Microsoft365DSC

1.25.910.1

DSCResources/MSFT_IntuneAntivirusPolicyWindows10ConfigMgr/MSFT_IntuneAntivirusPolicyWindows10ConfigMgr.schema.mof

                                [ClassVersion("1.0.0.1")]

class MSFT_DeviceManagementConfigurationPolicyAssignments

{

    [Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType;

    [Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType;

    [Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId;

    [Write, Description("The display name of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterDisplayName;

    [Write, Description("The group Id that is the target of the assignment.")] String groupId;

    [Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName;

    [Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId;

};

[ClassVersion("1.0.0.0"), FriendlyName("IntuneAntivirusPolicyWindows10ConfigMgr")]

class MSFT_IntuneAntivirusPolicyWindows10ConfigMgr : OMI_BaseResource

{

    [Write, Description("Policy description")] String Description;

    [Key, Description("Policy name")] String DisplayName;

    [Write, Description("List of Scope Tags for this Entity instance.")] String RoleScopeTagIds[];

    [Write, Description("The unique identifier for an entity. Read-only.")] String Id;

    [Write, Description("Allow Archive Scanning (0: Not allowed. Turns off scanning on archived files., 1: Allowed. Scans the archive files.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowArchiveScanning;

    [Write, Description("Allow Behavior Monitoring (0: Not allowed. Turns off behavior monitoring., 1: Allowed. Turns on real-time behavior monitoring.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowBehaviorMonitoring;

    [Write, Description("Allow Cloud Protection (0: Not allowed. Turns off the Microsoft Active Protection Service., 1: Allowed. Turns on the Microsoft Active Protection Service.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowCloudProtection;

    [Write, Description("Allow Email Scanning (0: Not allowed. Turns off email scanning., 1: Allowed. Turns on email scanning.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowEmailScanning;

    [Write, Description("Allow Full Scan On Mapped Network Drives (0: Not allowed. Disables scanning on mapped network drives., 1: Allowed. Scans mapped network drives.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowFullScanOnMappedNetworkDrives;

    [Write, Description("Allow Full Scan Removable Drive Scanning (0: Not allowed. Turns off scanning on removable drives., 1: Allowed. Scans removable drives.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowFullScanRemovableDriveScanning;

    [Write, Description("[Deprecated] Allow Intrusion Prevention System (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowIntrusionPreventionSystem;

    [Write, Description("Allow scanning of all downloaded files and attachments (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowIOAVProtection;

    [Write, Description("Allow Realtime Monitoring (0: Not allowed. Turns off the real-time monitoring service., 1: Allowed. Turns on and runs the real-time monitoring service.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowRealtimeMonitoring;

    [Write, Description("Allow Scanning Network Files (0: Not allowed. Turns off scanning of network files., 1: Allowed. Scans network files.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowScanningNetworkFiles;

    [Write, Description("Allow Script Scanning (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowScriptScanning;

    [Write, Description("Allow User UI Access (0: Not allowed. Prevents users from accessing UI., 1: Allowed. Lets users access UI.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowUserUIAccess;

    [Write, Description("Avg CPU Load Factor")] SInt32 AvgCPULoadFactor;

    [Write, Description("Check For Signatures Before Running Scan (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 CheckForSignaturesBeforeRunningScan;

    [Write, Description("Cloud Block Level (0: NotConfigured, 2: High, 4: HighPlus, 6: ZeroTolerance)"), ValueMap{"0", "2", "4", "6"}, Values{"0", "2", "4", "6"}] SInt32 CloudBlockLevel;

    [Write, Description("Cloud Extended Timeout")] SInt32 CloudExtendedTimeout;

    [Write, Description("Days To Retain Cleaned Malware")] SInt32 DaysToRetainCleanedMalware;

    [Write, Description("Disable Catchup Full Scan (0: Enabled, 1: Disabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 DisableCatchupFullScan;

    [Write, Description("Disable Catchup Quick Scan (0: Enabled, 1: Disabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 DisableCatchupQuickScan;

    [Write, Description("Enable Low CPU Priority (0: Disabled, 1: Enabled)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 EnableLowCPUPriority;

    [Write, Description("Excluded Extensions")] String ExcludedExtensions[];

    [Write, Description("Excluded Paths")] String ExcludedPaths[];

    [Write, Description("Excluded Processes")] String ExcludedProcesses[];

    [Write, Description("PUA Protection (0: PUA Protection off. Windows Defender will not protect against potentially unwanted applications., 1: PUA Protection on. Detected items are blocked. They will show in history along with other threats., 2: Audit mode. Windows Defender will detect potentially unwanted applications, but take no action. You can review information about the applications Windows Defender would have taken action against by searching for events created by Windows Defender in the Event Viewer.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] SInt32 PUAProtection;

    [Write, Description("Real Time Scan Direction (0: Monitor all files (bi-directional)., 1: Monitor incoming files., 2: Monitor outgoing files.)"), ValueMap{"0", "1", "2"}, Values{"0", "1", "2"}] SInt32 RealTimeScanDirection;

    [Write, Description("Scan Parameter (1: Quick scan, 2: Full scan)"), ValueMap{"1", "2"}, Values{"1", "2"}] SInt32 ScanParameter;

    [Write, Description("Schedule Quick Scan Time")] SInt32 ScheduleQuickScanTime;

    [Write, Description("Schedule Scan Day (0: Every day, 1: Sunday, 2: Monday, 3: Tuesday, 4: Wednesday, 5: Thursday, 6: Friday, 7: Saturday, 8: No scheduled scan)"), ValueMap{"0", "1", "2", "3", "4", "5", "6", "7", "8"}, Values{"0", "1", "2", "3", "4", "5", "6", "7", "8"}] SInt32 ScheduleScanDay;

    [Write, Description("Schedule Scan Time")] SInt32 ScheduleScanTime;

    [Write, Description("Signature Update Fallback Order")] String SignatureUpdateFallbackOrder[];

    [Write, Description("Signature Update File Shares Sources")] String SignatureUpdateFileSharesSources[];

    [Write, Description("Signature Update Interval")] SInt32 SignatureUpdateInterval;

    [Write, Description("Submit Samples Consent (0: Always prompt., 1: Send safe samples automatically., 2: Never send., 3: Send all samples automatically.)"), ValueMap{"0", "1", "2", "3"}, Values{"0", "1", "2", "3"}] SInt32 SubmitSamplesConsent;

    [Write, Description("Allow On Access Protection (0: Not allowed., 1: Allowed.)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 AllowOnAccessProtection;

    [Write, Description("Remediation action for High severity threats - Depends on ThreatSeverityDefaultAction (clean: Clean, quarantine: Quarantine, remove: Remove, allow: Allow, userdefined: UserDefined, block: Block)"), ValueMap{"clean", "quarantine", "remove", "allow", "userdefined", "block"}, Values{"clean", "quarantine", "remove", "allow", "userdefined", "block"}] String HighSeverityThreatDefaultAction;

    [Write, Description("Remediation action for Severe threats - Depends on ThreatSeverityDefaultAction (clean: Clean, quarantine: Quarantine, remove: Remove, allow: Allow, userdefined: UserDefined, block: Block)"), ValueMap{"clean", "quarantine", "remove", "allow", "userdefined", "block"}, Values{"clean", "quarantine", "remove", "allow", "userdefined", "block"}] String SevereThreatDefaultAction;

    [Write, Description("Remediation action for Low severity threats - Depends on ThreatSeverityDefaultAction (clean: Clean, quarantine: Quarantine, remove: Remove, allow: Allow, userdefined: UserDefined, block: Block)"), ValueMap{"clean", "quarantine", "remove", "allow", "userdefined", "block"}, Values{"clean", "quarantine", "remove", "allow", "userdefined", "block"}] String LowSeverityThreatDefaultAction;

    [Write, Description("Remediation action for Moderate severity threats - Depends on ThreatSeverityDefaultAction (clean: Clean, quarantine: Quarantine, remove: Remove, allow: Allow, userdefined: UserDefined, block: Block)"), ValueMap{"clean", "quarantine", "remove", "allow", "userdefined", "block"}, Values{"clean", "quarantine", "remove", "allow", "userdefined", "block"}] String ModerateSeverityThreatDefaultAction;

    [Write, Description("Allow users to view the full History results (0: No, 1: Yes)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 DisablePrivacyMode;

    [Write, Description("Create a system restore point before computers are cleaned. (0: No, 1: Yes)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 DisableRestorePoint;

    [Write, Description("Randomize scheduled scan and security intelligence update start times. (0: No, 1: Yes)"), ValueMap{"0", "1"}, Values{"0", "1"}] SInt32 RandomizeScheduleTaskTimes;

    [Write, Description("Security Intelligence Location")] String SecurityIntelligenceLocation;

    [Write, Description("Represents the assignment to the Intune policy."), EmbeddedInstance("MSFT_DeviceManagementConfigurationPolicyAssignments")] String Assignments[];

    [Write, Description("Present ensures the policy exists, absent ensures it is removed."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] string Ensure;

    [Write, Description("Credentials of the Admin"), EmbeddedInstance("MSFT_Credential")] string Credential;

    [Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId;

    [Write, Description("Id of the Azure Active Directory tenant used for authentication.")] String TenantId;

    [Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret;

    [Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint;

    [Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity;

    [Write, Description("Access token used for authentication.")] String AccessTokens[];

};