forked from microsoft/Microsoft365DSC
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
a1b6843
commit 38d6efc
Showing
13 changed files
with
270 additions
and
182 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
36 changes: 19 additions & 17 deletions
36
.../MSFT_IntuneDerivedCredential.schema..mof → ...l/MSFT_IntuneDerivedCredential.schema.mof
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,29 +1,31 @@ | ||
[ClassVersion("1.0.0.0"), FriendlyName("IntuneDerivedCredential")] | ||
class MSFT_IntuneDerivedCredential : OMI_BaseResource { | ||
[Write, Description("The name of the app category.")] | ||
String DisplayName; | ||
class MSFT_IntuneDerivedCredential : OMI_BaseResource | ||
{ | ||
[Key, Description("The name of the app category.")] String DisplayName; | ||
[Write, Description("The unique identifier for an entity. Read-only.")] String Id; | ||
|
||
[Write, Description("The unique identifier for an entity. Read-only.")] | ||
String Id; | ||
[Write, Description("The URL that will be accessible to end users as they retrieve a derived credential using the Company Portal.")] String HelpUrl; | ||
[Write, Description("The nominal percentage of time before certificate renewal is initiated by the client.")] Uint32 RenewalThresholdPercentage; | ||
[Write, Description("Supported values for the derived credential issuer."), | ||
ValueMap{"intercede", "entrustDatacard", "purebred"}, | ||
Values{"intercede", "entrustDatacard", "purebred"}] | ||
String Issuer; | ||
|
||
[Write, Description("The URL that will be accessible to end users as they retrieve a derived credential using the Company Portal.")] | ||
String HelpUrl; | ||
[Write, Description("Supported values for the notification type to use."), | ||
ValueMap{"none", "email", "companyPortal"}, | ||
Values{"none", "email", "companyPortal"}] | ||
String NotificationType; | ||
|
||
[Write, Description("Supported values for the derived credential issuer."), ValueMap{"intercede", "entrustDatacard", "purebred"}, Values{"intercede", "entrustDatacard", "purebred"}] | ||
String Issuer; | ||
[Write, Description("Supported values for the notification type to use."), | ||
ValueMap{"Present", "Absent"}, | ||
Values{"Present", "Absent"}] | ||
String Ensure; | ||
|
||
[Write, Description("Supported values for the notification type to use."), ValueMap{"none", "email", "companyPortal"}, Values{"none", "email", "companyPortal"}] | ||
String NotificationType = "none"; // Default value is set to "none" | ||
|
||
[Write, Description("Supported values for the notification type to use."), ValueMap{"Present", "Absent"}, Values{"Present", "Absent"}] | ||
String Ensure = "Present"; // Default value is set to "none" | ||
|
||
[Write, Description("Credentials of the Intune Admin"), EmbeddedInstance("MSFT_Credential")] string Credential; | ||
[Write, Description("Credentials of the Intune Admin"), EmbeddedInstance("MSFT_Credential")] String Credential; | ||
[Write, Description("Id of the Azure Active Directory application to authenticate with.")] String ApplicationId; | ||
[Write, Description("Name of the Azure Active Directory tenant used for authentication. Format contoso.onmicrosoft.com")] String TenantId; | ||
[Write, Description("Secret of the Azure Active Directory tenant used for authentication."), EmbeddedInstance("MSFT_Credential")] String ApplicationSecret; | ||
[Write, Description("Thumbprint of the Azure Active Directory application's authentication certificate to use for authentication.")] String CertificateThumbprint; | ||
[Write, Description("Managed ID being used for authentication.")] Boolean ManagedIdentity; | ||
[Write, Description("Access token used for authentication.")] String AccessTokens[]; | ||
|
||
}; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
25 changes: 5 additions & 20 deletions
25
Modules/Microsoft365DSC/DSCResources/MSFT_IntuneDerivedCredential/settings.json
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,40 +1,25 @@ | ||
{ | ||
"resourceName": "IntuneDerivedCredential", | ||
"description": "Use this resource to create new navigation property to derivedCredentials for deviceManagement", | ||
// "roles": { | ||
// "read": [ | ||
// "Global Reader" | ||
// ], | ||
// "update": [ | ||
// "Intune Administrator" | ||
// ] | ||
// }, | ||
"description": "Use this resource to create new navigation property to derivedCredentials for device Management in Intune.", | ||
|
||
"permissions": { | ||
"graph": { | ||
"delegated": { | ||
"read": [ | ||
"DeviceManagementConfiguration.Read.All" | ||
"" | ||
], | ||
"update": [ | ||
"DeviceManagementConfiguration.ReadWrite.All" | ||
"" | ||
] | ||
}, | ||
"application": { | ||
"read": [ | ||
"DeviceManagementConfiguration.Read.All" | ||
"" | ||
], | ||
"update": [ | ||
"DeviceManagementConfiguration.ReadWrite.All" | ||
"" | ||
] | ||
} | ||
} | ||
} | ||
} | ||
|
||
// PS C:\Windows\system32> Find-MgGraphCommand -Command “Get-MgBetaDeviceManagementDerivedCredential” | select Permissions | ||
// OUTPUT: | ||
// Permissions | ||
// ----------- | ||
// {} | ||
// {} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.