Examples/Resources/IntuneDeviceCompliancePolicyAndroidWorkProfile/1-NewDeviceCompliancePolicyAndroidWorkProfile.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
<#
This example creates a new Device Compliance Policy for iOs devices
#>


Configuration Example
{
    param(
        [Parameter(Mandatory = $true)]
        [PSCredential]
        $credsGlobalAdmin
    )
    Import-DscResource -ModuleName Microsoft365DSC

    node localhost
    {
        IntuneDeviceCompliancePolicyAndroidWorkProfile f7d82525-b7c0-475c-9d5e-16fafdfa487a
        {
            Description                                        = "";
            DeviceThreatProtectionEnabled                      = $False;
            DeviceThreatProtectionRequiredSecurityLevel        = "unavailable";
            DisplayName                                        = "Test Policy";
            Ensure                                             = "Present";
            GlobalAdminAccount                                 = $Credsglobaladmin;
            PasswordExpirationDays                             = 90;
            PasswordMinimumLength                              = 6;
            PasswordMinutesOfInactivityBeforeLock              = 5;
            PasswordRequired                                   = $True;
            PasswordRequiredType                               = "numericComplex";
            SecurityBlockJailbrokenDevices                     = $True;
            SecurityDisableUsbDebugging                        = $False;
            SecurityPreventInstallAppsFromUnknownSources       = $False;
            SecurityRequireCompanyPortalAppIntegrity           = $False;
            SecurityRequireGooglePlayServices                  = $False;
            SecurityRequireSafetyNetAttestationBasicIntegrity  = $False;
            SecurityRequireSafetyNetAttestationCertifiedDevice = $False;
            SecurityRequireUpToDateSecurityProviders           = $False;
            SecurityRequireVerifyApps                          = $False;
            StorageRequireEncryption                           = $True;
        }
    }
}