From be93efbbbe8d05ec6bc5fdb43cd1b2e939f24711 Mon Sep 17 00:00:00 2001 From: mario Date: Tue, 2 Jan 2024 15:18:52 +0100 Subject: [PATCH 1/6] remove deprecated DLP parameters --- CHANGELOG.md | 6 +++ .../MSFT_EXOTransportRule.psm1 | 51 +++++++++++-------- .../MSFT_EXOTransportRule.schema.mof | 10 ++-- 3 files changed, 42 insertions(+), 25 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6941317806..a3bc2eafb3 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ # Change log for Microsoft365DSC +# UNRELEASED + +* EXOTransportRule + * Stop supporting DLP-related rules, conditions, and actions (https://techcommunity.microsoft.com/t5/exchange-team-blog/exchange-online-mail-flow-rules-to-stop-supporting-dlp-related/ba-p/3959870) + FIXES [#3929](https://github.com/microsoft/Microsoft365DSC/issues/3929) + # 1.23.1227.1 * EXOAntiPhishPolicy diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 index 1b06918414..f63d1ef672 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 @@ -294,7 +294,7 @@ function Get-TargetResource [Parameter()] [System.Boolean] - $ExceptIfHasSenderOverride, + $ExceptIfHasSenderOverride, #DEPRECATED [Parameter()] [System.String] @@ -327,7 +327,7 @@ function Get-TargetResource [Parameter()] [System.String[]] - $ExceptIfMessageContainsDataClassifications = @(), + $ExceptIfMessageContainsDataClassifications = @(), #DEPRECATED [Parameter()] [System.String] @@ -463,7 +463,7 @@ function Get-TargetResource [Parameter()] [System.Boolean] - $HasSenderOverride, + $HasSenderOverride, #DEPRECATED [Parameter()] [System.String] @@ -496,7 +496,7 @@ function Get-TargetResource [Parameter()] [System.String[]] - $MessageContainsDataClassifications, + $MessageContainsDataClassifications, #DEPRECATED [Parameter()] [System.String] @@ -523,7 +523,7 @@ function Get-TargetResource [Parameter()] [ValidateSet('NotifyOnly', 'RejectMessage', 'RejectUnlessFalsePositiveOverride', 'RejectUnlessSilentOverride', 'RejectUnlessExplicitOverride')] [System.String] - $NotifySender, + $NotifySender, #DEPRECATED [Parameter()] [System.String] @@ -861,7 +861,6 @@ function Get-TargetResource ExceptIfFromScope = $TransportRule.ExceptIfFromScope ExceptIfHasClassification = $TransportRule.ExceptIfHasClassification ExceptIfHasNoClassification = $TransportRule.ExceptIfHasNoClassification - ExceptIfHasSenderOverride = $TransportRule.ExceptIfHasSenderOverride ExceptIfHeaderContainsMessageHeader = $TransportRule.ExceptIfHeaderContainsMessageHeader ExceptIfHeaderContainsWords = $TransportRule.ExceptIfHeaderContainsWords ExceptIfHeaderMatchesMessageHeader = $TransportRule.ExceptIfHeaderMatchesMessageHeader @@ -869,7 +868,6 @@ function Get-TargetResource ExceptIfManagerAddresses = $TransportRule.ExceptIfManagerAddresses ExceptIfManagerForEvaluatedUser = $TransportRule.ExceptIfManagerForEvaluatedUser ExceptIfMessageTypeMatches = $TransportRule.ExceptIfMessageTypeMatches - ExceptIfMessageContainsDataClassifications = $TransportRule.ExceptIfMessageContainsDataClassifications ExceptIfMessageSizeOver = $TransportRule.ExceptIfMessageSizeOver ExceptIfRecipientADAttributeContainsWords = $TransportRule.ExceptIfRecipientADAttributeContainsWords ExceptIfRecipientADAttributeMatchesPatterns = $TransportRule.ExceptIfRecipientADAttributeMatchesPatterns @@ -902,7 +900,6 @@ function Get-TargetResource GenerateNotification = $TransportRule.GenerateNotification HasClassification = $TransportRule.HasClassification HasNoClassification = $TransportRule.HasNoClassification - HasSenderOverride = $TransportRule.HasSenderOverride HeaderContainsMessageHeader = $TransportRule.HeaderContainsMessageHeader HeaderContainsWords = $TransportRule.HeaderContainsWords HeaderMatchesMessageHeader = $TransportRule.HeaderMatchesMessageHeader @@ -910,13 +907,11 @@ function Get-TargetResource IncidentReportContent = $TransportRule.IncidentReportContent ManagerAddresses = $TransportRule.ManagerAddresses ManagerForEvaluatedUser = $TransportRule.ManagerForEvaluatedUser - MessageContainsDataClassifications = $MessageContainsDataClassificationsValue MessageSizeOver = $TransportRule.MessageSizeOver MessageTypeMatches = $TransportRule.MessageTypeMatches Mode = $TransportRule.Mode ModerateMessageByManager = $TransportRule.ModerateMessageByManager ModerateMessageByUser = $TransportRule.ModerateMessageByUser - NotifySender = $TransportRule.NotifySender PrependSubject = $TransportRule.PrependSubject Priority = $TransportRule.Priority Quarantine = $TransportRule.Quarantine @@ -1279,7 +1274,7 @@ function Set-TargetResource [Parameter()] [System.Boolean] - $ExceptIfHasSenderOverride, + $ExceptIfHasSenderOverride, #DEPRECATED [Parameter()] [System.String] @@ -1312,7 +1307,7 @@ function Set-TargetResource [Parameter()] [System.String[]] - $ExceptIfMessageContainsDataClassifications = @(), + $ExceptIfMessageContainsDataClassifications = @(), #DEPRECATED [Parameter()] [System.String] @@ -1448,7 +1443,7 @@ function Set-TargetResource [Parameter()] [System.Boolean] - $HasSenderOverride, + $HasSenderOverride, #DEPRECATED [Parameter()] [System.String] @@ -1481,7 +1476,7 @@ function Set-TargetResource [Parameter()] [System.String[]] - $MessageContainsDataClassifications, + $MessageContainsDataClassifications, #DEPRECATED [Parameter()] [System.String] @@ -1508,7 +1503,7 @@ function Set-TargetResource [Parameter()] [ValidateSet('NotifyOnly', 'RejectMessage', 'RejectUnlessFalsePositiveOverride', 'RejectUnlessSilentOverride', 'RejectUnlessExplicitOverride')] [System.String] - $NotifySender, + $NotifySender, #DEPRECATED [Parameter()] [System.String] @@ -1749,6 +1744,22 @@ function Set-TargetResource $NewTransportRuleParams.Remove('CertificatePassword') | Out-Null $NewTransportRuleParams.Remove('ManagedIdentity') | Out-Null + # check for deprecated DLP parameters and remove them + if ($NewTransportRuleParams.ContainsKey('MessageContainsDataClassifications') + -or $NewTransportRuleParams.ContainsKey('ExceptIfMessageContainsDataClassifications') + -or $NewTransportRuleParams.ContainsKey('HasSenderOverride') + -or $NewTransportRuleParams.ContainsKey('ExceptIfHasSenderOverride') + -or $NewTransportRuleParams.ContainsKey('NotifySender')) + { + $NewTransportRuleParams.Remove('MessageContainsDataClassifications') | Out-Null + $NewTransportRuleParams.Remove('ExceptIfMessageContainsDataClassifications') | Out-Null + $NewTransportRuleParams.Remove('HasSenderOverride') | Out-Null + $NewTransportRuleParams.Remove('ExceptIfHasSenderOverride') | Out-Null + $NewTransportRuleParams.Remove('NotifySender') | Out-Null + + Write-Verbose -Message "DEPRECATED - The DLP parameters (MessageContainsDataClassifications, ExceptIfMessageContainsDataClassifications, ExceptIfHasSenderOverride, HasSenderOverride and NotifySender) are deprecated and will be ignored." + } + $SetTransportRuleParams = $NewTransportRuleParams.Clone() $SetTransportRuleParams.Add('Identity', $Name) $SetTransportRuleParams.Remove('Enabled') | Out-Null @@ -2072,7 +2083,7 @@ function Test-TargetResource [Parameter()] [System.Boolean] - $ExceptIfHasSenderOverride, + $ExceptIfHasSenderOverride, #DEPRECATED [Parameter()] [System.String] @@ -2105,7 +2116,7 @@ function Test-TargetResource [Parameter()] [System.String[]] - $ExceptIfMessageContainsDataClassifications = @(), + $ExceptIfMessageContainsDataClassifications = @(), #DEPRECATED [Parameter()] [System.String] @@ -2241,7 +2252,7 @@ function Test-TargetResource [Parameter()] [System.Boolean] - $HasSenderOverride, + $HasSenderOverride, #DEPRECATED [Parameter()] [System.String] @@ -2274,7 +2285,7 @@ function Test-TargetResource [Parameter()] [System.String[]] - $MessageContainsDataClassifications, + $MessageContainsDataClassifications, #DEPRECATED [Parameter()] [System.String] @@ -2301,7 +2312,7 @@ function Test-TargetResource [Parameter()] [ValidateSet('NotifyOnly', 'RejectMessage', 'RejectUnlessFalsePositiveOverride', 'RejectUnlessSilentOverride', 'RejectUnlessExplicitOverride')] [System.String] - $NotifySender, + $NotifySender, #DEPRECATED [Parameter()] [System.String] diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.schema.mof index 719d45221a..d97a4e60e3 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.schema.mof @@ -71,7 +71,7 @@ class MSFT_EXOTransportRule : OMI_BaseResource [Write, Description("The ExceptIfFromScope parameter specifies an exception that looks for the location of message senders."), ValueMap{"InOrganization","NotInOrganization"}, Values{"InOrganization","NotInOrganization"}] String ExceptIfFromScope; [Write, Description("The ExceptIfHasClassification parameter specifies an exception that looks for messages with the specified message classification.")] String ExceptIfHasClassification; [Write, Description("The ExceptIfHasNoClassification parameter specifies an exception that looks for messages with or without any message classifications.")] Boolean ExceptIfHasNoClassification; - [Write, Description("The ExceptIfHasSenderOverride parameter specifies an exception that looks for messages where the sender chose to override a DLP policy.")] Boolean ExceptIfHasSenderOverride; + [Write, Description("DEPRECATED")] Boolean ExceptIfHasSenderOverride; [Write, Description("The ExceptIfHeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the ExceptIfHeaderContainsWords parameter.")] String ExceptIfHeaderContainsMessageHeader; [Write, Description("The ExceptIfHeaderContainsWords parameter specifies an exception that looks for words in a header field.")] String ExceptIfHeaderContainsWords[]; [Write, Description("The ExceptIfHeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the ExceptIfHeaderMatchesPatterns parameter.")] String ExceptIfHeaderMatchesMessageHeader; @@ -79,7 +79,7 @@ class MSFT_EXOTransportRule : OMI_BaseResource [Write, Description("The ExceptIfManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter.")] String ExceptIfManagerAddresses[]; [Write, Description("The ExceptIfManagerForEvaluatedUser parameter specifies an exception that looks for users in the Manager attribute of senders or recipients.")] String ExceptIfManagerForEvaluatedUser; [Write, Description("The ExceptIfMessageTypeMatches parameter specifies an exception that looks for messages of the specified type."), ValueMap{"OOF","AutoForward","Encrypted","Calendaring","PermissionControlled","Voicemail","Signed","ApprovalRequest","ReadReceipt"}, Values{"OOF","AutoForward","Encrypted","Calendaring","PermissionControlled","Voicemail","Signed","ApprovalRequest","ReadReceipt"}] String ExceptIfMessageTypeMatches; - [Write, Description("The ExceptIfMessageContainsDataClassifications parameter specifies an exception that looks for sensitive information types in the body of messages, and in any attachments.")] String ExceptIfMessageContainsDataClassifications[]; + [Write, Description("DEPRECATED")] String ExceptIfMessageContainsDataClassifications[]; [Write, Description("The ExceptIfMessageSizeOver parameter specifies an exception that looks for messages larger than the specified size. ")] String ExceptIfMessageSizeOver; [Write, Description("The ExceptIfRecipientADAttributeContainsWords parameter specifies an exception that looks for words in the Active Directory attributes of recipients.")] String ExceptIfRecipientADAttributeContainsWords[]; [Write, Description("The ExceptIfRecipientADAttributeMatchesPatterns parameter specifies an exception that looks for text patterns in the Active Directory attributes of recipients by using regular expressions.")] String ExceptIfRecipientADAttributeMatchesPatterns[]; @@ -112,7 +112,7 @@ class MSFT_EXOTransportRule : OMI_BaseResource [Write, Description("The GenerateNotification parameter specifies an action that sends a notification message to recipients.")] String GenerateNotification; [Write, Description("The HasClassification parameter specifies a condition that looks for messages with the specified message classification.")] String HasClassification; [Write, Description("The HasNoClassification parameter specifies a condition that looks for messages with or without any message classifications.")] Boolean HasNoClassification; - [Write, Description("The HasSenderOverride parameter specifies a condition that looks for messages where the sender chose to override a DLP policy.")] Boolean HasSenderOverride; + [Write, Description("DEPRECATED")] Boolean HasSenderOverride; [Write, Description("The HeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the HeaderContainsWords parameter.")] String HeaderContainsMessageHeader; [Write, Description("The HeaderContainsWords parameter specifies a condition that looks for words in a header field.")] String HeaderContainsWords[]; [Write, Description("The HeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the HeaderMatchesPatterns parameter.")] String HeaderMatchesMessageHeader; @@ -120,13 +120,13 @@ class MSFT_EXOTransportRule : OMI_BaseResource [Write, Description("The IncidentReportContent parameter specifies the message properties that are included in the incident report that's generated when a message violates a DLP policy. ")] String IncidentReportContent[]; [Write, Description("The ManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter.")] String ManagerAddresses[]; [Write, Description("The ManagerForEvaluatedUser parameter specifies a condition that looks for users in the Manager attribute of senders or recipients."), ValueMap{"Recipient","Sender"}, Values{"Recipient","Sender"}] String ManagerForEvaluatedUser; - [Write, Description("The MessageContainsDataClassifications parameter specifies a condition that looks for sensitive information types in the body of messages, and in any attachments.")] String MessageContainsDataClassifications[]; + [Write, Description("DEPRECATED")] String MessageContainsDataClassifications[]; [Write, Description("The MessageSizeOver parameter specifies a condition that looks for messages larger than the specified size. The size includes the message and all attachments.")] String MessageSizeOver; [Write, Description("The MessageTypeMatches parameter specifies a condition that looks for messages of the specified type."), ValueMap{"OOF","AutoForward","Encrypted","Calendaring","PermissionControlled","Voicemail","Signed","ApprovalRequest","ReadReceipt"}, Values{"OOF","AutoForward","Encrypted","Calendaring","PermissionControlled","Voicemail","Signed","ApprovalRequest","ReadReceipt"}] String MessageTypeMatches; [Write, Description("The Mode parameter specifies how the rule operates."), ValueMap{"Audit","AuditAndNotify","Enforce"}, Values{"Audit","AuditAndNotify","Enforce"}] String Mode; [Write, Description("The ModerateMessageByManager parameter specifies an action that forwards messages for approval to the user that's specified in the sender's Manager attribute.")] Boolean ModerateMessageByManager; [Write, Description("The ModerateMessageByUser parameter specifies an action that forwards messages for approval to the specified users.")] String ModerateMessageByUser[]; - [Write, Description("The NotifySender parameter specifies an action that notifies the sender when messages violate DLP policies."), ValueMap{"NotifyOnly","RejectMessage","RejectUnlessFalsePositiveOverride","RejectUnlessSilentOverride","RejectUnlessExplicitOverride"}, Values{"NotifyOnly","RejectMessage","RejectUnlessFalsePositiveOverride","RejectUnlessSilentOverride","RejectUnlessExplicitOverride"}] String NotifySender; + [Write, Description("DEPRECATED"), ValueMap{"NotifyOnly","RejectMessage","RejectUnlessFalsePositiveOverride","RejectUnlessSilentOverride","RejectUnlessExplicitOverride"}, Values{"NotifyOnly","RejectMessage","RejectUnlessFalsePositiveOverride","RejectUnlessSilentOverride","RejectUnlessExplicitOverride"}] String NotifySender; [Write, Description("The PrependSubject parameter specifies an action that adds text to add to the beginning of the Subject field of messages.")] String PrependSubject; [Write, Description("The Priority parameter specifies a priority value for the rule that determines the order of rule processing.")] String Priority; [Write, Description("The Quarantine parameter specifies an action that quarantines messages.")] Boolean Quarantine; From bd627122bfc5313dd59570645fe9c106f1d3c76b Mon Sep 17 00:00:00 2001 From: mario Date: Tue, 2 Jan 2024 15:36:08 +0100 Subject: [PATCH 2/6] . --- .../MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 index f63d1ef672..726c860b29 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOTransportRule/MSFT_EXOTransportRule.psm1 @@ -1745,10 +1745,10 @@ function Set-TargetResource $NewTransportRuleParams.Remove('ManagedIdentity') | Out-Null # check for deprecated DLP parameters and remove them - if ($NewTransportRuleParams.ContainsKey('MessageContainsDataClassifications') - -or $NewTransportRuleParams.ContainsKey('ExceptIfMessageContainsDataClassifications') - -or $NewTransportRuleParams.ContainsKey('HasSenderOverride') - -or $NewTransportRuleParams.ContainsKey('ExceptIfHasSenderOverride') + if ($NewTransportRuleParams.ContainsKey('MessageContainsDataClassifications') ` + -or $NewTransportRuleParams.ContainsKey('ExceptIfMessageContainsDataClassifications') ` + -or $NewTransportRuleParams.ContainsKey('HasSenderOverride') ` + -or $NewTransportRuleParams.ContainsKey('ExceptIfHasSenderOverride') ` -or $NewTransportRuleParams.ContainsKey('NotifySender')) { $NewTransportRuleParams.Remove('MessageContainsDataClassifications') | Out-Null From 37b0b2a44fe36032673885d5385ef03fcb3df6ed Mon Sep 17 00:00:00 2001 From: Yorick Kuijs Date: Tue, 2 Jan 2024 16:08:48 +0100 Subject: [PATCH 3/6] Updated various parameter descriptions to improve documentation --- CHANGELOG.md | 19 +++ .../MSFT_EXOInboundConnector.schema.mof | 4 +- .../MSFT_EXOMailTips.schema.mof | 4 +- .../MSFT_EXOOutboundConnector.schema.mof | 16 +-- ..._IntuneDeviceConfigurationPolicyMacOS.psm1 | 6 + ...eDeviceConfigurationPolicyMacOS.schema.mof | 122 +++++++++--------- .../MSFT_O365AdminAuditLogConfig.schema.mof | 2 +- .../MSFT_O365Group/MSFT_O365Group.schema.mof | 2 +- ...SFT_O365OrgCustomizationSetting.schema.mof | 2 +- .../MSFT_SPOTenantSettings.schema.mof | 10 +- .../MSFT_TeamsFeedbackPolicy.psm1 | 3 + .../MSFT_TeamsFeedbackPolicy.schema.mof | 14 +- .../MSFT_TeamsMobilityPolicy.schema.mof | 2 +- .../MSFT_TeamsNetworkRoamingPolicy.schema.mof | 2 +- 14 files changed, 118 insertions(+), 90 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 6941317806..ae72dacf41 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,24 @@ # Change log for Microsoft365DSC +# Unreleased + +* EXOInboundConnector + * Corrected parameter descriptions, so the documentation on microsoft365dsc.com is generated correctly. +* EXOMailTips + * Added parameter descriptions for better documentation +* EXOOutboundConnector + * Corrected parameter descriptions, so the documentation on microsoft365dsc.com is generated correctly. +* IntuneDeviceConfigurationPolicyMacOS + * Added parameter descriptions for better documentation +* SPOTenantSettings + * Added parameter descriptions for better documentation +* TeamsFeedbackPolicy + * Added parameter descriptions for better documentation +* TeamsMobilityPolicy + * Added parameter descriptions for better documentation +* TeamsNetworkRoamingPolicy + * Added parameter descriptions for better documentation + # 1.23.1227.1 * EXOAntiPhishPolicy diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOInboundConnector/MSFT_EXOInboundConnector.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOInboundConnector/MSFT_EXOInboundConnector.schema.mof index cc46b7a7a3..0f6c1123b0 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOInboundConnector/MSFT_EXOInboundConnector.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOInboundConnector/MSFT_EXOInboundConnector.schema.mof @@ -4,9 +4,9 @@ class MSFT_EXOInboundConnector : OMI_BaseResource { [Key, Description("The Identity parameter specifies the outbound connector that you want to modify.")] String Identity; [Write, Description("The AssociatedAcceptedDomains parameter specifies the accepted domains that the connector applies to, thereby limiting its scope. For example, you can apply the connector to a specific accepted domain in your organization, such as contoso.com.")] String AssociatedAcceptedDomains[]; - [Write, Description("The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY! Valid values are: $true | $false")] Boolean CloudServicesMailEnabled; + [Write, Description("The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY!")] Boolean CloudServicesMailEnabled; [Write, Description("The Comment parameter specifies an optional comment.")] String Comment; - [Write, Description("The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS! values are Default (the default) | Migrated | HybridWizard"), ValueMap{"Default","Migrated","HybridWizard"}, Values{"Default","Migrated","HybridWizard"}] String ConnectorSource; + [Write, Description("The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS!"), ValueMap{"Default","Migrated","HybridWizard"}, Values{"Default","Migrated","HybridWizard"}] String ConnectorSource; [Write, Description("The ConnectorType parameter specifies a category for the domains that are serviced by the connector. Valid values are Partner and OnPremises"),ValueMap{"Partner","OnPremises"},Values{"Partner","OnPremises"}] String ConnectorType; [Write, Description("The EFSkipIPs parameter specifies the source IP addresses to skip in Enhanced Filtering for Connectors when the EFSkipLastIP parameter value is $false.")] String EFSkipIPs[]; [Write, Description("The EFSkipLastIP parameter specifies the behavior of Enhanced Filtering for Connectors.")] Boolean EFSkipLastIP; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.schema.mof index ad76daaf7d..070d9c825d 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOMailTips/MSFT_EXOMailTips.schema.mof @@ -2,13 +2,13 @@ [ClassVersion("1.0.0.0"), FriendlyName("EXOMailTips")] class MSFT_EXOMailTips : OMI_BaseResource { - [Key] String Organization; + [Key, Description("Specify the name of your organization.")] String Organization; [Write, Description("Specifies whether MailTips are enabled.")] Boolean MailTipsAllTipsEnabled; [Write, Description("Specifies whether MailTips that rely on group metrics data are enabled.")] Boolean MailTipsGroupMetricsEnabled; [Write, Description("Specifies what a large audience is.")] UInt32 MailTipsLargeAudienceThreshold; [Write, Description("Specifies whether MailTips that rely on mailbox data (out-of-office or full mailbox) are enabled.")] Boolean MailTipsMailboxSourcedTipsEnabled; [Write, Description("Specifies whether MailTips for external recipients are enabled.")] Boolean MailTipsExternalRecipientsTipsEnabled; - [Write, ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; + [Write, Description("Specifies if this MailTip should exist."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOutboundConnector/MSFT_EXOOutboundConnector.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOutboundConnector/MSFT_EXOOutboundConnector.schema.mof index 6af4a83d19..8f6b555c4b 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOutboundConnector/MSFT_EXOOutboundConnector.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOOutboundConnector/MSFT_EXOOutboundConnector.schema.mof @@ -6,18 +6,18 @@ class MSFT_EXOOutboundConnector : OMI_BaseResource [Write, Description("Specifies whether connector is enabled.")] Boolean Enabled; [Write, Description("Specifies whether connector should use MXRecords for target resolution.")] Boolean UseMXRecord; [Write, Description("The Comment parameter specifies an optional comment.")] String Comment; - [Write, Description("The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS! values are Default (the default) | Migrated | HybridWizard "), ValueMap{"Default","Migrated","HybridWizard"}, Values{"Default","Migrated","HybridWizard"}] String ConnectorSource; - [Write, Description("The ConnectorType parameter specifies a category for the domains that are serviced by the connector. Valid values are Partner and OnPremises"),ValueMap{"Partner","OnPremises"},Values{"Partner","OnPremises"}] String ConnectorType; + [Write, Description("The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS!"), ValueMap{"Default","Migrated","HybridWizard"}, Values{"Default","Migrated","HybridWizard"}] String ConnectorSource; + [Write, Description("The ConnectorType parameter specifies a category for the domains that are serviced by the connector."),ValueMap{"Partner","OnPremises"},Values{"Partner","OnPremises"}] String ConnectorType; [Write, Description("The RecipientDomains parameter specifies the domain that the Outbound connector routes mail to. You can specify multiple domains separated by commas.")] String RecipientDomains[]; [Write, Description("The SmartHosts parameter specifies the smart hosts the Outbound connector uses to route mail. This parameter is required if you set the UseMxRecord parameter to $false and must be specified on the same command line.")] String SmartHosts[]; [Write, Description("The TlsDomain parameter specifies the domain name that the Outbound connector uses to verify the FQDN of the target certificate when establishing a TLS secured connection. This parameter is only used if the TlsSettings parameter is set to DomainValidation. Valid input for the TlsDomain parameter is an SMTP domain. You can use a wildcard character to specify all subdomains of a specified domain, as shown in the following example: *.contoso.com. However, you can't embed a wildcard character, as shown in the following example: domain.*.contoso.com")] String TlsDomain; - [Write, Description("The TlsSettings parameter specifies the TLS authentication level that's used for outbound TLS connections established by this Outbound connector. Valid values are:EncryptionOnly | CertificateValidation | DomainValidation"), ValueMap{"EncryptionOnly","CertificateValidation","DomainValidation"}, Values{"EncryptionOnly","CertificateValidation","DomainValidation"}] String TlsSettings; - [Write, Description("The IsTransportRuleScoped parameter specifies whether the Outbound connector is associated with a transport rule (also known as a mail flow rule). Valid values are: $true | $false")] Boolean IsTransportRuleScoped; - [Write, Description("The RouteAllMessagesViaOnPremises parameter specifies that all messages serviced by this connector are first routed through the on-premises messaging system (Centralized mailrouting). Valid values are: $true | $false")] Boolean RouteAllMessagesViaOnPremises; - [Write, Description("The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY! Valid values are: $true | $false")] Boolean CloudServicesMailEnabled; - [Write, Description("The AllAcceptedDomains parameter specifies whether the Outbound connector is used in hybrid organizations where message recipients are in accepted domains of the cloud-based organization. Valid values are: $true | $false (default)")] Boolean AllAcceptedDomains; + [Write, Description("The TlsSettings parameter specifies the TLS authentication level that's used for outbound TLS connections established by this Outbound connector."), ValueMap{"EncryptionOnly","CertificateValidation","DomainValidation"}, Values{"EncryptionOnly","CertificateValidation","DomainValidation"}] String TlsSettings; + [Write, Description("The IsTransportRuleScoped parameter specifies whether the Outbound connector is associated with a transport rule (also known as a mail flow rule).")] Boolean IsTransportRuleScoped; + [Write, Description("The RouteAllMessagesViaOnPremises parameter specifies that all messages serviced by this connector are first routed through the on-premises messaging system (Centralized mailrouting).")] Boolean RouteAllMessagesViaOnPremises; + [Write, Description("The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY!")] Boolean CloudServicesMailEnabled; + [Write, Description("The AllAcceptedDomains parameter specifies whether the Outbound connector is used in hybrid organizations where message recipients are in accepted domains of the cloud-based organization.")] Boolean AllAcceptedDomains; [Write, Description("The SenderRewritingEnabled parameter specifies that all messages that normally qualify for SRS rewriting are rewritten for routing through the on-premises email system.")] Boolean SenderRewritingEnabled; - [Write, Description("The TestMode parameter specifies whether you want to enabled or disable test mode for the Outbound connector. Valid values are: $true | $false (default)")] Boolean TestMode; + [Write, Description("The TestMode parameter specifies whether you want to enabled or disable test mode for the Outbound connector.")] Boolean TestMode; [Write, Description("The ValidationRecipients parameter specifies the email addresses of the validation recipients for the Outbound connector. You can specify multiple email addresses separated by commas.")] String ValidationRecipients[]; [Write, Description("Specifies if this Outbound connector should exist."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure; [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 index fb518d0651..5936b4ac81 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.psm1 @@ -1,3 +1,9 @@ +# More information on the properties can be found here: +# - https://learn.microsoft.com/en-us/graph/api/intune-deviceconfig-macosgeneraldeviceconfiguration-create?view=graph-rest-beta +# - https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-applistitem?view=graph-rest-beta +# - https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-macosprivacyaccesscontrolitem?view=graph-rest-beta +# - https://learn.microsoft.com/en-us/graph/api/resources/intune-deviceconfig-macosappleeventreceiver?view=graph-rest-beta + function Get-TargetResource { [CmdletBinding()] diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.schema.mof index 496c10318c..02cf9eaed4 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDeviceConfigurationPolicyMacOS/MSFT_IntuneDeviceConfigurationPolicyMacOS.schema.mof @@ -11,59 +11,59 @@ class MSFT_DeviceManagementConfigurationPolicyAssignments [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphapplistitemMacOS { - [Write, Description(""), ValueMap{"#microsoft.graph.appleAppListItem"}, Values{"#microsoft.graph.appleAppListItem"}] String odataType; - [Write, Description("")] String appId; - [Write, Description("")] String appStoreUrl; - [Write, Description("")] String name; - [Write, Description("")] String publisher; + [Write, Description("Specify the odataType"), ValueMap{"#microsoft.graph.appleAppListItem"}, Values{"#microsoft.graph.appleAppListItem"}] String odataType; + [Write, Description("The application or bundle identifier of the application")] String appId; + [Write, Description("The Store URL of the application")] String appStoreUrl; + [Write, Description("The application name")] String name; + [Write, Description("The publisher of the application")] String publisher; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphmacosprivacyaccesscontrolitem { - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String accessibility; - [Write, Description("Blocks iCloud from syncing contacts."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String addressBook; - [Write, Description(""), EmbeddedInstance("MSFT_MicrosoftGraphmacosappleeventreceiver")] String appleEventsAllowedReceivers[]; - [Write, Description("")] Boolean blockCamera; - [Write, Description("")] Boolean blockListenEvent; - [Write, Description("")] Boolean blockMicrophone; - [Write, Description("")] Boolean blockScreenCapture; - [Write, Description("Blocks iCloud from syncing calendars."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String calendar; - [Write, Description("")] String codeRequirement; - [Write, Description("")] String displayName; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String fileProviderPresence; - [Write, Description("")] String identifier; - [Write, Description(""), ValueMap{"bundleID","path"}, Values{"bundleID","path"}] String identifierType; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String mediaLibrary; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String photos; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String postEvent; - [Write, Description("Blocks iCloud from syncing reminders."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String reminders; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String speechRecognition; - [Write, Description("")] Boolean staticCodeValidation; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyAllFiles; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyDesktopFolder; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyDocumentsFolder; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyDownloadsFolder; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyNetworkVolumes; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyRemovableVolumes; - [Write, Description(""), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicySystemAdminFiles; + [Write, Description("Allow the app or process to control the Mac via the Accessibility subsystem."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String accessibility; + [Write, Description("Allow or block access to contact information managed by Contacts."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String addressBook; + [Write, Description("Allow or deny the app or process to send a restricted Apple event to another app or process. You will need to know the identifier, identifier type, and code requirement of the receiving app or process."), EmbeddedInstance("MSFT_MicrosoftGraphmacosappleeventreceiver")] String appleEventsAllowedReceivers[]; + [Write, Description("Block access to camera app.")] Boolean blockCamera; + [Write, Description("Block the app or process from listening to events from input devices such as mouse, keyboard, and trackpad.Requires macOS 10.15 or later.")] Boolean blockListenEvent; + [Write, Description("Block access to microphone.")] Boolean blockMicrophone; + [Write, Description("Block app from capturing contents of system display. Requires macOS 10.15 or later.")] Boolean blockScreenCapture; + [Write, Description("Allow or block access to event information managed by Calendar."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String calendar; + [Write, Description("Enter the code requirement, which can be obtained with the command 'codesign -display -r -' in the Terminal app. Include everything after '=>'.")] String codeRequirement; + [Write, Description("The display name of the app, process, or executable.")] String displayName; + [Write, Description("Allow the app or process to access files managed by another app's file provider extension. Requires macOS 10.15 or later."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String fileProviderPresence; + [Write, Description("The bundle ID or path of the app, process, or executable.")] String identifier; + [Write, Description("A bundle ID is used to identify an app. A path is used to identify a process or executable."), ValueMap{"bundleID","path"}, Values{"bundleID","path"}] String identifierType; + [Write, Description("Allow or block access to music and the media library."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String mediaLibrary; + [Write, Description("Allow or block access to images managed by Photos."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String photos; + [Write, Description("Control access to CoreGraphics APIs, which are used to send CGEvents to the system event stream."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String postEvent; + [Write, Description("Allow or block access to information managed by Reminders."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String reminders; + [Write, Description("Allow or block access to system speech recognition facility."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String speechRecognition; + [Write, Description("Statically validates the code requirement. Use this setting if the process invalidates its dynamic code signature.")] Boolean staticCodeValidation; + [Write, Description("Control access to all protected files on a device. Files might be in locations such as emails, messages, apps, and administrative settings. Apply this setting with caution."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyAllFiles; + [Write, Description("Allow or block access to Desktop folder."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyDesktopFolder; + [Write, Description("Allow or block access to Documents folder."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyDocumentsFolder; + [Write, Description("Allow or block access to Downloads folder."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyDownloadsFolder; + [Write, Description("Allow or block access to network volumes. Requires macOS 10.15 or later."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyNetworkVolumes; + [Write, Description("Control access to removable volumes on the device, such as an external hard drive. Requires macOS 10.15 or later."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicyRemovableVolumes; + [Write, Description("Allow app or process to access files used in system administration."), ValueMap{"notConfigured","enabled","disabled"}, Values{"notConfigured","enabled","disabled"}] String systemPolicySystemAdminFiles; }; [ClassVersion("1.0.0")] class MSFT_MicrosoftGraphmacosappleeventreceiver { - [Write, Description("")] Boolean allowed; - [Write, Description("")] String codeRequirement; - [Write, Description("")] String identifier; - [Write, Description(""), ValueMap{"bundleID","path"}, Values{"bundleID","path"}] String identifierType; + [Write, Description("Allow or block this app from receiving Apple events.")] Boolean allowed; + [Write, Description("Code requirement for the app or binary that receives the Apple Event.")] String codeRequirement; + [Write, Description("Bundle ID of the app or file path of the process or executable that receives the Apple Event.")] String identifier; + [Write, Description("Use bundle ID for an app or path for a process or executable that receives the Apple Event."), ValueMap{"bundleID","path"}, Values{"bundleID","path"}] String identifierType; }; [ClassVersion("1.0.0.0"), FriendlyName("IntuneDeviceConfigurationPolicyMacOS")] class MSFT_IntuneDeviceConfigurationPolicyMacOS : OMI_BaseResource { - [Write, Description("")] String Id; - [Key, Description("")] String DisplayName; - [Write, Description("")] String Description; - [Write, Description("")] Boolean AddingGameCenterFriendsBlocked; - [Write, Description("")] Boolean AirDropBlocked; + [Write, Description("Id of the Intune policy.")] String Id; + [Key, Description("Display name of the Intune policy.")] String DisplayName; + [Write, Description("Description of the Intune policy.")] String Description; + [Write, Description("Configures users from adding friends to Game Center. Available for devices running macOS versions 10.13 and later.")] Boolean AddingGameCenterFriendsBlocked; + [Write, Description("Configures whether or not to allow AirDrop.")] Boolean AirDropBlocked; [Write, Description("Blocks users from unlocking their Mac with Apple Watch.")] Boolean AppleWatchBlockAutoUnlock; [Write, Description("Blocks users from taking photographs and videos.")] Boolean CameraBlocked; [Write, Description("Blocks AirPlay, screen sharing to other devices, and a Classroom app feature used by teachers to view their students' screens. This setting isn't available if you've blocked screenshots.")] Boolean ClassroomAppBlockRemoteScreenObservation; @@ -72,12 +72,12 @@ class MSFT_IntuneDeviceConfigurationPolicyMacOS : OMI_BaseResource [Write, Description("Students enrolled in an unmanaged Classroom course must get teacher consent to leave the course.")] Boolean ClassroomForceRequestPermissionToLeaveClasses; [Write, Description("Teachers can lock a student's device or app without the student's approval.")] Boolean ClassroomForceUnpromptedAppAndDeviceLock; [Write, Description("Device compliance can be viewed in the Restricted Apps Compliance report."), ValueMap{"none","appsInListCompliant","appsNotInListCompliant"}, Values{"none","appsInListCompliant","appsNotInListCompliant"}] String CompliantAppListType; - [Write, Description(" "), EmbeddedInstance("MSFT_MicrosoftGraphapplistitemMacOS")] String CompliantAppsList[]; - [Write, Description("")] Boolean ContentCachingBlocked; + [Write, Description("List of apps in the compliance (either allow list or block list, controlled by CompliantAppListType)."), EmbeddedInstance("MSFT_MicrosoftGraphapplistitemMacOS")] String CompliantAppsList[]; + [Write, Description("Configures whether or not to allow content caching.")] Boolean ContentCachingBlocked; [Write, Description("Block look up, a feature that looks up the definition of a highlighted word.")] Boolean DefinitionLookupBlocked; [Write, Description("Emails that the user sends or receives which don't match the domains you specify here will be marked as untrusted. ")] String EmailInDomainSuffixes[]; - [Write, Description("")] Boolean EraseContentAndSettingsBlocked; - [Write, Description("")] Boolean GameCenterBlocked; + [Write, Description("Configures the reset option on supervised devices. Available for devices running macOS versions 12.0 and later.")] Boolean EraseContentAndSettingsBlocked; + [Write, Description("Configured if the Game Center icon is removed from the Home screen. Available for devices running macOS versions 10.13 and later.")] Boolean GameCenterBlocked; [Write, Description("Handoff lets users start work on one MacOS device, and continue it on another MacOS or iOS device. Available for macOS 10.15 and later.")] Boolean ICloudBlockActivityContinuation; [Write, Description("Blocks iCloud from syncing contacts.")] Boolean ICloudBlockAddressBook; [Write, Description("Blocks iCloud from syncing bookmarks.")] Boolean ICloudBlockBookmarks; @@ -87,40 +87,40 @@ class MSFT_IntuneDeviceConfigurationPolicyMacOS : OMI_BaseResource [Write, Description("Blocks iCloud from syncing notes.")] Boolean ICloudBlockNotes; [Write, Description("Any photos not fully downloaded from iCloud Photo Library to device will be removed from local storage.")] Boolean ICloudBlockPhotoLibrary; [Write, Description("Blocks iCloud from syncing reminders.")] Boolean ICloudBlockReminders; - [Write, Description("")] Boolean ICloudDesktopAndDocumentsBlocked; - [Write, Description("")] Boolean ICloudPrivateRelayBlocked; + [Write, Description("Configures if the synchronization of cloud desktop and documents is blocked. Available for devices running macOS 10.12.4 and later.")] Boolean ICloudDesktopAndDocumentsBlocked; + [Write, Description("Configures if iCloud private relay is blocked or not. Available for devices running macOS 12 and later.")] Boolean ICloudPrivateRelayBlocked; [Write, Description("Blocks files from being transferred using iTunes.")] Boolean ITunesBlockFileSharing; - [Write, Description("")] Boolean ITunesBlockMusicService; + [Write, Description("Configures whether or not to block files from being transferred using iTunes.")] Boolean ITunesBlockMusicService; [Write, Description("Block dictation, which is a feature that converts the user's voice to text.")] Boolean KeyboardBlockDictation; [Write, Description("Disables syncing credentials stored in the Keychain to iCloud")] Boolean KeychainBlockCloudSync; - [Write, Description("")] Boolean MultiplayerGamingBlocked; - [Write, Description("")] Boolean PasswordBlockAirDropSharing; - [Write, Description("")] Boolean PasswordBlockAutoFill; + [Write, Description("Configures whether multiplayer gaming when using Game Center is blocked. Available for devices running macOS versions 10.13 and later.")] Boolean MultiplayerGamingBlocked; + [Write, Description("Configures whether or not to block sharing passwords with the AirDrop passwords feature.")] Boolean PasswordBlockAirDropSharing; + [Write, Description("Configures whether or not to block the AutoFill Passwords feature.")] Boolean PasswordBlockAutoFill; [Write, Description("Requires user to set a non-biometric passcode or password to unlock the device.")] Boolean PasswordBlockFingerprintUnlock; [Write, Description("Blocks user from changing the set passcode.")] Boolean PasswordBlockModification; - [Write, Description("")] Boolean PasswordBlockProximityRequests; + [Write, Description("Configures whether or not to block requesting passwords from nearby devices.")] Boolean PasswordBlockProximityRequests; [Write, Description("Block simple password sequences, such as 1234 or 1111.")] Boolean PasswordBlockSimple; [Write, Description("Number of days until device password must be changed. (1-65535)")] UInt32 PasswordExpirationDays; - [Write, Description("")] UInt32 PasswordMaximumAttemptCount; + [Write, Description("Configures the number of allowed failed attempts to enter the passcode at the device's lock screen. Valid values 2 to 11")] UInt32 PasswordMaximumAttemptCount; [Write, Description("Minimum number (0-4) of non-alphanumeric characters, such as #, %, !, etc., required in the password. The default value is 0.")] UInt32 PasswordMinimumCharacterSetCount; [Write, Description("Minimum number of digits or characters in password (4-16).")] UInt32 PasswordMinimumLength; [Write, Description("Set to 0 to require a password immediately. There is no maximum number of minutes, and this number overrides the number currently set on the device.")] UInt32 PasswordMinutesOfInactivityBeforeLock; [Write, Description("Set to 0 to use the device's minimum possible value. This number (0-60 minutes) overrides the number currently set on the device.")] UInt32 PasswordMinutesOfInactivityBeforeScreenTimeout; - [Write, Description("")] UInt32 PasswordMinutesUntilFailedLoginReset; + [Write, Description("Configures the number of minutes before the login is reset after the maximum number of unsuccessful login attempts is reached.")] UInt32 PasswordMinutesUntilFailedLoginReset; [Write, Description("Number of new passwords that must be used until an old one can be reused. (1-24)")] UInt32 PasswordPreviousPasswordBlockCount; - [Write, Description(" Specify the type of password required.")] Boolean PasswordRequired; + [Write, Description("Specify the type of password required.")] Boolean PasswordRequired; [Write, Description("Specify the type of password required."), ValueMap{"deviceDefault","alphanumeric","numeric"}, Values{"deviceDefault","alphanumeric","numeric"}] String PasswordRequiredType; [Write, Description("Configure an app's access to specific data, folders, and apps on a device. These settings apply to devices running macOS Mojave 10.14 and later."), EmbeddedInstance("MSFT_MicrosoftGraphmacosprivacyaccesscontrolitem")] String PrivacyAccessControls[]; [Write, Description("Blocks Safari from remembering what users enter in web forms.")] Boolean SafariBlockAutofill; - [Write, Description("")] Boolean ScreenCaptureBlocked; - [Write, Description("")] UInt32 SoftwareUpdateMajorOSDeferredInstallDelayInDays; - [Write, Description("")] UInt32 SoftwareUpdateMinorOSDeferredInstallDelayInDays; - [Write, Description("")] UInt32 SoftwareUpdateNonOSDeferredInstallDelayInDays; + [Write, Description("Configures whether or not to block the user from taking Screenshots.")] Boolean ScreenCaptureBlocked; + [Write, Description("Specify the number of days (1-90) to delay visibility of major OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90")] UInt32 SoftwareUpdateMajorOSDeferredInstallDelayInDays; + [Write, Description("Specify the number of days (1-90) to delay visibility of minor OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90")] UInt32 SoftwareUpdateMinorOSDeferredInstallDelayInDays; + [Write, Description("Specify the number of days (1-90) to delay visibility of non-OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90")] UInt32 SoftwareUpdateNonOSDeferredInstallDelayInDays; [Write, Description("Delay the user's software update for this many days. The maximum is 90 days. (1-90)")] UInt32 SoftwareUpdatesEnforcedDelayInDays; [Write, Description("Blocks Spotlight from returning any results from an Internet search")] Boolean SpotlightBlockInternetResults; - [Write, Description("")] UInt32 TouchIdTimeoutInHours; - [Write, Description(""), ValueMap{"none","delayOSUpdateVisibility","delayAppUpdateVisibility","unknownFutureValue","delayMajorOsUpdateVisibility"}, Values{"none","delayOSUpdateVisibility","delayAppUpdateVisibility","unknownFutureValue","delayMajorOsUpdateVisibility"}] String UpdateDelayPolicy[]; - [Write, Description("")] Boolean WallpaperModificationBlocked; + [Write, Description("Configures the maximum hours after which the user must enter their password to unlock the device instead of using Touch ID. Available for devices running macOS 12 and later. Valid values 0 to 2147483647")] UInt32 TouchIdTimeoutInHours; + [Write, Description("Configures whether to delay OS and/or app updates for macOS."), ValueMap{"none","delayOSUpdateVisibility","delayAppUpdateVisibility","unknownFutureValue","delayMajorOsUpdateVisibility"}, Values{"none","delayOSUpdateVisibility","delayAppUpdateVisibility","unknownFutureValue","delayMajorOsUpdateVisibility"}] String UpdateDelayPolicy[]; + [Write, Description("Configures whether the wallpaper can be changed. Available for devices running macOS versions 10.13 and later.")] Boolean WallpaperModificationBlocked; [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[]; [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the Intune Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof index d7e5535712..6cba94f8a2 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365AdminAuditLogConfig/MSFT_O365AdminAuditLogConfig.schema.mof @@ -4,7 +4,7 @@ class MSFT_O365AdminAuditLogConfig : OMI_BaseResource [Key, Description("Specifies the resource is a single instance, the value must be 'Yes'"), ValueMap{"Yes"}, Values{"Yes"}] String IsSingleInstance; [Write,Description("'Present' is the only value accepted."),ValueMap{"Present"},Values{"Present"}] string Ensure; [Required, Description("Determins if Unified Audit Log Ingestion is enabled"),ValueMap{"Enabled","Disabled"}, Values{"Enabled","Disabled"}] string UnifiedAuditLogIngestionEnabled; - [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Credentials of the Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof index 6b470ca165..0e5417dc50 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365Group/MSFT_O365Group.schema.mof @@ -7,7 +7,7 @@ class MSFT_O365Group : OMI_BaseResource [Write, Description("The group's description.")] string Description; [Write, Description("Members of the group.")] string Members[]; [Write, Description("Present ensures the group exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; - [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Credentials of the Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com")] String TenantId; [Write, Description("Secret of the Azure Active Directory application used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof index 85239337bc..6b1fa5a53c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_O365OrgCustomizationSetting/MSFT_O365OrgCustomizationSetting.schema.mof @@ -3,7 +3,7 @@ class MSFT_O365OrgCustomizationSetting : OMI_BaseResource { [Key, Description("Specifies the resource is a single instance, the value must be 'Yes'"), ValueMap{"Yes"}, Values{"Yes"}] String IsSingleInstance; [Write, Description("Since there is only one setting availble, this must be set to 'Present'"), ValueMap{"Present"}, Values{"Present"}] String Ensure; - [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; + [Write, Description("Credentials of the Global Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId; [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof index f3a3b22494..ef55bc0421 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOTenantSettings/MSFT_SPOTenantSettings.schema.mof @@ -12,11 +12,11 @@ class MSFT_SPOTenantSettings : OMI_BaseResource [Write, Description("Allow feedback via UserVoice.")] boolean UserVoiceForFeedbackEnabled; [Write, Description("Configure PublicCDN")] boolean PublicCdnEnabled; [Write, Description("Configure filetypes allowed for PublicCDN")] String PublicCdnAllowedFileTypes; - [Write, Description("When set to $true, users aren't able to share with security groups or SharePoint groups")] boolean UseFindPeopleInPeoplePicker; - [Write, Description("When set to $true, users aren't able to share with security groups or SharePoint groups")] boolean NotificationsInSharePointEnabled; - [Write, Description("")] boolean OwnerAnonymousNotification; - [Write, Description("")] boolean ApplyAppEnforcedRestrictionsToAdHocRecipients; - [Write, Description("")] boolean FilePickerExternalImageSearchEnabled; + [Write, Description("When set to $true, users aren't able to share with security groups or SharePoint groups.")] boolean UseFindPeopleInPeoplePicker; + [Write, Description("When set to $true, users aren't able to share with security groups or SharePoint groups.")] boolean NotificationsInSharePointEnabled; + [Write, Description("Specifies whether an email notification should be sent to the OneDrive for Business owners when an anonymous links are created or changed.")] boolean OwnerAnonymousNotification; + [Write, Description("When the feature is enabled, all guest users are subject to conditional access policy. By default guest users who are accessing SharePoint Online files with pass code are exempt from the conditional access policy.")] boolean ApplyAppEnforcedRestrictionsToAdHocRecipients; + [Write, Description("Sets whether webparts that support inserting images, like for example Image or Hero webpart, the Web search (Powered by Bing) should allow choosing external images.")] boolean FilePickerExternalImageSearchEnabled; [Write, Description("Defines if the default themes are visible or hidden")] boolean HideDefaultThemes; [Write, Description("To enable or disable Sync button on Team sites")] boolean HideSyncButtonOnTeamSite; [Write, Description("Allow or block external sharing until at least one Office DLP policy scans the content of the file."), ValueMap{"AllowExternalSharing","BlockExternalSharing"}, Values{"AllowExternalSharing","BlockExternalSharing"}] string MarkNewFilesSensitiveByDefault; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 index 20662f46da..9747cf0fba 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.psm1 @@ -9,6 +9,7 @@ function Get-TargetResource $UserInitiatedMode, [Parameter()] + [ValidateSet('Enabled', 'Disabled', 'EnabledUserOverride')] [System.String] $ReceiveSurveysMode, @@ -118,6 +119,7 @@ function Set-TargetResource $UserInitiatedMode, [Parameter()] + [ValidateSet('Enabled', 'Disabled', 'EnabledUserOverride')] [System.String] $ReceiveSurveysMode, @@ -245,6 +247,7 @@ function Test-TargetResource $UserInitiatedMode, [Parameter()] + [ValidateSet('Enabled', 'Disabled', 'EnabledUserOverride')] [System.String] $ReceiveSurveysMode, diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.schema.mof index 86829d0d21..cc4896cc6c 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsFeedbackPolicy/MSFT_TeamsFeedbackPolicy.schema.mof @@ -1,13 +1,13 @@ [ClassVersion("1.0.0.0"), FriendlyName("TeamsFeedbackPolicy")] class MSFT_TeamsFeedbackPolicy : OMI_BaseResource { - [Write, Description("")] String UserInitiatedMode; - [Write, Description("")] String ReceiveSurveysMode; - [Write, Description("")] Boolean AllowScreenshotCollection; - [Write, Description("")] Boolean AllowEmailCollection; - [Write, Description("")] Boolean AllowLogCollection; - [Write, Description("")] Boolean EnableFeatureSuggestions; - [Key, Description("")] String Identity; + [Key, Description("Specify the name of the Teams Feedback Policy.")] String Identity; + [Write, Description("Specifies if users are allowed to give feedback.")] String UserInitiatedMode; + [Write, Description("Specifies if users are allowed to receive the survey."), ValueMap{"Enabled","Disabled","EnabledUserOverride"}, Values{"Enabled","Disabled","EnabledUserOverride"}] String ReceiveSurveysMode; + [Write, Description("Specifies if Screenshot Collection is enabled or not.")] Boolean AllowScreenshotCollection; + [Write, Description("Specifies if Email Collection is enabled or not.")] Boolean AllowEmailCollection; + [Write, Description("Specifies if Log Collection is enabled or not.")] Boolean AllowLogCollection; + [Write, Description("Specifies if users are allowed to provide feature suggestions")] Boolean EnableFeatureSuggestions; [Write, Description("Present ensures the instance exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure; [Write, Description("Credentials of the workload's Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.schema.mof index bf6729e732..75a9ae245a 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsMobilityPolicy/MSFT_TeamsMobilityPolicy.schema.mof @@ -1,7 +1,7 @@ [ClassVersion("1.0.0.0"), FriendlyName("TeamsMobilityPolicy")] class MSFT_TeamsMobilityPolicy : OMI_BaseResource { - [Key, Description("Specify the name of the policy that you are creating.")] String Identity; + [Key, Description("Specify the name of the Teams Mobility Policy.")] String Identity; [Write, Description("Enables administrators to provide explanatory text about the policy. For example, the Description might indicate the users the policy should be assigned to.")] String Description; [Write, Description("When set to WifiOnly, prohibits the user from making and receiving calls or joining meetings using VoIP calls on the mobile device while on a cellular data connection. Possible values are: WifiOnly, AllNetworks."), ValueMap{"WifiOnly","AllNetworks"}, Values{"WifiOnly","AllNetworks"}] String IPAudioMobileMode; [Write, Description("When set to WifiOnly, prohibits the user from making and receiving video calls or enabling video in meetings using VoIP calls on the mobile device while on a cellular data connection. Possible values are: WifiOnly, AllNetworks."), ValueMap{"WifiOnly","AllNetworks"}, Values{"WifiOnly","AllNetworks"}] String IPVideoMobileMode; diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.schema.mof b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.schema.mof index 442bd5aad6..9997e9e405 100644 --- a/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.schema.mof +++ b/Modules/Microsoft365DSC/DSCResources/MSFT_TeamsNetworkRoamingPolicy/MSFT_TeamsNetworkRoamingPolicy.schema.mof @@ -1,7 +1,7 @@ [ClassVersion("1.0.0.0"), FriendlyName("TeamsNetworkRoamingPolicy")] class MSFT_TeamsNetworkRoamingPolicy : OMI_BaseResource { - [Key, Description("")] String Identity; + [Key, Description("Specify the name of the Teams Network Roaming Policy.")] String Identity; [Write, Description("Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow the user to share their video. Set this to FALSE to prohibit the user from sharing their video.")] Boolean AllowIPVideo; [Write, Description("Description of the new policy to be created.")] String Description; [Write, Description("Determines the media bit rate for audio/video/app sharing transmissions in meetings.")] UInt64 MediaBitRateKb; From 5545afc10197a9feadd8ed5d498bd5a891353969 Mon Sep 17 00:00:00 2001 From: Yorick Kuijs Date: Tue, 2 Jan 2024 16:26:08 +0100 Subject: [PATCH 4/6] Updated unit tests --- ...Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 index 65ef89ac0b..a9ad5088b1 100644 --- a/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 +++ b/Tests/Unit/Microsoft365DSC/Microsoft365DSC.TeamsFeedbackPolicy.Tests.ps1 @@ -60,7 +60,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { BeforeAll { $testParams = @{ EnableFeatureSuggestions = $True - ReceiveSurveysMode = 'FakeStringValue' + ReceiveSurveysMode = 'Enabled' AllowEmailCollection = $True UserInitiatedMode = 'FakeStringValue' Identity = 'FakeStringValue' @@ -93,7 +93,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { BeforeAll { $testParams = @{ EnableFeatureSuggestions = $True - ReceiveSurveysMode = 'FakeStringValue' + ReceiveSurveysMode = 'Enabled' AllowEmailCollection = $True UserInitiatedMode = 'FakeStringValue' Identity = 'FakeStringValue' @@ -106,7 +106,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-CsTeamsFeedbackPolicy -MockWith { return @{ EnableFeatureSuggestions = $True - ReceiveSurveysMode = 'FakeStringValue' + ReceiveSurveysMode = 'Enabled' AllowEmailCollection = $True UserInitiatedMode = 'FakeStringValue' Identity = 'FakeStringValue' @@ -135,7 +135,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { BeforeAll { $testParams = @{ EnableFeatureSuggestions = $True - ReceiveSurveysMode = 'FakeStringValue' + ReceiveSurveysMode = 'Enabled' AllowEmailCollection = $True UserInitiatedMode = 'FakeStringValue' Identity = 'FakeStringValue' @@ -148,7 +148,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-CsTeamsFeedbackPolicy -MockWith { return @{ EnableFeatureSuggestions = $True - ReceiveSurveysMode = 'FakeStringValue' + ReceiveSurveysMode = 'Enabled' AllowEmailCollection = $True UserInitiatedMode = 'FakeStringValue' Identity = 'FakeStringValue' @@ -167,7 +167,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { BeforeAll { $testParams = @{ EnableFeatureSuggestions = $True - ReceiveSurveysMode = 'FakeStringValue' + ReceiveSurveysMode = 'Enabled' AllowEmailCollection = $True UserInitiatedMode = 'FakeStringValue' Identity = 'FakeStringValue' @@ -180,7 +180,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-CsTeamsFeedbackPolicy -MockWith { return @{ EnableFeatureSuggestions = $False - ReceiveSurveysMode = 'FakeStringValueDrift #Drift' + ReceiveSurveysMode = 'Disabled' AllowEmailCollection = $False UserInitiatedMode = 'FakeStringValueDrift #Drift' Identity = 'FakeStringValue' @@ -215,7 +215,7 @@ Describe -Name $Global:DscHelper.DescribeHeader -Fixture { Mock -CommandName Get-CsTeamsFeedbackPolicy -MockWith { return @{ EnableFeatureSuggestions = $True - ReceiveSurveysMode = 'FakeStringValue' + ReceiveSurveysMode = 'Enabled' AllowEmailCollection = $True UserInitiatedMode = 'FakeStringValue' Identity = 'FakeStringValue' From c7043ff9e9854292b8a9a13e4f89f8e5dc797c6a Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Tue, 2 Jan 2024 15:31:00 +0000 Subject: [PATCH 5/6] Updated Resources and Cmdlet documentation pages --- docs/docs/resources/exchange/EXOTransportRule.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/docs/resources/exchange/EXOTransportRule.md b/docs/docs/resources/exchange/EXOTransportRule.md index 84632f4127..9d1aeb353d 100644 --- a/docs/docs/resources/exchange/EXOTransportRule.md +++ b/docs/docs/resources/exchange/EXOTransportRule.md @@ -74,7 +74,7 @@ | **ExceptIfFromScope** | Write | String | The ExceptIfFromScope parameter specifies an exception that looks for the location of message senders. | `InOrganization`, `NotInOrganization` | | **ExceptIfHasClassification** | Write | String | The ExceptIfHasClassification parameter specifies an exception that looks for messages with the specified message classification. | | | **ExceptIfHasNoClassification** | Write | Boolean | The ExceptIfHasNoClassification parameter specifies an exception that looks for messages with or without any message classifications. | | -| **ExceptIfHasSenderOverride** | Write | Boolean | The ExceptIfHasSenderOverride parameter specifies an exception that looks for messages where the sender chose to override a DLP policy. | | +| **ExceptIfHasSenderOverride** | Write | Boolean | DEPRECATED | | | **ExceptIfHeaderContainsMessageHeader** | Write | String | The ExceptIfHeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the ExceptIfHeaderContainsWords parameter. | | | **ExceptIfHeaderContainsWords** | Write | StringArray[] | The ExceptIfHeaderContainsWords parameter specifies an exception that looks for words in a header field. | | | **ExceptIfHeaderMatchesMessageHeader** | Write | String | The ExceptIfHeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the ExceptIfHeaderMatchesPatterns parameter. | | @@ -82,7 +82,7 @@ | **ExceptIfManagerAddresses** | Write | StringArray[] | The ExceptIfManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter. | | | **ExceptIfManagerForEvaluatedUser** | Write | String | The ExceptIfManagerForEvaluatedUser parameter specifies an exception that looks for users in the Manager attribute of senders or recipients. | | | **ExceptIfMessageTypeMatches** | Write | String | The ExceptIfMessageTypeMatches parameter specifies an exception that looks for messages of the specified type. | `OOF`, `AutoForward`, `Encrypted`, `Calendaring`, `PermissionControlled`, `Voicemail`, `Signed`, `ApprovalRequest`, `ReadReceipt` | -| **ExceptIfMessageContainsDataClassifications** | Write | StringArray[] | The ExceptIfMessageContainsDataClassifications parameter specifies an exception that looks for sensitive information types in the body of messages, and in any attachments. | | +| **ExceptIfMessageContainsDataClassifications** | Write | StringArray[] | DEPRECATED | | | **ExceptIfMessageSizeOver** | Write | String | The ExceptIfMessageSizeOver parameter specifies an exception that looks for messages larger than the specified size. | | | **ExceptIfRecipientADAttributeContainsWords** | Write | StringArray[] | The ExceptIfRecipientADAttributeContainsWords parameter specifies an exception that looks for words in the Active Directory attributes of recipients. | | | **ExceptIfRecipientADAttributeMatchesPatterns** | Write | StringArray[] | The ExceptIfRecipientADAttributeMatchesPatterns parameter specifies an exception that looks for text patterns in the Active Directory attributes of recipients by using regular expressions. | | @@ -115,7 +115,7 @@ | **GenerateNotification** | Write | String | The GenerateNotification parameter specifies an action that sends a notification message to recipients. | | | **HasClassification** | Write | String | The HasClassification parameter specifies a condition that looks for messages with the specified message classification. | | | **HasNoClassification** | Write | Boolean | The HasNoClassification parameter specifies a condition that looks for messages with or without any message classifications. | | -| **HasSenderOverride** | Write | Boolean | The HasSenderOverride parameter specifies a condition that looks for messages where the sender chose to override a DLP policy. | | +| **HasSenderOverride** | Write | Boolean | DEPRECATED | | | **HeaderContainsMessageHeader** | Write | String | The HeaderContainsMessageHeader parameter specifies the name of header field in the message header when searching for the words specified by the HeaderContainsWords parameter. | | | **HeaderContainsWords** | Write | StringArray[] | The HeaderContainsWords parameter specifies a condition that looks for words in a header field. | | | **HeaderMatchesMessageHeader** | Write | String | The HeaderMatchesMessageHeader parameter specifies the name of header field in the message header when searching for the text patterns specified by the HeaderMatchesPatterns parameter. | | @@ -123,13 +123,13 @@ | **IncidentReportContent** | Write | StringArray[] | The IncidentReportContent parameter specifies the message properties that are included in the incident report that's generated when a message violates a DLP policy. | | | **ManagerAddresses** | Write | StringArray[] | The ManagerAddresses parameter specifies the users (managers) for the ExceptIfManagerForEvaluatedUser parameter. | | | **ManagerForEvaluatedUser** | Write | String | The ManagerForEvaluatedUser parameter specifies a condition that looks for users in the Manager attribute of senders or recipients. | `Recipient`, `Sender` | -| **MessageContainsDataClassifications** | Write | StringArray[] | The MessageContainsDataClassifications parameter specifies a condition that looks for sensitive information types in the body of messages, and in any attachments. | | +| **MessageContainsDataClassifications** | Write | StringArray[] | DEPRECATED | | | **MessageSizeOver** | Write | String | The MessageSizeOver parameter specifies a condition that looks for messages larger than the specified size. The size includes the message and all attachments. | | | **MessageTypeMatches** | Write | String | The MessageTypeMatches parameter specifies a condition that looks for messages of the specified type. | `OOF`, `AutoForward`, `Encrypted`, `Calendaring`, `PermissionControlled`, `Voicemail`, `Signed`, `ApprovalRequest`, `ReadReceipt` | | **Mode** | Write | String | The Mode parameter specifies how the rule operates. | `Audit`, `AuditAndNotify`, `Enforce` | | **ModerateMessageByManager** | Write | Boolean | The ModerateMessageByManager parameter specifies an action that forwards messages for approval to the user that's specified in the sender's Manager attribute. | | | **ModerateMessageByUser** | Write | StringArray[] | The ModerateMessageByUser parameter specifies an action that forwards messages for approval to the specified users. | | -| **NotifySender** | Write | String | The NotifySender parameter specifies an action that notifies the sender when messages violate DLP policies. | `NotifyOnly`, `RejectMessage`, `RejectUnlessFalsePositiveOverride`, `RejectUnlessSilentOverride`, `RejectUnlessExplicitOverride` | +| **NotifySender** | Write | String | DEPRECATED | `NotifyOnly`, `RejectMessage`, `RejectUnlessFalsePositiveOverride`, `RejectUnlessSilentOverride`, `RejectUnlessExplicitOverride` | | **PrependSubject** | Write | String | The PrependSubject parameter specifies an action that adds text to add to the beginning of the Subject field of messages. | | | **Priority** | Write | String | The Priority parameter specifies a priority value for the rule that determines the order of rule processing. | | | **Quarantine** | Write | Boolean | The Quarantine parameter specifies an action that quarantines messages. | | From 6d5dc19118a8e7567f215835a2fb39f1ad2c596e Mon Sep 17 00:00:00 2001 From: NikCharlebois Date: Tue, 2 Jan 2024 16:01:06 +0000 Subject: [PATCH 6/6] Updated Resources and Cmdlet documentation pages --- .../resources/exchange/EXOInboundConnector.md | 4 +- docs/docs/resources/exchange/EXOMailTips.md | 4 +- .../exchange/EXOOutboundConnector.md | 16 +-- .../IntuneDeviceConfigurationPolicyMacOS.md | 122 +++++++++--------- .../office365/O365AdminAuditLogConfig.md | 2 +- docs/docs/resources/office365/O365Group.md | 2 +- .../office365/O365OrgCustomizationSetting.md | 2 +- .../resources/sharepoint/SPOTenantSettings.md | 10 +- .../resources/teams/TeamsFeedbackPolicy.md | 14 +- .../resources/teams/TeamsMobilityPolicy.md | 2 +- .../teams/TeamsNetworkRoamingPolicy.md | 2 +- 11 files changed, 90 insertions(+), 90 deletions(-) diff --git a/docs/docs/resources/exchange/EXOInboundConnector.md b/docs/docs/resources/exchange/EXOInboundConnector.md index e78bbd243a..cd9a5b7152 100644 --- a/docs/docs/resources/exchange/EXOInboundConnector.md +++ b/docs/docs/resources/exchange/EXOInboundConnector.md @@ -6,9 +6,9 @@ | --- | --- | --- | --- | --- | | **Identity** | Key | String | The Identity parameter specifies the outbound connector that you want to modify. | | | **AssociatedAcceptedDomains** | Write | StringArray[] | The AssociatedAcceptedDomains parameter specifies the accepted domains that the connector applies to, thereby limiting its scope. For example, you can apply the connector to a specific accepted domain in your organization, such as contoso.com. | | -| **CloudServicesMailEnabled** | Write | Boolean | The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY! Valid values are: $true | $false | | +| **CloudServicesMailEnabled** | Write | Boolean | The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY! | | | **Comment** | Write | String | The Comment parameter specifies an optional comment. | | -| **ConnectorSource** | Write | String | The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS! values are Default (the default) | Migrated | HybridWizard | `Default`, `Migrated`, `HybridWizard` | +| **ConnectorSource** | Write | String | The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS! | `Default`, `Migrated`, `HybridWizard` | | **ConnectorType** | Write | String | The ConnectorType parameter specifies a category for the domains that are serviced by the connector. Valid values are Partner and OnPremises | `Partner`, `OnPremises` | | **EFSkipIPs** | Write | StringArray[] | The EFSkipIPs parameter specifies the source IP addresses to skip in Enhanced Filtering for Connectors when the EFSkipLastIP parameter value is $false. | | | **EFSkipLastIP** | Write | Boolean | The EFSkipLastIP parameter specifies the behavior of Enhanced Filtering for Connectors. | | diff --git a/docs/docs/resources/exchange/EXOMailTips.md b/docs/docs/resources/exchange/EXOMailTips.md index bca289784c..c567d10c8e 100644 --- a/docs/docs/resources/exchange/EXOMailTips.md +++ b/docs/docs/resources/exchange/EXOMailTips.md @@ -4,13 +4,13 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **Organization** | Key | String | | | +| **Organization** | Key | String | Specify the name of your organization. | | | **MailTipsAllTipsEnabled** | Write | Boolean | Specifies whether MailTips are enabled. | | | **MailTipsGroupMetricsEnabled** | Write | Boolean | Specifies whether MailTips that rely on group metrics data are enabled. | | | **MailTipsLargeAudienceThreshold** | Write | UInt32 | Specifies what a large audience is. | | | **MailTipsMailboxSourcedTipsEnabled** | Write | Boolean | Specifies whether MailTips that rely on mailbox data (out-of-office or full mailbox) are enabled. | | | **MailTipsExternalRecipientsTipsEnabled** | Write | Boolean | Specifies whether MailTips for external recipients are enabled. | | -| **Ensure** | Write | String | | `Present`, `Absent` | +| **Ensure** | Write | String | Specifies if this MailTip should exist. | `Present`, `Absent` | | **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. | | diff --git a/docs/docs/resources/exchange/EXOOutboundConnector.md b/docs/docs/resources/exchange/EXOOutboundConnector.md index f4e1ef0956..3848275f5d 100644 --- a/docs/docs/resources/exchange/EXOOutboundConnector.md +++ b/docs/docs/resources/exchange/EXOOutboundConnector.md @@ -8,18 +8,18 @@ | **Enabled** | Write | Boolean | Specifies whether connector is enabled. | | | **UseMXRecord** | Write | Boolean | Specifies whether connector should use MXRecords for target resolution. | | | **Comment** | Write | String | The Comment parameter specifies an optional comment. | | -| **ConnectorSource** | Write | String | The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS! values are Default (the default) | Migrated | HybridWizard | `Default`, `Migrated`, `HybridWizard` | -| **ConnectorType** | Write | String | The ConnectorType parameter specifies a category for the domains that are serviced by the connector. Valid values are Partner and OnPremises | `Partner`, `OnPremises` | +| **ConnectorSource** | Write | String | The ConnectorSource parameter specifies how the connector is created. DO NOT CHANGE THIS! | `Default`, `Migrated`, `HybridWizard` | +| **ConnectorType** | Write | String | The ConnectorType parameter specifies a category for the domains that are serviced by the connector. | `Partner`, `OnPremises` | | **RecipientDomains** | Write | StringArray[] | The RecipientDomains parameter specifies the domain that the Outbound connector routes mail to. You can specify multiple domains separated by commas. | | | **SmartHosts** | Write | StringArray[] | The SmartHosts parameter specifies the smart hosts the Outbound connector uses to route mail. This parameter is required if you set the UseMxRecord parameter to $false and must be specified on the same command line. | | | **TlsDomain** | Write | String | The TlsDomain parameter specifies the domain name that the Outbound connector uses to verify the FQDN of the target certificate when establishing a TLS secured connection. This parameter is only used if the TlsSettings parameter is set to DomainValidation. Valid input for the TlsDomain parameter is an SMTP domain. You can use a wildcard character to specify all subdomains of a specified domain, as shown in the following example: *.contoso.com. However, you can't embed a wildcard character, as shown in the following example: domain.*.contoso.com | | -| **TlsSettings** | Write | String | The TlsSettings parameter specifies the TLS authentication level that's used for outbound TLS connections established by this Outbound connector. Valid values are:EncryptionOnly | CertificateValidation | DomainValidation | `EncryptionOnly`, `CertificateValidation`, `DomainValidation` | -| **IsTransportRuleScoped** | Write | Boolean | The IsTransportRuleScoped parameter specifies whether the Outbound connector is associated with a transport rule (also known as a mail flow rule). Valid values are: $true | $false | | -| **RouteAllMessagesViaOnPremises** | Write | Boolean | The RouteAllMessagesViaOnPremises parameter specifies that all messages serviced by this connector are first routed through the on-premises messaging system (Centralized mailrouting). Valid values are: $true | $false | | -| **CloudServicesMailEnabled** | Write | Boolean | The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY! Valid values are: $true | $false | | -| **AllAcceptedDomains** | Write | Boolean | The AllAcceptedDomains parameter specifies whether the Outbound connector is used in hybrid organizations where message recipients are in accepted domains of the cloud-based organization. Valid values are: $true | $false (default) | | +| **TlsSettings** | Write | String | The TlsSettings parameter specifies the TLS authentication level that's used for outbound TLS connections established by this Outbound connector. | `EncryptionOnly`, `CertificateValidation`, `DomainValidation` | +| **IsTransportRuleScoped** | Write | Boolean | The IsTransportRuleScoped parameter specifies whether the Outbound connector is associated with a transport rule (also known as a mail flow rule). | | +| **RouteAllMessagesViaOnPremises** | Write | Boolean | The RouteAllMessagesViaOnPremises parameter specifies that all messages serviced by this connector are first routed through the on-premises messaging system (Centralized mailrouting). | | +| **CloudServicesMailEnabled** | Write | Boolean | The CloudServicesMailEnabled parameter specifies whether the connector is used for hybrid mail flow between an on-premises Exchange environment and Microsoft Office 365. Specifically, this parameter controls how certain internal X-MS-Exchange-Organization-* message headers are handled in messages that are sent between accepted domains in the on-premises and cloud organizations. These headers are collectively known as cross-premises headers. DO NOT USE MANUALLY! | | +| **AllAcceptedDomains** | Write | Boolean | The AllAcceptedDomains parameter specifies whether the Outbound connector is used in hybrid organizations where message recipients are in accepted domains of the cloud-based organization. | | | **SenderRewritingEnabled** | Write | Boolean | The SenderRewritingEnabled parameter specifies that all messages that normally qualify for SRS rewriting are rewritten for routing through the on-premises email system. | | -| **TestMode** | Write | Boolean | The TestMode parameter specifies whether you want to enabled or disable test mode for the Outbound connector. Valid values are: $true | $false (default) | | +| **TestMode** | Write | Boolean | The TestMode parameter specifies whether you want to enabled or disable test mode for the Outbound connector. | | | **ValidationRecipients** | Write | StringArray[] | The ValidationRecipients parameter specifies the email addresses of the validation recipients for the Outbound connector. You can specify multiple email addresses separated by commas. | | | **Ensure** | Write | String | Specifies if this Outbound connector should exist. | `Present`, `Absent` | | **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin | | diff --git a/docs/docs/resources/intune/IntuneDeviceConfigurationPolicyMacOS.md b/docs/docs/resources/intune/IntuneDeviceConfigurationPolicyMacOS.md index bd1438f974..1992587186 100644 --- a/docs/docs/resources/intune/IntuneDeviceConfigurationPolicyMacOS.md +++ b/docs/docs/resources/intune/IntuneDeviceConfigurationPolicyMacOS.md @@ -4,11 +4,11 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **Id** | Write | String | | | -| **DisplayName** | Key | String | | | -| **Description** | Write | String | | | -| **AddingGameCenterFriendsBlocked** | Write | Boolean | | | -| **AirDropBlocked** | Write | Boolean | | | +| **Id** | Write | String | Id of the Intune policy. | | +| **DisplayName** | Key | String | Display name of the Intune policy. | | +| **Description** | Write | String | Description of the Intune policy. | | +| **AddingGameCenterFriendsBlocked** | Write | Boolean | Configures users from adding friends to Game Center. Available for devices running macOS versions 10.13 and later. | | +| **AirDropBlocked** | Write | Boolean | Configures whether or not to allow AirDrop. | | | **AppleWatchBlockAutoUnlock** | Write | Boolean | Blocks users from unlocking their Mac with Apple Watch. | | | **CameraBlocked** | Write | Boolean | Blocks users from taking photographs and videos. | | | **ClassroomAppBlockRemoteScreenObservation** | Write | Boolean | Blocks AirPlay, screen sharing to other devices, and a Classroom app feature used by teachers to view their students' screens. This setting isn't available if you've blocked screenshots. | | @@ -17,12 +17,12 @@ | **ClassroomForceRequestPermissionToLeaveClasses** | Write | Boolean | Students enrolled in an unmanaged Classroom course must get teacher consent to leave the course. | | | **ClassroomForceUnpromptedAppAndDeviceLock** | Write | Boolean | Teachers can lock a student's device or app without the student's approval. | | | **CompliantAppListType** | Write | String | Device compliance can be viewed in the Restricted Apps Compliance report. | `none`, `appsInListCompliant`, `appsNotInListCompliant` | -| **CompliantAppsList** | Write | MSFT_MicrosoftGraphapplistitemMacOS[] | | | -| **ContentCachingBlocked** | Write | Boolean | | | +| **CompliantAppsList** | Write | MSFT_MicrosoftGraphapplistitemMacOS[] | List of apps in the compliance (either allow list or block list, controlled by CompliantAppListType). | | +| **ContentCachingBlocked** | Write | Boolean | Configures whether or not to allow content caching. | | | **DefinitionLookupBlocked** | Write | Boolean | Block look up, a feature that looks up the definition of a highlighted word. | | | **EmailInDomainSuffixes** | Write | StringArray[] | Emails that the user sends or receives which don't match the domains you specify here will be marked as untrusted. | | -| **EraseContentAndSettingsBlocked** | Write | Boolean | | | -| **GameCenterBlocked** | Write | Boolean | | | +| **EraseContentAndSettingsBlocked** | Write | Boolean | Configures the reset option on supervised devices. Available for devices running macOS versions 12.0 and later. | | +| **GameCenterBlocked** | Write | Boolean | Configured if the Game Center icon is removed from the Home screen. Available for devices running macOS versions 10.13 and later. | | | **ICloudBlockActivityContinuation** | Write | Boolean | Handoff lets users start work on one MacOS device, and continue it on another MacOS or iOS device. Available for macOS 10.15 and later. | | | **ICloudBlockAddressBook** | Write | Boolean | Blocks iCloud from syncing contacts. | | | **ICloudBlockBookmarks** | Write | Boolean | Blocks iCloud from syncing bookmarks. | | @@ -32,40 +32,40 @@ | **ICloudBlockNotes** | Write | Boolean | Blocks iCloud from syncing notes. | | | **ICloudBlockPhotoLibrary** | Write | Boolean | Any photos not fully downloaded from iCloud Photo Library to device will be removed from local storage. | | | **ICloudBlockReminders** | Write | Boolean | Blocks iCloud from syncing reminders. | | -| **ICloudDesktopAndDocumentsBlocked** | Write | Boolean | | | -| **ICloudPrivateRelayBlocked** | Write | Boolean | | | +| **ICloudDesktopAndDocumentsBlocked** | Write | Boolean | Configures if the synchronization of cloud desktop and documents is blocked. Available for devices running macOS 10.12.4 and later. | | +| **ICloudPrivateRelayBlocked** | Write | Boolean | Configures if iCloud private relay is blocked or not. Available for devices running macOS 12 and later. | | | **ITunesBlockFileSharing** | Write | Boolean | Blocks files from being transferred using iTunes. | | -| **ITunesBlockMusicService** | Write | Boolean | | | +| **ITunesBlockMusicService** | Write | Boolean | Configures whether or not to block files from being transferred using iTunes. | | | **KeyboardBlockDictation** | Write | Boolean | Block dictation, which is a feature that converts the user's voice to text. | | | **KeychainBlockCloudSync** | Write | Boolean | Disables syncing credentials stored in the Keychain to iCloud | | -| **MultiplayerGamingBlocked** | Write | Boolean | | | -| **PasswordBlockAirDropSharing** | Write | Boolean | | | -| **PasswordBlockAutoFill** | Write | Boolean | | | +| **MultiplayerGamingBlocked** | Write | Boolean | Configures whether multiplayer gaming when using Game Center is blocked. Available for devices running macOS versions 10.13 and later. | | +| **PasswordBlockAirDropSharing** | Write | Boolean | Configures whether or not to block sharing passwords with the AirDrop passwords feature. | | +| **PasswordBlockAutoFill** | Write | Boolean | Configures whether or not to block the AutoFill Passwords feature. | | | **PasswordBlockFingerprintUnlock** | Write | Boolean | Requires user to set a non-biometric passcode or password to unlock the device. | | | **PasswordBlockModification** | Write | Boolean | Blocks user from changing the set passcode. | | -| **PasswordBlockProximityRequests** | Write | Boolean | | | +| **PasswordBlockProximityRequests** | Write | Boolean | Configures whether or not to block requesting passwords from nearby devices. | | | **PasswordBlockSimple** | Write | Boolean | Block simple password sequences, such as 1234 or 1111. | | | **PasswordExpirationDays** | Write | UInt32 | Number of days until device password must be changed. (1-65535) | | -| **PasswordMaximumAttemptCount** | Write | UInt32 | | | +| **PasswordMaximumAttemptCount** | Write | UInt32 | Configures the number of allowed failed attempts to enter the passcode at the device's lock screen. Valid values 2 to 11 | | | **PasswordMinimumCharacterSetCount** | Write | UInt32 | Minimum number (0-4) of non-alphanumeric characters, such as #, %, !, etc., required in the password. The default value is 0. | | | **PasswordMinimumLength** | Write | UInt32 | Minimum number of digits or characters in password (4-16). | | | **PasswordMinutesOfInactivityBeforeLock** | Write | UInt32 | Set to 0 to require a password immediately. There is no maximum number of minutes, and this number overrides the number currently set on the device. | | | **PasswordMinutesOfInactivityBeforeScreenTimeout** | Write | UInt32 | Set to 0 to use the device's minimum possible value. This number (0-60 minutes) overrides the number currently set on the device. | | -| **PasswordMinutesUntilFailedLoginReset** | Write | UInt32 | | | +| **PasswordMinutesUntilFailedLoginReset** | Write | UInt32 | Configures the number of minutes before the login is reset after the maximum number of unsuccessful login attempts is reached. | | | **PasswordPreviousPasswordBlockCount** | Write | UInt32 | Number of new passwords that must be used until an old one can be reused. (1-24) | | -| **PasswordRequired** | Write | Boolean | Specify the type of password required. | | +| **PasswordRequired** | Write | Boolean | Specify the type of password required. | | | **PasswordRequiredType** | Write | String | Specify the type of password required. | `deviceDefault`, `alphanumeric`, `numeric` | | **PrivacyAccessControls** | Write | MSFT_MicrosoftGraphmacosprivacyaccesscontrolitem[] | Configure an app's access to specific data, folders, and apps on a device. These settings apply to devices running macOS Mojave 10.14 and later. | | | **SafariBlockAutofill** | Write | Boolean | Blocks Safari from remembering what users enter in web forms. | | -| **ScreenCaptureBlocked** | Write | Boolean | | | -| **SoftwareUpdateMajorOSDeferredInstallDelayInDays** | Write | UInt32 | | | -| **SoftwareUpdateMinorOSDeferredInstallDelayInDays** | Write | UInt32 | | | -| **SoftwareUpdateNonOSDeferredInstallDelayInDays** | Write | UInt32 | | | +| **ScreenCaptureBlocked** | Write | Boolean | Configures whether or not to block the user from taking Screenshots. | | +| **SoftwareUpdateMajorOSDeferredInstallDelayInDays** | Write | UInt32 | Specify the number of days (1-90) to delay visibility of major OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90 | | +| **SoftwareUpdateMinorOSDeferredInstallDelayInDays** | Write | UInt32 | Specify the number of days (1-90) to delay visibility of minor OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90 | | +| **SoftwareUpdateNonOSDeferredInstallDelayInDays** | Write | UInt32 | Specify the number of days (1-90) to delay visibility of non-OS software updates. Available for devices running macOS versions 11.3 and later. Valid values 0 to 90 | | | **SoftwareUpdatesEnforcedDelayInDays** | Write | UInt32 | Delay the user's software update for this many days. The maximum is 90 days. (1-90) | | | **SpotlightBlockInternetResults** | Write | Boolean | Blocks Spotlight from returning any results from an Internet search | | -| **TouchIdTimeoutInHours** | Write | UInt32 | | | -| **UpdateDelayPolicy** | Write | StringArray[] | | `none`, `delayOSUpdateVisibility`, `delayAppUpdateVisibility`, `unknownFutureValue`, `delayMajorOsUpdateVisibility` | -| **WallpaperModificationBlocked** | Write | Boolean | | | +| **TouchIdTimeoutInHours** | Write | UInt32 | Configures the maximum hours after which the user must enter their password to unlock the device instead of using Touch ID. Available for devices running macOS 12 and later. Valid values 0 to 2147483647 | | +| **UpdateDelayPolicy** | Write | StringArray[] | Configures whether to delay OS and/or app updates for macOS. | `none`, `delayOSUpdateVisibility`, `delayAppUpdateVisibility`, `unknownFutureValue`, `delayMajorOsUpdateVisibility` | +| **WallpaperModificationBlocked** | Write | Boolean | Configures whether the wallpaper can be changed. Available for devices running macOS versions 10.13 and later. | | | **Assignments** | Write | MSFT_DeviceManagementConfigurationPolicyAssignments[] | Represents the assignment to the Intune policy. | | | **Ensure** | Write | String | Present ensures the policy exists, absent ensures it is removed. | `Present`, `Absent` | | **Credential** | Write | PSCredential | Credentials of the Intune Admin | | @@ -94,11 +94,11 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **odataType** | Write | String | | `#microsoft.graph.appleAppListItem` | -| **appId** | Write | String | | | -| **appStoreUrl** | Write | String | | | -| **name** | Write | String | | | -| **publisher** | Write | String | | | +| **odataType** | Write | String | Specify the odataType | `#microsoft.graph.appleAppListItem` | +| **appId** | Write | String | The application or bundle identifier of the application | | +| **appStoreUrl** | Write | String | The Store URL of the application | | +| **name** | Write | String | The application name | | +| **publisher** | Write | String | The publisher of the application | | ### MSFT_MicrosoftGraphmacosprivacyaccesscontrolitem @@ -106,32 +106,32 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **accessibility** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **addressBook** | Write | String | Blocks iCloud from syncing contacts. | `notConfigured`, `enabled`, `disabled` | -| **appleEventsAllowedReceivers** | Write | MSFT_MicrosoftGraphmacosappleeventreceiver[] | | | -| **blockCamera** | Write | Boolean | | | -| **blockListenEvent** | Write | Boolean | | | -| **blockMicrophone** | Write | Boolean | | | -| **blockScreenCapture** | Write | Boolean | | | -| **calendar** | Write | String | Blocks iCloud from syncing calendars. | `notConfigured`, `enabled`, `disabled` | -| **codeRequirement** | Write | String | | | -| **displayName** | Write | String | | | -| **fileProviderPresence** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **identifier** | Write | String | | | -| **identifierType** | Write | String | | `bundleID`, `path` | -| **mediaLibrary** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **photos** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **postEvent** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **reminders** | Write | String | Blocks iCloud from syncing reminders. | `notConfigured`, `enabled`, `disabled` | -| **speechRecognition** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **staticCodeValidation** | Write | Boolean | | | -| **systemPolicyAllFiles** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **systemPolicyDesktopFolder** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **systemPolicyDocumentsFolder** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **systemPolicyDownloadsFolder** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **systemPolicyNetworkVolumes** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **systemPolicyRemovableVolumes** | Write | String | | `notConfigured`, `enabled`, `disabled` | -| **systemPolicySystemAdminFiles** | Write | String | | `notConfigured`, `enabled`, `disabled` | +| **accessibility** | Write | String | Allow the app or process to control the Mac via the Accessibility subsystem. | `notConfigured`, `enabled`, `disabled` | +| **addressBook** | Write | String | Allow or block access to contact information managed by Contacts. | `notConfigured`, `enabled`, `disabled` | +| **appleEventsAllowedReceivers** | Write | MSFT_MicrosoftGraphmacosappleeventreceiver[] | Allow or deny the app or process to send a restricted Apple event to another app or process. You will need to know the identifier, identifier type, and code requirement of the receiving app or process. | | +| **blockCamera** | Write | Boolean | Block access to camera app. | | +| **blockListenEvent** | Write | Boolean | Block the app or process from listening to events from input devices such as mouse, keyboard, and trackpad.Requires macOS 10.15 or later. | | +| **blockMicrophone** | Write | Boolean | Block access to microphone. | | +| **blockScreenCapture** | Write | Boolean | Block app from capturing contents of system display. Requires macOS 10.15 or later. | | +| **calendar** | Write | String | Allow or block access to event information managed by Calendar. | `notConfigured`, `enabled`, `disabled` | +| **codeRequirement** | Write | String | Enter the code requirement, which can be obtained with the command 'codesign -display -r -' in the Terminal app. Include everything after '=>'. | | +| **displayName** | Write | String | The display name of the app, process, or executable. | | +| **fileProviderPresence** | Write | String | Allow the app or process to access files managed by another app's file provider extension. Requires macOS 10.15 or later. | `notConfigured`, `enabled`, `disabled` | +| **identifier** | Write | String | The bundle ID or path of the app, process, or executable. | | +| **identifierType** | Write | String | A bundle ID is used to identify an app. A path is used to identify a process or executable. | `bundleID`, `path` | +| **mediaLibrary** | Write | String | Allow or block access to music and the media library. | `notConfigured`, `enabled`, `disabled` | +| **photos** | Write | String | Allow or block access to images managed by Photos. | `notConfigured`, `enabled`, `disabled` | +| **postEvent** | Write | String | Control access to CoreGraphics APIs, which are used to send CGEvents to the system event stream. | `notConfigured`, `enabled`, `disabled` | +| **reminders** | Write | String | Allow or block access to information managed by Reminders. | `notConfigured`, `enabled`, `disabled` | +| **speechRecognition** | Write | String | Allow or block access to system speech recognition facility. | `notConfigured`, `enabled`, `disabled` | +| **staticCodeValidation** | Write | Boolean | Statically validates the code requirement. Use this setting if the process invalidates its dynamic code signature. | | +| **systemPolicyAllFiles** | Write | String | Control access to all protected files on a device. Files might be in locations such as emails, messages, apps, and administrative settings. Apply this setting with caution. | `notConfigured`, `enabled`, `disabled` | +| **systemPolicyDesktopFolder** | Write | String | Allow or block access to Desktop folder. | `notConfigured`, `enabled`, `disabled` | +| **systemPolicyDocumentsFolder** | Write | String | Allow or block access to Documents folder. | `notConfigured`, `enabled`, `disabled` | +| **systemPolicyDownloadsFolder** | Write | String | Allow or block access to Downloads folder. | `notConfigured`, `enabled`, `disabled` | +| **systemPolicyNetworkVolumes** | Write | String | Allow or block access to network volumes. Requires macOS 10.15 or later. | `notConfigured`, `enabled`, `disabled` | +| **systemPolicyRemovableVolumes** | Write | String | Control access to removable volumes on the device, such as an external hard drive. Requires macOS 10.15 or later. | `notConfigured`, `enabled`, `disabled` | +| **systemPolicySystemAdminFiles** | Write | String | Allow app or process to access files used in system administration. | `notConfigured`, `enabled`, `disabled` | ### MSFT_MicrosoftGraphmacosappleeventreceiver @@ -139,10 +139,10 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **allowed** | Write | Boolean | | | -| **codeRequirement** | Write | String | | | -| **identifier** | Write | String | | | -| **identifierType** | Write | String | | `bundleID`, `path` | +| **allowed** | Write | Boolean | Allow or block this app from receiving Apple events. | | +| **codeRequirement** | Write | String | Code requirement for the app or binary that receives the Apple Event. | | +| **identifier** | Write | String | Bundle ID of the app or file path of the process or executable that receives the Apple Event. | | +| **identifierType** | Write | String | Use bundle ID for an app or path for a process or executable that receives the Apple Event. | `bundleID`, `path` | ## Description diff --git a/docs/docs/resources/office365/O365AdminAuditLogConfig.md b/docs/docs/resources/office365/O365AdminAuditLogConfig.md index 2a92250c59..cac59d71ef 100644 --- a/docs/docs/resources/office365/O365AdminAuditLogConfig.md +++ b/docs/docs/resources/office365/O365AdminAuditLogConfig.md @@ -7,7 +7,7 @@ | **IsSingleInstance** | Key | String | Specifies the resource is a single instance, the value must be 'Yes' | `Yes` | | **Ensure** | Write | String | 'Present' is the only value accepted. | `Present` | | **UnifiedAuditLogIngestionEnabled** | Required | String | Determins if Unified Audit Log Ingestion is enabled | `Enabled`, `Disabled` | -| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin | | +| **Credential** | Write | PSCredential | Credentials of the Global Admin | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | diff --git a/docs/docs/resources/office365/O365Group.md b/docs/docs/resources/office365/O365Group.md index 0ab25d109d..91915dbb46 100644 --- a/docs/docs/resources/office365/O365Group.md +++ b/docs/docs/resources/office365/O365Group.md @@ -10,7 +10,7 @@ | **Description** | Write | String | The group's description. | | | **Members** | Write | StringArray[] | Members of the group. | | | **Ensure** | Write | String | Present ensures the group exists, absent ensures it is removed. | `Present`, `Absent` | -| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin | | +| **Credential** | Write | PSCredential | Credentials of the Global Admin | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | | **TenantId** | Write | String | Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com | | | **ApplicationSecret** | Write | PSCredential | Secret of the Azure Active Directory application used for authentication. | | diff --git a/docs/docs/resources/office365/O365OrgCustomizationSetting.md b/docs/docs/resources/office365/O365OrgCustomizationSetting.md index a698e12c58..2db392e80c 100644 --- a/docs/docs/resources/office365/O365OrgCustomizationSetting.md +++ b/docs/docs/resources/office365/O365OrgCustomizationSetting.md @@ -6,7 +6,7 @@ | --- | --- | --- | --- | --- | | **IsSingleInstance** | Key | String | Specifies the resource is a single instance, the value must be 'Yes' | `Yes` | | **Ensure** | Write | String | Since there is only one setting availble, this must be set to 'Present' | `Present` | -| **Credential** | Write | PSCredential | Credentials of the Exchange Global Admin | | +| **Credential** | Write | PSCredential | Credentials of the Global Admin | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | | **TenantId** | Write | String | Id of the Azure Active Directory tenant used for authentication. | | | **CertificateThumbprint** | Write | String | Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication. | | diff --git a/docs/docs/resources/sharepoint/SPOTenantSettings.md b/docs/docs/resources/sharepoint/SPOTenantSettings.md index 1bf16b839b..3673bb83b0 100644 --- a/docs/docs/resources/sharepoint/SPOTenantSettings.md +++ b/docs/docs/resources/sharepoint/SPOTenantSettings.md @@ -15,11 +15,11 @@ | **UserVoiceForFeedbackEnabled** | Write | Boolean | Allow feedback via UserVoice. | | | **PublicCdnEnabled** | Write | Boolean | Configure PublicCDN | | | **PublicCdnAllowedFileTypes** | Write | String | Configure filetypes allowed for PublicCDN | | -| **UseFindPeopleInPeoplePicker** | Write | Boolean | When set to $true, users aren't able to share with security groups or SharePoint groups | | -| **NotificationsInSharePointEnabled** | Write | Boolean | When set to $true, users aren't able to share with security groups or SharePoint groups | | -| **OwnerAnonymousNotification** | Write | Boolean | | | -| **ApplyAppEnforcedRestrictionsToAdHocRecipients** | Write | Boolean | | | -| **FilePickerExternalImageSearchEnabled** | Write | Boolean | | | +| **UseFindPeopleInPeoplePicker** | Write | Boolean | When set to $true, users aren't able to share with security groups or SharePoint groups. | | +| **NotificationsInSharePointEnabled** | Write | Boolean | When set to $true, users aren't able to share with security groups or SharePoint groups. | | +| **OwnerAnonymousNotification** | Write | Boolean | Specifies whether an email notification should be sent to the OneDrive for Business owners when an anonymous links are created or changed. | | +| **ApplyAppEnforcedRestrictionsToAdHocRecipients** | Write | Boolean | When the feature is enabled, all guest users are subject to conditional access policy. By default guest users who are accessing SharePoint Online files with pass code are exempt from the conditional access policy. | | +| **FilePickerExternalImageSearchEnabled** | Write | Boolean | Sets whether webparts that support inserting images, like for example Image or Hero webpart, the Web search (Powered by Bing) should allow choosing external images. | | | **HideDefaultThemes** | Write | Boolean | Defines if the default themes are visible or hidden | | | **HideSyncButtonOnTeamSite** | Write | Boolean | To enable or disable Sync button on Team sites | | | **MarkNewFilesSensitiveByDefault** | Write | String | Allow or block external sharing until at least one Office DLP policy scans the content of the file. | `AllowExternalSharing`, `BlockExternalSharing` | diff --git a/docs/docs/resources/teams/TeamsFeedbackPolicy.md b/docs/docs/resources/teams/TeamsFeedbackPolicy.md index 1dbb8e6b1a..d0c7c3c845 100644 --- a/docs/docs/resources/teams/TeamsFeedbackPolicy.md +++ b/docs/docs/resources/teams/TeamsFeedbackPolicy.md @@ -4,13 +4,13 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **UserInitiatedMode** | Write | String | | | -| **ReceiveSurveysMode** | Write | String | | | -| **AllowScreenshotCollection** | Write | Boolean | | | -| **AllowEmailCollection** | Write | Boolean | | | -| **AllowLogCollection** | Write | Boolean | | | -| **EnableFeatureSuggestions** | Write | Boolean | | | -| **Identity** | Key | String | | | +| **Identity** | Key | String | Specify the name of the Teams Feedback Policy. | | +| **UserInitiatedMode** | Write | String | Specifies if users are allowed to give feedback. | | +| **ReceiveSurveysMode** | Write | String | Specifies if users are allowed to receive the survey. | `Enabled`, `Disabled`, `EnabledUserOverride` | +| **AllowScreenshotCollection** | Write | Boolean | Specifies if Screenshot Collection is enabled or not. | | +| **AllowEmailCollection** | Write | Boolean | Specifies if Email Collection is enabled or not. | | +| **AllowLogCollection** | Write | Boolean | Specifies if Log Collection is enabled or not. | | +| **EnableFeatureSuggestions** | Write | Boolean | Specifies if users are allowed to provide feature suggestions | | | **Ensure** | Write | String | Present ensures the instance exists, absent ensures it is removed. | `Present`, `Absent` | | **Credential** | Write | PSCredential | Credentials of the workload's Admin | | | **ApplicationId** | Write | String | Id of the Azure Active Directory application to authenticate with. | | diff --git a/docs/docs/resources/teams/TeamsMobilityPolicy.md b/docs/docs/resources/teams/TeamsMobilityPolicy.md index dbc8781707..ce0f1cfdbf 100644 --- a/docs/docs/resources/teams/TeamsMobilityPolicy.md +++ b/docs/docs/resources/teams/TeamsMobilityPolicy.md @@ -4,7 +4,7 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **Identity** | Key | String | Specify the name of the policy that you are creating. | | +| **Identity** | Key | String | Specify the name of the Teams Mobility Policy. | | | **Description** | Write | String | Enables administrators to provide explanatory text about the policy. For example, the Description might indicate the users the policy should be assigned to. | | | **IPAudioMobileMode** | Write | String | When set to WifiOnly, prohibits the user from making and receiving calls or joining meetings using VoIP calls on the mobile device while on a cellular data connection. Possible values are: WifiOnly, AllNetworks. | `WifiOnly`, `AllNetworks` | | **IPVideoMobileMode** | Write | String | When set to WifiOnly, prohibits the user from making and receiving video calls or enabling video in meetings using VoIP calls on the mobile device while on a cellular data connection. Possible values are: WifiOnly, AllNetworks. | `WifiOnly`, `AllNetworks` | diff --git a/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md b/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md index fda32b6d50..7bd09020d3 100644 --- a/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md +++ b/docs/docs/resources/teams/TeamsNetworkRoamingPolicy.md @@ -4,7 +4,7 @@ | Parameter | Attribute | DataType | Description | Allowed Values | | --- | --- | --- | --- | --- | -| **Identity** | Key | String | | | +| **Identity** | Key | String | Specify the name of the Teams Network Roaming Policy. | | | **AllowIPVideo** | Write | Boolean | Determines whether video is enabled in a user's meetings or calls. Set this to TRUE to allow the user to share their video. Set this to FALSE to prohibit the user from sharing their video. | | | **Description** | Write | String | Description of the new policy to be created. | | | **MediaBitRateKb** | Write | UInt64 | Determines the media bit rate for audio/video/app sharing transmissions in meetings. | |