github.com/yaegashi/msgraph.go@v0.1.4/beta/ModelWindows10.go (about) 1 // Code generated by msgraph.go/gen DO NOT EDIT. 2 3 package msgraph 4 5 import "time" 6 7 // Windows10AppsForceUpdateSchedule undocumented 8 type Windows10AppsForceUpdateSchedule struct { 9 // Object is the base model of Windows10AppsForceUpdateSchedule 10 Object 11 // StartDateTime The start time for the force restart. 12 StartDateTime *time.Time `json:"startDateTime,omitempty"` 13 // Recurrence Recurrence schedule. 14 Recurrence *Windows10AppsUpdateRecurrence `json:"recurrence,omitempty"` 15 // RunImmediatelyIfAfterStartDateTime If true, runs the task immediately if StartDateTime is in the past, else, runs at the next recurrence. 16 RunImmediatelyIfAfterStartDateTime *bool `json:"runImmediatelyIfAfterStartDateTime,omitempty"` 17 } 18 19 // Windows10AssociatedApps undocumented 20 type Windows10AssociatedApps struct { 21 // Object is the base model of Windows10AssociatedApps 22 Object 23 // AppType Application type. 24 AppType *Windows10AppType `json:"appType,omitempty"` 25 // Identifier Identifier. 26 Identifier *string `json:"identifier,omitempty"` 27 } 28 29 // Windows10CertificateProfileBase Base class for Windows 10 certificate profile. 30 type Windows10CertificateProfileBase struct { 31 // WindowsCertificateProfileBase is the base model of Windows10CertificateProfileBase 32 WindowsCertificateProfileBase 33 } 34 35 // Windows10CompliancePolicy This class contains compliance settings for Windows 10. 36 type Windows10CompliancePolicy struct { 37 // DeviceCompliancePolicy is the base model of Windows10CompliancePolicy 38 DeviceCompliancePolicy 39 // PasswordRequired Require a password to unlock Windows device. 40 PasswordRequired *bool `json:"passwordRequired,omitempty"` 41 // PasswordBlockSimple Indicates whether or not to block simple password. 42 PasswordBlockSimple *bool `json:"passwordBlockSimple,omitempty"` 43 // PasswordRequiredToUnlockFromIdle Require a password to unlock an idle device. 44 PasswordRequiredToUnlockFromIdle *bool `json:"passwordRequiredToUnlockFromIdle,omitempty"` 45 // PasswordMinutesOfInactivityBeforeLock Minutes of inactivity before a password is required. 46 PasswordMinutesOfInactivityBeforeLock *int `json:"passwordMinutesOfInactivityBeforeLock,omitempty"` 47 // PasswordExpirationDays The password expiration in days. 48 PasswordExpirationDays *int `json:"passwordExpirationDays,omitempty"` 49 // PasswordMinimumLength The minimum password length. 50 PasswordMinimumLength *int `json:"passwordMinimumLength,omitempty"` 51 // PasswordMinimumCharacterSetCount The number of character sets required in the password. 52 PasswordMinimumCharacterSetCount *int `json:"passwordMinimumCharacterSetCount,omitempty"` 53 // PasswordRequiredType The required password type. 54 PasswordRequiredType *RequiredPasswordType `json:"passwordRequiredType,omitempty"` 55 // PasswordPreviousPasswordBlockCount The number of previous passwords to prevent re-use of. 56 PasswordPreviousPasswordBlockCount *int `json:"passwordPreviousPasswordBlockCount,omitempty"` 57 // RequireHealthyDeviceReport Require devices to be reported as healthy by Windows Device Health Attestation. 58 RequireHealthyDeviceReport *bool `json:"requireHealthyDeviceReport,omitempty"` 59 // OsMinimumVersion Minimum Windows 10 version. 60 OsMinimumVersion *string `json:"osMinimumVersion,omitempty"` 61 // OsMaximumVersion Maximum Windows 10 version. 62 OsMaximumVersion *string `json:"osMaximumVersion,omitempty"` 63 // MobileOsMinimumVersion Minimum Windows Phone version. 64 MobileOsMinimumVersion *string `json:"mobileOsMinimumVersion,omitempty"` 65 // MobileOsMaximumVersion Maximum Windows Phone version. 66 MobileOsMaximumVersion *string `json:"mobileOsMaximumVersion,omitempty"` 67 // EarlyLaunchAntiMalwareDriverEnabled Require devices to be reported as healthy by Windows Device Health Attestation - early launch antimalware driver is enabled. 68 EarlyLaunchAntiMalwareDriverEnabled *bool `json:"earlyLaunchAntiMalwareDriverEnabled,omitempty"` 69 // BitLockerEnabled Require devices to be reported healthy by Windows Device Health Attestation - bit locker is enabled 70 BitLockerEnabled *bool `json:"bitLockerEnabled,omitempty"` 71 // SecureBootEnabled Require devices to be reported as healthy by Windows Device Health Attestation - secure boot is enabled. 72 SecureBootEnabled *bool `json:"secureBootEnabled,omitempty"` 73 // CodeIntegrityEnabled Require devices to be reported as healthy by Windows Device Health Attestation. 74 CodeIntegrityEnabled *bool `json:"codeIntegrityEnabled,omitempty"` 75 // StorageRequireEncryption Require encryption on windows devices. 76 StorageRequireEncryption *bool `json:"storageRequireEncryption,omitempty"` 77 // ActiveFirewallRequired Require active firewall on Windows devices. 78 ActiveFirewallRequired *bool `json:"activeFirewallRequired,omitempty"` 79 // DefenderEnabled Require Windows Defender Antimalware on Windows devices. 80 DefenderEnabled *bool `json:"defenderEnabled,omitempty"` 81 // DefenderVersion Require Windows Defender Antimalware minimum version on Windows devices. 82 DefenderVersion *string `json:"defenderVersion,omitempty"` 83 // SignatureOutOfDate Require Windows Defender Antimalware Signature to be up to date on Windows devices. 84 SignatureOutOfDate *bool `json:"signatureOutOfDate,omitempty"` 85 // RtpEnabled Require Windows Defender Antimalware Real-Time Protection on Windows devices. 86 RtpEnabled *bool `json:"rtpEnabled,omitempty"` 87 // AntivirusRequired Require any Antivirus solution registered with Windows Decurity Center to be on and monitoring (e.g. Symantec, Windows Defender). 88 AntivirusRequired *bool `json:"antivirusRequired,omitempty"` 89 // AntiSpywareRequired Require any AntiSpyware solution registered with Windows Decurity Center to be on and monitoring (e.g. Symantec, Windows Defender). 90 AntiSpywareRequired *bool `json:"antiSpywareRequired,omitempty"` 91 // ValidOperatingSystemBuildRanges The valid operating system build ranges on Windows devices. This collection can contain a maximum of 10000 elements. 92 ValidOperatingSystemBuildRanges []OperatingSystemVersionRange `json:"validOperatingSystemBuildRanges,omitempty"` 93 // DeviceThreatProtectionEnabled Require that devices have enabled device threat protection. 94 DeviceThreatProtectionEnabled *bool `json:"deviceThreatProtectionEnabled,omitempty"` 95 // DeviceThreatProtectionRequiredSecurityLevel Require Device Threat Protection minimum risk level to report noncompliance. 96 DeviceThreatProtectionRequiredSecurityLevel *DeviceThreatProtectionLevel `json:"deviceThreatProtectionRequiredSecurityLevel,omitempty"` 97 // ConfigurationManagerComplianceRequired Require to consider SCCM Compliance state into consideration for Intune Compliance State. 98 ConfigurationManagerComplianceRequired *bool `json:"configurationManagerComplianceRequired,omitempty"` 99 // TpmRequired Require Trusted Platform Module(TPM) to be present. 100 TpmRequired *bool `json:"tpmRequired,omitempty"` 101 } 102 103 // Windows10CustomConfiguration This topic provides descriptions of the declared methods, properties and relationships exposed by the windows10CustomConfiguration resource. 104 type Windows10CustomConfiguration struct { 105 // DeviceConfiguration is the base model of Windows10CustomConfiguration 106 DeviceConfiguration 107 // OMASettings OMA settings. This collection can contain a maximum of 1000 elements. 108 OMASettings []OMASetting `json:"omaSettings,omitempty"` 109 } 110 111 // Windows10DeviceFirmwareConfigurationInterface Graph properties for Device Firmware Configuration Interface 112 type Windows10DeviceFirmwareConfigurationInterface struct { 113 // DeviceConfiguration is the base model of Windows10DeviceFirmwareConfigurationInterface 114 DeviceConfiguration 115 // ChangeUefiSettingsPermission Defines the permission level granted to users to change UEFI settings. 116 ChangeUefiSettingsPermission *ChangeUefiSettingsPermission `json:"changeUefiSettingsPermission,omitempty"` 117 // VirtualizationOfCPUAndIO Defines whether CPU and IO virtualization is enabled. 118 VirtualizationOfCPUAndIO *Enablement `json:"virtualizationOfCpuAndIO,omitempty"` 119 // Cameras Defines whether built-in cameras are enabled. 120 Cameras *Enablement `json:"cameras,omitempty"` 121 // MicrophonesAndSpeakers Defines whether built-in microphones or speakers are enabled. 122 MicrophonesAndSpeakers *Enablement `json:"microphonesAndSpeakers,omitempty"` 123 // Radios Defines whether built-in radios e.g. WIFI, NFC, Bluetooth, are enabled. 124 Radios *Enablement `json:"radios,omitempty"` 125 // BootFromExternalMedia Defines whether a user is allowed to boot from external media. 126 BootFromExternalMedia *Enablement `json:"bootFromExternalMedia,omitempty"` 127 // BootFromBuiltInNetworkAdapters Defines whether a user is allowed to boot from built-in network adapters. 128 BootFromBuiltInNetworkAdapters *Enablement `json:"bootFromBuiltInNetworkAdapters,omitempty"` 129 } 130 131 // Windows10EasEmailProfileConfiguration By providing configurations in this profile you can instruct the native email client (Outlook) on Windows 10 devices to communicate with an Exchange server and get email, contacts, calendar, and tasks. Furthermore, you can also specify how much email to sync and how often the device should sync. 132 type Windows10EasEmailProfileConfiguration struct { 133 // EasEmailProfileConfigurationBase is the base model of Windows10EasEmailProfileConfiguration 134 EasEmailProfileConfigurationBase 135 // AccountName Account name. 136 AccountName *string `json:"accountName,omitempty"` 137 // SyncCalendar Whether or not to sync the calendar. 138 SyncCalendar *bool `json:"syncCalendar,omitempty"` 139 // SyncContacts Whether or not to sync contacts. 140 SyncContacts *bool `json:"syncContacts,omitempty"` 141 // SyncTasks Whether or not to sync tasks. 142 SyncTasks *bool `json:"syncTasks,omitempty"` 143 // DurationOfEmailToSync Duration of email to sync. 144 DurationOfEmailToSync *EmailSyncDuration `json:"durationOfEmailToSync,omitempty"` 145 // EmailAddressSource Email attribute that is picked from AAD and injected into this profile before installing on the device. 146 EmailAddressSource *UserEmailSource `json:"emailAddressSource,omitempty"` 147 // EmailSyncSchedule Email sync schedule. 148 EmailSyncSchedule *EmailSyncSchedule `json:"emailSyncSchedule,omitempty"` 149 // HostName Exchange location that (URL) that the native mail app connects to. 150 HostName *string `json:"hostName,omitempty"` 151 // RequireSsl Indicates whether or not to use SSL. 152 RequireSsl *bool `json:"requireSsl,omitempty"` 153 } 154 155 // Windows10EndpointProtectionConfiguration This topic provides descriptions of the declared methods, properties and relationships exposed by the Windows10EndpointProtectionConfiguration resource. 156 type Windows10EndpointProtectionConfiguration struct { 157 // DeviceConfiguration is the base model of Windows10EndpointProtectionConfiguration 158 DeviceConfiguration 159 // DMAGuardDeviceEnumerationPolicy undocumented 160 DMAGuardDeviceEnumerationPolicy *DMAGuardDeviceEnumerationPolicyType `json:"dmaGuardDeviceEnumerationPolicy,omitempty"` 161 // FirewallRules Configures the firewall rule settings. This collection can contain a maximum of 150 elements. 162 FirewallRules []WindowsFirewallRule `json:"firewallRules,omitempty"` 163 // UserRightsAccessCredentialManagerAsTrustedCaller This user right is used by Credential Manager during Backup/Restore. Users' saved credentials might be compromised if this privilege is given to other entities. Only states NotConfigured and Allowed are supported 164 UserRightsAccessCredentialManagerAsTrustedCaller *DeviceManagementUserRightsSetting `json:"userRightsAccessCredentialManagerAsTrustedCaller,omitempty"` 165 // UserRightsAllowAccessFromNetwork This user right determines which users and groups are allowed to connect to the computer over the network. State Allowed is supported. 166 UserRightsAllowAccessFromNetwork *DeviceManagementUserRightsSetting `json:"userRightsAllowAccessFromNetwork,omitempty"` 167 // UserRightsBlockAccessFromNetwork This user right determines which users and groups are block from connecting to the computer over the network. State Block is supported. 168 UserRightsBlockAccessFromNetwork *DeviceManagementUserRightsSetting `json:"userRightsBlockAccessFromNetwork,omitempty"` 169 // UserRightsActAsPartOfTheOperatingSystem This user right allows a process to impersonate any user without authentication. The process can therefore gain access to the same local resources as that user. Only states NotConfigured and Allowed are supported 170 UserRightsActAsPartOfTheOperatingSystem *DeviceManagementUserRightsSetting `json:"userRightsActAsPartOfTheOperatingSystem,omitempty"` 171 // UserRightsLocalLogOn This user right determines which users can log on to the computer. States NotConfigured, Allowed are supported 172 UserRightsLocalLogOn *DeviceManagementUserRightsSetting `json:"userRightsLocalLogOn,omitempty"` 173 // UserRightsDenyLocalLogOn This user right determines which users cannot log on to the computer. States NotConfigured, Blocked are supported 174 UserRightsDenyLocalLogOn *DeviceManagementUserRightsSetting `json:"userRightsDenyLocalLogOn,omitempty"` 175 // UserRightsBackupData This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when backing up files and directories. Only states NotConfigured and Allowed are supported 176 UserRightsBackupData *DeviceManagementUserRightsSetting `json:"userRightsBackupData,omitempty"` 177 // UserRightsChangeSystemTime This user right determines which users and groups can change the time and date on the internal clock of the computer. Only states NotConfigured and Allowed are supported 178 UserRightsChangeSystemTime *DeviceManagementUserRightsSetting `json:"userRightsChangeSystemTime,omitempty"` 179 // UserRightsCreateGlobalObjects This security setting determines whether users can create global objects that are available to all sessions. Users who can create global objects could affect processes that run under other users' sessions, which could lead to application failure or data corruption. Only states NotConfigured and Allowed are supported 180 UserRightsCreateGlobalObjects *DeviceManagementUserRightsSetting `json:"userRightsCreateGlobalObjects,omitempty"` 181 // UserRightsCreatePageFile This user right determines which users and groups can call an internal API to create and change the size of a page file. Only states NotConfigured and Allowed are supported 182 UserRightsCreatePageFile *DeviceManagementUserRightsSetting `json:"userRightsCreatePageFile,omitempty"` 183 // UserRightsCreatePermanentSharedObjects This user right determines which accounts can be used by processes to create a directory object using the object manager. Only states NotConfigured and Allowed are supported 184 UserRightsCreatePermanentSharedObjects *DeviceManagementUserRightsSetting `json:"userRightsCreatePermanentSharedObjects,omitempty"` 185 // UserRightsCreateSymbolicLinks This user right determines if the user can create a symbolic link from the computer to which they are logged on. Only states NotConfigured and Allowed are supported 186 UserRightsCreateSymbolicLinks *DeviceManagementUserRightsSetting `json:"userRightsCreateSymbolicLinks,omitempty"` 187 // UserRightsCreateToken This user right determines which users/groups can be used by processes to create a token that can then be used to get access to any local resources when the process uses an internal API to create an access token. Only states NotConfigured and Allowed are supported 188 UserRightsCreateToken *DeviceManagementUserRightsSetting `json:"userRightsCreateToken,omitempty"` 189 // UserRightsDebugPrograms This user right determines which users can attach a debugger to any process or to the kernel. Only states NotConfigured and Allowed are supported 190 UserRightsDebugPrograms *DeviceManagementUserRightsSetting `json:"userRightsDebugPrograms,omitempty"` 191 // UserRightsRemoteDesktopServicesLogOn This user right determines which users and groups are prohibited from logging on as a Remote Desktop Services client. Only states NotConfigured and Blocked are supported 192 UserRightsRemoteDesktopServicesLogOn *DeviceManagementUserRightsSetting `json:"userRightsRemoteDesktopServicesLogOn,omitempty"` 193 // UserRightsDelegation This user right determines which users can set the Trusted for Delegation setting on a user or computer object. Only states NotConfigured and Allowed are supported. 194 UserRightsDelegation *DeviceManagementUserRightsSetting `json:"userRightsDelegation,omitempty"` 195 // UserRightsGenerateSecurityAudits This user right determines which accounts can be used by a process to add entries to the security log. The security log is used to trace unauthorized system access. Only states NotConfigured and Allowed are supported. 196 UserRightsGenerateSecurityAudits *DeviceManagementUserRightsSetting `json:"userRightsGenerateSecurityAudits,omitempty"` 197 // UserRightsImpersonateClient Assigning this user right to a user allows programs running on behalf of that user to impersonate a client. Requiring this user right for this kind of impersonation prevents an unauthorized user from convincing a client to connect to a service that they have created and then impersonating that client, which can elevate the unauthorized user's permissions to administrative or system levels. Only states NotConfigured and Allowed are supported. 198 UserRightsImpersonateClient *DeviceManagementUserRightsSetting `json:"userRightsImpersonateClient,omitempty"` 199 // UserRightsIncreaseSchedulingPriority This user right determines which accounts can use a process with Write Property access to another process to increase the execution priority assigned to the other process. Only states NotConfigured and Allowed are supported. 200 UserRightsIncreaseSchedulingPriority *DeviceManagementUserRightsSetting `json:"userRightsIncreaseSchedulingPriority,omitempty"` 201 // UserRightsLoadUnloadDrivers This user right determines which users can dynamically load and unload device drivers or other code in to kernel mode. Only states NotConfigured and Allowed are supported. 202 UserRightsLoadUnloadDrivers *DeviceManagementUserRightsSetting `json:"userRightsLoadUnloadDrivers,omitempty"` 203 // UserRightsLockMemory This user right determines which accounts can use a process to keep data in physical memory, which prevents the system from paging the data to virtual memory on disk. Only states NotConfigured and Allowed are supported. 204 UserRightsLockMemory *DeviceManagementUserRightsSetting `json:"userRightsLockMemory,omitempty"` 205 // UserRightsManageAuditingAndSecurityLogs This user right determines which users can specify object access auditing options for individual resources, such as files, Active Directory objects, and registry keys. Only states NotConfigured and Allowed are supported. 206 UserRightsManageAuditingAndSecurityLogs *DeviceManagementUserRightsSetting `json:"userRightsManageAuditingAndSecurityLogs,omitempty"` 207 // UserRightsManageVolumes This user right determines which users and groups can run maintenance tasks on a volume, such as remote defragmentation. Only states NotConfigured and Allowed are supported. 208 UserRightsManageVolumes *DeviceManagementUserRightsSetting `json:"userRightsManageVolumes,omitempty"` 209 // UserRightsModifyFirmwareEnvironment This user right determines who can modify firmware environment values. Only states NotConfigured and Allowed are supported. 210 UserRightsModifyFirmwareEnvironment *DeviceManagementUserRightsSetting `json:"userRightsModifyFirmwareEnvironment,omitempty"` 211 // UserRightsModifyObjectLabels This user right determines which user accounts can modify the integrity label of objects, such as files, registry keys, or processes owned by other users. Only states NotConfigured and Allowed are supported. 212 UserRightsModifyObjectLabels *DeviceManagementUserRightsSetting `json:"userRightsModifyObjectLabels,omitempty"` 213 // UserRightsProfileSingleProcess This user right determines which users can use performance monitoring tools to monitor the performance of system processes. Only states NotConfigured and Allowed are supported. 214 UserRightsProfileSingleProcess *DeviceManagementUserRightsSetting `json:"userRightsProfileSingleProcess,omitempty"` 215 // UserRightsRemoteShutdown This user right determines which users are allowed to shut down a computer from a remote location on the network. Misuse of this user right can result in a denial of service. Only states NotConfigured and Allowed are supported. 216 UserRightsRemoteShutdown *DeviceManagementUserRightsSetting `json:"userRightsRemoteShutdown,omitempty"` 217 // UserRightsRestoreData This user right determines which users can bypass file, directory, registry, and other persistent objects permissions when restoring backed up files and directories, and determines which users can set any valid security principal as the owner of an object. Only states NotConfigured and Allowed are supported. 218 UserRightsRestoreData *DeviceManagementUserRightsSetting `json:"userRightsRestoreData,omitempty"` 219 // UserRightsTakeOwnership This user right determines which users can take ownership of any securable object in the system, including Active Directory objects, files and folders, printers, registry keys, processes, and threads. Only states NotConfigured and Allowed are supported. 220 UserRightsTakeOwnership *DeviceManagementUserRightsSetting `json:"userRightsTakeOwnership,omitempty"` 221 // XboxServicesEnableXboxGameSaveTask This setting determines whether xbox game save is enabled (1) or disabled (0). 222 XboxServicesEnableXboxGameSaveTask *bool `json:"xboxServicesEnableXboxGameSaveTask,omitempty"` 223 // XboxServicesAccessoryManagementServiceStartupMode This setting determines whether the Accessory management service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. 224 XboxServicesAccessoryManagementServiceStartupMode *ServiceStartType `json:"xboxServicesAccessoryManagementServiceStartupMode,omitempty"` 225 // XboxServicesLiveAuthManagerServiceStartupMode This setting determines whether Live Auth Manager service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. 226 XboxServicesLiveAuthManagerServiceStartupMode *ServiceStartType `json:"xboxServicesLiveAuthManagerServiceStartupMode,omitempty"` 227 // XboxServicesLiveGameSaveServiceStartupMode This setting determines whether Live Game save service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. 228 XboxServicesLiveGameSaveServiceStartupMode *ServiceStartType `json:"xboxServicesLiveGameSaveServiceStartupMode,omitempty"` 229 // XboxServicesLiveNetworkingServiceStartupMode This setting determines whether Networking service's start type is Automatic(2), Manual(3), Disabled(4). Default: Manual. 230 XboxServicesLiveNetworkingServiceStartupMode *ServiceStartType `json:"xboxServicesLiveNetworkingServiceStartupMode,omitempty"` 231 // LocalSecurityOptionsBlockMicrosoftAccounts Prevent users from adding new Microsoft accounts to this computer. 232 LocalSecurityOptionsBlockMicrosoftAccounts *bool `json:"localSecurityOptionsBlockMicrosoftAccounts,omitempty"` 233 // LocalSecurityOptionsBlockRemoteLogonWithBlankPassword Enable Local accounts that are not password protected to log on from locations other than the physical device.Default is enabled 234 LocalSecurityOptionsBlockRemoteLogonWithBlankPassword *bool `json:"localSecurityOptionsBlockRemoteLogonWithBlankPassword,omitempty"` 235 // LocalSecurityOptionsDisableAdministratorAccount Determines whether the Local Administrator account is enabled or disabled. 236 LocalSecurityOptionsDisableAdministratorAccount *bool `json:"localSecurityOptionsDisableAdministratorAccount,omitempty"` 237 // LocalSecurityOptionsAdministratorAccountName Define a different account name to be associated with the security identifier (SID) for the account “Administrator”. 238 LocalSecurityOptionsAdministratorAccountName *string `json:"localSecurityOptionsAdministratorAccountName,omitempty"` 239 // LocalSecurityOptionsDisableGuestAccount Determines if the Guest account is enabled or disabled. 240 LocalSecurityOptionsDisableGuestAccount *bool `json:"localSecurityOptionsDisableGuestAccount,omitempty"` 241 // LocalSecurityOptionsGuestAccountName Define a different account name to be associated with the security identifier (SID) for the account “Guest”. 242 LocalSecurityOptionsGuestAccountName *string `json:"localSecurityOptionsGuestAccountName,omitempty"` 243 // LocalSecurityOptionsAllowUndockWithoutHavingToLogon Prevent a portable computer from being undocked without having to log in. 244 LocalSecurityOptionsAllowUndockWithoutHavingToLogon *bool `json:"localSecurityOptionsAllowUndockWithoutHavingToLogon,omitempty"` 245 // LocalSecurityOptionsBlockUsersInstallingPrinterDrivers Restrict installing printer drivers as part of connecting to a shared printer to admins only. 246 LocalSecurityOptionsBlockUsersInstallingPrinterDrivers *bool `json:"localSecurityOptionsBlockUsersInstallingPrinterDrivers,omitempty"` 247 // LocalSecurityOptionsBlockRemoteOpticalDriveAccess Enabling this settings allows only interactively logged on user to access CD-ROM media. 248 LocalSecurityOptionsBlockRemoteOpticalDriveAccess *bool `json:"localSecurityOptionsBlockRemoteOpticalDriveAccess,omitempty"` 249 // LocalSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser Define who is allowed to format and eject removable NTFS media. 250 LocalSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser *LocalSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUserType `json:"localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser,omitempty"` 251 // LocalSecurityOptionsMachineInactivityLimit Define maximum minutes of inactivity on the interactive desktop’s login screen until the screen saver runs. Valid values 0 to 9999 252 LocalSecurityOptionsMachineInactivityLimit *int `json:"localSecurityOptionsMachineInactivityLimit,omitempty"` 253 // LocalSecurityOptionsMachineInactivityLimitInMinutes Define maximum minutes of inactivity on the interactive desktop’s login screen until the screen saver runs. Valid values 0 to 9999 254 LocalSecurityOptionsMachineInactivityLimitInMinutes *int `json:"localSecurityOptionsMachineInactivityLimitInMinutes,omitempty"` 255 // LocalSecurityOptionsDoNotRequireCtrlAltDel Require CTRL+ALT+DEL to be pressed before a user can log on. 256 LocalSecurityOptionsDoNotRequireCtrlAltDel *bool `json:"localSecurityOptionsDoNotRequireCtrlAltDel,omitempty"` 257 // LocalSecurityOptionsHideLastSignedInUser Do not display the username of the last person who signed in on this device. 258 LocalSecurityOptionsHideLastSignedInUser *bool `json:"localSecurityOptionsHideLastSignedInUser,omitempty"` 259 // LocalSecurityOptionsHideUsernameAtSignIn Do not display the username of the person signing in to this device after credentials are entered and before the device’s desktop is shown. 260 LocalSecurityOptionsHideUsernameAtSignIn *bool `json:"localSecurityOptionsHideUsernameAtSignIn,omitempty"` 261 // LocalSecurityOptionsLogOnMessageTitle Set message title for users attempting to log in. 262 LocalSecurityOptionsLogOnMessageTitle *string `json:"localSecurityOptionsLogOnMessageTitle,omitempty"` 263 // LocalSecurityOptionsLogOnMessageText Set message text for users attempting to log in. 264 LocalSecurityOptionsLogOnMessageText *string `json:"localSecurityOptionsLogOnMessageText,omitempty"` 265 // LocalSecurityOptionsAllowPKU2UAuthenticationRequests Block PKU2U authentication requests to this device to use online identities. 266 LocalSecurityOptionsAllowPKU2UAuthenticationRequests *bool `json:"localSecurityOptionsAllowPKU2UAuthenticationRequests,omitempty"` 267 // LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool UI helper boolean for LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManager entity 268 LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool *bool `json:"localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool,omitempty"` 269 // LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManager Edit the default Security Descriptor Definition Language string to allow or deny users and groups to make remote calls to the SAM. 270 LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManager *string `json:"localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager,omitempty"` 271 // LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients This security setting allows a client to require the negotiation of 128-bit encryption and/or NTLMv2 session security. 272 LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients *LocalSecurityOptionsMinimumSessionSecurity `json:"localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients,omitempty"` 273 // LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers This security setting allows a server to require the negotiation of 128-bit encryption and/or NTLMv2 session security. 274 LocalSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers *LocalSecurityOptionsMinimumSessionSecurity `json:"localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers,omitempty"` 275 // LanManagerAuthenticationLevel This security setting determines which challenge/response authentication protocol is used for network logons. 276 LanManagerAuthenticationLevel *LanManagerAuthenticationLevel `json:"lanManagerAuthenticationLevel,omitempty"` 277 // LanManagerWorkstationDisableInsecureGuestLogons If enabled,the SMB client will allow insecure guest logons. If not configured, the SMB client will reject insecure guest logons. 278 LanManagerWorkstationDisableInsecureGuestLogons *bool `json:"lanManagerWorkstationDisableInsecureGuestLogons,omitempty"` 279 // LocalSecurityOptionsClearVirtualMemoryPageFile This security setting determines whether the virtual memory pagefile is cleared when the system is shut down. 280 LocalSecurityOptionsClearVirtualMemoryPageFile *bool `json:"localSecurityOptionsClearVirtualMemoryPageFile,omitempty"` 281 // LocalSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn This security setting determines whether a computer can be shut down without having to log on to Windows. 282 LocalSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn *bool `json:"localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn,omitempty"` 283 // LocalSecurityOptionsAllowUIAccessApplicationElevation Allow UIAccess apps to prompt for elevation without using the secure desktop. 284 LocalSecurityOptionsAllowUIAccessApplicationElevation *bool `json:"localSecurityOptionsAllowUIAccessApplicationElevation,omitempty"` 285 // LocalSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations Virtualize file and registry write failures to per user locations 286 LocalSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations *bool `json:"localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations,omitempty"` 287 // LocalSecurityOptionsOnlyElevateSignedExecutables Enforce PKI certification path validation for a given executable file before it is permitted to run. 288 LocalSecurityOptionsOnlyElevateSignedExecutables *bool `json:"localSecurityOptionsOnlyElevateSignedExecutables,omitempty"` 289 // LocalSecurityOptionsAdministratorElevationPromptBehavior Define the behavior of the elevation prompt for admins in Admin Approval Mode. 290 LocalSecurityOptionsAdministratorElevationPromptBehavior *LocalSecurityOptionsAdministratorElevationPromptBehaviorType `json:"localSecurityOptionsAdministratorElevationPromptBehavior,omitempty"` 291 // LocalSecurityOptionsStandardUserElevationPromptBehavior Define the behavior of the elevation prompt for standard users. 292 LocalSecurityOptionsStandardUserElevationPromptBehavior *LocalSecurityOptionsStandardUserElevationPromptBehaviorType `json:"localSecurityOptionsStandardUserElevationPromptBehavior,omitempty"` 293 // LocalSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation Enable all elevation requests to go to the interactive user's desktop rather than the secure desktop. Prompt behavior policy settings for admins and standard users are used. 294 LocalSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation *bool `json:"localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation,omitempty"` 295 // LocalSecurityOptionsDetectApplicationInstallationsAndPromptForElevation App installations requiring elevated privileges will prompt for admin credentials.Default is enabled 296 LocalSecurityOptionsDetectApplicationInstallationsAndPromptForElevation *bool `json:"localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation,omitempty"` 297 // LocalSecurityOptionsAllowUIAccessApplicationsForSecureLocations Allow UIAccess apps to prompt for elevation without using the secure desktop.Default is enabled 298 LocalSecurityOptionsAllowUIAccessApplicationsForSecureLocations *bool `json:"localSecurityOptionsAllowUIAccessApplicationsForSecureLocations,omitempty"` 299 // LocalSecurityOptionsUseAdminApprovalMode Defines whether the built-in admin account uses Admin Approval Mode or runs all apps with full admin privileges.Default is enabled 300 LocalSecurityOptionsUseAdminApprovalMode *bool `json:"localSecurityOptionsUseAdminApprovalMode,omitempty"` 301 // LocalSecurityOptionsUseAdminApprovalModeForAdministrators Define whether Admin Approval Mode and all UAC policy settings are enabled, default is enabled 302 LocalSecurityOptionsUseAdminApprovalModeForAdministrators *bool `json:"localSecurityOptionsUseAdminApprovalModeForAdministrators,omitempty"` 303 // LocalSecurityOptionsInformationShownOnLockScreen Configure the user information that is displayed when the session is locked. If not configured, user display name, domain and username are shown 304 LocalSecurityOptionsInformationShownOnLockScreen *LocalSecurityOptionsInformationShownOnLockScreenType `json:"localSecurityOptionsInformationShownOnLockScreen,omitempty"` 305 // LocalSecurityOptionsInformationDisplayedOnLockScreen Configure the user information that is displayed when the session is locked. If not configured, user display name, domain and username are shown 306 LocalSecurityOptionsInformationDisplayedOnLockScreen *LocalSecurityOptionsInformationDisplayedOnLockScreenType `json:"localSecurityOptionsInformationDisplayedOnLockScreen,omitempty"` 307 // LocalSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees This security setting determines whether the SMB client attempts to negotiate SMB packet signing. 308 LocalSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees *bool `json:"localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees,omitempty"` 309 // LocalSecurityOptionsClientDigitallySignCommunicationsAlways This security setting determines whether packet signing is required by the SMB client component. 310 LocalSecurityOptionsClientDigitallySignCommunicationsAlways *bool `json:"localSecurityOptionsClientDigitallySignCommunicationsAlways,omitempty"` 311 // LocalSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers If this security setting is enabled, the Server Message Block (SMB) redirector is allowed to send plaintext passwords to non-Microsoft SMB servers that do not support password encryption during authentication. 312 LocalSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers *bool `json:"localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers,omitempty"` 313 // LocalSecurityOptionsDisableServerDigitallySignCommunicationsAlways This security setting determines whether packet signing is required by the SMB server component. 314 LocalSecurityOptionsDisableServerDigitallySignCommunicationsAlways *bool `json:"localSecurityOptionsDisableServerDigitallySignCommunicationsAlways,omitempty"` 315 // LocalSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees This security setting determines whether the SMB server will negotiate SMB packet signing with clients that request it. 316 LocalSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees *bool `json:"localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees,omitempty"` 317 // LocalSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares By default, this security setting restricts anonymous access to shares and pipes to the settings for named pipes that can be accessed anonymously and Shares that can be accessed anonymously 318 LocalSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares *bool `json:"localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares,omitempty"` 319 // LocalSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts This security setting determines what additional permissions will be granted for anonymous connections to the computer. 320 LocalSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts *bool `json:"localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts,omitempty"` 321 // LocalSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares This security setting determines whether to allows anonymous users to perform certain activities, such as enumerating the names of domain accounts and network shares. 322 LocalSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares *bool `json:"localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares,omitempty"` 323 // LocalSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange This security setting determines if, at the next password change, the LAN Manager (LM) hash value for the new password is stored. It’s not stored by default. 324 LocalSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange *bool `json:"localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange,omitempty"` 325 // LocalSecurityOptionsSmartCardRemovalBehavior This security setting determines what happens when the smart card for a logged-on user is removed from the smart card reader. 326 LocalSecurityOptionsSmartCardRemovalBehavior *LocalSecurityOptionsSmartCardRemovalBehaviorType `json:"localSecurityOptionsSmartCardRemovalBehavior,omitempty"` 327 // DefenderSecurityCenterDisableAppBrowserUI Used to disable the display of the app and browser protection area. 328 DefenderSecurityCenterDisableAppBrowserUI *bool `json:"defenderSecurityCenterDisableAppBrowserUI,omitempty"` 329 // DefenderSecurityCenterDisableFamilyUI Used to disable the display of the family options area. 330 DefenderSecurityCenterDisableFamilyUI *bool `json:"defenderSecurityCenterDisableFamilyUI,omitempty"` 331 // DefenderSecurityCenterDisableHealthUI Used to disable the display of the device performance and health area. 332 DefenderSecurityCenterDisableHealthUI *bool `json:"defenderSecurityCenterDisableHealthUI,omitempty"` 333 // DefenderSecurityCenterDisableNetworkUI Used to disable the display of the firewall and network protection area. 334 DefenderSecurityCenterDisableNetworkUI *bool `json:"defenderSecurityCenterDisableNetworkUI,omitempty"` 335 // DefenderSecurityCenterDisableVirusUI Used to disable the display of the virus and threat protection area. 336 DefenderSecurityCenterDisableVirusUI *bool `json:"defenderSecurityCenterDisableVirusUI,omitempty"` 337 // DefenderSecurityCenterDisableAccountUI Used to disable the display of the account protection area. 338 DefenderSecurityCenterDisableAccountUI *bool `json:"defenderSecurityCenterDisableAccountUI,omitempty"` 339 // DefenderSecurityCenterDisableClearTpmUI Used to disable the display of the Clear TPM button. 340 DefenderSecurityCenterDisableClearTpmUI *bool `json:"defenderSecurityCenterDisableClearTpmUI,omitempty"` 341 // DefenderSecurityCenterDisableHardwareUI Used to disable the display of the hardware protection area. 342 DefenderSecurityCenterDisableHardwareUI *bool `json:"defenderSecurityCenterDisableHardwareUI,omitempty"` 343 // DefenderSecurityCenterDisableNotificationAreaUI Used to disable the display of the notification area control. The user needs to either sign out and sign in or reboot the computer for this setting to take effect. 344 DefenderSecurityCenterDisableNotificationAreaUI *bool `json:"defenderSecurityCenterDisableNotificationAreaUI,omitempty"` 345 // DefenderSecurityCenterDisableRansomwareUI Used to disable the display of the ransomware protection area. 346 DefenderSecurityCenterDisableRansomwareUI *bool `json:"defenderSecurityCenterDisableRansomwareUI,omitempty"` 347 // DefenderSecurityCenterDisableSecureBootUI Used to disable the display of the secure boot area under Device security. 348 DefenderSecurityCenterDisableSecureBootUI *bool `json:"defenderSecurityCenterDisableSecureBootUI,omitempty"` 349 // DefenderSecurityCenterDisableTroubleshootingUI Used to disable the display of the security process troubleshooting under Device security. 350 DefenderSecurityCenterDisableTroubleshootingUI *bool `json:"defenderSecurityCenterDisableTroubleshootingUI,omitempty"` 351 // DefenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI Used to disable the display of update TPM Firmware when a vulnerable firmware is detected. 352 DefenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI *bool `json:"defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI,omitempty"` 353 // DefenderSecurityCenterOrganizationDisplayName The company name that is displayed to the users. 354 DefenderSecurityCenterOrganizationDisplayName *string `json:"defenderSecurityCenterOrganizationDisplayName,omitempty"` 355 // DefenderSecurityCenterHelpEmail The email address that is displayed to users. 356 DefenderSecurityCenterHelpEmail *string `json:"defenderSecurityCenterHelpEmail,omitempty"` 357 // DefenderSecurityCenterHelpPhone The phone number or Skype ID that is displayed to users. 358 DefenderSecurityCenterHelpPhone *string `json:"defenderSecurityCenterHelpPhone,omitempty"` 359 // DefenderSecurityCenterHelpURL The help portal URL this is displayed to users. 360 DefenderSecurityCenterHelpURL *string `json:"defenderSecurityCenterHelpURL,omitempty"` 361 // DefenderSecurityCenterNotificationsFromApp Notifications to show from the displayed areas of app 362 DefenderSecurityCenterNotificationsFromApp *DefenderSecurityCenterNotificationsFromAppType `json:"defenderSecurityCenterNotificationsFromApp,omitempty"` 363 // DefenderSecurityCenterITContactDisplay Configure where to display IT contact information to end users. 364 DefenderSecurityCenterITContactDisplay *DefenderSecurityCenterITContactDisplayType `json:"defenderSecurityCenterITContactDisplay,omitempty"` 365 // WindowsDefenderTamperProtection Configure windows defender TamperProtection settings 366 WindowsDefenderTamperProtection *WindowsDefenderTamperProtectionOptions `json:"windowsDefenderTamperProtection,omitempty"` 367 // FirewallBlockStatefulFTP Blocks stateful FTP connections to the device 368 FirewallBlockStatefulFTP *bool `json:"firewallBlockStatefulFTP,omitempty"` 369 // FirewallIdleTimeoutForSecurityAssociationInSeconds Configures the idle timeout for security associations, in seconds, from 300 to 3600 inclusive. This is the period after which security associations will expire and be deleted. Valid values 300 to 3600 370 FirewallIdleTimeoutForSecurityAssociationInSeconds *int `json:"firewallIdleTimeoutForSecurityAssociationInSeconds,omitempty"` 371 // FirewallPreSharedKeyEncodingMethod Select the preshared key encoding to be used 372 FirewallPreSharedKeyEncodingMethod *FirewallPreSharedKeyEncodingMethodType `json:"firewallPreSharedKeyEncodingMethod,omitempty"` 373 // FirewallIPSecExemptionsAllowNeighborDiscovery Configures IPSec exemptions to allow neighbor discovery IPv6 ICMP type-codes 374 FirewallIPSecExemptionsAllowNeighborDiscovery *bool `json:"firewallIPSecExemptionsAllowNeighborDiscovery,omitempty"` 375 // FirewallIPSecExemptionsAllowICMP Configures IPSec exemptions to allow ICMP 376 FirewallIPSecExemptionsAllowICMP *bool `json:"firewallIPSecExemptionsAllowICMP,omitempty"` 377 // FirewallIPSecExemptionsAllowRouterDiscovery Configures IPSec exemptions to allow router discovery IPv6 ICMP type-codes 378 FirewallIPSecExemptionsAllowRouterDiscovery *bool `json:"firewallIPSecExemptionsAllowRouterDiscovery,omitempty"` 379 // FirewallIPSecExemptionsAllowDHCP Configures IPSec exemptions to allow both IPv4 and IPv6 DHCP traffic 380 FirewallIPSecExemptionsAllowDHCP *bool `json:"firewallIPSecExemptionsAllowDHCP,omitempty"` 381 // FirewallCertificateRevocationListCheckMethod Specify how the certificate revocation list is to be enforced 382 FirewallCertificateRevocationListCheckMethod *FirewallCertificateRevocationListCheckMethodType `json:"firewallCertificateRevocationListCheckMethod,omitempty"` 383 // FirewallMergeKeyingModuleSettings If an authentication set is not fully supported by a keying module, direct the module to ignore only unsupported authentication suites rather than the entire set 384 FirewallMergeKeyingModuleSettings *bool `json:"firewallMergeKeyingModuleSettings,omitempty"` 385 // FirewallPacketQueueingMethod Configures how packet queueing should be applied in the tunnel gateway scenario 386 FirewallPacketQueueingMethod *FirewallPacketQueueingMethodType `json:"firewallPacketQueueingMethod,omitempty"` 387 // FirewallProfileDomain Configures the firewall profile settings for domain networks 388 FirewallProfileDomain *WindowsFirewallNetworkProfile `json:"firewallProfileDomain,omitempty"` 389 // FirewallProfilePublic Configures the firewall profile settings for public networks 390 FirewallProfilePublic *WindowsFirewallNetworkProfile `json:"firewallProfilePublic,omitempty"` 391 // FirewallProfilePrivate Configures the firewall profile settings for private networks 392 FirewallProfilePrivate *WindowsFirewallNetworkProfile `json:"firewallProfilePrivate,omitempty"` 393 // DefenderAdobeReaderLaunchChildProcess Value indicating the behavior of Adobe Reader from creating child processes 394 DefenderAdobeReaderLaunchChildProcess *DefenderProtectionType `json:"defenderAdobeReaderLaunchChildProcess,omitempty"` 395 // DefenderAttackSurfaceReductionExcludedPaths List of exe files and folders to be excluded from attack surface reduction rules 396 DefenderAttackSurfaceReductionExcludedPaths []string `json:"defenderAttackSurfaceReductionExcludedPaths,omitempty"` 397 // DefenderOfficeAppsOtherProcessInjectionType Value indicating the behavior of Office applications injecting into other processes 398 DefenderOfficeAppsOtherProcessInjectionType *DefenderAttackSurfaceType `json:"defenderOfficeAppsOtherProcessInjectionType,omitempty"` 399 // DefenderOfficeAppsOtherProcessInjection Value indicating the behavior of Office applications injecting into other processes 400 DefenderOfficeAppsOtherProcessInjection *DefenderProtectionType `json:"defenderOfficeAppsOtherProcessInjection,omitempty"` 401 // DefenderOfficeCommunicationAppsLaunchChildProcess Value indicating the behavior of Office communication applications, including Microsoft Outlook, from creating child processes 402 DefenderOfficeCommunicationAppsLaunchChildProcess *DefenderProtectionType `json:"defenderOfficeCommunicationAppsLaunchChildProcess,omitempty"` 403 // DefenderOfficeAppsExecutableContentCreationOrLaunchType Value indicating the behavior of Office applications/macros creating or launching executable content 404 DefenderOfficeAppsExecutableContentCreationOrLaunchType *DefenderAttackSurfaceType `json:"defenderOfficeAppsExecutableContentCreationOrLaunchType,omitempty"` 405 // DefenderOfficeAppsExecutableContentCreationOrLaunch Value indicating the behavior of Office applications/macros creating or launching executable content 406 DefenderOfficeAppsExecutableContentCreationOrLaunch *DefenderProtectionType `json:"defenderOfficeAppsExecutableContentCreationOrLaunch,omitempty"` 407 // DefenderOfficeAppsLaunchChildProcessType Value indicating the behavior of Office application launching child processes 408 DefenderOfficeAppsLaunchChildProcessType *DefenderAttackSurfaceType `json:"defenderOfficeAppsLaunchChildProcessType,omitempty"` 409 // DefenderOfficeAppsLaunchChildProcess Value indicating the behavior of Office application launching child processes 410 DefenderOfficeAppsLaunchChildProcess *DefenderProtectionType `json:"defenderOfficeAppsLaunchChildProcess,omitempty"` 411 // DefenderOfficeMacroCodeAllowWin32ImportsType Value indicating the behavior of Win32 imports from Macro code in Office 412 DefenderOfficeMacroCodeAllowWin32ImportsType *DefenderAttackSurfaceType `json:"defenderOfficeMacroCodeAllowWin32ImportsType,omitempty"` 413 // DefenderOfficeMacroCodeAllowWin32Imports Value indicating the behavior of Win32 imports from Macro code in Office 414 DefenderOfficeMacroCodeAllowWin32Imports *DefenderProtectionType `json:"defenderOfficeMacroCodeAllowWin32Imports,omitempty"` 415 // DefenderScriptObfuscatedMacroCodeType Value indicating the behavior of obfuscated js/vbs/ps/macro code 416 DefenderScriptObfuscatedMacroCodeType *DefenderAttackSurfaceType `json:"defenderScriptObfuscatedMacroCodeType,omitempty"` 417 // DefenderScriptObfuscatedMacroCode Value indicating the behavior of obfuscated js/vbs/ps/macro code 418 DefenderScriptObfuscatedMacroCode *DefenderProtectionType `json:"defenderScriptObfuscatedMacroCode,omitempty"` 419 // DefenderScriptDownloadedPayloadExecutionType Value indicating the behavior of js/vbs executing payload downloaded from Internet 420 DefenderScriptDownloadedPayloadExecutionType *DefenderAttackSurfaceType `json:"defenderScriptDownloadedPayloadExecutionType,omitempty"` 421 // DefenderScriptDownloadedPayloadExecution Value indicating the behavior of js/vbs executing payload downloaded from Internet 422 DefenderScriptDownloadedPayloadExecution *DefenderProtectionType `json:"defenderScriptDownloadedPayloadExecution,omitempty"` 423 // DefenderPreventCredentialStealingType Value indicating if credential stealing from the Windows local security authority subsystem is permitted 424 DefenderPreventCredentialStealingType *DefenderProtectionType `json:"defenderPreventCredentialStealingType,omitempty"` 425 // DefenderProcessCreationType Value indicating response to process creations originating from PSExec and WMI commands 426 DefenderProcessCreationType *DefenderAttackSurfaceType `json:"defenderProcessCreationType,omitempty"` 427 // DefenderProcessCreation Value indicating response to process creations originating from PSExec and WMI commands 428 DefenderProcessCreation *DefenderProtectionType `json:"defenderProcessCreation,omitempty"` 429 // DefenderUntrustedUSBProcessType Value indicating response to untrusted and unsigned processes that run from USB 430 DefenderUntrustedUSBProcessType *DefenderAttackSurfaceType `json:"defenderUntrustedUSBProcessType,omitempty"` 431 // DefenderUntrustedUSBProcess Value indicating response to untrusted and unsigned processes that run from USB 432 DefenderUntrustedUSBProcess *DefenderProtectionType `json:"defenderUntrustedUSBProcess,omitempty"` 433 // DefenderUntrustedExecutableType Value indicating response to executables that don't meet a prevalence, age, or trusted list criteria 434 DefenderUntrustedExecutableType *DefenderAttackSurfaceType `json:"defenderUntrustedExecutableType,omitempty"` 435 // DefenderUntrustedExecutable Value indicating response to executables that don't meet a prevalence, age, or trusted list criteria 436 DefenderUntrustedExecutable *DefenderProtectionType `json:"defenderUntrustedExecutable,omitempty"` 437 // DefenderEmailContentExecutionType Value indicating if execution of executable content (exe, dll, ps, js, vbs, etc) should be dropped from email (webmail/mail-client) 438 DefenderEmailContentExecutionType *DefenderAttackSurfaceType `json:"defenderEmailContentExecutionType,omitempty"` 439 // DefenderEmailContentExecution Value indicating if execution of executable content (exe, dll, ps, js, vbs, etc) should be dropped from email (webmail/mail-client) 440 DefenderEmailContentExecution *DefenderProtectionType `json:"defenderEmailContentExecution,omitempty"` 441 // DefenderAdvancedRansomewareProtectionType Value indicating use of advanced protection against ransomeware 442 DefenderAdvancedRansomewareProtectionType *DefenderProtectionType `json:"defenderAdvancedRansomewareProtectionType,omitempty"` 443 // DefenderGuardMyFoldersType Value indicating the behavior of protected folders 444 DefenderGuardMyFoldersType *FolderProtectionType `json:"defenderGuardMyFoldersType,omitempty"` 445 // DefenderGuardedFoldersAllowedAppPaths List of paths to exe that are allowed to access protected folders 446 DefenderGuardedFoldersAllowedAppPaths []string `json:"defenderGuardedFoldersAllowedAppPaths,omitempty"` 447 // DefenderAdditionalGuardedFolders List of folder paths to be added to the list of protected folders 448 DefenderAdditionalGuardedFolders []string `json:"defenderAdditionalGuardedFolders,omitempty"` 449 // DefenderNetworkProtectionType Value indicating the behavior of NetworkProtection 450 DefenderNetworkProtectionType *DefenderProtectionType `json:"defenderNetworkProtectionType,omitempty"` 451 // DefenderExploitProtectionXML Xml content containing information regarding exploit protection details. 452 DefenderExploitProtectionXML *Binary `json:"defenderExploitProtectionXml,omitempty"` 453 // DefenderExploitProtectionXMLFileName Name of the file from which DefenderExploitProtectionXml was obtained. 454 DefenderExploitProtectionXMLFileName *string `json:"defenderExploitProtectionXmlFileName,omitempty"` 455 // DefenderSecurityCenterBlockExploitProtectionOverride Indicates whether or not to block user from overriding Exploit Protection settings. 456 DefenderSecurityCenterBlockExploitProtectionOverride *bool `json:"defenderSecurityCenterBlockExploitProtectionOverride,omitempty"` 457 // AppLockerApplicationControl Enables the Admin to choose what types of app to allow on devices. 458 AppLockerApplicationControl *AppLockerApplicationControlType `json:"appLockerApplicationControl,omitempty"` 459 // DeviceGuardLocalSystemAuthorityCredentialGuardSettings Turn on Credential Guard when Platform Security Level with Secure Boot and Virtualization Based Security are both enabled. 460 DeviceGuardLocalSystemAuthorityCredentialGuardSettings *DeviceGuardLocalSystemAuthorityCredentialGuardType `json:"deviceGuardLocalSystemAuthorityCredentialGuardSettings,omitempty"` 461 // DeviceGuardEnableVirtualizationBasedSecurity Turns On Virtualization Based Security(VBS). 462 DeviceGuardEnableVirtualizationBasedSecurity *bool `json:"deviceGuardEnableVirtualizationBasedSecurity,omitempty"` 463 // DeviceGuardEnableSecureBootWithDMA This property will be deprecated in May 2019 and will be replaced with property DeviceGuardSecureBootWithDMA. Specifies whether Platform Security Level is enabled at next reboot. 464 DeviceGuardEnableSecureBootWithDMA *bool `json:"deviceGuardEnableSecureBootWithDMA,omitempty"` 465 // DeviceGuardSecureBootWithDMA Specifies whether Platform Security Level is enabled at next reboot. 466 DeviceGuardSecureBootWithDMA *SecureBootWithDMAType `json:"deviceGuardSecureBootWithDMA,omitempty"` 467 // DeviceGuardLaunchSystemGuard Allows the IT admin to configure the launch of System Guard. 468 DeviceGuardLaunchSystemGuard *Enablement `json:"deviceGuardLaunchSystemGuard,omitempty"` 469 // SmartScreenEnableInShell Allows IT Admins to configure SmartScreen for Windows. 470 SmartScreenEnableInShell *bool `json:"smartScreenEnableInShell,omitempty"` 471 // SmartScreenBlockOverrideForFiles Allows IT Admins to control whether users can can ignore SmartScreen warnings and run malicious files. 472 SmartScreenBlockOverrideForFiles *bool `json:"smartScreenBlockOverrideForFiles,omitempty"` 473 // ApplicationGuardEnabled Enable Windows Defender Application Guard 474 ApplicationGuardEnabled *bool `json:"applicationGuardEnabled,omitempty"` 475 // ApplicationGuardEnabledOptions Enable Windows Defender Application Guard for newer Windows builds 476 ApplicationGuardEnabledOptions *ApplicationGuardEnabledOptions `json:"applicationGuardEnabledOptions,omitempty"` 477 // ApplicationGuardBlockFileTransfer Block clipboard to transfer image file, text file or neither of them 478 ApplicationGuardBlockFileTransfer *ApplicationGuardBlockFileTransferType `json:"applicationGuardBlockFileTransfer,omitempty"` 479 // ApplicationGuardBlockNonEnterpriseContent Block enterprise sites to load non-enterprise content, such as third party plug-ins 480 ApplicationGuardBlockNonEnterpriseContent *bool `json:"applicationGuardBlockNonEnterpriseContent,omitempty"` 481 // ApplicationGuardAllowPersistence Allow persisting user generated data inside the App Guard Containter (favorites, cookies, web passwords, etc.) 482 ApplicationGuardAllowPersistence *bool `json:"applicationGuardAllowPersistence,omitempty"` 483 // ApplicationGuardForceAuditing Force auditing will persist Windows logs and events to meet security/compliance criteria (sample events are user login-logoff, use of privilege rights, software installation, system changes, etc.) 484 ApplicationGuardForceAuditing *bool `json:"applicationGuardForceAuditing,omitempty"` 485 // ApplicationGuardBlockClipboardSharing Block clipboard to share data from Host to Container, or from Container to Host, or both ways, or neither ways. 486 ApplicationGuardBlockClipboardSharing *ApplicationGuardBlockClipboardSharingType `json:"applicationGuardBlockClipboardSharing,omitempty"` 487 // ApplicationGuardAllowPrintToPDF Allow printing to PDF from Container 488 ApplicationGuardAllowPrintToPDF *bool `json:"applicationGuardAllowPrintToPDF,omitempty"` 489 // ApplicationGuardAllowPrintToXPS Allow printing to XPS from Container 490 ApplicationGuardAllowPrintToXPS *bool `json:"applicationGuardAllowPrintToXPS,omitempty"` 491 // ApplicationGuardAllowPrintToLocalPrinters Allow printing to Local Printers from Container 492 ApplicationGuardAllowPrintToLocalPrinters *bool `json:"applicationGuardAllowPrintToLocalPrinters,omitempty"` 493 // ApplicationGuardAllowPrintToNetworkPrinters Allow printing to Network Printers from Container 494 ApplicationGuardAllowPrintToNetworkPrinters *bool `json:"applicationGuardAllowPrintToNetworkPrinters,omitempty"` 495 // ApplicationGuardAllowVirtualGPU Allow application guard to use virtual GPU 496 ApplicationGuardAllowVirtualGPU *bool `json:"applicationGuardAllowVirtualGPU,omitempty"` 497 // ApplicationGuardAllowFileSaveOnHost Allow users to download files from Edge in the application guard container and save them on the host file system 498 ApplicationGuardAllowFileSaveOnHost *bool `json:"applicationGuardAllowFileSaveOnHost,omitempty"` 499 // BitLockerAllowStandardUserEncryption Allows the admin to allow standard users to enable encrpytion during Azure AD Join. 500 BitLockerAllowStandardUserEncryption *bool `json:"bitLockerAllowStandardUserEncryption,omitempty"` 501 // BitLockerDisableWarningForOtherDiskEncryption Allows the Admin to disable the warning prompt for other disk encryption on the user machines. 502 BitLockerDisableWarningForOtherDiskEncryption *bool `json:"bitLockerDisableWarningForOtherDiskEncryption,omitempty"` 503 // BitLockerEnableStorageCardEncryptionOnMobile Allows the admin to require encryption to be turned on using BitLocker. This policy is valid only for a mobile SKU. 504 BitLockerEnableStorageCardEncryptionOnMobile *bool `json:"bitLockerEnableStorageCardEncryptionOnMobile,omitempty"` 505 // BitLockerEncryptDevice Allows the admin to require encryption to be turned on using BitLocker. 506 BitLockerEncryptDevice *bool `json:"bitLockerEncryptDevice,omitempty"` 507 // BitLockerSystemDrivePolicy BitLocker System Drive Policy. 508 BitLockerSystemDrivePolicy *BitLockerSystemDrivePolicy `json:"bitLockerSystemDrivePolicy,omitempty"` 509 // BitLockerFixedDrivePolicy BitLocker Fixed Drive Policy. 510 BitLockerFixedDrivePolicy *BitLockerFixedDrivePolicy `json:"bitLockerFixedDrivePolicy,omitempty"` 511 // BitLockerRemovableDrivePolicy BitLocker Removable Drive Policy. 512 BitLockerRemovableDrivePolicy *BitLockerRemovableDrivePolicy `json:"bitLockerRemovableDrivePolicy,omitempty"` 513 // BitLockerRecoveryPasswordRotation This setting initiates a client-driven recovery password rotation after an OS drive recovery (either by using bootmgr or WinRE). 514 BitLockerRecoveryPasswordRotation *BitLockerRecoveryPasswordRotationType `json:"bitLockerRecoveryPasswordRotation,omitempty"` 515 } 516 517 // Windows10EnrollmentCompletionPageConfiguration Windows 10 Enrollment Status Page Configuration 518 type Windows10EnrollmentCompletionPageConfiguration struct { 519 // DeviceEnrollmentConfiguration is the base model of Windows10EnrollmentCompletionPageConfiguration 520 DeviceEnrollmentConfiguration 521 // ShowInstallationProgress Show or hide installation progress to user 522 ShowInstallationProgress *bool `json:"showInstallationProgress,omitempty"` 523 // BlockDeviceSetupRetryByUser Allow the user to retry the setup on installation failure 524 BlockDeviceSetupRetryByUser *bool `json:"blockDeviceSetupRetryByUser,omitempty"` 525 // AllowDeviceResetOnInstallFailure Allow or block device reset on installation failure 526 AllowDeviceResetOnInstallFailure *bool `json:"allowDeviceResetOnInstallFailure,omitempty"` 527 // AllowLogCollectionOnInstallFailure Allow or block log collection on installation failure 528 AllowLogCollectionOnInstallFailure *bool `json:"allowLogCollectionOnInstallFailure,omitempty"` 529 // CustomErrorMessage Set custom error message to show upon installation failure 530 CustomErrorMessage *string `json:"customErrorMessage,omitempty"` 531 // InstallProgressTimeoutInMinutes Set installation progress timeout in minutes 532 InstallProgressTimeoutInMinutes *int `json:"installProgressTimeoutInMinutes,omitempty"` 533 // AllowDeviceUseOnInstallFailure Allow the user to continue using the device on installation failure 534 AllowDeviceUseOnInstallFailure *bool `json:"allowDeviceUseOnInstallFailure,omitempty"` 535 // SelectedMobileAppIDs Selected applications to track the installation status 536 SelectedMobileAppIDs []string `json:"selectedMobileAppIds,omitempty"` 537 // TrackInstallProgressForAutopilotOnly Only show installation progress for Autopilot enrollment scenarios 538 TrackInstallProgressForAutopilotOnly *bool `json:"trackInstallProgressForAutopilotOnly,omitempty"` 539 // DisableUserStatusTrackingAfterFirstUser Only show installation progress for first user post enrollment 540 DisableUserStatusTrackingAfterFirstUser *bool `json:"disableUserStatusTrackingAfterFirstUser,omitempty"` 541 } 542 543 // Windows10EnrollmentCompletionPageConfigurationPolicySetItem A class containing the properties used for Windows10EnrollmentCompletionPageConfiguration PolicySetItem. 544 type Windows10EnrollmentCompletionPageConfigurationPolicySetItem struct { 545 // PolicySetItem is the base model of Windows10EnrollmentCompletionPageConfigurationPolicySetItem 546 PolicySetItem 547 // Priority Priority of the Windows10EnrollmentCompletionPageConfigurationPolicySetItem. 548 Priority *int `json:"priority,omitempty"` 549 } 550 551 // Windows10EnterpriseModernAppManagementConfiguration Windows10 Enterprise Modern App Management Configuration. 552 type Windows10EnterpriseModernAppManagementConfiguration struct { 553 // DeviceConfiguration is the base model of Windows10EnterpriseModernAppManagementConfiguration 554 DeviceConfiguration 555 // UninstallBuiltInApps Indicates whether or not to uninstall a fixed list of built-in Windows apps. 556 UninstallBuiltInApps *bool `json:"uninstallBuiltInApps,omitempty"` 557 } 558 559 // Windows10GeneralConfiguration This topic provides descriptions of the declared methods, properties and relationships exposed by the windows10GeneralConfiguration resource. 560 type Windows10GeneralConfiguration struct { 561 // DeviceConfiguration is the base model of Windows10GeneralConfiguration 562 DeviceConfiguration 563 // TaskManagerBlockEndTask Specify whether non-administrators can use Task Manager to end tasks. 564 TaskManagerBlockEndTask *bool `json:"taskManagerBlockEndTask,omitempty"` 565 // EnergySaverOnBatteryThresholdPercentage This setting allows you to specify battery charge level at which Energy Saver is turned on. While on battery, Energy Saver is automatically turned on at (and below) the specified battery charge level. Valid input range (0-100). Valid values 0 to 100 566 EnergySaverOnBatteryThresholdPercentage *int `json:"energySaverOnBatteryThresholdPercentage,omitempty"` 567 // EnergySaverPluggedInThresholdPercentage This setting allows you to specify battery charge level at which Energy Saver is turned on. While plugged in, Energy Saver is automatically turned on at (and below) the specified battery charge level. Valid input range (0-100). Valid values 0 to 100 568 EnergySaverPluggedInThresholdPercentage *int `json:"energySaverPluggedInThresholdPercentage,omitempty"` 569 // PowerLidCloseActionOnBattery This setting specifies the action that Windows takes when a user closes the lid on a mobile PC while on battery. 570 PowerLidCloseActionOnBattery *PowerActionType `json:"powerLidCloseActionOnBattery,omitempty"` 571 // PowerLidCloseActionPluggedIn This setting specifies the action that Windows takes when a user closes the lid on a mobile PC while plugged in. 572 PowerLidCloseActionPluggedIn *PowerActionType `json:"powerLidCloseActionPluggedIn,omitempty"` 573 // PowerButtonActionOnBattery This setting specifies the action that Windows takes when a user presses the Power button while on battery. 574 PowerButtonActionOnBattery *PowerActionType `json:"powerButtonActionOnBattery,omitempty"` 575 // PowerButtonActionPluggedIn This setting specifies the action that Windows takes when a user presses the Power button while plugged in. 576 PowerButtonActionPluggedIn *PowerActionType `json:"powerButtonActionPluggedIn,omitempty"` 577 // PowerSleepButtonActionOnBattery This setting specifies the action that Windows takes when a user presses the Sleep button while on battery. 578 PowerSleepButtonActionOnBattery *PowerActionType `json:"powerSleepButtonActionOnBattery,omitempty"` 579 // PowerSleepButtonActionPluggedIn This setting specifies the action that Windows takes when a user presses the Sleep button while plugged in. 580 PowerSleepButtonActionPluggedIn *PowerActionType `json:"powerSleepButtonActionPluggedIn,omitempty"` 581 // PowerHybridSleepOnBattery This setting allows you to turn off hybrid sleep while on battery. If you set this setting to disable, a hiberfile is not generated when the system transitions to sleep (Stand By). If you set this setting to enable or do not configure this policy setting, users control this setting. 582 PowerHybridSleepOnBattery *Enablement `json:"powerHybridSleepOnBattery,omitempty"` 583 // PowerHybridSleepPluggedIn This setting allows you to turn off hybrid sleep while plugged in. If you set this setting to disable, a hiberfile is not generated when the system transitions to sleep (Stand By). If you set this setting to enable or do not configure this policy setting, users control this setting. 584 PowerHybridSleepPluggedIn *Enablement `json:"powerHybridSleepPluggedIn,omitempty"` 585 // Windows10AppsForceUpdateSchedule Windows 10 force update schedule for Apps. 586 Windows10AppsForceUpdateSchedule *Windows10AppsForceUpdateSchedule `json:"windows10AppsForceUpdateSchedule,omitempty"` 587 // EnableAutomaticRedeployment Allow users with administrative rights to delete all user data and settings using CTRL + Win + R at the device lock screen so that the device can be automatically re-configured and re-enrolled into management. 588 EnableAutomaticRedeployment *bool `json:"enableAutomaticRedeployment,omitempty"` 589 // MicrosoftAccountSignInAssistantSettings Controls the Microsoft Account Sign-In Assistant (wlidsvc) NT service. 590 MicrosoftAccountSignInAssistantSettings *SignInAssistantOptions `json:"microsoftAccountSignInAssistantSettings,omitempty"` 591 // AuthenticationAllowSecondaryDevice Allows secondary authentication devices to work with Windows. 592 AuthenticationAllowSecondaryDevice *bool `json:"authenticationAllowSecondaryDevice,omitempty"` 593 // AuthenticationWebSignIn Indicates whether or not Web Credential Provider will be enabled. 594 AuthenticationWebSignIn *Enablement `json:"authenticationWebSignIn,omitempty"` 595 // AuthenticationPreferredAzureADTenantDomainName Specifies the preferred domain among available domains in the Azure AD tenant. 596 AuthenticationPreferredAzureADTenantDomainName *string `json:"authenticationPreferredAzureADTenantDomainName,omitempty"` 597 // CryptographyAllowFipsAlgorithmPolicy Specify whether to allow or disallow the Federal Information Processing Standard (FIPS) policy. 598 CryptographyAllowFipsAlgorithmPolicy *bool `json:"cryptographyAllowFipsAlgorithmPolicy,omitempty"` 599 // DisplayAppListWithGdiDPIScalingTurnedOn List of legacy applications that have GDI DPI Scaling turned on. 600 DisplayAppListWithGdiDPIScalingTurnedOn []string `json:"displayAppListWithGdiDPIScalingTurnedOn,omitempty"` 601 // DisplayAppListWithGdiDPIScalingTurnedOff List of legacy applications that have GDI DPI Scaling turned off. 602 DisplayAppListWithGdiDPIScalingTurnedOff []string `json:"displayAppListWithGdiDPIScalingTurnedOff,omitempty"` 603 // EnterpriseCloudPrintDiscoveryEndPoint Endpoint for discovering cloud printers. 604 EnterpriseCloudPrintDiscoveryEndPoint *string `json:"enterpriseCloudPrintDiscoveryEndPoint,omitempty"` 605 // EnterpriseCloudPrintOAuthAuthority Authentication endpoint for acquiring OAuth tokens. 606 EnterpriseCloudPrintOAuthAuthority *string `json:"enterpriseCloudPrintOAuthAuthority,omitempty"` 607 // EnterpriseCloudPrintOAuthClientIdentifier GUID of a client application authorized to retrieve OAuth tokens from the OAuth Authority. 608 EnterpriseCloudPrintOAuthClientIdentifier *string `json:"enterpriseCloudPrintOAuthClientIdentifier,omitempty"` 609 // EnterpriseCloudPrintResourceIdentifier OAuth resource URI for print service as configured in the Azure portal. 610 EnterpriseCloudPrintResourceIdentifier *string `json:"enterpriseCloudPrintResourceIdentifier,omitempty"` 611 // EnterpriseCloudPrintDiscoveryMaxLimit Maximum number of printers that should be queried from a discovery endpoint. This is a mobile only setting. Valid values 1 to 65535 612 EnterpriseCloudPrintDiscoveryMaxLimit *int `json:"enterpriseCloudPrintDiscoveryMaxLimit,omitempty"` 613 // EnterpriseCloudPrintMopriaDiscoveryResourceIdentifier OAuth resource URI for printer discovery service as configured in Azure portal. 614 EnterpriseCloudPrintMopriaDiscoveryResourceIdentifier *string `json:"enterpriseCloudPrintMopriaDiscoveryResourceIdentifier,omitempty"` 615 // ExperienceDoNotSyncBrowserSettings Allow or prevent the syncing of Microsoft Edge Browser settings. Option for IT admins to prevent syncing across devices, but allow user override. 616 ExperienceDoNotSyncBrowserSettings *BrowserSyncSetting `json:"experienceDoNotSyncBrowserSettings,omitempty"` 617 // MessagingBlockSync Indicates whether or not to block text message back up and restore and Messaging Everywhere. 618 MessagingBlockSync *bool `json:"messagingBlockSync,omitempty"` 619 // MessagingBlockMMS Indicates whether or not to block the MMS send/receive functionality on the device. 620 MessagingBlockMMS *bool `json:"messagingBlockMMS,omitempty"` 621 // MessagingBlockRichCommunicationServices Indicates whether or not to block the RCS send/receive functionality on the device. 622 MessagingBlockRichCommunicationServices *bool `json:"messagingBlockRichCommunicationServices,omitempty"` 623 // PrinterNames Automatically provision printers based on their names (network host names). 624 PrinterNames []string `json:"printerNames,omitempty"` 625 // PrinterDefaultName Name (network host name) of an installed printer. 626 PrinterDefaultName *string `json:"printerDefaultName,omitempty"` 627 // PrinterBlockAddition Prevent user installation of additional printers from printers settings. 628 PrinterBlockAddition *bool `json:"printerBlockAddition,omitempty"` 629 // SearchBlockDiacritics Specifies if search can use diacritics. 630 SearchBlockDiacritics *bool `json:"searchBlockDiacritics,omitempty"` 631 // SearchDisableAutoLanguageDetection Specifies whether to use automatic language detection when indexing content and properties. 632 SearchDisableAutoLanguageDetection *bool `json:"searchDisableAutoLanguageDetection,omitempty"` 633 // SearchDisableIndexingEncryptedItems Indicates whether or not to block indexing of WIP-protected items to prevent them from appearing in search results for Cortana or Explorer. 634 SearchDisableIndexingEncryptedItems *bool `json:"searchDisableIndexingEncryptedItems,omitempty"` 635 // SearchEnableRemoteQueries Indicates whether or not to block remote queries of this computer’s index. 636 SearchEnableRemoteQueries *bool `json:"searchEnableRemoteQueries,omitempty"` 637 // SearchDisableUseLocation Specifies if search can use location information. 638 SearchDisableUseLocation *bool `json:"searchDisableUseLocation,omitempty"` 639 // SearchDisableLocation Specifies if search can use location information. 640 SearchDisableLocation *bool `json:"searchDisableLocation,omitempty"` 641 // SearchDisableIndexerBackoff Indicates whether or not to disable the search indexer backoff feature. 642 SearchDisableIndexerBackoff *bool `json:"searchDisableIndexerBackoff,omitempty"` 643 // SearchDisableIndexingRemovableDrive Indicates whether or not to allow users to add locations on removable drives to libraries and to be indexed. 644 SearchDisableIndexingRemovableDrive *bool `json:"searchDisableIndexingRemovableDrive,omitempty"` 645 // SearchEnableAutomaticIndexSizeManangement Specifies minimum amount of hard drive space on the same drive as the index location before indexing stops. 646 SearchEnableAutomaticIndexSizeManangement *bool `json:"searchEnableAutomaticIndexSizeManangement,omitempty"` 647 // SearchBlockWebResults Indicates whether or not to block the web search. 648 SearchBlockWebResults *bool `json:"searchBlockWebResults,omitempty"` 649 // SecurityBlockAzureADJoinedDevicesAutoEncryption Specify whether to allow automatic device encryption during OOBE when the device is Azure AD joined (desktop only). 650 SecurityBlockAzureADJoinedDevicesAutoEncryption *bool `json:"securityBlockAzureADJoinedDevicesAutoEncryption,omitempty"` 651 // DiagnosticsDataSubmissionMode Gets or sets a value allowing the device to send diagnostic and usage telemetry data, such as Watson. 652 DiagnosticsDataSubmissionMode *DiagnosticDataSubmissionMode `json:"diagnosticsDataSubmissionMode,omitempty"` 653 // OneDriveDisableFileSync Gets or sets a value allowing IT admins to prevent apps and features from working with files on OneDrive. 654 OneDriveDisableFileSync *bool `json:"oneDriveDisableFileSync,omitempty"` 655 // SystemTelemetryProxyServer Gets or sets the fully qualified domain name (FQDN) or IP address of a proxy server to forward Connected User Experiences and Telemetry requests. 656 SystemTelemetryProxyServer *string `json:"systemTelemetryProxyServer,omitempty"` 657 // EdgeTelemetryForMicrosoft365Analytics Specifies what type of telemetry data (none, intranet, internet, both) is sent to Microsoft 365 Analytics 658 EdgeTelemetryForMicrosoft365Analytics *EdgeTelemetryMode `json:"edgeTelemetryForMicrosoft365Analytics,omitempty"` 659 // InkWorkspaceAccess Controls the user access to the ink workspace, from the desktop and from above the lock screen. 660 InkWorkspaceAccess *InkAccessSetting `json:"inkWorkspaceAccess,omitempty"` 661 // InkWorkspaceAccessState Controls the user access to the ink workspace, from the desktop and from above the lock screen. 662 InkWorkspaceAccessState *StateManagementSetting `json:"inkWorkspaceAccessState,omitempty"` 663 // InkWorkspaceBlockSuggestedApps Specify whether to show recommended app suggestions in the ink workspace. 664 InkWorkspaceBlockSuggestedApps *bool `json:"inkWorkspaceBlockSuggestedApps,omitempty"` 665 // SmartScreenEnableAppInstallControl This property will be deprecated in July 2019 and will be replaced by property SmartScreenAppInstallControl. Allows IT Admins to control whether users are allowed to install apps from places other than the Store. 666 SmartScreenEnableAppInstallControl *bool `json:"smartScreenEnableAppInstallControl,omitempty"` 667 // SmartScreenAppInstallControl Added in Windows 10, version 1703. Allows IT Admins to control whether users are allowed to install apps from places other than the Store. 668 SmartScreenAppInstallControl *AppInstallControlType `json:"smartScreenAppInstallControl,omitempty"` 669 // PersonalizationDesktopImageURL A http or https Url to a jpg, jpeg or png image that needs to be downloaded and used as the Desktop Image or a file Url to a local image on the file system that needs to used as the Desktop Image. 670 PersonalizationDesktopImageURL *string `json:"personalizationDesktopImageUrl,omitempty"` 671 // PersonalizationLockScreenImageURL A http or https Url to a jpg, jpeg or png image that neeeds to be downloaded and used as the Lock Screen Image or a file Url to a local image on the file system that needs to be used as the Lock Screen Image. 672 PersonalizationLockScreenImageURL *string `json:"personalizationLockScreenImageUrl,omitempty"` 673 // BluetoothAllowedServices Specify a list of allowed Bluetooth services and profiles in hex formatted strings. 674 BluetoothAllowedServices []string `json:"bluetoothAllowedServices,omitempty"` 675 // BluetoothBlockAdvertising Whether or not to Block the user from using bluetooth advertising. 676 BluetoothBlockAdvertising *bool `json:"bluetoothBlockAdvertising,omitempty"` 677 // BluetoothBlockPromptedProximalConnections Whether or not to block the users from using Swift Pair and other proximity based scenarios. 678 BluetoothBlockPromptedProximalConnections *bool `json:"bluetoothBlockPromptedProximalConnections,omitempty"` 679 // BluetoothBlockDiscoverableMode Whether or not to Block the user from using bluetooth discoverable mode. 680 BluetoothBlockDiscoverableMode *bool `json:"bluetoothBlockDiscoverableMode,omitempty"` 681 // BluetoothBlockPrePairing Whether or not to block specific bundled Bluetooth peripherals to automatically pair with the host device. 682 BluetoothBlockPrePairing *bool `json:"bluetoothBlockPrePairing,omitempty"` 683 // EdgeBlockAutofill Indicates whether or not to block auto fill. 684 EdgeBlockAutofill *bool `json:"edgeBlockAutofill,omitempty"` 685 // EdgeBlocked Indicates whether or not to Block the user from using the Edge browser. 686 EdgeBlocked *bool `json:"edgeBlocked,omitempty"` 687 // EdgeCookiePolicy Indicates which cookies to block in the Edge browser. 688 EdgeCookiePolicy *EdgeCookiePolicy `json:"edgeCookiePolicy,omitempty"` 689 // EdgeBlockDeveloperTools Indicates whether or not to block developer tools in the Edge browser. 690 EdgeBlockDeveloperTools *bool `json:"edgeBlockDeveloperTools,omitempty"` 691 // EdgeBlockSendingDoNotTrackHeader Indicates whether or not to Block the user from sending the do not track header. 692 EdgeBlockSendingDoNotTrackHeader *bool `json:"edgeBlockSendingDoNotTrackHeader,omitempty"` 693 // EdgeBlockExtensions Indicates whether or not to block extensions in the Edge browser. 694 EdgeBlockExtensions *bool `json:"edgeBlockExtensions,omitempty"` 695 // EdgeBlockInPrivateBrowsing Indicates whether or not to block InPrivate browsing on corporate networks, in the Edge browser. 696 EdgeBlockInPrivateBrowsing *bool `json:"edgeBlockInPrivateBrowsing,omitempty"` 697 // EdgeBlockJavaScript Indicates whether or not to Block the user from using JavaScript. 698 EdgeBlockJavaScript *bool `json:"edgeBlockJavaScript,omitempty"` 699 // EdgeBlockPasswordManager Indicates whether or not to Block password manager. 700 EdgeBlockPasswordManager *bool `json:"edgeBlockPasswordManager,omitempty"` 701 // EdgeBlockAddressBarDropdown Block the address bar dropdown functionality in Microsoft Edge. Disable this settings to minimize network connections from Microsoft Edge to Microsoft services. 702 EdgeBlockAddressBarDropdown *bool `json:"edgeBlockAddressBarDropdown,omitempty"` 703 // EdgeBlockCompatibilityList Block Microsoft compatibility list in Microsoft Edge. This list from Microsoft helps Edge properly display sites with known compatibility issues. 704 EdgeBlockCompatibilityList *bool `json:"edgeBlockCompatibilityList,omitempty"` 705 // EdgeClearBrowsingDataOnExit Clear browsing data on exiting Microsoft Edge. 706 EdgeClearBrowsingDataOnExit *bool `json:"edgeClearBrowsingDataOnExit,omitempty"` 707 // EdgeAllowStartPagesModification Allow users to change Start pages on Edge. Use the EdgeHomepageUrls to specify the Start pages that the user would see by default when they open Edge. 708 EdgeAllowStartPagesModification *bool `json:"edgeAllowStartPagesModification,omitempty"` 709 // EdgeDisableFirstRunPage Block the Microsoft web page that opens on the first use of Microsoft Edge. This policy allows enterprises, like those enrolled in zero emissions configurations, to block this page. 710 EdgeDisableFirstRunPage *bool `json:"edgeDisableFirstRunPage,omitempty"` 711 // EdgeBlockLiveTileDataCollection Block the collection of information by Microsoft for live tile creation when users pin a site to Start from Microsoft Edge. 712 EdgeBlockLiveTileDataCollection *bool `json:"edgeBlockLiveTileDataCollection,omitempty"` 713 // EdgeSyncFavoritesWithInternetExplorer Enable favorites sync between Internet Explorer and Microsoft Edge. Additions, deletions, modifications and order changes to favorites are shared between browsers. 714 EdgeSyncFavoritesWithInternetExplorer *bool `json:"edgeSyncFavoritesWithInternetExplorer,omitempty"` 715 // EdgeFavoritesListLocation The location of the favorites list to provision. Could be a local file, local network or http location. 716 EdgeFavoritesListLocation *string `json:"edgeFavoritesListLocation,omitempty"` 717 // EdgeBlockEditFavorites Indicates whether or not to Block the user from making changes to Favorites. 718 EdgeBlockEditFavorites *bool `json:"edgeBlockEditFavorites,omitempty"` 719 // EdgeNewTabPageURL Specify the page opened when new tabs are created. 720 EdgeNewTabPageURL *string `json:"edgeNewTabPageURL,omitempty"` 721 // EdgeHomeButtonConfiguration Causes the Home button to either hide, load the default Start page, load a New tab page, or a custom URL 722 EdgeHomeButtonConfiguration *EdgeHomeButtonConfiguration `json:"edgeHomeButtonConfiguration,omitempty"` 723 // EdgeHomeButtonConfigurationEnabled Enable the Home button configuration. 724 EdgeHomeButtonConfigurationEnabled *bool `json:"edgeHomeButtonConfigurationEnabled,omitempty"` 725 // EdgeOpensWith Specify what kind of pages are open at start. 726 EdgeOpensWith *EdgeOpenOptions `json:"edgeOpensWith,omitempty"` 727 // EdgeBlockSideloadingExtensions Indicates whether the user can sideload extensions. 728 EdgeBlockSideloadingExtensions *bool `json:"edgeBlockSideloadingExtensions,omitempty"` 729 // EdgeRequiredExtensionPackageFamilyNames Specify the list of package family names of browser extensions that are required and cannot be turned off by the user. 730 EdgeRequiredExtensionPackageFamilyNames []string `json:"edgeRequiredExtensionPackageFamilyNames,omitempty"` 731 // EdgeBlockPrinting Configure Edge to allow or block printing. 732 EdgeBlockPrinting *bool `json:"edgeBlockPrinting,omitempty"` 733 // EdgeFavoritesBarVisibility Get or set a value that specifies whether to set the favorites bar to always be visible or hidden on any page. 734 EdgeFavoritesBarVisibility *VisibilitySetting `json:"edgeFavoritesBarVisibility,omitempty"` 735 // EdgeBlockSavingHistory Configure Edge to allow browsing history to be saved or to never save browsing history. 736 EdgeBlockSavingHistory *bool `json:"edgeBlockSavingHistory,omitempty"` 737 // EdgeBlockFullScreenMode Allow or prevent Edge from entering the full screen mode. 738 EdgeBlockFullScreenMode *bool `json:"edgeBlockFullScreenMode,omitempty"` 739 // EdgeBlockWebContentOnNewTabPage Configure to load a blank page in Edge instead of the default New tab page and prevent users from changing it. 740 EdgeBlockWebContentOnNewTabPage *bool `json:"edgeBlockWebContentOnNewTabPage,omitempty"` 741 // EdgeBlockTabPreloading Configure whether Edge preloads the new tab page at Windows startup. 742 EdgeBlockTabPreloading *bool `json:"edgeBlockTabPreloading,omitempty"` 743 // EdgeBlockPrelaunch Decide whether Microsoft Edge is prelaunched at Windows startup. 744 EdgeBlockPrelaunch *bool `json:"edgeBlockPrelaunch,omitempty"` 745 // EdgeShowMessageWhenOpeningInternetExplorerSites Controls the message displayed by Edge before switching to Internet Explorer. 746 EdgeShowMessageWhenOpeningInternetExplorerSites *InternetExplorerMessageSetting `json:"edgeShowMessageWhenOpeningInternetExplorerSites,omitempty"` 747 // EdgePreventCertificateErrorOverride Allow or prevent users from overriding certificate errors. 748 EdgePreventCertificateErrorOverride *bool `json:"edgePreventCertificateErrorOverride,omitempty"` 749 // EdgeKioskModeRestriction Controls how the Microsoft Edge settings are restricted based on the configure kiosk mode. 750 EdgeKioskModeRestriction *EdgeKioskModeRestrictionType `json:"edgeKioskModeRestriction,omitempty"` 751 // EdgeKioskResetAfterIdleTimeInMinutes Specifies the time in minutes from the last user activity before Microsoft Edge kiosk resets. Valid values are 0-1440. The default is 5. 0 indicates no reset. Valid values 0 to 1440 752 EdgeKioskResetAfterIdleTimeInMinutes *int `json:"edgeKioskResetAfterIdleTimeInMinutes,omitempty"` 753 // CellularBlockDataWhenRoaming Whether or not to Block the user from using data over cellular while roaming. 754 CellularBlockDataWhenRoaming *bool `json:"cellularBlockDataWhenRoaming,omitempty"` 755 // CellularBlockVPN Whether or not to Block the user from using VPN over cellular. 756 CellularBlockVPN *bool `json:"cellularBlockVpn,omitempty"` 757 // CellularBlockVPNWhenRoaming Whether or not to Block the user from using VPN when roaming over cellular. 758 CellularBlockVPNWhenRoaming *bool `json:"cellularBlockVpnWhenRoaming,omitempty"` 759 // CellularData Whether or not to allow the cellular data channel on the device. If not configured, the cellular data channel is allowed and the user can turn it off. 760 CellularData *ConfigurationUsage `json:"cellularData,omitempty"` 761 // DefenderBlockEndUserAccess Whether or not to block end user access to Defender. 762 DefenderBlockEndUserAccess *bool `json:"defenderBlockEndUserAccess,omitempty"` 763 // DefenderDaysBeforeDeletingQuarantinedMalware Number of days before deleting quarantined malware. Valid values 0 to 90 764 DefenderDaysBeforeDeletingQuarantinedMalware *int `json:"defenderDaysBeforeDeletingQuarantinedMalware,omitempty"` 765 // DefenderDetectedMalwareActions Gets or sets Defender’s actions to take on detected Malware per threat level. 766 DefenderDetectedMalwareActions *DefenderDetectedMalwareActions `json:"defenderDetectedMalwareActions,omitempty"` 767 // DefenderSystemScanSchedule Defender day of the week for the system scan. 768 DefenderSystemScanSchedule *WeeklySchedule `json:"defenderSystemScanSchedule,omitempty"` 769 // DefenderFilesAndFoldersToExclude Files and folder to exclude from scans and real time protection. 770 DefenderFilesAndFoldersToExclude []string `json:"defenderFilesAndFoldersToExclude,omitempty"` 771 // DefenderFileExtensionsToExclude File extensions to exclude from scans and real time protection. 772 DefenderFileExtensionsToExclude []string `json:"defenderFileExtensionsToExclude,omitempty"` 773 // DefenderScanMaxCPU Max CPU usage percentage during scan. Valid values 0 to 100 774 DefenderScanMaxCPU *int `json:"defenderScanMaxCpu,omitempty"` 775 // DefenderMonitorFileActivity Value for monitoring file activity. 776 DefenderMonitorFileActivity *DefenderMonitorFileActivity `json:"defenderMonitorFileActivity,omitempty"` 777 // DefenderPotentiallyUnwantedAppAction Gets or sets Defender’s action to take on Potentially Unwanted Application (PUA), which includes software with behaviors of ad-injection, software bundling, persistent solicitation for payment or subscription, etc. Defender alerts user when PUA is being downloaded or attempts to install itself. Added in Windows 10 for desktop. 778 DefenderPotentiallyUnwantedAppAction *DefenderPotentiallyUnwantedAppAction `json:"defenderPotentiallyUnwantedAppAction,omitempty"` 779 // DefenderPotentiallyUnwantedAppActionSetting Gets or sets Defender’s action to take on Potentially Unwanted Application (PUA), which includes software with behaviors of ad-injection, software bundling, persistent solicitation for payment or subscription, etc. Defender alerts user when PUA is being downloaded or attempts to install itself. Added in Windows 10 for desktop. 780 DefenderPotentiallyUnwantedAppActionSetting *DefenderProtectionType `json:"defenderPotentiallyUnwantedAppActionSetting,omitempty"` 781 // DefenderProcessesToExclude Processes to exclude from scans and real time protection. 782 DefenderProcessesToExclude []string `json:"defenderProcessesToExclude,omitempty"` 783 // DefenderPromptForSampleSubmission The configuration for how to prompt user for sample submission. 784 DefenderPromptForSampleSubmission *DefenderPromptForSampleSubmission `json:"defenderPromptForSampleSubmission,omitempty"` 785 // DefenderRequireBehaviorMonitoring Indicates whether or not to require behavior monitoring. 786 DefenderRequireBehaviorMonitoring *bool `json:"defenderRequireBehaviorMonitoring,omitempty"` 787 // DefenderRequireCloudProtection Indicates whether or not to require cloud protection. 788 DefenderRequireCloudProtection *bool `json:"defenderRequireCloudProtection,omitempty"` 789 // DefenderRequireNetworkInspectionSystem Indicates whether or not to require network inspection system. 790 DefenderRequireNetworkInspectionSystem *bool `json:"defenderRequireNetworkInspectionSystem,omitempty"` 791 // DefenderRequireRealTimeMonitoring Indicates whether or not to require real time monitoring. 792 DefenderRequireRealTimeMonitoring *bool `json:"defenderRequireRealTimeMonitoring,omitempty"` 793 // DefenderScanArchiveFiles Indicates whether or not to scan archive files. 794 DefenderScanArchiveFiles *bool `json:"defenderScanArchiveFiles,omitempty"` 795 // DefenderScanDownloads Indicates whether or not to scan downloads. 796 DefenderScanDownloads *bool `json:"defenderScanDownloads,omitempty"` 797 // DefenderScheduleScanEnableLowCPUPriority When enabled, low CPU priority will be used during scheduled scans. 798 DefenderScheduleScanEnableLowCPUPriority *bool `json:"defenderScheduleScanEnableLowCpuPriority,omitempty"` 799 // DefenderDisableCatchupQuickScan When blocked, catch-up scans for scheduled quick scans will be turned off. 800 DefenderDisableCatchupQuickScan *bool `json:"defenderDisableCatchupQuickScan,omitempty"` 801 // DefenderDisableCatchupFullScan When blocked, catch-up scans for scheduled full scans will be turned off. 802 DefenderDisableCatchupFullScan *bool `json:"defenderDisableCatchupFullScan,omitempty"` 803 // DefenderScanNetworkFiles Indicates whether or not to scan files opened from a network folder. 804 DefenderScanNetworkFiles *bool `json:"defenderScanNetworkFiles,omitempty"` 805 // DefenderScanIncomingMail Indicates whether or not to scan incoming mail messages. 806 DefenderScanIncomingMail *bool `json:"defenderScanIncomingMail,omitempty"` 807 // DefenderScanMappedNetworkDrivesDuringFullScan Indicates whether or not to scan mapped network drives during full scan. 808 DefenderScanMappedNetworkDrivesDuringFullScan *bool `json:"defenderScanMappedNetworkDrivesDuringFullScan,omitempty"` 809 // DefenderScanRemovableDrivesDuringFullScan Indicates whether or not to scan removable drives during full scan. 810 DefenderScanRemovableDrivesDuringFullScan *bool `json:"defenderScanRemovableDrivesDuringFullScan,omitempty"` 811 // DefenderScanScriptsLoadedInInternetExplorer Indicates whether or not to scan scripts loaded in Internet Explorer browser. 812 DefenderScanScriptsLoadedInInternetExplorer *bool `json:"defenderScanScriptsLoadedInInternetExplorer,omitempty"` 813 // DefenderSignatureUpdateIntervalInHours The signature update interval in hours. Specify 0 not to check. Valid values 0 to 24 814 DefenderSignatureUpdateIntervalInHours *int `json:"defenderSignatureUpdateIntervalInHours,omitempty"` 815 // DefenderScanType The defender system scan type. 816 DefenderScanType *DefenderScanType `json:"defenderScanType,omitempty"` 817 // DefenderScheduledScanTime The defender time for the system scan. 818 DefenderScheduledScanTime *TimeOfDay `json:"defenderScheduledScanTime,omitempty"` 819 // DefenderScheduledQuickScanTime The time to perform a daily quick scan. 820 DefenderScheduledQuickScanTime *TimeOfDay `json:"defenderScheduledQuickScanTime,omitempty"` 821 // DefenderCloudBlockLevel Specifies the level of cloud-delivered protection. 822 DefenderCloudBlockLevel *DefenderCloudBlockLevelType `json:"defenderCloudBlockLevel,omitempty"` 823 // DefenderCloudExtendedTimeout Timeout extension for file scanning by the cloud. Valid values 0 to 50 824 DefenderCloudExtendedTimeout *int `json:"defenderCloudExtendedTimeout,omitempty"` 825 // DefenderCloudExtendedTimeoutInSeconds Timeout extension for file scanning by the cloud. Valid values 0 to 50 826 DefenderCloudExtendedTimeoutInSeconds *int `json:"defenderCloudExtendedTimeoutInSeconds,omitempty"` 827 // DefenderBlockOnAccessProtection Allows or disallows Windows Defender On Access Protection functionality. 828 DefenderBlockOnAccessProtection *bool `json:"defenderBlockOnAccessProtection,omitempty"` 829 // DefenderSubmitSamplesConsentType Checks for the user consent level in Windows Defender to send data. 830 DefenderSubmitSamplesConsentType *DefenderSubmitSamplesConsentType `json:"defenderSubmitSamplesConsentType,omitempty"` 831 // LockScreenAllowTimeoutConfiguration Specify whether to show a user-configurable setting to control the screen timeout while on the lock screen of Windows 10 Mobile devices. If this policy is set to Allow, the value set by lockScreenTimeoutInSeconds is ignored. 832 LockScreenAllowTimeoutConfiguration *bool `json:"lockScreenAllowTimeoutConfiguration,omitempty"` 833 // LockScreenBlockActionCenterNotifications Indicates whether or not to block action center notifications over lock screen. 834 LockScreenBlockActionCenterNotifications *bool `json:"lockScreenBlockActionCenterNotifications,omitempty"` 835 // LockScreenBlockCortana Indicates whether or not the user can interact with Cortana using speech while the system is locked. 836 LockScreenBlockCortana *bool `json:"lockScreenBlockCortana,omitempty"` 837 // LockScreenBlockToastNotifications Indicates whether to allow toast notifications above the device lock screen. 838 LockScreenBlockToastNotifications *bool `json:"lockScreenBlockToastNotifications,omitempty"` 839 // LockScreenTimeoutInSeconds Set the duration (in seconds) from the screen locking to the screen turning off for Windows 10 Mobile devices. Supported values are 11-1800. Valid values 11 to 1800 840 LockScreenTimeoutInSeconds *int `json:"lockScreenTimeoutInSeconds,omitempty"` 841 // LockScreenActivateAppsWithVoice This policy setting specifies whether Windows apps can be activated by voice while the system is locked. 842 LockScreenActivateAppsWithVoice *Enablement `json:"lockScreenActivateAppsWithVoice,omitempty"` 843 // PasswordBlockSimple Specify whether PINs or passwords such as "1111" or "1234" are allowed. For Windows 10 desktops, it also controls the use of picture passwords. 844 PasswordBlockSimple *bool `json:"passwordBlockSimple,omitempty"` 845 // PasswordExpirationDays The password expiration in days. Valid values 0 to 730 846 PasswordExpirationDays *int `json:"passwordExpirationDays,omitempty"` 847 // PasswordMinimumLength The minimum password length. Valid values 4 to 16 848 PasswordMinimumLength *int `json:"passwordMinimumLength,omitempty"` 849 // PasswordMinutesOfInactivityBeforeScreenTimeout The minutes of inactivity before the screen times out. 850 PasswordMinutesOfInactivityBeforeScreenTimeout *int `json:"passwordMinutesOfInactivityBeforeScreenTimeout,omitempty"` 851 // PasswordMinimumCharacterSetCount The number of character sets required in the password. 852 PasswordMinimumCharacterSetCount *int `json:"passwordMinimumCharacterSetCount,omitempty"` 853 // PasswordPreviousPasswordBlockCount The number of previous passwords to prevent reuse of. Valid values 0 to 50 854 PasswordPreviousPasswordBlockCount *int `json:"passwordPreviousPasswordBlockCount,omitempty"` 855 // PasswordRequired Indicates whether or not to require the user to have a password. 856 PasswordRequired *bool `json:"passwordRequired,omitempty"` 857 // PasswordRequireWhenResumeFromIdleState Indicates whether or not to require a password upon resuming from an idle state. 858 PasswordRequireWhenResumeFromIdleState *bool `json:"passwordRequireWhenResumeFromIdleState,omitempty"` 859 // PasswordRequiredType The required password type. 860 PasswordRequiredType *RequiredPasswordType `json:"passwordRequiredType,omitempty"` 861 // PasswordSignInFailureCountBeforeFactoryReset The number of sign in failures before factory reset. Valid values 0 to 999 862 PasswordSignInFailureCountBeforeFactoryReset *int `json:"passwordSignInFailureCountBeforeFactoryReset,omitempty"` 863 // PasswordMinimumAgeInDays This security setting determines the period of time (in days) that a password must be used before the user can change it. Valid values 0 to 998 864 PasswordMinimumAgeInDays *int `json:"passwordMinimumAgeInDays,omitempty"` 865 // PrivacyAdvertisingID Enables or disables the use of advertising ID. Added in Windows 10, version 1607. 866 PrivacyAdvertisingID *StateManagementSetting `json:"privacyAdvertisingId,omitempty"` 867 // PrivacyAutoAcceptPairingAndConsentPrompts Indicates whether or not to allow the automatic acceptance of the pairing and privacy user consent dialog when launching apps. 868 PrivacyAutoAcceptPairingAndConsentPrompts *bool `json:"privacyAutoAcceptPairingAndConsentPrompts,omitempty"` 869 // PrivacyDisableLaunchExperience This policy prevents the privacy experience from launching during user logon for new and upgraded users. 870 PrivacyDisableLaunchExperience *bool `json:"privacyDisableLaunchExperience,omitempty"` 871 // PrivacyBlockInputPersonalization Indicates whether or not to block the usage of cloud based speech services for Cortana, Dictation, or Store applications. 872 PrivacyBlockInputPersonalization *bool `json:"privacyBlockInputPersonalization,omitempty"` 873 // PrivacyBlockPublishUserActivities Blocks the shared experiences/discovery of recently used resources in task switcher etc. 874 PrivacyBlockPublishUserActivities *bool `json:"privacyBlockPublishUserActivities,omitempty"` 875 // PrivacyBlockActivityFeed Blocks the usage of cloud based speech services for Cortana, Dictation, or Store applications. 876 PrivacyBlockActivityFeed *bool `json:"privacyBlockActivityFeed,omitempty"` 877 // StartBlockUnpinningAppsFromTaskbar Indicates whether or not to block the user from unpinning apps from taskbar. 878 StartBlockUnpinningAppsFromTaskbar *bool `json:"startBlockUnpinningAppsFromTaskbar,omitempty"` 879 // StartMenuAppListVisibility Setting the value of this collapses the app list, removes the app list entirely, or disables the corresponding toggle in the Settings app. 880 StartMenuAppListVisibility *WindowsStartMenuAppListVisibilityType `json:"startMenuAppListVisibility,omitempty"` 881 // StartMenuHideChangeAccountSettings Enabling this policy hides the change account setting from appearing in the user tile in the start menu. 882 StartMenuHideChangeAccountSettings *bool `json:"startMenuHideChangeAccountSettings,omitempty"` 883 // StartMenuHideFrequentlyUsedApps Enabling this policy hides the most used apps from appearing on the start menu and disables the corresponding toggle in the Settings app. 884 StartMenuHideFrequentlyUsedApps *bool `json:"startMenuHideFrequentlyUsedApps,omitempty"` 885 // StartMenuHideHibernate Enabling this policy hides hibernate from appearing in the power button in the start menu. 886 StartMenuHideHibernate *bool `json:"startMenuHideHibernate,omitempty"` 887 // StartMenuHideLock Enabling this policy hides lock from appearing in the user tile in the start menu. 888 StartMenuHideLock *bool `json:"startMenuHideLock,omitempty"` 889 // StartMenuHidePowerButton Enabling this policy hides the power button from appearing in the start menu. 890 StartMenuHidePowerButton *bool `json:"startMenuHidePowerButton,omitempty"` 891 // StartMenuHideRecentJumpLists Enabling this policy hides recent jump lists from appearing on the start menu/taskbar and disables the corresponding toggle in the Settings app. 892 StartMenuHideRecentJumpLists *bool `json:"startMenuHideRecentJumpLists,omitempty"` 893 // StartMenuHideRecentlyAddedApps Enabling this policy hides recently added apps from appearing on the start menu and disables the corresponding toggle in the Settings app. 894 StartMenuHideRecentlyAddedApps *bool `json:"startMenuHideRecentlyAddedApps,omitempty"` 895 // StartMenuHideRestartOptions Enabling this policy hides “Restart/Update and Restart” from appearing in the power button in the start menu. 896 StartMenuHideRestartOptions *bool `json:"startMenuHideRestartOptions,omitempty"` 897 // StartMenuHideShutDown Enabling this policy hides shut down/update and shut down from appearing in the power button in the start menu. 898 StartMenuHideShutDown *bool `json:"startMenuHideShutDown,omitempty"` 899 // StartMenuHideSignOut Enabling this policy hides sign out from appearing in the user tile in the start menu. 900 StartMenuHideSignOut *bool `json:"startMenuHideSignOut,omitempty"` 901 // StartMenuHideSleep Enabling this policy hides sleep from appearing in the power button in the start menu. 902 StartMenuHideSleep *bool `json:"startMenuHideSleep,omitempty"` 903 // StartMenuHideSwitchAccount Enabling this policy hides switch account from appearing in the user tile in the start menu. 904 StartMenuHideSwitchAccount *bool `json:"startMenuHideSwitchAccount,omitempty"` 905 // StartMenuHideUserTile Enabling this policy hides the user tile from appearing in the start menu. 906 StartMenuHideUserTile *bool `json:"startMenuHideUserTile,omitempty"` 907 // StartMenuLayoutEdgeAssetsXML This policy setting allows you to import Edge assets to be used with startMenuLayoutXml policy. Start layout can contain secondary tile from Edge app which looks for Edge local asset file. Edge local asset would not exist and cause Edge secondary tile to appear empty in this case. This policy only gets applied when startMenuLayoutXml policy is modified. The value should be a UTF-8 Base64 encoded byte array. 908 StartMenuLayoutEdgeAssetsXML *Binary `json:"startMenuLayoutEdgeAssetsXml,omitempty"` 909 // StartMenuLayoutXML Allows admins to override the default Start menu layout and prevents the user from changing it. The layout is modified by specifying an XML file based on a layout modification schema. XML needs to be in a UTF8 encoded byte array format. 910 StartMenuLayoutXML *Binary `json:"startMenuLayoutXml,omitempty"` 911 // StartMenuMode Allows admins to decide how the Start menu is displayed. 912 StartMenuMode *WindowsStartMenuModeType `json:"startMenuMode,omitempty"` 913 // StartMenuPinnedFolderDocuments Enforces the visibility (Show/Hide) of the Documents folder shortcut on the Start menu. 914 StartMenuPinnedFolderDocuments *VisibilitySetting `json:"startMenuPinnedFolderDocuments,omitempty"` 915 // StartMenuPinnedFolderDownloads Enforces the visibility (Show/Hide) of the Downloads folder shortcut on the Start menu. 916 StartMenuPinnedFolderDownloads *VisibilitySetting `json:"startMenuPinnedFolderDownloads,omitempty"` 917 // StartMenuPinnedFolderFileExplorer Enforces the visibility (Show/Hide) of the FileExplorer shortcut on the Start menu. 918 StartMenuPinnedFolderFileExplorer *VisibilitySetting `json:"startMenuPinnedFolderFileExplorer,omitempty"` 919 // StartMenuPinnedFolderHomeGroup Enforces the visibility (Show/Hide) of the HomeGroup folder shortcut on the Start menu. 920 StartMenuPinnedFolderHomeGroup *VisibilitySetting `json:"startMenuPinnedFolderHomeGroup,omitempty"` 921 // StartMenuPinnedFolderMusic Enforces the visibility (Show/Hide) of the Music folder shortcut on the Start menu. 922 StartMenuPinnedFolderMusic *VisibilitySetting `json:"startMenuPinnedFolderMusic,omitempty"` 923 // StartMenuPinnedFolderNetwork Enforces the visibility (Show/Hide) of the Network folder shortcut on the Start menu. 924 StartMenuPinnedFolderNetwork *VisibilitySetting `json:"startMenuPinnedFolderNetwork,omitempty"` 925 // StartMenuPinnedFolderPersonalFolder Enforces the visibility (Show/Hide) of the PersonalFolder shortcut on the Start menu. 926 StartMenuPinnedFolderPersonalFolder *VisibilitySetting `json:"startMenuPinnedFolderPersonalFolder,omitempty"` 927 // StartMenuPinnedFolderPictures Enforces the visibility (Show/Hide) of the Pictures folder shortcut on the Start menu. 928 StartMenuPinnedFolderPictures *VisibilitySetting `json:"startMenuPinnedFolderPictures,omitempty"` 929 // StartMenuPinnedFolderSettings Enforces the visibility (Show/Hide) of the Settings folder shortcut on the Start menu. 930 StartMenuPinnedFolderSettings *VisibilitySetting `json:"startMenuPinnedFolderSettings,omitempty"` 931 // StartMenuPinnedFolderVideos Enforces the visibility (Show/Hide) of the Videos folder shortcut on the Start menu. 932 StartMenuPinnedFolderVideos *VisibilitySetting `json:"startMenuPinnedFolderVideos,omitempty"` 933 // SettingsBlockSettingsApp Indicates whether or not to block access to Settings app. 934 SettingsBlockSettingsApp *bool `json:"settingsBlockSettingsApp,omitempty"` 935 // SettingsBlockSystemPage Indicates whether or not to block access to System in Settings app. 936 SettingsBlockSystemPage *bool `json:"settingsBlockSystemPage,omitempty"` 937 // SettingsBlockDevicesPage Indicates whether or not to block access to Devices in Settings app. 938 SettingsBlockDevicesPage *bool `json:"settingsBlockDevicesPage,omitempty"` 939 // SettingsBlockNetworkInternetPage Indicates whether or not to block access to Network & Internet in Settings app. 940 SettingsBlockNetworkInternetPage *bool `json:"settingsBlockNetworkInternetPage,omitempty"` 941 // SettingsBlockPersonalizationPage Indicates whether or not to block access to Personalization in Settings app. 942 SettingsBlockPersonalizationPage *bool `json:"settingsBlockPersonalizationPage,omitempty"` 943 // SettingsBlockAccountsPage Indicates whether or not to block access to Accounts in Settings app. 944 SettingsBlockAccountsPage *bool `json:"settingsBlockAccountsPage,omitempty"` 945 // SettingsBlockTimeLanguagePage Indicates whether or not to block access to Time & Language in Settings app. 946 SettingsBlockTimeLanguagePage *bool `json:"settingsBlockTimeLanguagePage,omitempty"` 947 // SettingsBlockEaseOfAccessPage Indicates whether or not to block access to Ease of Access in Settings app. 948 SettingsBlockEaseOfAccessPage *bool `json:"settingsBlockEaseOfAccessPage,omitempty"` 949 // SettingsBlockPrivacyPage Indicates whether or not to block access to Privacy in Settings app. 950 SettingsBlockPrivacyPage *bool `json:"settingsBlockPrivacyPage,omitempty"` 951 // SettingsBlockUpdateSecurityPage Indicates whether or not to block access to Update & Security in Settings app. 952 SettingsBlockUpdateSecurityPage *bool `json:"settingsBlockUpdateSecurityPage,omitempty"` 953 // SettingsBlockAppsPage Indicates whether or not to block access to Apps in Settings app. 954 SettingsBlockAppsPage *bool `json:"settingsBlockAppsPage,omitempty"` 955 // SettingsBlockGamingPage Indicates whether or not to block access to Gaming in Settings app. 956 SettingsBlockGamingPage *bool `json:"settingsBlockGamingPage,omitempty"` 957 // WindowsSpotlightBlockConsumerSpecificFeatures Allows IT admins to block experiences that are typically for consumers only, such as Start suggestions, Membership notifications, Post-OOBE app install and redirect tiles. 958 WindowsSpotlightBlockConsumerSpecificFeatures *bool `json:"windowsSpotlightBlockConsumerSpecificFeatures,omitempty"` 959 // WindowsSpotlightBlocked Allows IT admins to turn off all Windows Spotlight features 960 WindowsSpotlightBlocked *bool `json:"windowsSpotlightBlocked,omitempty"` 961 // WindowsSpotlightBlockOnActionCenter Block suggestions from Microsoft that show after each OS clean install, upgrade or in an on-going basis to introduce users to what is new or changed 962 WindowsSpotlightBlockOnActionCenter *bool `json:"windowsSpotlightBlockOnActionCenter,omitempty"` 963 // WindowsSpotlightBlockTailoredExperiences Block personalized content in Windows spotlight based on user’s device usage. 964 WindowsSpotlightBlockTailoredExperiences *bool `json:"windowsSpotlightBlockTailoredExperiences,omitempty"` 965 // WindowsSpotlightBlockThirdPartyNotifications Block third party content delivered via Windows Spotlight 966 WindowsSpotlightBlockThirdPartyNotifications *bool `json:"windowsSpotlightBlockThirdPartyNotifications,omitempty"` 967 // WindowsSpotlightBlockWelcomeExperience Block Windows Spotlight Windows welcome experience 968 WindowsSpotlightBlockWelcomeExperience *bool `json:"windowsSpotlightBlockWelcomeExperience,omitempty"` 969 // WindowsSpotlightBlockWindowsTips Allows IT admins to turn off the popup of Windows Tips. 970 WindowsSpotlightBlockWindowsTips *bool `json:"windowsSpotlightBlockWindowsTips,omitempty"` 971 // WindowsSpotlightConfigureOnLockScreen Specifies the type of Spotlight 972 WindowsSpotlightConfigureOnLockScreen *WindowsSpotlightEnablementSettings `json:"windowsSpotlightConfigureOnLockScreen,omitempty"` 973 // NetworkProxyApplySettingsDeviceWide If set, proxy settings will be applied to all processes and accounts in the device. Otherwise, it will be applied to the user account that’s enrolled into MDM. 974 NetworkProxyApplySettingsDeviceWide *bool `json:"networkProxyApplySettingsDeviceWide,omitempty"` 975 // NetworkProxyDisableAutoDetect Disable automatic detection of settings. If enabled, the system will try to find the path to a proxy auto-config (PAC) script. 976 NetworkProxyDisableAutoDetect *bool `json:"networkProxyDisableAutoDetect,omitempty"` 977 // NetworkProxyAutomaticConfigurationURL Address to the proxy auto-config (PAC) script you want to use. 978 NetworkProxyAutomaticConfigurationURL *string `json:"networkProxyAutomaticConfigurationUrl,omitempty"` 979 // NetworkProxyServer Specifies manual proxy server settings. 980 NetworkProxyServer *Windows10NetworkProxyServer `json:"networkProxyServer,omitempty"` 981 // AccountsBlockAddingNonMicrosoftAccountEmail Indicates whether or not to Block the user from adding email accounts to the device that are not associated with a Microsoft account. 982 AccountsBlockAddingNonMicrosoftAccountEmail *bool `json:"accountsBlockAddingNonMicrosoftAccountEmail,omitempty"` 983 // AntiTheftModeBlocked Indicates whether or not to block the user from selecting an AntiTheft mode preference (Windows 10 Mobile only). 984 AntiTheftModeBlocked *bool `json:"antiTheftModeBlocked,omitempty"` 985 // BluetoothBlocked Whether or not to Block the user from using bluetooth. 986 BluetoothBlocked *bool `json:"bluetoothBlocked,omitempty"` 987 // CameraBlocked Whether or not to Block the user from accessing the camera of the device. 988 CameraBlocked *bool `json:"cameraBlocked,omitempty"` 989 // ConnectedDevicesServiceBlocked Whether or not to block Connected Devices Service which enables discovery and connection to other devices, remote messaging, remote app sessions and other cross-device experiences. 990 ConnectedDevicesServiceBlocked *bool `json:"connectedDevicesServiceBlocked,omitempty"` 991 // CertificatesBlockManualRootCertificateInstallation Whether or not to Block the user from doing manual root certificate installation. 992 CertificatesBlockManualRootCertificateInstallation *bool `json:"certificatesBlockManualRootCertificateInstallation,omitempty"` 993 // CopyPasteBlocked Whether or not to Block the user from using copy paste. 994 CopyPasteBlocked *bool `json:"copyPasteBlocked,omitempty"` 995 // CortanaBlocked Whether or not to Block the user from using Cortana. 996 CortanaBlocked *bool `json:"cortanaBlocked,omitempty"` 997 // DeviceManagementBlockFactoryResetOnMobile Indicates whether or not to Block the user from resetting their phone. 998 DeviceManagementBlockFactoryResetOnMobile *bool `json:"deviceManagementBlockFactoryResetOnMobile,omitempty"` 999 // DeviceManagementBlockManualUnenroll Indicates whether or not to Block the user from doing manual un-enrollment from device management. 1000 DeviceManagementBlockManualUnenroll *bool `json:"deviceManagementBlockManualUnenroll,omitempty"` 1001 // SafeSearchFilter Specifies what filter level of safe search is required. 1002 SafeSearchFilter *SafeSearchFilterType `json:"safeSearchFilter,omitempty"` 1003 // EdgeBlockPopups Indicates whether or not to block popups. 1004 EdgeBlockPopups *bool `json:"edgeBlockPopups,omitempty"` 1005 // EdgeBlockSearchSuggestions Indicates whether or not to block the user from using the search suggestions in the address bar. 1006 EdgeBlockSearchSuggestions *bool `json:"edgeBlockSearchSuggestions,omitempty"` 1007 // EdgeBlockSearchEngineCustomization Indicates whether or not to block the user from adding new search engine or changing the default search engine. 1008 EdgeBlockSearchEngineCustomization *bool `json:"edgeBlockSearchEngineCustomization,omitempty"` 1009 // EdgeBlockSendingIntranetTrafficToInternetExplorer Indicates whether or not to switch the intranet traffic from Edge to Internet Explorer. Note: the name of this property is misleading; the property is obsolete, use EdgeSendIntranetTrafficToInternetExplorer instead. 1010 EdgeBlockSendingIntranetTrafficToInternetExplorer *bool `json:"edgeBlockSendingIntranetTrafficToInternetExplorer,omitempty"` 1011 // EdgeSendIntranetTrafficToInternetExplorer Indicates whether or not to switch the intranet traffic from Edge to Internet Explorer. 1012 EdgeSendIntranetTrafficToInternetExplorer *bool `json:"edgeSendIntranetTrafficToInternetExplorer,omitempty"` 1013 // EdgeRequireSmartScreen Indicates whether or not to Require the user to use the smart screen filter. 1014 EdgeRequireSmartScreen *bool `json:"edgeRequireSmartScreen,omitempty"` 1015 // EdgeEnterpriseModeSiteListLocation Indicates the enterprise mode site list location. Could be a local file, local network or http location. 1016 EdgeEnterpriseModeSiteListLocation *string `json:"edgeEnterpriseModeSiteListLocation,omitempty"` 1017 // EdgeFirstRunURL The first run URL for when Edge browser is opened for the first time. 1018 EdgeFirstRunURL *string `json:"edgeFirstRunUrl,omitempty"` 1019 // EdgeSearchEngine Allows IT admins to set a default search engine for MDM-Controlled devices. Users can override this and change their default search engine provided the AllowSearchEngineCustomization policy is not set. 1020 EdgeSearchEngine *EdgeSearchEngineBase `json:"edgeSearchEngine,omitempty"` 1021 // EdgeHomepageUrls The list of URLs for homepages shodwn on MDM-enrolled devices on Edge browser. 1022 EdgeHomepageUrls []string `json:"edgeHomepageUrls,omitempty"` 1023 // EdgeBlockAccessToAboutFlags Indicates whether or not to prevent access to about flags on Edge browser. 1024 EdgeBlockAccessToAboutFlags *bool `json:"edgeBlockAccessToAboutFlags,omitempty"` 1025 // SmartScreenBlockPromptOverride Indicates whether or not users can override SmartScreen Filter warnings about potentially malicious websites. 1026 SmartScreenBlockPromptOverride *bool `json:"smartScreenBlockPromptOverride,omitempty"` 1027 // SmartScreenBlockPromptOverrideForFiles Indicates whether or not users can override the SmartScreen Filter warnings about downloading unverified files 1028 SmartScreenBlockPromptOverrideForFiles *bool `json:"smartScreenBlockPromptOverrideForFiles,omitempty"` 1029 // WebRtcBlockLocalhostIPAddress Indicates whether or not user's localhost IP address is displayed while making phone calls using the WebRTC 1030 WebRtcBlockLocalhostIPAddress *bool `json:"webRtcBlockLocalhostIpAddress,omitempty"` 1031 // InternetSharingBlocked Indicates whether or not to Block the user from using internet sharing. 1032 InternetSharingBlocked *bool `json:"internetSharingBlocked,omitempty"` 1033 // SettingsBlockAddProvisioningPackage Indicates whether or not to block the user from installing provisioning packages. 1034 SettingsBlockAddProvisioningPackage *bool `json:"settingsBlockAddProvisioningPackage,omitempty"` 1035 // SettingsBlockRemoveProvisioningPackage Indicates whether or not to block the runtime configuration agent from removing provisioning packages. 1036 SettingsBlockRemoveProvisioningPackage *bool `json:"settingsBlockRemoveProvisioningPackage,omitempty"` 1037 // SettingsBlockChangeSystemTime Indicates whether or not to block the user from changing date and time settings. 1038 SettingsBlockChangeSystemTime *bool `json:"settingsBlockChangeSystemTime,omitempty"` 1039 // SettingsBlockEditDeviceName Indicates whether or not to block the user from editing the device name. 1040 SettingsBlockEditDeviceName *bool `json:"settingsBlockEditDeviceName,omitempty"` 1041 // SettingsBlockChangeRegion Indicates whether or not to block the user from changing the region settings. 1042 SettingsBlockChangeRegion *bool `json:"settingsBlockChangeRegion,omitempty"` 1043 // SettingsBlockChangeLanguage Indicates whether or not to block the user from changing the language settings. 1044 SettingsBlockChangeLanguage *bool `json:"settingsBlockChangeLanguage,omitempty"` 1045 // SettingsBlockChangePowerSleep Indicates whether or not to block the user from changing power and sleep settings. 1046 SettingsBlockChangePowerSleep *bool `json:"settingsBlockChangePowerSleep,omitempty"` 1047 // LocationServicesBlocked Indicates whether or not to Block the user from location services. 1048 LocationServicesBlocked *bool `json:"locationServicesBlocked,omitempty"` 1049 // MicrosoftAccountBlocked Indicates whether or not to Block a Microsoft account. 1050 MicrosoftAccountBlocked *bool `json:"microsoftAccountBlocked,omitempty"` 1051 // MicrosoftAccountBlockSettingsSync Indicates whether or not to Block Microsoft account settings sync. 1052 MicrosoftAccountBlockSettingsSync *bool `json:"microsoftAccountBlockSettingsSync,omitempty"` 1053 // NfcBlocked Indicates whether or not to Block the user from using near field communication. 1054 NfcBlocked *bool `json:"nfcBlocked,omitempty"` 1055 // ResetProtectionModeBlocked Indicates whether or not to Block the user from reset protection mode. 1056 ResetProtectionModeBlocked *bool `json:"resetProtectionModeBlocked,omitempty"` 1057 // ScreenCaptureBlocked Indicates whether or not to Block the user from taking Screenshots. 1058 ScreenCaptureBlocked *bool `json:"screenCaptureBlocked,omitempty"` 1059 // StorageBlockRemovableStorage Indicates whether or not to Block the user from using removable storage. 1060 StorageBlockRemovableStorage *bool `json:"storageBlockRemovableStorage,omitempty"` 1061 // StorageRequireMobileDeviceEncryption Indicating whether or not to require encryption on a mobile device. 1062 StorageRequireMobileDeviceEncryption *bool `json:"storageRequireMobileDeviceEncryption,omitempty"` 1063 // UsbBlocked Indicates whether or not to Block the user from USB connection. 1064 UsbBlocked *bool `json:"usbBlocked,omitempty"` 1065 // VoiceRecordingBlocked Indicates whether or not to Block the user from voice recording. 1066 VoiceRecordingBlocked *bool `json:"voiceRecordingBlocked,omitempty"` 1067 // WiFiBlockAutomaticConnectHotspots Indicating whether or not to block automatically connecting to Wi-Fi hotspots. Has no impact if Wi-Fi is blocked. 1068 WiFiBlockAutomaticConnectHotspots *bool `json:"wiFiBlockAutomaticConnectHotspots,omitempty"` 1069 // WiFiBlocked Indicates whether or not to Block the user from using Wi-Fi. 1070 WiFiBlocked *bool `json:"wiFiBlocked,omitempty"` 1071 // WiFiBlockManualConfiguration Indicates whether or not to Block the user from using Wi-Fi manual configuration. 1072 WiFiBlockManualConfiguration *bool `json:"wiFiBlockManualConfiguration,omitempty"` 1073 // WiFiScanInterval Specify how often devices scan for Wi-Fi networks. Supported values are 1-500, where 100 = default, and 500 = low frequency. Valid values 1 to 500 1074 WiFiScanInterval *int `json:"wiFiScanInterval,omitempty"` 1075 // WirelessDisplayBlockProjectionToThisDevice Indicates whether or not to allow other devices from discovering this PC for projection. 1076 WirelessDisplayBlockProjectionToThisDevice *bool `json:"wirelessDisplayBlockProjectionToThisDevice,omitempty"` 1077 // WirelessDisplayBlockUserInputFromReceiver Indicates whether or not to allow user input from wireless display receiver. 1078 WirelessDisplayBlockUserInputFromReceiver *bool `json:"wirelessDisplayBlockUserInputFromReceiver,omitempty"` 1079 // WirelessDisplayRequirePinForPairing Indicates whether or not to require a PIN for new devices to initiate pairing. 1080 WirelessDisplayRequirePinForPairing *bool `json:"wirelessDisplayRequirePinForPairing,omitempty"` 1081 // WindowsStoreBlocked Indicates whether or not to Block the user from using the Windows store. 1082 WindowsStoreBlocked *bool `json:"windowsStoreBlocked,omitempty"` 1083 // AppsAllowTrustedAppsSideloading Indicates whether apps from AppX packages signed with a trusted certificate can be side loaded. 1084 AppsAllowTrustedAppsSideloading *StateManagementSetting `json:"appsAllowTrustedAppsSideloading,omitempty"` 1085 // WindowsStoreBlockAutoUpdate Indicates whether or not to block automatic update of apps from Windows Store. 1086 WindowsStoreBlockAutoUpdate *bool `json:"windowsStoreBlockAutoUpdate,omitempty"` 1087 // DeveloperUnlockSetting Indicates whether or not to allow developer unlock. 1088 DeveloperUnlockSetting *StateManagementSetting `json:"developerUnlockSetting,omitempty"` 1089 // SharedUserAppDataAllowed Indicates whether or not to block multiple users of the same app to share data. 1090 SharedUserAppDataAllowed *bool `json:"sharedUserAppDataAllowed,omitempty"` 1091 // AppsBlockWindowsStoreOriginatedApps Indicates whether or not to disable the launch of all apps from Windows Store that came pre-installed or were downloaded. 1092 AppsBlockWindowsStoreOriginatedApps *bool `json:"appsBlockWindowsStoreOriginatedApps,omitempty"` 1093 // WindowsStoreEnablePrivateStoreOnly Indicates whether or not to enable Private Store Only. 1094 WindowsStoreEnablePrivateStoreOnly *bool `json:"windowsStoreEnablePrivateStoreOnly,omitempty"` 1095 // StorageRestrictAppDataToSystemVolume Indicates whether application data is restricted to the system drive. 1096 StorageRestrictAppDataToSystemVolume *bool `json:"storageRestrictAppDataToSystemVolume,omitempty"` 1097 // StorageRestrictAppInstallToSystemVolume Indicates whether the installation of applications is restricted to the system drive. 1098 StorageRestrictAppInstallToSystemVolume *bool `json:"storageRestrictAppInstallToSystemVolume,omitempty"` 1099 // GameDvrBlocked Indicates whether or not to block DVR and broadcasting. 1100 GameDvrBlocked *bool `json:"gameDvrBlocked,omitempty"` 1101 // ExperienceBlockDeviceDiscovery Indicates whether or not to enable device discovery UX. 1102 ExperienceBlockDeviceDiscovery *bool `json:"experienceBlockDeviceDiscovery,omitempty"` 1103 // ExperienceBlockErrorDialogWhenNoSIM Indicates whether or not to allow the error dialog from displaying if no SIM card is detected. 1104 ExperienceBlockErrorDialogWhenNoSIM *bool `json:"experienceBlockErrorDialogWhenNoSIM,omitempty"` 1105 // ExperienceBlockTaskSwitcher Indicates whether or not to enable task switching on the device. 1106 ExperienceBlockTaskSwitcher *bool `json:"experienceBlockTaskSwitcher,omitempty"` 1107 // LogonBlockFastUserSwitching Disables the ability to quickly switch between users that are logged on simultaneously without logging off. 1108 LogonBlockFastUserSwitching *bool `json:"logonBlockFastUserSwitching,omitempty"` 1109 // TenantLockdownRequireNetworkDuringOutOfBoxExperience Whether the device is required to connect to the network. 1110 TenantLockdownRequireNetworkDuringOutOfBoxExperience *bool `json:"tenantLockdownRequireNetworkDuringOutOfBoxExperience,omitempty"` 1111 // AppManagementMSIAllowUserControlOverInstall This policy setting permits users to change installation options that typically are available only to system administrators. 1112 AppManagementMSIAllowUserControlOverInstall *bool `json:"appManagementMSIAllowUserControlOverInstall,omitempty"` 1113 // AppManagementMSIAlwaysInstallWithElevatedPrivileges This policy setting directs Windows Installer to use elevated permissions when it installs any program on the system. 1114 AppManagementMSIAlwaysInstallWithElevatedPrivileges *bool `json:"appManagementMSIAlwaysInstallWithElevatedPrivileges,omitempty"` 1115 // DataProtectionBlockDirectMemoryAccess This policy setting allows you to block direct memory access (DMA) for all hot pluggable PCI downstream ports until a user logs into Windows. 1116 DataProtectionBlockDirectMemoryAccess *bool `json:"dataProtectionBlockDirectMemoryAccess,omitempty"` 1117 // AppManagementPackageFamilyNamesToLaunchAfterLogOn List of semi-colon delimited Package Family Names of Windows apps. Listed Windows apps are to be launched after logon. 1118 AppManagementPackageFamilyNamesToLaunchAfterLogOn []string `json:"appManagementPackageFamilyNamesToLaunchAfterLogOn,omitempty"` 1119 // PrivacyAccessControls undocumented 1120 PrivacyAccessControls []WindowsPrivacyDataAccessControlItem `json:"privacyAccessControls,omitempty"` 1121 } 1122 1123 // Windows10ImportedPFXCertificateProfile Windows 10 Desktop and Mobile PFX Import certificate profile 1124 type Windows10ImportedPFXCertificateProfile struct { 1125 // WindowsCertificateProfileBase is the base model of Windows10ImportedPFXCertificateProfile 1126 WindowsCertificateProfileBase 1127 // IntendedPurpose Intended Purpose of the Certificate Profile - which could be Unassigned, SmimeEncryption, SmimeSigning etc. 1128 IntendedPurpose *IntendedPurpose `json:"intendedPurpose,omitempty"` 1129 // ManagedDeviceCertificateStates undocumented 1130 ManagedDeviceCertificateStates []ManagedDeviceCertificateState `json:"managedDeviceCertificateStates,omitempty"` 1131 } 1132 1133 // Windows10MobileCompliancePolicy This class contains compliance settings for Windows 10 Mobile. 1134 type Windows10MobileCompliancePolicy struct { 1135 // DeviceCompliancePolicy is the base model of Windows10MobileCompliancePolicy 1136 DeviceCompliancePolicy 1137 // PasswordRequired Require a password to unlock Windows Phone device. 1138 PasswordRequired *bool `json:"passwordRequired,omitempty"` 1139 // PasswordBlockSimple Whether or not to block syncing the calendar. 1140 PasswordBlockSimple *bool `json:"passwordBlockSimple,omitempty"` 1141 // PasswordMinimumLength Minimum password length. Valid values 4 to 16 1142 PasswordMinimumLength *int `json:"passwordMinimumLength,omitempty"` 1143 // PasswordMinimumCharacterSetCount The number of character sets required in the password. 1144 PasswordMinimumCharacterSetCount *int `json:"passwordMinimumCharacterSetCount,omitempty"` 1145 // PasswordRequiredType The required password type. 1146 PasswordRequiredType *RequiredPasswordType `json:"passwordRequiredType,omitempty"` 1147 // PasswordPreviousPasswordBlockCount The number of previous passwords to prevent re-use of. 1148 PasswordPreviousPasswordBlockCount *int `json:"passwordPreviousPasswordBlockCount,omitempty"` 1149 // PasswordExpirationDays Number of days before password expiration. Valid values 1 to 255 1150 PasswordExpirationDays *int `json:"passwordExpirationDays,omitempty"` 1151 // PasswordMinutesOfInactivityBeforeLock Minutes of inactivity before a password is required. 1152 PasswordMinutesOfInactivityBeforeLock *int `json:"passwordMinutesOfInactivityBeforeLock,omitempty"` 1153 // PasswordRequireToUnlockFromIdle Require a password to unlock an idle device. 1154 PasswordRequireToUnlockFromIdle *bool `json:"passwordRequireToUnlockFromIdle,omitempty"` 1155 // OsMinimumVersion Minimum Windows Phone version. 1156 OsMinimumVersion *string `json:"osMinimumVersion,omitempty"` 1157 // OsMaximumVersion Maximum Windows Phone version. 1158 OsMaximumVersion *string `json:"osMaximumVersion,omitempty"` 1159 // EarlyLaunchAntiMalwareDriverEnabled Require devices to be reported as healthy by Windows Device Health Attestation - early launch antimalware driver is enabled. 1160 EarlyLaunchAntiMalwareDriverEnabled *bool `json:"earlyLaunchAntiMalwareDriverEnabled,omitempty"` 1161 // BitLockerEnabled Require devices to be reported healthy by Windows Device Health Attestation - bit locker is enabled 1162 BitLockerEnabled *bool `json:"bitLockerEnabled,omitempty"` 1163 // SecureBootEnabled Require devices to be reported as healthy by Windows Device Health Attestation - secure boot is enabled. 1164 SecureBootEnabled *bool `json:"secureBootEnabled,omitempty"` 1165 // CodeIntegrityEnabled Require devices to be reported as healthy by Windows Device Health Attestation. 1166 CodeIntegrityEnabled *bool `json:"codeIntegrityEnabled,omitempty"` 1167 // StorageRequireEncryption Require encryption on windows devices. 1168 StorageRequireEncryption *bool `json:"storageRequireEncryption,omitempty"` 1169 // ActiveFirewallRequired Require active firewall on Windows devices. 1170 ActiveFirewallRequired *bool `json:"activeFirewallRequired,omitempty"` 1171 // ValidOperatingSystemBuildRanges The valid operating system build ranges on Windows devices. This collection can contain a maximum of 10000 elements. 1172 ValidOperatingSystemBuildRanges []OperatingSystemVersionRange `json:"validOperatingSystemBuildRanges,omitempty"` 1173 } 1174 1175 // Windows10NetworkBoundaryConfiguration Windows10 Network Boundary Configuration 1176 type Windows10NetworkBoundaryConfiguration struct { 1177 // DeviceConfiguration is the base model of Windows10NetworkBoundaryConfiguration 1178 DeviceConfiguration 1179 // WindowsNetworkIsolationPolicy Windows Network Isolation Policy 1180 WindowsNetworkIsolationPolicy *WindowsNetworkIsolationPolicy `json:"windowsNetworkIsolationPolicy,omitempty"` 1181 } 1182 1183 // Windows10NetworkProxyServer undocumented 1184 type Windows10NetworkProxyServer struct { 1185 // Object is the base model of Windows10NetworkProxyServer 1186 Object 1187 // Address Address to the proxy server. Specify an address in the format <server>[“:”<port>] 1188 Address *string `json:"address,omitempty"` 1189 // Exceptions Addresses that should not use the proxy server. The system will not use the proxy server for addresses beginning with what is specified in this node. 1190 Exceptions []string `json:"exceptions,omitempty"` 1191 // UseForLocalAddresses Specifies whether the proxy server should be used for local (intranet) addresses. 1192 UseForLocalAddresses *bool `json:"useForLocalAddresses,omitempty"` 1193 } 1194 1195 // Windows10PFXImportCertificateProfile Deprecated 1196 type Windows10PFXImportCertificateProfile struct { 1197 // DeviceConfiguration is the base model of Windows10PFXImportCertificateProfile 1198 DeviceConfiguration 1199 // KeyStorageProvider undocumented 1200 KeyStorageProvider *KeyStorageProviderOption `json:"keyStorageProvider,omitempty"` 1201 } 1202 1203 // Windows10PkcsCertificateProfile Windows 10 Desktop and Mobile PKCS certificate profile 1204 type Windows10PkcsCertificateProfile struct { 1205 // Windows10CertificateProfileBase is the base model of Windows10PkcsCertificateProfile 1206 Windows10CertificateProfileBase 1207 // CertificationAuthority PKCS Certification Authority 1208 CertificationAuthority *string `json:"certificationAuthority,omitempty"` 1209 // CertificationAuthorityName PKCS Certification Authority Name 1210 CertificationAuthorityName *string `json:"certificationAuthorityName,omitempty"` 1211 // CertificateTemplateName PKCS Certificate Template Name 1212 CertificateTemplateName *string `json:"certificateTemplateName,omitempty"` 1213 // SubjectAlternativeNameFormatString Custom String that defines the AAD Attribute. 1214 SubjectAlternativeNameFormatString *string `json:"subjectAlternativeNameFormatString,omitempty"` 1215 // ExtendedKeyUsages Extended Key Usage (EKU) settings. This collection can contain a maximum of 500 elements. 1216 ExtendedKeyUsages []ExtendedKeyUsage `json:"extendedKeyUsages,omitempty"` 1217 // ManagedDeviceCertificateStates undocumented 1218 ManagedDeviceCertificateStates []ManagedDeviceCertificateState `json:"managedDeviceCertificateStates,omitempty"` 1219 } 1220 1221 // Windows10SecureAssessmentConfiguration This topic provides descriptions of the declared methods, properties and relationships exposed by the secureAssessment resource. 1222 type Windows10SecureAssessmentConfiguration struct { 1223 // DeviceConfiguration is the base model of Windows10SecureAssessmentConfiguration 1224 DeviceConfiguration 1225 // LaunchURI Url link to an assessment that's automatically loaded when the secure assessment browser is launched. It has to be a valid Url (http[s]://msdn.microsoft.com/). 1226 LaunchURI *string `json:"launchUri,omitempty"` 1227 // ConfigurationAccount The account used to configure the Windows device for taking the test. The user can be a domain account (domain\user), an AAD account (username@tenant.com) or a local account (username). 1228 ConfigurationAccount *string `json:"configurationAccount,omitempty"` 1229 // ConfigurationAccountType The account type used to by ConfigurationAccount. 1230 ConfigurationAccountType *SecureAssessmentAccountType `json:"configurationAccountType,omitempty"` 1231 // AllowPrinting Indicates whether or not to allow the app from printing during the test. 1232 AllowPrinting *bool `json:"allowPrinting,omitempty"` 1233 // AllowScreenCapture Indicates whether or not to allow screen capture capability during a test. 1234 AllowScreenCapture *bool `json:"allowScreenCapture,omitempty"` 1235 // AllowTextSuggestion Indicates whether or not to allow text suggestions during the test. 1236 AllowTextSuggestion *bool `json:"allowTextSuggestion,omitempty"` 1237 // LocalGuestAccountName Specifies the display text for the local guest account shown on the sign-in screen. Typically is the name of an assessment. When the user clicks the local guest account on the sign-in screen, an assessment app is launched with a specified assessment URL. Secure assessments can only be configured with local guest account sign-in on devices running Windows 10, version 1903 or later. Important notice: this property must be set with assessmentAppUserModelID in order to make the local guest account sign-in experience work properly for secure assessments. 1238 LocalGuestAccountName *string `json:"localGuestAccountName,omitempty"` 1239 // AssessmentAppUserModelID Specifies the application user model ID of the assessment app launched when a user signs in to a secure assessment with a local guest account. Important notice: this property must be set with localGuestAccountName in order to make the local guest account sign-in experience work properly for secure assessments. 1240 AssessmentAppUserModelID *string `json:"assessmentAppUserModelId,omitempty"` 1241 } 1242 1243 // Windows10TeamGeneralConfiguration This topic provides descriptions of the declared methods, properties and relationships exposed by the windows10TeamGeneralConfiguration resource. 1244 type Windows10TeamGeneralConfiguration struct { 1245 // DeviceConfiguration is the base model of Windows10TeamGeneralConfiguration 1246 DeviceConfiguration 1247 // AzureOperationalInsightsBlockTelemetry Indicates whether or not to Block Azure Operational Insights. 1248 AzureOperationalInsightsBlockTelemetry *bool `json:"azureOperationalInsightsBlockTelemetry,omitempty"` 1249 // AzureOperationalInsightsWorkspaceID The Azure Operational Insights workspace id. 1250 AzureOperationalInsightsWorkspaceID *string `json:"azureOperationalInsightsWorkspaceId,omitempty"` 1251 // AzureOperationalInsightsWorkspaceKey The Azure Operational Insights Workspace key. 1252 AzureOperationalInsightsWorkspaceKey *string `json:"azureOperationalInsightsWorkspaceKey,omitempty"` 1253 // ConnectAppBlockAutoLaunch Specifies whether to automatically launch the Connect app whenever a projection is initiated. 1254 ConnectAppBlockAutoLaunch *bool `json:"connectAppBlockAutoLaunch,omitempty"` 1255 // MaintenanceWindowBlocked Indicates whether or not to Block setting a maintenance window for device updates. 1256 MaintenanceWindowBlocked *bool `json:"maintenanceWindowBlocked,omitempty"` 1257 // MaintenanceWindowDurationInHours Maintenance window duration for device updates. Valid values 0 to 5 1258 MaintenanceWindowDurationInHours *int `json:"maintenanceWindowDurationInHours,omitempty"` 1259 // MaintenanceWindowStartTime Maintenance window start time for device updates. 1260 MaintenanceWindowStartTime *TimeOfDay `json:"maintenanceWindowStartTime,omitempty"` 1261 // MiracastChannel The channel. 1262 MiracastChannel *MiracastChannel `json:"miracastChannel,omitempty"` 1263 // MiracastBlocked Indicates whether or not to Block wireless projection. 1264 MiracastBlocked *bool `json:"miracastBlocked,omitempty"` 1265 // MiracastRequirePin Indicates whether or not to require a pin for wireless projection. 1266 MiracastRequirePin *bool `json:"miracastRequirePin,omitempty"` 1267 // SettingsBlockMyMeetingsAndFiles Specifies whether to disable the "My meetings and files" feature in the Start menu, which shows the signed-in user's meetings and files from Office 365. 1268 SettingsBlockMyMeetingsAndFiles *bool `json:"settingsBlockMyMeetingsAndFiles,omitempty"` 1269 // SettingsBlockSessionResume Specifies whether to allow the ability to resume a session when the session times out. 1270 SettingsBlockSessionResume *bool `json:"settingsBlockSessionResume,omitempty"` 1271 // SettingsBlockSigninSuggestions Specifies whether to disable auto-populating of the sign-in dialog with invitees from scheduled meetings. 1272 SettingsBlockSigninSuggestions *bool `json:"settingsBlockSigninSuggestions,omitempty"` 1273 // SettingsDefaultVolume Specifies the default volume value for a new session. Permitted values are 0-100. The default is 45. Valid values 0 to 100 1274 SettingsDefaultVolume *int `json:"settingsDefaultVolume,omitempty"` 1275 // SettingsScreenTimeoutInMinutes Specifies the number of minutes until the Hub screen turns off. 1276 SettingsScreenTimeoutInMinutes *int `json:"settingsScreenTimeoutInMinutes,omitempty"` 1277 // SettingsSessionTimeoutInMinutes Specifies the number of minutes until the session times out. 1278 SettingsSessionTimeoutInMinutes *int `json:"settingsSessionTimeoutInMinutes,omitempty"` 1279 // SettingsSleepTimeoutInMinutes Specifies the number of minutes until the Hub enters sleep mode. 1280 SettingsSleepTimeoutInMinutes *int `json:"settingsSleepTimeoutInMinutes,omitempty"` 1281 // WelcomeScreenBlockAutomaticWakeUp Indicates whether or not to Block the welcome screen from waking up automatically when someone enters the room. 1282 WelcomeScreenBlockAutomaticWakeUp *bool `json:"welcomeScreenBlockAutomaticWakeUp,omitempty"` 1283 // WelcomeScreenBackgroundImageURL The welcome screen background image URL. The URL must use the HTTPS protocol and return a PNG image. 1284 WelcomeScreenBackgroundImageURL *string `json:"welcomeScreenBackgroundImageUrl,omitempty"` 1285 // WelcomeScreenMeetingInformation The welcome screen meeting information shown. 1286 WelcomeScreenMeetingInformation *WelcomeScreenMeetingInformation `json:"welcomeScreenMeetingInformation,omitempty"` 1287 } 1288 1289 // Windows10VpnConfiguration By providing the configurations in this profile you can instruct the Windows 10 device (desktop or mobile) to connect to desired VPN endpoint. By specifying the authentication method and security types expected by VPN endpoint you can make the VPN connection seamless for end user. 1290 type Windows10VpnConfiguration struct { 1291 // WindowsVPNConfiguration is the base model of Windows10VpnConfiguration 1292 WindowsVPNConfiguration 1293 // ProfileTarget Profile target type. 1294 ProfileTarget *Windows10VpnProfileTarget `json:"profileTarget,omitempty"` 1295 // ConnectionType Connection type. 1296 ConnectionType *Windows10VpnConnectionType `json:"connectionType,omitempty"` 1297 // EnableSplitTunneling Enable split tunneling. 1298 EnableSplitTunneling *bool `json:"enableSplitTunneling,omitempty"` 1299 // EnableAlwaysOn Enable Always On mode. 1300 EnableAlwaysOn *bool `json:"enableAlwaysOn,omitempty"` 1301 // EnableDeviceTunnel Enable device tunnel. 1302 EnableDeviceTunnel *bool `json:"enableDeviceTunnel,omitempty"` 1303 // EnableDNSRegistration Enable IP address registration with internal DNS. 1304 EnableDNSRegistration *bool `json:"enableDnsRegistration,omitempty"` 1305 // DNSSuffixes Specify DNS suffixes to add to the DNS search list to properly route short names. 1306 DNSSuffixes []string `json:"dnsSuffixes,omitempty"` 1307 // AuthenticationMethod Authentication method. 1308 AuthenticationMethod *Windows10VpnAuthenticationMethod `json:"authenticationMethod,omitempty"` 1309 // RememberUserCredentials Remember user credentials. 1310 RememberUserCredentials *bool `json:"rememberUserCredentials,omitempty"` 1311 // EnableConditionalAccess Enable conditional access. 1312 EnableConditionalAccess *bool `json:"enableConditionalAccess,omitempty"` 1313 // EnableSingleSignOnWithAlternateCertificate Enable single sign-on (SSO) with alternate certificate. 1314 EnableSingleSignOnWithAlternateCertificate *bool `json:"enableSingleSignOnWithAlternateCertificate,omitempty"` 1315 // SingleSignOnEku Single sign-on Extended Key Usage (EKU). 1316 SingleSignOnEku *ExtendedKeyUsage `json:"singleSignOnEku,omitempty"` 1317 // SingleSignOnIssuerHash Single sign-on issuer hash. 1318 SingleSignOnIssuerHash *string `json:"singleSignOnIssuerHash,omitempty"` 1319 // EapXML Extensible Authentication Protocol (EAP) XML. (UTF8 encoded byte array) 1320 EapXML *Binary `json:"eapXml,omitempty"` 1321 // ProxyServer Proxy Server. 1322 ProxyServer *Windows10VpnProxyServer `json:"proxyServer,omitempty"` 1323 // AssociatedApps Associated Apps. This collection can contain a maximum of 10000 elements. 1324 AssociatedApps []Windows10AssociatedApps `json:"associatedApps,omitempty"` 1325 // OnlyAssociatedAppsCanUseConnection Only associated Apps can use connection (per-app VPN). 1326 OnlyAssociatedAppsCanUseConnection *bool `json:"onlyAssociatedAppsCanUseConnection,omitempty"` 1327 // WindowsInformationProtectionDomain Windows Information Protection (WIP) domain to associate with this connection. 1328 WindowsInformationProtectionDomain *string `json:"windowsInformationProtectionDomain,omitempty"` 1329 // TrafficRules Traffic rules. This collection can contain a maximum of 1000 elements. 1330 TrafficRules []VPNTrafficRule `json:"trafficRules,omitempty"` 1331 // Routes Routes (optional for third-party providers). This collection can contain a maximum of 1000 elements. 1332 Routes []VPNRoute `json:"routes,omitempty"` 1333 // DNSRules DNS rules. This collection can contain a maximum of 1000 elements. 1334 DNSRules []VPNDNSRule `json:"dnsRules,omitempty"` 1335 // TrustedNetworkDomains Trusted Network Domains 1336 TrustedNetworkDomains []string `json:"trustedNetworkDomains,omitempty"` 1337 // IdentityCertificate undocumented 1338 IdentityCertificate *WindowsCertificateProfileBase `json:"identityCertificate,omitempty"` 1339 } 1340 1341 // Windows10VpnProxyServer undocumented 1342 type Windows10VpnProxyServer struct { 1343 // VPNProxyServer is the base model of Windows10VpnProxyServer 1344 VPNProxyServer 1345 // BypassProxyServerForLocalAddress Bypass proxy server for local address. 1346 BypassProxyServerForLocalAddress *bool `json:"bypassProxyServerForLocalAddress,omitempty"` 1347 }