } } + + Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicyAssignment -MockWith { + return @(@{ + Id = '12345-12345-12345-12345-12345' + Source = 'direct' + SourceId = '12345-12345-12345-12345-12345' + Target = @{ + DeviceAndAppManagementAssignmentFilterId = '12345-12345-12345-12345-12345' + DeviceAndAppManagementAssignmentFilterType = 'none' + AdditionalProperties = @( + @{ + '@odata.type' = '#microsoft.graph.exclusionGroupAssignmentTarget' + groupId = '26d60dd1-fab6-47bf-8656-358194c1a49d' + } + ) + } + }) + } + Mock -CommandName Update-DeviceConfigurationPolicyAssignment -MockWith { } + # Mock Write-Host to hide output during the tests Mock -CommandName Write-Host -MockWith { } @@ -76,7 +115,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { BeforeAll { $testParams = @{ allowarchivescanning = '1' - Assignments = @( + Assignments = [CimInstance[]]@( (New-CimInstance -ClassName MSFT_DeviceManagementConfigurationPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' DeviceAndAppManagementAssignmentFilterType = 'none' @@ -115,7 +154,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { BeforeAll { $testParams = @{ allowarchivescanning = '1' - Assignments = @( + Assignments = [CimInstance[]]@( (New-CimInstance -ClassName MSFT_DeviceManagementConfigurationPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' DeviceAndAppManagementAssignmentFilterType = 'none' @@ -130,41 +169,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { templateId = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1' Identity = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicy -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - Name = 'My Test' - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_defender_allowarchivescanning' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = '7c5c9cde-f74d-4d11-904f-de4c27f72d89' - AdditionalProperties = $null - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - value = 'device_vendor_msft_policy_config_defender_allowarchivescanning_0' #drift - settingValueTemplateReference = @{ - settingValueTemplateId = '9ead75d4-6f30-4bc5-8cc5-ab0f999d79f0' - useTemplateDefault = $false - } - children = $null - } - } - - } - AdditionalProperties = $null - } - } } It 'Should return Present from the Get method' { @@ -184,8 +188,8 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'When the instance already exists and IS in the Desired State' -Fixture { BeforeAll { $testParams = @{ - allowarchivescanning = '1' - Assignments = @( + allowarchivescanning = '0' + Assignments = [CimInstance[]]@( (New-CimInstance -ClassName MSFT_DeviceManagementConfigurationPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' DeviceAndAppManagementAssignmentFilterType = 'none' @@ -200,42 +204,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { templateId = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1' Identity = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicy -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - Name = 'My Test' - TemplateReference = @{templateId = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1' } - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_defender_allowarchivescanning' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = '7c5c9cde-f74d-4d11-904f-de4c27f72d89' - AdditionalProperties = $null - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - value = 'device_vendor_msft_policy_config_defender_allowarchivescanning_1' - settingValueTemplateReference = @{ - settingValueTemplateId = '9ead75d4-6f30-4bc5-8cc5-ab0f999d79f0' - useTemplateDefault = $false - } - children = $null - } - } - - } - AdditionalProperties = $null - } - } } It 'Should return true from the Test method' { @@ -246,8 +214,8 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'When the instance exists and it SHOULD NOT' -Fixture { BeforeAll { $testParams = @{ - allowarchivescanning = '1' - Assignments = @( + allowarchivescanning = '0' + Assignments = [CimInstance[]]@( (New-CimInstance -ClassName MSFT_DeviceManagementConfigurationPolicyAssignments -Property @{ DataType = '#microsoft.graph.exclusionGroupAssignmentTarget' DeviceAndAppManagementAssignmentFilterType = 'none' @@ -262,42 +230,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { templateId = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1' Identity = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicy -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - Name = 'My Test' - TemplateReference = @{templateId = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1' } - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_defender_allowarchivescanning' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = '7c5c9cde-f74d-4d11-904f-de4c27f72d89' - AdditionalProperties = $null - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - value = 'device_vendor_msft_policy_config_defender_allowarchivescanning_1' - settingValueTemplateReference = @{ - settingValueTemplateId = '9ead75d4-6f30-4bc5-8cc5-ab0f999d79f0' - useTemplateDefault = $false - } - children = $null - } - } - - } - AdditionalProperties = $null - } - } } It 'Should return Present from the Get method' { @@ -321,45 +253,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { $testParams = @{ Credential = $Credential } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicy -MockWith { - return @{ - Id = '619bd4a4-3b3b-4441-bd6f-3f4c0c444870' - Description = 'My Test Description' - Name = 'My Test policy' - TemplateReference = @{ - templateId = 'd948ff9b-99cb-4ee0-8012-1fbc09685377_1' - templateFamily = 'endpointSecurityAntivirus' - } - } - } - - Mock -CommandName Get-MgBetaDeviceManagementConfigurationPolicySetting -MockWith { - return @{ - Id = 0 - SettingDefinitions = $null - SettingInstance = @{ - SettingDefinitionId = 'device_vendor_msft_policy_config_defender_allowarchivescanning' - SettingInstanceTemplateReference = @{ - SettingInstanceTemplateId = '7c5c9cde-f74d-4d11-904f-de4c27f72d89' - AdditionalProperties = $null - } - AdditionalProperties = @{ - '@odata.type' = '#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance' - choiceSettingValue = @{ - value = 'device_vendor_msft_policy_config_defender_allowarchivescanning_1' - settingValueTemplateReference = @{ - settingValueTemplateId = '9ead75d4-6f30-4bc5-8cc5-ab0f999d79f0' - useTemplateDefault = $false - } - children = $null - } - } - - } - AdditionalProperties = $null - } - } } It 'Should Reverse Engineer resource from the Export method' { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAppConfigurationPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAppConfigurationPolicy.Tests.ps1 index c503c826ec..926700fdfd 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAppConfigurationPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneAppConfigurationPolicy.Tests.ps1 @@ -67,7 +67,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { } It 'Should return absent from the Get method' { - (Get-TargetResource @testParams).Ensure | Should -Be 'Absent' + (Get-TargetResource @testParams ).Ensure | Should -Be 'Absent' } It 'Should return false from the Test method' { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneApplicationControlPolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneApplicationControlPolicyWindows10.Tests.ps1 index 71d0b9db9d..77b72e6eea 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneApplicationControlPolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneApplicationControlPolicyWindows10.Tests.ps1 @@ -85,7 +85,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { $testParams = @{ DisplayName = 'Test App Configuration Policy' Description = 'Test Definition' - Assignments = (New-CimInstance -ClassName MSFT_DeviceManagementConfigurationPolicyAssignments -Property @{ + Assignments = [CimInstance[]]@(New-CimInstance -ClassName MSFT_DeviceManagementConfigurationPolicyAssignments -Property @{ groupId = '123456789' dataType = '#microsoft.graph.groupAssignmentTarget' deviceAndAppManagementAssignmentFilterType = 'include' @@ -104,13 +104,13 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { } } Mock -CommandName Get-MgBetaDeviceManagementIntentSetting -MockWith { - return @{ - DisplayName = 'Test App Configuration Policy' - Description = 'Different Value' - Id = 'A_19dbaff5-9aff-48b0-a60d-d0471ddaf141' + return @(@{ + #DisplayName = 'Test App Configuration Policy' + #Description = 'Different Value' + #Id = 'A_19dbaff5-9aff-48b0-a60d-d0471ddaf141' DefinitionId = 'appLockerApplicationControl' ValueJSON = "'true'" - } + }) } Mock -CommandName Get-MgBetaDeviceManagementIntentAssignment -MockWith { return @( @@ -167,13 +167,13 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { } Mock -CommandName Get-MgBetaDeviceManagementIntentSetting -MockWith { - return @{ + return @(@{ DisplayName = 'Test App Configuration Policy' Description = 'Test Definition' Id = 'A_19dbaff5-9aff-48b0-a60d-d0471ddaf141' DefinitionId = 'appLockerApplicationControl' ValueJSON = "'true'" - } + }) } Mock -CommandName Get-MgBetaDeviceManagementIntentAssignment -MockWith { return @( diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 index 0c7f8e3b5e..3db238b35c 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceConfigurationScepCertificatePolicyWindows10.Tests.ps1 @@ -54,16 +54,22 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-MgBetaDeviceManagementDeviceConfigurationAssignment -MockWith { } - Mock -CommandName Get-DeviceConfigurationPolicyRootCertificateId -MockWith { - return "00000000-0000-0000-0000-000000000000" + Mock -CommandName Get-DeviceConfigurationPolicyRootCertificate -MockWith { + return @{ + Id = "00000000-0000-0000-0000-000000000000" + DisplayName = "RootCertificate" + } } Mock -CommandName Update-DeviceConfigurationPolicyRootCertificateId -MockWith { } } + # Test contexts Context -Name "The IntuneDeviceConfigurationScepCertificatePolicyWindows10 should exist but it DOES NOT" -Fixture { BeforeAll { + $RootCertificateId = ([Guid]::Empty).ToString() + $testParams = @{ CertificateStore = "user" certificateValidityPeriodScale = "days" @@ -86,14 +92,15 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" subjectAlternativeNameType = "none" subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" - RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = "RootCertificate" Ensure = "Present" Credential = $Credential; } @@ -101,6 +108,17 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-MgBetaDeviceManagementDeviceConfiguration -MockWith { return $null } + + Mock -CommandName Get-MgBetaDeviceManagementDeviceConfiguration -ParameterFilter { $DeviceConfigurationId -eq $RootCertificateId } -MockWith { + $AdditionalProperties = @{} + $AdditionalProperties.'@odata.type' = "#microsoft.graph.windows81TrustedRootCertificate" + + return @{ + Id = $RootCertificateId + DisplayName = "RootCertificate" + AdditionalProperties = $AdditionalProperties + } + } } It 'Should return Values from the Get method' { (Get-TargetResource @testParams).Ensure | Should -Be 'Absent' @@ -138,14 +156,15 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" subjectAlternativeNameType = "none" subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" - RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = "RootCertificate" Ensure = 'Absent' Credential = $Credential; } @@ -225,7 +244,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" @@ -233,6 +252,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateDisplayName = "RootCertificate" Ensure = 'Present' Credential = $Credential; } @@ -283,6 +303,8 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name "The IntuneDeviceConfigurationScepCertificatePolicyWindows10 exists and values are NOT in the desired state" -Fixture { BeforeAll { + $RootCertificateId = ([Guid]::Empty).ToString() + $testParams = @{ CertificateStore = "user" certificateValidityPeriodScale = "days" @@ -305,14 +327,15 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" KeySize = "size1024" keyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp" - KeyUsage = "keyEncipherment" + KeyUsage = @("keyEncipherment") renewalThresholdPercentage = 25 ScepServerUrls = @("FakeStringValue") SubjectAlternativeNameFormatString = "FakeStringValue" subjectAlternativeNameType = "none" subjectNameFormat = "commonName" SubjectNameFormatString = "FakeStringValue" - RootCertificateId = "00000000-0000-0000-0000-000000000000" + RootCertificateId = $RootCertificateId + RootCertificateDisplayName = "RootCertificate" Ensure = 'Present' Credential = $Credential; } @@ -352,6 +375,17 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { id = "FakeStringValue" } } + + Mock -CommandName Get-MgBetaDeviceManagementDeviceConfiguration -ParameterFilter { $DeviceConfigurationId -eq $RootCertificateId } -MockWith { + $AdditionalProperties = @{} + $AdditionalProperties.'@odata.type' = "#microsoft.graph.windows81TrustedRootCertificate" + + return @{ + Id = $RootCertificateId + DisplayName = "RootCertificate" + AdditionalProperties = $AdditionalProperties + } + } } It 'Should return Values from the Get method' { diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 index f2cd9a0bf8..fff5f3b7ea 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.IntuneDeviceEnrollmentStatusPageWindows10.Tests.ps1 @@ -24,20 +24,27 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { $secpasswd = ConvertTo-SecureString 'f@kepassword1' -AsPlainText -Force $Credential = New-Object System.Management.Automation.PSCredential ('tenantadmin@mydomain.com', $secpasswd) - Mock -CommandName Confirm-M365DSCDependencies -MockWith { - } + Mock -CommandName Confirm-M365DSCDependencies -MockWith {} - Mock -CommandName Get-PSSession -MockWith { - } + Mock -CommandName Get-PSSession -MockWith {} - Mock -CommandName Remove-PSSession -MockWith { - } + Mock -CommandName Remove-PSSession -MockWith {} - Mock -CommandName Update-MgBetaDeviceManagementDeviceEnrollmentConfiguration -MockWith { - } + Mock -CommandName Update-MgBetaDeviceManagementDeviceEnrollmentConfiguration -MockWith {} - Mock -CommandName Remove-MgBetaDeviceManagementDeviceEnrollmentConfiguration -MockWith { - } + Mock -CommandName Remove-MgBetaDeviceManagementDeviceEnrollmentConfiguration -MockWith {} + + Mock -CommandName Get-MgBetaDeviceAppManagementMobileApp -MockWith { + return @{ + DisplayName = 'FakeStringValue' + } + } -ParameterFilter { $MobileAppId } + + Mock -CommandName Get-MgBetaDeviceAppManagementMobileApp -MockWith { + return @{ + Id = 'FakeGuidValue' + } + } -ParameterFilter { $Filter} Mock -CommandName New-M365DSCConnection -MockWith { return 'Credentials' @@ -47,11 +54,9 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { return @() } - Mock -CommandName Update-DeviceConfigurationPolicyAssignment -MockWith { - } + Mock -CommandName Update-DeviceConfigurationPolicyAssignment -MockWith {} - Mock Update-DeviceEnrollmentConfigurationPriority { - } + Mock Update-DeviceEnrollmentConfigurationPriority {} # Mock Write-Host to hide output during the tests Mock -CommandName Write-Host -MockWith { @@ -137,7 +142,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { disableUserStatusTrackingAfterFirstUser = $True installQualityUpdates = $True showInstallationProgress = $True - selectedMobileAppIds = @('FakeStringValue') + selectedMobileAppIds = @('FakeGuidValue') blockDeviceSetupRetryByUser = $True allowDeviceUseOnInstallFailure = $True customErrorMessage = 'FakeStringValue' @@ -163,6 +168,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Should -Invoke -CommandName Remove-MgBetaDeviceManagementDeviceEnrollmentConfiguration -Exactly 1 } } + Context -Name 'The IntuneDeviceEnrollmentStatusPageWindows10 Exists and Values are already in the desired state' -Fixture { BeforeAll { $testParams = @{ @@ -178,7 +184,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { DisableUserStatusTrackingAfterFirstUser = $True InstallProgressTimeoutInMinutes = 25 InstallQualityUpdates = $True - SelectedMobileAppIds = @('FakeStringValue') + SelectedMobileAppIds = @('FakeGuidValue') ShowInstallationProgress = $True TrackInstallProgressForAutopilotOnly = $True Ensure = 'Present' @@ -196,7 +202,59 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { disableUserStatusTrackingAfterFirstUser = $True installQualityUpdates = $True showInstallationProgress = $True - selectedMobileAppIds = @('FakeStringValue') + selectedMobileAppIds = @('FakeGuidValue') + blockDeviceSetupRetryByUser = $True + allowDeviceUseOnInstallFailure = $True + customErrorMessage = 'FakeStringValue' + allowNonBlockingAppInstallation = $True + allowLogCollectionOnInstallFailure = $True + allowDeviceResetOnInstallFailure = $True + installProgressTimeoutInMinutes = 25 + } + Priority = 25 + } + } + } + + It 'Should return true from the Test method' { + Test-TargetResource @testParams | Should -Be $true + } + } + + Context -Name 'The IntuneDeviceEnrollmentStatusPageWindows10 Exists and Values are already in the desired state, using SelectedMobileAppNames' -Fixture { + BeforeAll { + $testParams = @{ + Id = 'FakeStringValue' + DisplayName = 'FakeStringValue' + Description = 'FakeStringValue' + AllowDeviceResetOnInstallFailure = $True + AllowDeviceUseOnInstallFailure = $True + AllowLogCollectionOnInstallFailure = $True + AllowNonBlockingAppInstallation = $True + BlockDeviceSetupRetryByUser = $True + CustomErrorMessage = 'FakeStringValue' + DisableUserStatusTrackingAfterFirstUser = $True + InstallProgressTimeoutInMinutes = 25 + InstallQualityUpdates = $True + SelectedMobileAppNames = @('FakeStringValue') + ShowInstallationProgress = $True + TrackInstallProgressForAutopilotOnly = $True + Ensure = 'Present' + Credential = $Credential + } + + Mock -CommandName Get-MgBetaDeviceManagementDeviceEnrollmentConfiguration -MockWith { + return @{ + Id = 'FakeStringValue' + DisplayName = 'FakeStringValue' + Description = 'FakeStringValue' + AdditionalProperties = @{ + trackInstallProgressForAutopilotOnly = $True + '@odata.type' = '#microsoft.graph.windows10EnrollmentCompletionPageConfiguration' + disableUserStatusTrackingAfterFirstUser = $True + installQualityUpdates = $True + showInstallationProgress = $True + selectedMobileAppIds = @('FakeGuidValue') blockDeviceSetupRetryByUser = $True allowDeviceUseOnInstallFailure = $True customErrorMessage = 'FakeStringValue' @@ -231,7 +289,60 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { DisableUserStatusTrackingAfterFirstUser = $True InstallProgressTimeoutInMinutes = 25 InstallQualityUpdates = $True - SelectedMobileAppIds = @('FakeStringValue') + SelectedMobileAppIds = @('FakeGuidValue') + ShowInstallationProgress = $True + TrackInstallProgressForAutopilotOnly = $True + Ensure = 'Present' + Credential = $Credential + } + + Mock -CommandName Get-MgBetaDeviceManagementDeviceEnrollmentConfiguration -MockWith { + return @{ + Id = 'FakeStringValue' + DisplayName = 'FakeStringValue' + Description = 'FakeStringValue' + AdditionalProperties = @{ + installProgressTimeoutInMinutes = 7 + customErrorMessage = 'FakeStringValue' + trackInstallProgressForAutopilotOnly = $False + selectedMobileAppIds = @('FakeGuidValue') + showInstallationProgress = $False + } + Priority = 7 + } + } + } + + It 'Should return Values from the Get method' { + (Get-TargetResource @testParams).Ensure | Should -Be 'Present' + } + + It 'Should return false from the Test method' { + Test-TargetResource @testParams | Should -Be $false + } + + It 'Should call the Set method' { + Set-TargetResource @testParams + Should -Invoke -CommandName Update-MgBetaDeviceManagementDeviceEnrollmentConfiguration -Exactly 1 + } + } + + Context -Name 'The IntuneDeviceEnrollmentStatusPageWindows10 exists and values are NOT in the desired state, using SelectedMobileAppNames' -Fixture { + BeforeAll { + $testParams = @{ + Id = 'FakeStringValue' + DisplayName = 'FakeStringValue' + Description = 'FakeStringValue' + AllowDeviceResetOnInstallFailure = $True + AllowDeviceUseOnInstallFailure = $True + AllowLogCollectionOnInstallFailure = $True + AllowNonBlockingAppInstallation = $True + BlockDeviceSetupRetryByUser = $True + CustomErrorMessage = 'FakeStringValue' + DisableUserStatusTrackingAfterFirstUser = $True + InstallProgressTimeoutInMinutes = 25 + InstallQualityUpdates = $True + SelectedMobileAppNames = @('FakeStringValue') ShowInstallationProgress = $True TrackInstallProgressForAutopilotOnly = $True Ensure = 'Present' @@ -247,7 +358,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { installProgressTimeoutInMinutes = 7 customErrorMessage = 'FakeStringValue' trackInstallProgressForAutopilotOnly = $False - selectedMobileAppIds = @('FakeStringValue') + selectedMobileAppIds = @('FakeGuidValue') showInstallationProgress = $False } Priority = 7 @@ -288,7 +399,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { disableUserStatusTrackingAfterFirstUser = $True installQualityUpdates = $True showInstallationProgress = $True - selectedMobileAppIds = @('FakeStringValue') + selectedMobileAppIds = @('FakeGuidValue') blockDeviceSetupRetryByUser = $True allowDeviceUseOnInstallFailure = $True customErrorMessage = 'FakeStringValue' diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.SPOAccessControlSettings.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.SPOAccessControlSettings.Tests.ps1 index 345d7f8f16..18c49a5985 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.SPOAccessControlSettings.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.SPOAccessControlSettings.Tests.ps1 @@ -48,8 +48,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { IPAddressEnforcement = $false #IPAddressAllowList = "" #would generate an error while writing this resource IPAddressWACTokenLifetime = 15 - CommentsOnSitePagesDisabled = $false - SocialBarOnSitePagesDisabled = $false DisallowInfectedFileDownload = $false ExternalServicesEnabled = $true EmailAttestationRequired = $false @@ -63,8 +61,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { IPAddressEnforcement = $false #IPAddressAllowList = "" #would generate an error while writing this resource IPAddressWACTokenLifetime = 15 - CommentsOnSitePagesDisabled = $false - SocialBarOnSitePagesDisabled = $false DisallowInfectedFileDownload = $false ExternalServicesEnabled = $true EmailAttestationRequired = $false @@ -79,8 +75,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { IPAddressEnforcement = $false #IPAddressAllowList = "" #would generate an error while writing this resource IPAddressWACTokenLifetime = 20 - CommentsOnSitePagesDisabled = $true - SocialBarOnSitePagesDisabled = $false DisallowInfectedFileDownload = $false ExternalServicesEnabled = $true EmailAttestationRequired = $false @@ -113,8 +107,6 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { IPAddressEnforcement = $false #IPAddressAllowList = "" #would generate an error while writing this resource IPAddressWACTokenLifetime = 15 - CommentsOnSitePagesDisabled = $false - SocialBarOnSitePagesDisabled = $false DisallowInfectedFileDownload = $false ExternalServicesEnabled = $true EmailAttestationRequired = $false diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsGuestMeetingConfiguration.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsGuestMeetingConfiguration.Tests.ps1 index a57c69135a..947f7b3794 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsGuestMeetingConfiguration.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsGuestMeetingConfiguration.Tests.ps1 @@ -37,11 +37,13 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-CsTeamsGuestMeetingConfiguration -MockWith { return @{ - Identity = 'Global' - AllowIPVideo = $true - ScreenSharingMode = 'Disabled' - AllowMeetNow = $false - Credential = $Credential + Identity = 'Global' + AllowIPVideo = $true + LiveCaptionsEnabledType = 'Disabled' + ScreenSharingMode = 'Disabled' + AllowMeetNow = $false + AllowTranscription = $false + Credential = $Credential } } @@ -57,16 +59,18 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'When settings are correctly set' -Fixture { BeforeAll { $testParams = @{ - Identity = 'Global' - AllowIPVideo = $true - ScreenSharingMode = 'Disabled' - AllowMeetNow = $false - Credential = $Credential + Identity = 'Global' + AllowIPVideo = $true + LiveCaptionsEnabledType = 'Disabled' + ScreenSharingMode = 'Disabled' + AllowMeetNow = $false + AllowTranscription = $false + Credential = $Credential } } It 'Should return true for the AllowIPVideo property from the Get method' { - (Get-TargetResource @testParams).AllowIPVideo | Should -Be $True + (Get-TargetResource @testParams).AllowIPVideo | Should -Be $true } It 'Should return true from the Test method' { @@ -81,16 +85,17 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Context -Name 'When settings are NOT correctly set' -Fixture { BeforeAll { $testParams = @{ - Identity = 'Global' - AllowIPVideo = $false # Drifted - ScreenSharingMode = 'Disabled' - AllowMeetNow = $false - Credential = $Credential + Identity = 'Global' + AllowIPVideo = $false # Drifted + LiveCaptionsEnabledType = 'Disabled' + ScreenSharingMode = 'Disabled' + AllowMeetNow = $false + Credential = $Credential } } It 'Should return true for the AllowIPVideo property from the Get method' { - (Get-TargetResource @testParams).AllowIPVideo | Should -Be $True + (Get-TargetResource @testParams).AllowIPVideo | Should -Be $true } It 'Should return false from the Test method' { diff --git a/Tests/Unit/Stubs/Microsoft365.psm1 b/Tests/Unit/Stubs/Microsoft365.psm1 index 72f1b9c480..3523d2be0b 100644 --- a/Tests/Unit/Stubs/Microsoft365.psm1 +++ b/Tests/Unit/Stubs/Microsoft365.psm1 @@ -81125,6 +81125,495 @@ function Update-MgBetaDeviceAppManagementPolicySetAssignment $Confirm ) } +#endregion + +#region MgBetaDeviceAppManagementMobileApp +function Get-MgBetaDeviceAppManagementMobileApp +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $MobileAppId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [System.String[]] + $ExpandProperty, + + [Parameter()] + [System.String[]] + $Property, + + [Parameter()] + [System.String] + $Filter, + + [Parameter()] + [System.String] + $Search, + + [Parameter()] + [System.Int32] + $Skip, + + [Parameter()] + [System.String[]] + $Sort, + + [Parameter()] + [System.Int32] + $Top, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials, + + [Parameter()] + [System.Int32] + $PageSize, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $All, + + [Parameter()] + [System.String] + $CountVariable + ) +} + +function New-MgBetaDeviceAppManagementMobileApp +{ + [CmdletBinding()] + param + ( + [Parameter()] + [PSObject] + $BodyParameter, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Collections.Hashtable] + $AdditionalProperties, + + [Parameter()] + [PSObject[]] + $Assignments, + + [Parameter()] + [PSObject[]] + $Categories, + + [Parameter()] + [System.DateTime] + $CreatedDateTime, + + [Parameter()] + [System.Int32] + $DependentAppCount, + + [Parameter()] + [System.String] + $Description, + + [Parameter()] + [System.String] + $Developer, + + [Parameter()] + [System.String] + $DisplayName, + + [Parameter()] + [System.String] + $Id, + + [Parameter()] + [System.String] + $InformationUrl, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $IsAssigned, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $IsFeatured, + + [Parameter()] + [PSObject] + $LargeIcon, + + [Parameter()] + [System.DateTime] + $LastModifiedDateTime, + + [Parameter()] + [System.String] + $Notes, + + [Parameter()] + [System.String] + $Owner, + + [Parameter()] + [System.String] + $PrivacyInformationUrl, + + [Parameter()] + [System.String] + $Publisher, + + [Parameter()] + [PSObject] + $PublishingState, + + [Parameter()] + [PSObject[]] + $Relationships, + + [Parameter()] + [System.String[]] + $RoleScopeTagIds, + + [Parameter()] + [System.Int32] + $SupersededAppCount, + + [Parameter()] + [System.Int32] + $SupersedingAppCount, + + [Parameter()] + [System.Int32] + $UploadState, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials + ) +} + +function Remove-MgBetaDeviceAppManagementMobileApp +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $MobileAppId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $PassThru, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials + ) +} + +function Set-MgBetaDeviceAppManagementMobileApp +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $MobileAppId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [PSObject] + $BodyParameter, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Collections.Hashtable] + $AdditionalProperties, + + [Parameter()] + [PSObject[]] + $MobileAppAssignments, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $PassThru, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials + ) +} + +function Update-MgBetaDeviceAppManagementMobileApp +{ + [CmdletBinding()] + param + ( + [Parameter()] + [System.String] + $MobileAppId, + + [Parameter()] + [PSObject] + $InputObject, + + [Parameter()] + [PSObject] + $BodyParameter, + + [Parameter()] + [System.String] + $ResponseHeadersVariable, + + [Parameter()] + [System.Collections.Hashtable] + $AdditionalProperties, + + [Parameter()] + [PSObject[]] + $Assignments, + + [Parameter()] + [PSObject[]] + $Categories, + + [Parameter()] + [System.DateTime] + $CreatedDateTime, + + [Parameter()] + [System.Int32] + $DependentAppCount, + + [Parameter()] + [System.String] + $Description, + + [Parameter()] + [System.String] + $Developer, + + [Parameter()] + [System.String] + $DisplayName, + + [Parameter()] + [System.String] + $Id, + + [Parameter()] + [System.String] + $InformationUrl, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $IsAssigned, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $IsFeatured, + + [Parameter()] + [PSObject] + $LargeIcon, + + [Parameter()] + [System.DateTime] + $LastModifiedDateTime, + + [Parameter()] + [System.String] + $Notes, + + [Parameter()] + [System.String] + $Owner, + + [Parameter()] + [System.String] + $PrivacyInformationUrl, + + [Parameter()] + [System.String] + $Publisher, + + [Parameter()] + [PSObject] + $PublishingState, + + [Parameter()] + [PSObject[]] + $Relationships, + + [Parameter()] + [System.String[]] + $RoleScopeTagIds, + + [Parameter()] + [System.Int32] + $SupersededAppCount, + + [Parameter()] + [System.Int32] + $SupersedingAppCount, + + [Parameter()] + [System.Int32] + $UploadState, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $Break, + + [Parameter()] + [System.Collections.IDictionary] + $Headers, + + [Parameter()] + [PSObject[]] + $HttpPipelineAppend, + + [Parameter()] + [PSObject[]] + $HttpPipelinePrepend, + + [Parameter()] + [System.Uri] + $Proxy, + + [Parameter()] + [System.Management.Automation.PSCredential] + $ProxyCredential, + + [Parameter()] + [System.Management.Automation.SwitchParameter] + $ProxyUseDefaultCredentials + ) +} #endregion diff --git a/docs/docs/blog/april-2024-major-release.md b/docs/docs/blog/april-2024-major-release.md new file mode 100644 index 0000000000..0c1da540c1 --- /dev/null +++ b/docs/docs/blog/april-2024-major-release.md @@ -0,0 +1,57 @@ +# Microsoft365DSC – April 2024 Major Release (version 1.24.403.1) + +As defined by our [Breaking Changes Policy](https://microsoft365dsc.com/concepts/breaking-changes/), twice a year we allow for breaking changes to be deployed as part of a release. Our next major release, scheduled to go out on April 3rd 2024, will include several breaking changes and will be labeled version 1.24.403.1. This article provides details on the breaking changes and other important updates that will be included as part of our April 2024 Major release. + +## EXOMailTips ([#4117](https://github.com/microsoft/Microsoft365DSC/issues/4117)) + +We are removing the Organization parameter from the resource and adding the IsSingleInstance parameter as the primary key for it. This is to make sure we align the logic of this resource with the logic of other resources that are tenant-wide components, which means that there can only ever be a single instance of it across the tenant. The remediation here involves checking existing configuration to see if it contains the EXOMailTips instance and to replace the Organization parameter by the new IsSingleInstance one. E.g., + +From: +```powershell +EXOMailTips Tips +{ + ... + Organization = "contoso.com" +} +``` + +To: +```powershell +EXOMailTips Tips +{ + ... + IsSingleInstance = 'yes' +} +``` + +## EXOTransportRule ([#4136](https://github.com/microsoft/Microsoft365DSC/issues/4136)) + +The Priority parameter used to be defined as a string data type. With this breaking change we are changing the data type to be an Integer. Remediation involves checking existing configuration files that include EXOTransportRule definitions and to make sure the parameters are numbers instead of string. This normally involves removing the double quotes around the value. E.g., + +From: +```powershell +EXOTransportRule MyRule +{ + ... + Priority = "2" +} +``` + +To: +```powershell +EXOTransportRule MyRule +{ + ... + Priority = 2 +} +``` + +## SPOAccessControlSettings & SPOTenantSettings ([3576](https://github.com/microsoft/Microsoft365DSC/issues/3576)) + +These resources were both defining the same CommentsOnSitePagesDisabled parameter. This change ensures that the property is only defined in one resource, in occurence SPOTenantSettings. We've also move the SocialBarOnSitePagesDisabled parameter out of the SPOAccessControlSettings resource and into the SPOTenantSettings for consistency. In addition to these 2 changes, we've also removed the ConditionalAccessPolicy property from the SPOTenantSettings since it already existed in the SPOAccessControlSettings resource. To remediate to these breaking changes, users should: + +* 1 - Check their configuration for SPOAccessControlSettings. If an instance is found: + * a) Remove the CommentsOnSitePagesDisabled property from it, and make sure it is defined as part of the SPOTenantSettings resource instead. + * b) Remove the SocialBarOnSitePagesDisabled property from it, and make sure it is defined as part of the SPOTenantSettings resource instead. +* 2 - Check their configuration for SPOTenantSettings. If an instance is found: + * a) Remove the ConditionalAccessPolicy property and instead make sure it is only defined at the SPOAccessControlSettings resource level. diff --git a/docs/docs/blog/index.md b/docs/docs/blog/index.md index 5568236bcc..bc6846ac5e 100644 --- a/docs/docs/blog/index.md +++ b/docs/docs/blog/index.md @@ -1,5 +1,7 @@ # Blog Posts + +* [April 2024 Major Release](https://microsoft365dsc.com/blog/april-2024-major-release/index.html) * [October 2023 Major Release](https://microsoft365dsc.com/blog/october-2023-major-release/index.html) * [April 2023 Major Release](https://microsoft365dsc.com/blog/april-2023-major-release/index.html) * [October 2022 Major Release](https://microsoft365dsc.com/blog/october-2022-major-release/index.html) diff --git a/docs/docs/resources/azure-ad/AADAdministrativeUnit.md b/docs/docs/resources/azure-ad/AADAdministrativeUnit.md index db08e51a4e..e08125ddde 100644 --- a/docs/docs/resources/azure-ad/AADAdministrativeUnit.md +++ b/docs/docs/resources/azure-ad/AADAdministrativeUnit.md @@ -88,7 +88,7 @@ Configuration Example ) Import-DscResource -ModuleName Microsoft365DSC - + $Domain = $Credscredential.Username.Split('@')[1] node localhost { AADAdministrativeUnit 'TestUnit' @@ -98,7 +98,17 @@ Configuration Example MembershipRule = "(user.country -eq `"Canada`")" MembershipRuleProcessingState = 'On' MembershipType = 'Dynamic' - Ensure = 'Present' + ScopedRoleMembers = @( + MSFT_MicrosoftGraphScopedRoleMembership + { + RoleName = 'User Administrator' + RoleMemberInfo = MSFT_MicrosoftGraphMember + { + Identity = "admin@$Domain" + Type = "User" + } + } + ) Credential = $Credscredential } } @@ -121,16 +131,28 @@ Configuration Example ) Import-DscResource -ModuleName Microsoft365DSC - + $Domain = $Credscredential.Username.Split('@')[1] node localhost { AADAdministrativeUnit 'TestUnit' { DisplayName = 'Test-Unit' + Description = 'Test Description Updated' # Updated Property + Visibility = 'HiddenMembership' # Updated Property MembershipRule = "(user.country -eq `"US`")" # Updated Property MembershipRuleProcessingState = 'On' MembershipType = 'Dynamic' - Ensure = 'Present' + ScopedRoleMembers = @( + MSFT_MicrosoftGraphScopedRoleMembership + { + RoleName = 'User Administrator' + RoleMemberInfo = MSFT_MicrosoftGraphMember + { + Identity = "AdeleV@$Domain" # Updated Property + Type = "User" + } + } + ) Credential = $Credscredential } } @@ -153,7 +175,7 @@ Configuration Example ) Import-DscResource -ModuleName Microsoft365DSC - + $Domain = $Credscredential.Username.Split('@')[1] node localhost { AADAdministrativeUnit 'TestUnit' diff --git a/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md b/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md index 6c2914836d..fce8dfcbf3 100644 --- a/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md +++ b/docs/docs/resources/azure-ad/AADEntitlementManagementConnectedOrganization.md @@ -47,7 +47,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All + - EntitlementManagement.Read.All - **Update** @@ -57,7 +57,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All + - EntitlementManagement.Read.All - **Update** diff --git a/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md b/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md index a01025ad0e..bffe0299bc 100644 --- a/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md +++ b/docs/docs/resources/azure-ad/AADRoleEligibilityScheduleRequest.md @@ -112,7 +112,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - RoleEligibilitySchedule.ReadWrite.Directory + - RoleEligibilitySchedule.Read.Directory - **Update** diff --git a/docs/docs/resources/azure-ad/AADRoleSetting.md b/docs/docs/resources/azure-ad/AADRoleSetting.md index efe34daf60..30afa353ad 100644 --- a/docs/docs/resources/azure-ad/AADRoleSetting.md +++ b/docs/docs/resources/azure-ad/AADRoleSetting.md @@ -44,6 +44,9 @@ | **EligibleAssignmentAssigneeNotificationDefaultRecipient** | Write | Boolean | Send notifications when eligible members activate this role: Notification to activated user (requestor), default recipient (True/False) | | | **EligibleAssignmentAssigneeNotificationAdditionalRecipient** | Write | StringArray[] | Send notifications when eligible members activate this role: Notification to activated user (requestor), additional recipient (UPN) | | | **EligibleAssignmentAssigneeNotificationOnlyCritical** | Write | Boolean | Send notifications when eligible members activate this role: Notification to activated user (requestor), only critical Email (True/False) | | +| **AuthenticationContextRequired** | Write | Boolean | Authorization context is required (True/False) | | +| **AuthenticationContextName** | Write | String | Descriptive name of associated authorization context | | +| **AuthenticationContextId** | Write | String | Authorization context id | | | **Ensure** | Write | String | Specify if the Azure AD role setting should exist or not. | `Present` | | **Credential** | Write | PSCredential | Credentials for the Microsoft Graph delegated permissions. | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | diff --git a/docs/docs/resources/exchange/EXOActiveSyncDeviceAccessRule.md b/docs/docs/resources/exchange/EXOActiveSyncDeviceAccessRule.md index de9726e532..89fa8cecdf 100644 --- a/docs/docs/resources/exchange/EXOActiveSyncDeviceAccessRule.md +++ b/docs/docs/resources/exchange/EXOActiveSyncDeviceAccessRule.md @@ -5,7 +5,6 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | | **Identity** | Key | String | The Identity parameter specifies the identity of the device access rule. | | -| **GUID** | Write | String | Unique Identifier. Read-Only | | | **AccessLevel** | Write | String | The AccessLevel parameter specifies whether the devices are allowed, blocked or quarantined. | `Allow`, `Block`, `Quarantine` | | **Characteristic** | Write | String | The Characteristic parameter specifies the device characteristic or category that's used by the rule. | `DeviceModel`, `DeviceType`, `DeviceOS`, `UserAgent`, `XMSWLHeader` | | **QueryString** | Write | String | The QueryString parameter specifies the device identifier that's used by the rule. This parameter uses a text value that's used with Characteristic parameter value to define the device. | | diff --git a/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md b/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md index 5602e6275a..7d6b16263d 100644 --- a/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md +++ b/docs/docs/resources/exchange/EXOHostedContentFilterPolicy.md @@ -30,6 +30,7 @@ | **IncreaseScoreWithNumericIps** | Write | String | The IncreaseScoreWithNumericIps parameter increases the spam score of messages that contain links to IP addresses. Valid values for this parameter are Off, On or Test. The default value is Off. | `Off`, `On`, `Test` | | **IncreaseScoreWithRedirectToOtherPort** | Write | String | The IncreaseScoreWithRedirectToOtherPort parameter increases the spam score of messages that contain links that redirect to other TCP ports. Valid values for this parameter are Off, On or Test. The default value is Off. | `Off`, `On`, `Test` | | **InlineSafetyTipsEnabled** | Write | Boolean | The InlineSafetyTipsEnabled parameter specifies whether to enable or disable safety tips that are shown to recipients in messages. The default is $true | | +| **IntraOrgFilterState** | Write | String | The IntraOrgFilterState parameter specifies whether to enable anti-spam filtering for messages sent between internal users (users in the same organization). | `Default`, `HighConfidencePhish`, `Phish`, `HighConfidenceSpam`, `Spam`, `Disabled` | | **LanguageBlockList** | Write | StringArray[] | The LanguageBlockList parameter specifies the languages to block when messages are blocked based on their language. Valid input for this parameter is a supported ISO 639-1 lowercase two-letter language code. You can specify multiple values separated by commas. This parameter is only use when the EnableRegionBlockList parameter is set to $true. | | | **MakeDefault** | Write | Boolean | The MakeDefault parameter makes the specified content filter policy the default content filter policy. The default value is $false | | | **MarkAsSpamBulkMail** | Write | String | The MarkAsSpamBulkMail parameter classifies the message as spam when the message is identified as a bulk email message. Valid values for this parameter are Off, On or Test. The default value is On. | `Off`, `On`, `Test` | diff --git a/docs/docs/resources/exchange/EXOMailTips.md b/docs/docs/resources/exchange/EXOMailTips.md index 7c46aa87cd..579a4437c6 100644 --- a/docs/docs/resources/exchange/EXOMailTips.md +++ b/docs/docs/resources/exchange/EXOMailTips.md @@ -4,7 +4,7 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **Organization** | Key | String | Specify the name of your organization. | | +| **IsSingleInstance** | Key | String | Only valid value is 'Yes'. | `Yes` | | **MailTipsAllTipsEnabled** | Write | Boolean | Specifies whether MailTips are enabled. | | | **MailTipsGroupMetricsEnabled** | Write | Boolean | Specifies whether MailTips that rely on group metrics data are enabled. | | | **MailTipsLargeAudienceThreshold** | Write | UInt32 | Specifies what a large audience is. | | @@ -59,7 +59,7 @@ Configuration Example { EXOMailTips 'OrgWideMailTips' { - Organization = $Domain + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True MailTipsGroupMetricsEnabled = $True MailTipsLargeAudienceThreshold = 100 @@ -92,7 +92,7 @@ Configuration Example { EXOMailTips 'OrgWideMailTips' { - Organization = $Domain + IsSingleInstance = 'Yes' MailTipsAllTipsEnabled = $True MailTipsGroupMetricsEnabled = $False # Updated Property MailTipsLargeAudienceThreshold = 100 @@ -125,9 +125,9 @@ Configuration Example { EXOMailTips 'OrgWideMailTips' { - Organization = $Domain - Ensure = "Absent" - Credential = $Credscredential + IsSingleInstance = 'Yes' + Ensure = "Absent" + Credential = $Credscredential } } } diff --git a/docs/docs/resources/exchange/EXOOfflineAddressBook.md b/docs/docs/resources/exchange/EXOOfflineAddressBook.md index fa73a78e70..e5742b4396 100644 --- a/docs/docs/resources/exchange/EXOOfflineAddressBook.md +++ b/docs/docs/resources/exchange/EXOOfflineAddressBook.md @@ -93,8 +93,8 @@ Configuration Example { Name = "Integration Address Book" AddressLists = @('\All Users') - DiffRetentionPeriod = "30" - IsDefault = $false # Updated Property + DiffRetentionPeriod = "60" # Updated Property + IsDefault = $true Ensure = "Present" Credential = $Credscredential } diff --git a/docs/docs/resources/exchange/EXOTransportRule.md b/docs/docs/resources/exchange/EXOTransportRule.md index 3625f100b5..fc53660e78 100644 --- a/docs/docs/resources/exchange/EXOTransportRule.md +++ b/docs/docs/resources/exchange/EXOTransportRule.md @@ -131,7 +131,7 @@ | **ModerateMessageByUser** | Write | StringArray[] | The ModerateMessageByUser parameter specifies an action that forwards messages for approval to the specified users. | | | **NotifySender** | Write | String | DEPRECATED | `NotifyOnly`, `RejectMessage`, `RejectUnlessFalsePositiveOverride`, `RejectUnlessSilentOverride`, `RejectUnlessExplicitOverride` | | **PrependSubject** | Write | String | The PrependSubject parameter specifies an action that adds text to add to the beginning of the Subject field of messages. | | -| **Priority** | Write | String | The Priority parameter specifies a priority value for the rule that determines the order of rule processing. | | +| **Priority** | Write | UInt32 | The Priority parameter specifies a priority value for the rule that determines the order of rule processing. | | | **Quarantine** | Write | Boolean | The Quarantine parameter specifies an action that quarantines messages. | | | **RecipientADAttributeContainsWords** | Write | StringArray[] | The RecipientADAttributeContainsWords parameter specifies a condition that looks for words in the Active Directory attributes of recipients. | | | **RecipientADAttributeMatchesPatterns** | Write | StringArray[] | The RecipientADAttributeMatchesPatterns parameter specifies a condition that looks for text patterns in the Active Directory attributes of recipients by using regular expressions. | | diff --git a/docs/docs/resources/intune/IntuneASRRulesPolicyWindows10.md b/docs/docs/resources/intune/IntuneASRRulesPolicyWindows10.md index 110a8d8a55..c7eada96a7 100644 --- a/docs/docs/resources/intune/IntuneASRRulesPolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneASRRulesPolicyWindows10.md @@ -65,7 +65,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -75,7 +75,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.md b/docs/docs/resources/intune/IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.md index c95b46240f..916b8c2bcf 100644 --- a/docs/docs/resources/intune/IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.md +++ b/docs/docs/resources/intune/IntuneAccountProtectionLocalAdministratorPasswordSolutionPolicy.md @@ -56,7 +56,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -66,7 +66,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneAccountProtectionLocalUserGroupMembershipPolicy.md b/docs/docs/resources/intune/IntuneAccountProtectionLocalUserGroupMembershipPolicy.md index 0cc155a6f4..4762601536 100644 --- a/docs/docs/resources/intune/IntuneAccountProtectionLocalUserGroupMembershipPolicy.md +++ b/docs/docs/resources/intune/IntuneAccountProtectionLocalUserGroupMembershipPolicy.md @@ -57,7 +57,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -67,7 +67,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneAccountProtectionPolicy.md b/docs/docs/resources/intune/IntuneAccountProtectionPolicy.md index 734b5707f4..0da2d2635b 100644 --- a/docs/docs/resources/intune/IntuneAccountProtectionPolicy.md +++ b/docs/docs/resources/intune/IntuneAccountProtectionPolicy.md @@ -60,7 +60,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -70,7 +70,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md b/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md index 58611cefa6..fdcb52315a 100644 --- a/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md +++ b/docs/docs/resources/intune/IntuneAntivirusPolicyWindows10SettingCatalog.md @@ -108,7 +108,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -118,7 +118,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneAppConfigurationPolicy.md b/docs/docs/resources/intune/IntuneAppConfigurationPolicy.md index cecb30f398..768db0b853 100644 --- a/docs/docs/resources/intune/IntuneAppConfigurationPolicy.md +++ b/docs/docs/resources/intune/IntuneAppConfigurationPolicy.md @@ -54,7 +54,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementApps.Read.All + - Group.Read.All, DeviceManagementApps.Read.All - **Update** @@ -64,7 +64,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementApps.Read.All + - Group.Read.All, DeviceManagementApps.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneAppProtectionPolicyAndroid.md b/docs/docs/resources/intune/IntuneAppProtectionPolicyAndroid.md index 1bd6403d24..ebed57cee4 100644 --- a/docs/docs/resources/intune/IntuneAppProtectionPolicyAndroid.md +++ b/docs/docs/resources/intune/IntuneAppProtectionPolicyAndroid.md @@ -71,7 +71,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementApps.Read.All + - Group.Read.All, DeviceManagementApps.Read.All - **Update** @@ -81,7 +81,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementApps.Read.All + - Group.Read.All, DeviceManagementApps.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneAppProtectionPolicyiOS.md b/docs/docs/resources/intune/IntuneAppProtectionPolicyiOS.md index 91cffef9fd..4d7708c2d5 100644 --- a/docs/docs/resources/intune/IntuneAppProtectionPolicyiOS.md +++ b/docs/docs/resources/intune/IntuneAppProtectionPolicyiOS.md @@ -79,7 +79,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementApps.Read.All + - Group.Read.All, DeviceManagementApps.Read.All - **Update** @@ -89,7 +89,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementApps.Read.All + - Group.Read.All, DeviceManagementApps.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneApplicationControlPolicyWindows10.md b/docs/docs/resources/intune/IntuneApplicationControlPolicyWindows10.md index e9b8c3333c..11f6676040 100644 --- a/docs/docs/resources/intune/IntuneApplicationControlPolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneApplicationControlPolicyWindows10.md @@ -46,7 +46,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -56,7 +56,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroid.md b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroid.md index 5ad64b0623..016cd3c430 100644 --- a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroid.md +++ b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroid.md @@ -235,7 +235,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -245,7 +245,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidDeviceOwner.md b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidDeviceOwner.md index 6639f5147b..be44207bc5 100644 --- a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidDeviceOwner.md +++ b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidDeviceOwner.md @@ -178,7 +178,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -188,7 +188,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidWorkProfile.md b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidWorkProfile.md index db1bebb3d3..fa2e66ff84 100644 --- a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidWorkProfile.md +++ b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyAndroidWorkProfile.md @@ -187,7 +187,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -197,7 +197,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyMacOS.md b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyMacOS.md index e54ef4d18d..c5856ad7b0 100644 --- a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyMacOS.md +++ b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyMacOS.md @@ -144,7 +144,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -154,7 +154,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyWindows10.md index a0ff478721..2952f9867a 100644 --- a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyWindows10.md @@ -260,7 +260,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -270,7 +270,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyiOs.md b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyiOs.md index 1a3989f003..ea4e04c881 100644 --- a/docs/docs/resources/intune/IntuneDeviceCompliancePolicyiOs.md +++ b/docs/docs/resources/intune/IntuneDeviceCompliancePolicyiOs.md @@ -73,7 +73,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -83,7 +83,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.md index 3e0599dccb..4b60c39fc5 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationAdministrativeTemplatePolicyWindows10.md @@ -101,7 +101,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -111,7 +111,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationCustomPolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationCustomPolicyWindows10.md index 957bb3d5ec..6aa23feb50 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationCustomPolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationCustomPolicyWindows10.md @@ -62,7 +62,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -72,7 +72,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.md index 8880217e62..12c462115a 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationDefenderForEndpointOnboardingPolicyWindows10.md @@ -51,7 +51,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -61,7 +61,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.md index fea31193a5..a59df1517e 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationDeliveryOptimizationPolicyWindows10.md @@ -107,7 +107,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -117,7 +117,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationDomainJoinPolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationDomainJoinPolicyWindows10.md index e1cd64f7bc..34170019b1 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationDomainJoinPolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationDomainJoinPolicyWindows10.md @@ -49,7 +49,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -59,7 +59,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationEmailProfilePolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationEmailProfilePolicyWindows10.md index 542b349a78..6f1d983d22 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationEmailProfilePolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationEmailProfilePolicyWindows10.md @@ -57,7 +57,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -67,7 +67,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.md index 5d205336f4..1da20cb128 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationEndpointProtectionPolicyWindows10.md @@ -361,7 +361,7 @@ | **DisplayName** | Write | String | The display name of the rule. Does not need to be unique. | | | **EdgeTraversal** | Write | String | Indicates whether edge traversal is enabled or disabled for this rule. The EdgeTraversal setting indicates that specific inbound traffic is allowed to tunnel through NATs and other edge devices using the Teredo tunneling technology. In order for this setting to work correctly, the application or service with the inbound firewall rule needs to support IPv6. The primary application of this setting allows listeners on the host to be globally addressable through a Teredo IPv6 address. New rules have the EdgeTraversal property disabled by default. Possible values are: notConfigured, blocked, allowed. | `notConfigured`, `blocked`, `allowed` | | **FilePath** | Write | String | The full file path of an app that's affected by the firewall rule. | | -| **InterfaceTypes** | Write | String | The interface types of the rule. Possible values are: notConfigured, remoteAccess, wireless, lan. | `notConfigured`, `remoteAccess`, `wireless`, `lan` | +| **InterfaceTypes** | Write | StringArray[] | The interface types of the rule. Possible values are: notConfigured, remoteAccess, wireless, lan. | `notConfigured`, `remoteAccess`, `wireless`, `lan` | | **LocalAddressRanges** | Write | StringArray[] | List of local addresses covered by the rule. Default is any address. Valid tokens include:'' indicates any local address. If present, this must be the only token included.A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask nor a network prefix is specified, the subnet mask defaults to 255.255.255.255.A valid IPv6 address.An IPv4 address range in the format of 'start address - end address' with no spaces included.An IPv6 address range in the format of 'start address - end address' with no spaces included. | | | **LocalPortRanges** | Write | StringArray[] | List of local port ranges. For example, '100-120', '200', '300-320'. If not specified, the default is All. | | | **LocalUserAuthorizations** | Write | String | Specifies the list of authorized local users for the app container. This is a string in Security Descriptor Definition Language (SDDL) format. | | @@ -407,7 +407,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** @@ -417,7 +417,7 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All + - Group.Read.All, DeviceManagementConfiguration.Read.All - **Update** diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md b/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md index 79cc1a4460..4528947998 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationScepCertificatePolicyWindows10.md @@ -7,7 +7,7 @@ | **CertificateStore** | Write | String | Target store certificate. Possible values are: user, machine. | `user`, `machine` | | **HashAlgorithm** | Write | String | SCEP Hash Algorithm. Possible values are: sha1, sha2. | `sha1`, `sha2` | | **KeySize** | Write | String | SCEP Key Size. Possible values are: size1024, size2048, size4096. | `size1024`, `size2048`, `size4096` | -| **KeyUsage** | Write | String | SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. | `keyEncipherment`, `digitalSignature` | +| **KeyUsage** | Write | StringArray[] | SCEP Key Usage. Possible values are: keyEncipherment, digitalSignature. | `keyEncipherment`, `digitalSignature` | | **ScepServerUrls** | Write | StringArray[] | SCEP Server Url(s). | | | **SubjectAlternativeNameFormatString** | Write | String | Custom String that defines the AAD Attribute. | | | **SubjectNameFormatString** | Write | String | Custom format to use with SubjectNameFormat = Custom. Example: CN={{UserName}},E={{EmailAddress}},OU=Enterprise Users,O=Contoso Corporation,L=Redmond,ST=WA,C=US | | @@ -19,6 +19,7 @@ | **RenewalThresholdPercentage** | Write | UInt32 | Certificate renewal threshold percentage. Valid values 1 to 99 | | | **SubjectAlternativeNameType** | Write | String | Certificate Subject Alternative Name Type. Possible values are: none, emailAddress, userPrincipalName, customAzureADAttribute, domainNameService, universalResourceIdentifier. | `none`, `emailAddress`, `userPrincipalName`, `customAzureADAttribute`, `domainNameService`, `universalResourceIdentifier` | | **SubjectNameFormat** | Write | String | Certificate Subject Name Format. Possible values are: commonName, commonNameIncludingEmail, commonNameAsEmail, custom, commonNameAsIMEI, commonNameAsSerialNumber, commonNameAsAadDeviceId, commonNameAsIntuneDeviceId, commonNameAsDurableDeviceId. | `commonName`, `commonNameIncludingEmail`, `commonNameAsEmail`, `custom`, `commonNameAsIMEI`, `commonNameAsSerialNumber`, `commonNameAsAadDeviceId`, `commonNameAsIntuneDeviceId`, `commonNameAsDurableDeviceId` | +| **RootCertificateDisplayName** | Write | String | Trusted Root Certificate DisplayName | | | **RootCertificateId** | Write | String | Trusted Root Certificate Id | | | **Description** | Write | String | Admin provided description of the Device Configuration. | | | **DisplayName** | Key | String | Admin provided name of the device configuration. | | @@ -142,7 +143,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 25; ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; @@ -200,7 +201,7 @@ Configuration Example HashAlgorithm = "sha2"; KeySize = "size2048"; KeyStorageProvider = "useTpmKspOtherwiseUseSoftwareKsp"; - KeyUsage = "digitalSignature"; + KeyUsage = @("digitalSignature"); RenewalThresholdPercentage = 30; # Updated Property ScepServerUrls = @("https://mydomain.com/certsrv/mscep/mscep.dll"); SubjectAlternativeNameType = "none"; diff --git a/docs/docs/resources/intune/IntuneDeviceEnrollmentStatusPageWindows10.md b/docs/docs/resources/intune/IntuneDeviceEnrollmentStatusPageWindows10.md index bd27183f40..9326663d9b 100644 --- a/docs/docs/resources/intune/IntuneDeviceEnrollmentStatusPageWindows10.md +++ b/docs/docs/resources/intune/IntuneDeviceEnrollmentStatusPageWindows10.md @@ -16,7 +16,8 @@ | **DisableUserStatusTrackingAfterFirstUser** | Write | Boolean | Only show installation progress for first user post enrollment | | | **InstallProgressTimeoutInMinutes** | Write | UInt32 | Set installation progress timeout in minutes | | | **InstallQualityUpdates** | Write | Boolean | Allows quality updates installation during OOBE | | -| **SelectedMobileAppIds** | Write | StringArray[] | Selected applications to track the installation status | | +| **SelectedMobileAppIds** | Write | StringArray[] | Ids of selected applications to track the installation status. When this parameter is used, SelectedMobileAppNames is ignored | | +| **SelectedMobileAppNames** | Write | StringArray[] | Names of selected applications to track the installation status. This parameter is ignored when SelectedMobileAppIds is also specified | | | **ShowInstallationProgress** | Write | Boolean | Show or hide installation progress to user | | | **TrackInstallProgressForAutopilotOnly** | Write | Boolean | Only show installation progress for Autopilot enrollment scenarios | | | **Priority** | Write | UInt32 | Priority is used when a user exists in multiple groups that are assigned enrollment configuration. Users are subject only to the configuration with the lowest priority value. | | @@ -57,21 +58,21 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - DeviceManagementConfiguration.Read.All, DeviceManagementServiceConfig.Read.All + - DeviceManagementConfiguration.Read.All, DeviceManagementServiceConfig.Read.All, DeviceManagementApps.Read.All - **Update** - - DeviceManagementConfiguration.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All + - DeviceManagementConfiguration.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementApps.Read.All #### Application permissions - **Read** - - DeviceManagementConfiguration.Read.All, DeviceManagementServiceConfig.Read.All + - DeviceManagementConfiguration.Read.All, DeviceManagementServiceConfig.Read.All, DeviceManagementApps.Read.All - **Update** - - DeviceManagementConfiguration.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All + - DeviceManagementConfiguration.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All, DeviceManagementApps.Read.All ## Examples diff --git a/docs/docs/resources/office365/O365OrgSettings.md b/docs/docs/resources/office365/O365OrgSettings.md index 6f462f9560..c279b168ee 100644 --- a/docs/docs/resources/office365/O365OrgSettings.md +++ b/docs/docs/resources/office365/O365OrgSettings.md @@ -53,21 +53,21 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Application.Read.All, ReportSettings.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All + - Application.ReadWrite.All, ReportSettings.Read.All, OrgSettings-Microsoft365Install.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All - **Update** - - Application.ReadWrite.All, ReportSettings.ReadWrite.All, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, OrgSettings-AppsAndServices.Read.All + - Application.ReadWrite.All, ReportSettings.ReadWrite.All, OrgSettings-Microsoft365Install.ReadWrite.All, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, OrgSettings-AppsAndServices.Read.All #### Application permissions - **Read** - - Application.Read.All, ReportSettings.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All, Tasks.Read.All + - Application.ReadWrite.All, ReportSettings.Read.All, OrgSettings-Microsoft365Install.Read.All, OrgSettings-Forms.Read.All, OrgSettings-Todo.Read.All, OrgSettings-AppsAndServices.Read.All, OrgSettings-DynamicsVoice.Read.All, Tasks.Read.All - **Update** - - Application.ReadWrite.All, ReportSettings.ReadWrite.All, 83f7232f-763c-47b2-a097-e35d2cbe1da5, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-AppsAndServices.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, Tasks.ReadWrite.All + - Application.ReadWrite.All, ReportSettings.ReadWrite.All, OrgSettings-Microsoft365Install.ReadWrite.All, OrgSettings-Forms.ReadWrite.All, OrgSettings-Todo.ReadWrite.All, OrgSettings-AppsAndServices.ReadWrite.All, OrgSettings-DynamicsVoice.ReadWrite.All, Tasks.ReadWrite.All ## Examples diff --git a/docs/docs/resources/sharepoint/SPOAccessControlSettings.md b/docs/docs/resources/sharepoint/SPOAccessControlSettings.md index 7272278b04..0cb58239af 100644 --- a/docs/docs/resources/sharepoint/SPOAccessControlSettings.md +++ b/docs/docs/resources/sharepoint/SPOAccessControlSettings.md @@ -10,8 +10,6 @@ | **IPAddressEnforcement** | Write | Boolean | Allows access from network locations that are defined by an administrator. | | | **IPAddressAllowList** | Write | String | Configures multiple IP addresses or IP address ranges (IPv4 or IPv6). Use commas to separate multiple IP addresses or IP address ranges. | | | **IPAddressWACTokenLifetime** | Write | UInt32 | Office webapps TokenLifeTime in minutes | | -| **CommentsOnSitePagesDisabled** | Write | Boolean | When this feature is set to true, comments on site pages will be disabled | | -| **SocialBarOnSitePagesDisabled** | Write | Boolean | Disables or enables the Social Bar. It will give users the ability to like a page, see the number of views, likes, and comments on a page, and see the people who have liked a page. | | | **DisallowInfectedFileDownload** | Write | Boolean | Prevents the Download button from being displayed on the Virus Found warning page. | | | **ExternalServicesEnabled** | Write | Boolean | Enables external services for a tenant. External services are defined as services that are not in the Office 365 datacenters. | | | **EmailAttestationRequired** | Write | Boolean | Sets email attestation to required | | @@ -25,6 +23,7 @@ | **CertificatePath** | Write | String | Path to certificate used in service principal usually a PFX file. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | | **ManagedIdentity** | Write | Boolean | Managed ID being used for authentication. | | +| **ConditionalAccessPolicy** | Write | String | Blocks or limits access to SharePoint and OneDrive content from un-managed devices. | `AllowFullAccess`, `AllowLimitedAccess`, `BlockAccess`, `ProtectionLevel` | # SPO Access Control Settings @@ -110,8 +109,6 @@ Configuration Example StartASiteFormUrl = "https://contoso.sharepoint.com" IPAddressEnforcement = $false IPAddressWACTokenLifetime = 15 - CommentsOnSitePagesDisabled = $false - SocialBarOnSitePagesDisabled = $false DisallowInfectedFileDownload = $false ExternalServicesEnabled = $true EmailAttestationRequired = $false diff --git a/docs/docs/resources/sharepoint/SPOTenantSettings.md b/docs/docs/resources/sharepoint/SPOTenantSettings.md index 3673bb83b0..0c6e5f4937 100644 --- a/docs/docs/resources/sharepoint/SPOTenantSettings.md +++ b/docs/docs/resources/sharepoint/SPOTenantSettings.md @@ -23,8 +23,8 @@ | **HideDefaultThemes** | Write | Boolean | Defines if the default themes are visible or hidden | | | **HideSyncButtonOnTeamSite** | Write | Boolean | To enable or disable Sync button on Team sites | | | **MarkNewFilesSensitiveByDefault** | Write | String | Allow or block external sharing until at least one Office DLP policy scans the content of the file. | `AllowExternalSharing`, `BlockExternalSharing` | -| **ConditionalAccessPolicy** | Write | String | Allow or Block Conditional Access Policy on the SharePoint Tenant | `AllowFullAccess`, `AllowLimitedAccess`, `BlockAccess` | | **DisabledWebPartIds** | Write | StringArray[] | Provide GUID for the Web Parts that are to be disabled on the Sharepoint Site | | +| **SocialBarOnSitePagesDisabled** | Write | Boolean | Disables or enables the Social Bar. It will give users the ability to like a page, see the number of views, likes, and comments on a page, and see the people who have liked a page. | | | **CommentsOnSitePagesDisabled** | Write | Boolean | Set to false to enable a comment section on all site pages, users who have access to the pages can leave comments. Set to true to disable this feature. | | | **Ensure** | Write | String | Only accepted value is 'Present'. | `Present`, `Absent` | | **Credential** | Write | PSCredential | Credentials of the account to authenticate with. | | @@ -115,25 +115,27 @@ Configuration Example { SPOTenantSettings 'ConfigureTenantSettings' { - IsSingleInstance = "Yes" + IsSingleInstance = 'Yes' MinCompatibilityLevel = 16 MaxCompatibilityLevel = 16 SearchResolveExactEmailOrUPN = $false OfficeClientADALDisabled = $false LegacyAuthProtocolsEnabled = $true - SignInAccelerationDomain = "" + SignInAccelerationDomain = '' UsePersistentCookiesForExplorerView = $false UserVoiceForFeedbackEnabled = $true PublicCdnEnabled = $false - PublicCdnAllowedFileTypes = "CSS,EOT,GIF,ICO,JPEG,JPG,JS,MAP,PNG,SVG,TTF,WOFF" + PublicCdnAllowedFileTypes = 'CSS,EOT,GIF,ICO,JPEG,JPG,JS,MAP,PNG,SVG,TTF,WOFF' UseFindPeopleInPeoplePicker = $false NotificationsInSharePointEnabled = $true OwnerAnonymousNotification = $true ApplyAppEnforcedRestrictionsToAdHocRecipients = $true FilePickerExternalImageSearchEnabled = $true HideDefaultThemes = $false - MarkNewFilesSensitiveByDefault = "AllowExternalSharing" - Ensure = "Present" + MarkNewFilesSensitiveByDefault = 'AllowExternalSharing' + CommentsOnSitePagesDisabled = $false + SocialBarOnSitePagesDisabled = $false + Ensure = 'Present' Credential = $Credscredential } } diff --git a/docs/docs/resources/teams/TeamsAppPermissionPolicy.md b/docs/docs/resources/teams/TeamsAppPermissionPolicy.md index adea192f37..54981671f3 100644 --- a/docs/docs/resources/teams/TeamsAppPermissionPolicy.md +++ b/docs/docs/resources/teams/TeamsAppPermissionPolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsAppSetupPolicy.md b/docs/docs/resources/teams/TeamsAppSetupPolicy.md index 4b367832d3..ce03425221 100644 --- a/docs/docs/resources/teams/TeamsAppSetupPolicy.md +++ b/docs/docs/resources/teams/TeamsAppSetupPolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md b/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md index 58aa90102e..5b8620724c 100644 --- a/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md +++ b/docs/docs/resources/teams/TeamsAudioConferencingPolicy.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallHoldPolicy.md b/docs/docs/resources/teams/TeamsCallHoldPolicy.md index 58c8c000f3..ce7fb518a5 100644 --- a/docs/docs/resources/teams/TeamsCallHoldPolicy.md +++ b/docs/docs/resources/teams/TeamsCallHoldPolicy.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallParkPolicy.md b/docs/docs/resources/teams/TeamsCallParkPolicy.md index 2ae81d96be..dcd61f6ef1 100644 --- a/docs/docs/resources/teams/TeamsCallParkPolicy.md +++ b/docs/docs/resources/teams/TeamsCallParkPolicy.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallQueue.md b/docs/docs/resources/teams/TeamsCallQueue.md index 6c93ecf12f..5496f1c8a1 100644 --- a/docs/docs/resources/teams/TeamsCallQueue.md +++ b/docs/docs/resources/teams/TeamsCallQueue.md @@ -83,11 +83,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCallingPolicy.md b/docs/docs/resources/teams/TeamsCallingPolicy.md index 53978c5ba9..c493f9ed1f 100644 --- a/docs/docs/resources/teams/TeamsCallingPolicy.md +++ b/docs/docs/resources/teams/TeamsCallingPolicy.md @@ -59,11 +59,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsChannelsPolicy.md b/docs/docs/resources/teams/TeamsChannelsPolicy.md index 279c5730af..71786efc6c 100644 --- a/docs/docs/resources/teams/TeamsChannelsPolicy.md +++ b/docs/docs/resources/teams/TeamsChannelsPolicy.md @@ -46,11 +46,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsClientConfiguration.md b/docs/docs/resources/teams/TeamsClientConfiguration.md index 091eb128b1..0eca16bb44 100644 --- a/docs/docs/resources/teams/TeamsClientConfiguration.md +++ b/docs/docs/resources/teams/TeamsClientConfiguration.md @@ -51,11 +51,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md b/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md index c82b70a65f..c6d6bcf8fa 100644 --- a/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md +++ b/docs/docs/resources/teams/TeamsComplianceRecordingPolicy.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsCortanaPolicy.md b/docs/docs/resources/teams/TeamsCortanaPolicy.md index 1662b06d23..77711f3472 100644 --- a/docs/docs/resources/teams/TeamsCortanaPolicy.md +++ b/docs/docs/resources/teams/TeamsCortanaPolicy.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md b/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md index 3dfe805be0..c3df146713 100644 --- a/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md +++ b/docs/docs/resources/teams/TeamsDialInConferencingTenantSettings.md @@ -49,11 +49,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md b/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md index 9acf97d8f0..88f1da5c48 100644 --- a/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md +++ b/docs/docs/resources/teams/TeamsEmergencyCallingPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md b/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md index 6936115dad..34dd107d63 100644 --- a/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md +++ b/docs/docs/resources/teams/TeamsEnhancedEncryptionPolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsEventsPolicy.md b/docs/docs/resources/teams/TeamsEventsPolicy.md index 3191a689fa..c16254da1d 100644 --- a/docs/docs/resources/teams/TeamsEventsPolicy.md +++ b/docs/docs/resources/teams/TeamsEventsPolicy.md @@ -48,11 +48,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsFederationConfiguration.md b/docs/docs/resources/teams/TeamsFederationConfiguration.md index 90e9481a2f..6a1c805e18 100644 --- a/docs/docs/resources/teams/TeamsFederationConfiguration.md +++ b/docs/docs/resources/teams/TeamsFederationConfiguration.md @@ -47,11 +47,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsFeedbackPolicy.md b/docs/docs/resources/teams/TeamsFeedbackPolicy.md index e85811f97d..7346a0ed0f 100644 --- a/docs/docs/resources/teams/TeamsFeedbackPolicy.md +++ b/docs/docs/resources/teams/TeamsFeedbackPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsFilesPolicy.md b/docs/docs/resources/teams/TeamsFilesPolicy.md index e9986b58a8..37d5fbcc98 100644 --- a/docs/docs/resources/teams/TeamsFilesPolicy.md +++ b/docs/docs/resources/teams/TeamsFilesPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md b/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md index 6bab7bfdd3..4b758add75 100644 --- a/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md +++ b/docs/docs/resources/teams/TeamsGroupPolicyAssignment.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md b/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md index 9f72539d71..67724658a8 100644 --- a/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md +++ b/docs/docs/resources/teams/TeamsGuestCallingConfiguration.md @@ -38,11 +38,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md b/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md index 5aad313ee1..3bb1d96cb7 100644 --- a/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md +++ b/docs/docs/resources/teams/TeamsGuestMeetingConfiguration.md @@ -9,6 +9,7 @@ | **LiveCaptionsEnabledType** | Write | String | Determines whether real-time captions are available for guests in Teams meetings. | `Disabled`, `DisabledUserOverride` | | **ScreenSharingMode** | Write | String | Determines the mode in which guests can share a screen in calls or meetings. Set this to SingleApplication to allow the user to share an application at a given point in time. Set this to EntireScreen to allow the user to share anything on their screens. Set this to Disabled to prohibit the user from sharing their screens. | `Disabled`, `EntireScreen`, `SingleApplication` | | **AllowMeetNow** | Write | Boolean | Determines whether guests can start ad-hoc meetings. Set this to TRUE to allow guests to start ad-hoc meetings. Set this to FALSE to prohibit guests from starting ad-hoc meetings. | | +| **AllowTranscription** | Write | Boolean | Determines whether guests can enable post-meeting captions and transcriptions in meetings. Set this to TRUE to allow. Set this to FALSE to prohibit. | | | **Credential** | Write | PSCredential | Credentials of the Teams Admin | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com | | @@ -41,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples @@ -68,11 +69,13 @@ Configuration Example { TeamsGuestMeetingConfiguration 'TeamsGuestMeetingConfiguration' { - Identity = "Global" - AllowIPVideo = $True - AllowMeetNow = $True - ScreenSharingMode = "EntireScreen" - Credential = $Credscredential + Identity = 'Global' + AllowIPVideo = $true + LiveCaptionsEnabledType = 'Disabled' + ScreenSharingMode = 'EntireScreen' + AllowMeetNow = $true + AllowTranscription = $true + Credential = $Credscredential } } } diff --git a/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md b/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md index 0e2e710589..9a00b4bd83 100644 --- a/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md +++ b/docs/docs/resources/teams/TeamsGuestMessagingConfiguration.md @@ -46,11 +46,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsIPPhonePolicy.md b/docs/docs/resources/teams/TeamsIPPhonePolicy.md index 33c3137d97..2c9e385946 100644 --- a/docs/docs/resources/teams/TeamsIPPhonePolicy.md +++ b/docs/docs/resources/teams/TeamsIPPhonePolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md b/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md index a8aa7c45fc..11d4bd0b09 100644 --- a/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md +++ b/docs/docs/resources/teams/TeamsMeetingBroadcastConfiguration.md @@ -43,11 +43,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md b/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md index 51d09e22e0..f0deee833a 100644 --- a/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md +++ b/docs/docs/resources/teams/TeamsMeetingBroadcastPolicy.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingConfiguration.md b/docs/docs/resources/teams/TeamsMeetingConfiguration.md index e72dbf2ef4..c8a0d64ce4 100644 --- a/docs/docs/resources/teams/TeamsMeetingConfiguration.md +++ b/docs/docs/resources/teams/TeamsMeetingConfiguration.md @@ -50,11 +50,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMeetingPolicy.md b/docs/docs/resources/teams/TeamsMeetingPolicy.md index ae74df5e1e..788eebc94e 100644 --- a/docs/docs/resources/teams/TeamsMeetingPolicy.md +++ b/docs/docs/resources/teams/TeamsMeetingPolicy.md @@ -101,11 +101,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMessagingPolicy.md b/docs/docs/resources/teams/TeamsMessagingPolicy.md index 34b002a9a9..b0350e4046 100644 --- a/docs/docs/resources/teams/TeamsMessagingPolicy.md +++ b/docs/docs/resources/teams/TeamsMessagingPolicy.md @@ -63,11 +63,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsMobilityPolicy.md b/docs/docs/resources/teams/TeamsMobilityPolicy.md index 885d5d5180..79cc6560d4 100644 --- a/docs/docs/resources/teams/TeamsMobilityPolicy.md +++ b/docs/docs/resources/teams/TeamsMobilityPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md b/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md index 459a8c1e19..6739e33279 100644 --- a/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md +++ b/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOnlineVoiceUser.md b/docs/docs/resources/teams/TeamsOnlineVoiceUser.md index 1ffbdd96a4..b9980c2f6f 100644 --- a/docs/docs/resources/teams/TeamsOnlineVoiceUser.md +++ b/docs/docs/resources/teams/TeamsOnlineVoiceUser.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md b/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md index d66f177c39..283ed10ae4 100644 --- a/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md +++ b/docs/docs/resources/teams/TeamsOnlineVoicemailPolicy.md @@ -49,11 +49,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md b/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md index b783b80581..f95bf92464 100644 --- a/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md +++ b/docs/docs/resources/teams/TeamsOnlineVoicemailUserSettings.md @@ -47,11 +47,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsOrgWideAppSettings.md b/docs/docs/resources/teams/TeamsOrgWideAppSettings.md index 77ca71aa99..6b2eaabbb8 100644 --- a/docs/docs/resources/teams/TeamsOrgWideAppSettings.md +++ b/docs/docs/resources/teams/TeamsOrgWideAppSettings.md @@ -36,11 +36,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - None + - Organization.Read.All - **Update** - - None + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsPstnUsage.md b/docs/docs/resources/teams/TeamsPstnUsage.md index 2249dddfb7..983fd726a9 100644 --- a/docs/docs/resources/teams/TeamsPstnUsage.md +++ b/docs/docs/resources/teams/TeamsPstnUsage.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsShiftsPolicy.md b/docs/docs/resources/teams/TeamsShiftsPolicy.md index e03377d512..26e7a8d8ef 100644 --- a/docs/docs/resources/teams/TeamsShiftsPolicy.md +++ b/docs/docs/resources/teams/TeamsShiftsPolicy.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTeam.md b/docs/docs/resources/teams/TeamsTeam.md index d45236e6ea..f624b4c769 100644 --- a/docs/docs/resources/teams/TeamsTeam.md +++ b/docs/docs/resources/teams/TeamsTeam.md @@ -52,17 +52,17 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Update** - - Group.ReadWrite.All, User.Read.All + - None #### Application permissions - **Read** - - None + - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All - **Update** - - Group.ReadWrite.All, User.Read.All + - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTemplatesPolicy.md b/docs/docs/resources/teams/TeamsTemplatesPolicy.md index ae5e4dc6bd..3f9e0ab27a 100644 --- a/docs/docs/resources/teams/TeamsTemplatesPolicy.md +++ b/docs/docs/resources/teams/TeamsTemplatesPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantDialPlan.md b/docs/docs/resources/teams/TeamsTenantDialPlan.md index 81fa2c6813..b41d46cde7 100644 --- a/docs/docs/resources/teams/TeamsTenantDialPlan.md +++ b/docs/docs/resources/teams/TeamsTenantDialPlan.md @@ -56,11 +56,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantNetworkRegion.md b/docs/docs/resources/teams/TeamsTenantNetworkRegion.md index 4800c0f10c..3c52bc363c 100644 --- a/docs/docs/resources/teams/TeamsTenantNetworkRegion.md +++ b/docs/docs/resources/teams/TeamsTenantNetworkRegion.md @@ -39,11 +39,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantNetworkSite.md b/docs/docs/resources/teams/TeamsTenantNetworkSite.md index 40ce3739c5..93d1ec7f8c 100644 --- a/docs/docs/resources/teams/TeamsTenantNetworkSite.md +++ b/docs/docs/resources/teams/TeamsTenantNetworkSite.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md b/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md index a4455fe902..a6af9ccbbb 100644 --- a/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md +++ b/docs/docs/resources/teams/TeamsTenantNetworkSubnet.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md b/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md index 627539400b..0ea0c85aa8 100644 --- a/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md +++ b/docs/docs/resources/teams/TeamsTenantTrustedIPAddress.md @@ -21,6 +21,30 @@ As an Admin, you can use the Windows PowerShell command, New-CsTenantTrustedIPAd ## Permissions +### Microsoft Graph + +To authenticate with the Microsoft Graph API, this resource required the following permissions: + +#### Delegated permissions + +- **Read** + + - None + +- **Update** + + - None + +#### Application permissions + +- **Read** + + - Organization.Read.All + +- **Update** + + - Organization.Read.All + ## Examples ### Example 1 diff --git a/docs/docs/resources/teams/TeamsTranslationRule.md b/docs/docs/resources/teams/TeamsTranslationRule.md index 723c968fa6..bcde6a9889 100644 --- a/docs/docs/resources/teams/TeamsTranslationRule.md +++ b/docs/docs/resources/teams/TeamsTranslationRule.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md b/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md index 6c111e8968..b40e698e06 100644 --- a/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md +++ b/docs/docs/resources/teams/TeamsUnassignedNumberTreatment.md @@ -42,11 +42,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md b/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md index 7451fa8b04..fd57817eee 100644 --- a/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md +++ b/docs/docs/resources/teams/TeamsUpdateManagementPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUpgradeConfiguration.md b/docs/docs/resources/teams/TeamsUpgradeConfiguration.md index e1c9634998..890343eae8 100644 --- a/docs/docs/resources/teams/TeamsUpgradeConfiguration.md +++ b/docs/docs/resources/teams/TeamsUpgradeConfiguration.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUpgradePolicy.md b/docs/docs/resources/teams/TeamsUpgradePolicy.md index 0e6b95be61..c9ec3b27ff 100644 --- a/docs/docs/resources/teams/TeamsUpgradePolicy.md +++ b/docs/docs/resources/teams/TeamsUpgradePolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUserCallingSettings.md b/docs/docs/resources/teams/TeamsUserCallingSettings.md index 4dd57c90d4..38375b3ed3 100644 --- a/docs/docs/resources/teams/TeamsUserCallingSettings.md +++ b/docs/docs/resources/teams/TeamsUserCallingSettings.md @@ -50,11 +50,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - None + - Organization.Read.All - **Update** - - None + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsUserPolicyAssignment.md b/docs/docs/resources/teams/TeamsUserPolicyAssignment.md index 46de0d3eb6..9d6158d1a9 100644 --- a/docs/docs/resources/teams/TeamsUserPolicyAssignment.md +++ b/docs/docs/resources/teams/TeamsUserPolicyAssignment.md @@ -59,11 +59,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsVdiPolicy.md b/docs/docs/resources/teams/TeamsVdiPolicy.md index 0cf0a7655d..a2a13e5de8 100644 --- a/docs/docs/resources/teams/TeamsVdiPolicy.md +++ b/docs/docs/resources/teams/TeamsVdiPolicy.md @@ -40,11 +40,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsVoiceRoute.md b/docs/docs/resources/teams/TeamsVoiceRoute.md index f194d9db01..613a456b27 100644 --- a/docs/docs/resources/teams/TeamsVoiceRoute.md +++ b/docs/docs/resources/teams/TeamsVoiceRoute.md @@ -44,11 +44,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md b/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md index 96252959c4..cf7f75ac6a 100644 --- a/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md +++ b/docs/docs/resources/teams/TeamsVoiceRoutingPolicy.md @@ -41,11 +41,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/resources/teams/TeamsWorkloadPolicy.md b/docs/docs/resources/teams/TeamsWorkloadPolicy.md index bfa304ab20..b1396a9152 100644 --- a/docs/docs/resources/teams/TeamsWorkloadPolicy.md +++ b/docs/docs/resources/teams/TeamsWorkloadPolicy.md @@ -45,11 +45,11 @@ To authenticate with the Microsoft Graph API, this resource required the followi - **Read** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All - **Update** - - Organization.Read.All, User.Read.All, Group.ReadWrite.All, AppCatalog.ReadWrite.All, TeamSettings.ReadWrite.All, Channel.Delete.All, ChannelSettings.ReadWrite.All, ChannelMember.ReadWrite.All + - Organization.Read.All ## Examples diff --git a/docs/docs/user-guide/get-started/authentication-and-permissions.md b/docs/docs/user-guide/get-started/authentication-and-permissions.md index 77ce686d01..8da7494698 100644 --- a/docs/docs/user-guide/get-started/authentication-and-permissions.md +++ b/docs/docs/user-guide/get-started/authentication-and-permissions.md @@ -140,13 +140,13 @@ Executing the cmdlet will prompt you to authenticate using an administrator acco As mentioned earlier in this article, there is also the possibility to use Application permissions or custom service principal to authenticate against Microsoft 365. This custom service principal can be created and configured manually, but Microsoft365DSC also offers the Update-M365DSCAzureAdApplication cmdlet. With this cmdlet, you can create the custom service application, grant the correct permissions, provide admin consent and create credentials (secret or certificate). ```PowerShell -Update-M365DSCAzureAdApplication -ApplicationName 'Microsoft365DSC' -Permissions @(@{Api='SharePoint';PermissionName='Sites.FullControl.All'}) -AdminConsent -Type Secret +Update-M365DSCAzureAdApplication -ApplicationName 'Microsoft365DSC' -Permissions @(@{Api='SharePoint';PermissionName='Sites.FullControl.All'}) -AdminConsent -Type Secret -Credential (Get-Credential) ``` or ```PowerShell -Update-M365DSCAzureAdApplication -ApplicationName 'Microsoft365DSC' -Permissions @(@{Api='SharePoint';PermissionName='Sites.FullControl.All'}) -AdminConsent -Type Certificate -CreateSelfSignedCertificate -CertificatePath c:\Temp\M365DSC.cer +Update-M365DSCAzureAdApplication -ApplicationName 'Microsoft365DSC' -Permissions @(@{Api='SharePoint';PermissionName='Sites.FullControl.All'}) -AdminConsent -Type Certificate -CreateSelfSignedCertificate -CertificatePath c:\Temp\M365DSC.cer -Credential (Get-Credential) ``` ## SharePoint PnP PowerShell Permissions
    $($drift.CimInstanceKey) = '$($drift.CIMInstanceValue)'
    $($drift.ParameterName)$valueForSource