andrewamason/Intune
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Module Consolidation

Browse Source
This commit is contained in:
Andrew Amason
2025-05-19 15:02:55 -04:00
parent 81b2d05cda
commit ec2b22290a
141 changed files with 58449 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/CHANGELOG.md Normal file
View File

@@ -0,0 +1,13 @@
# OIB Windows 365 Change Log
# Windows 365 v1.0 - 2024
Initial release of the Windows 365 baseline.
## Added
### Settings Catalog
**Win365 - OIB - Device Security - D - Connectivity Settings - v1.0**
**Win365 - OIB - Device Security - D - Resource Redirection - v1.0**
### Compliance
**Win365 - OIB - Compliance - U - Device Health - v1.0**

114
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/IntuneManagement/CompliancePolicies/Win365 - OIB - Compliance - U - Device Health - v1.0.json Normal file
View File

@@ -0,0 +1,114 @@
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceCompliancePolicies(assignments(),scheduledActionsForRule(scheduledActionConfigurations()))/$entity",
"@odata.type": "#microsoft.graph.windows10CompliancePolicy",
"@odata.id": "deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)",
"@odata.editLink": "deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy",
"roleScopeTagIds@odata.type": "#Collection(String)",
"roleScopeTagIds": [
"0"
],
"id": "c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470",
"createdDateTime@odata.type": "#DateTimeOffset",
"createdDateTime": "2024-08-22T17:39:03.6294123Z",
"description": null,
"lastModifiedDateTime@odata.type": "#DateTimeOffset",
"lastModifiedDateTime": "2024-08-22T17:39:03.6294123Z",
"displayName": "Win365 - OIB - Compliance - U - Device Health - v1.0",
"version": 1,
"passwordRequired": false,
"passwordBlockSimple": false,
"passwordRequiredToUnlockFromIdle": false,
"passwordMinutesOfInactivityBeforeLock": null,
"passwordExpirationDays": null,
"passwordMinimumLength": null,
"passwordMinimumCharacterSetCount": null,
"passwordRequiredType@odata.type": "#microsoft.graph.requiredPasswordType",
"passwordRequiredType": "deviceDefault",
"passwordPreviousPasswordBlockCount": null,
"requireHealthyDeviceReport": false,
"osMinimumVersion": null,
"osMaximumVersion": null,
"mobileOsMinimumVersion": null,
"mobileOsMaximumVersion": null,
"earlyLaunchAntiMalwareDriverEnabled": false,
"bitLockerEnabled": false,
"secureBootEnabled": true,
"codeIntegrityEnabled": true,
"memoryIntegrityEnabled": false,
"kernelDmaProtectionEnabled": false,
"virtualizationBasedSecurityEnabled": false,
"firmwareProtectionEnabled": false,
"storageRequireEncryption": false,
"activeFirewallRequired": false,
"defenderEnabled": false,
"defenderVersion": null,
"signatureOutOfDate": false,
"rtpEnabled": false,
"antivirusRequired": false,
"antiSpywareRequired": false,
"deviceThreatProtectionEnabled": false,
"deviceThreatProtectionRequiredSecurityLevel@odata.type": "#microsoft.graph.deviceThreatProtectionLevel",
"deviceThreatProtectionRequiredSecurityLevel": "unavailable",
"configurationManagerComplianceRequired": false,
"tpmRequired": false,
"deviceCompliancePolicyScript": null,
"validOperatingSystemBuildRanges@odata.type": "#Collection(microsoft.graph.operatingSystemVersionRange)",
"validOperatingSystemBuildRanges": [
],
"assignments@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/assignments",
"assignments@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/assignments/$ref",
"assignments@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/assignments",
"assignments": [
],
"scheduledActionsForRule@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/scheduledActionsForRule(scheduledActionConfigurations())",
"scheduledActionsForRule@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/scheduledActionsForRule/$ref",
"scheduledActionsForRule@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/scheduledActionsForRule",
"scheduledActionsForRule": [
{
"@odata.type": "#microsoft.graph.deviceComplianceScheduledActionForRule",
"@odata.id": "deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionsForRule(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)",
"@odata.editLink": "deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionsForRule(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)",
"id": "c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470",
"ruleName": null,
"scheduledActionConfigurations@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/scheduledActionsForRule(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionConfigurations",
"scheduledActionConfigurations@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionsForRule(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionConfigurations/$ref",
"scheduledActionConfigurations@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionsForRule(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionConfigurations",
"scheduledActionConfigurations": [
{
"@odata.type": "#microsoft.graph.deviceComplianceActionItem",
"@odata.id": "deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionsForRule(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionConfigurations(\u0027181b800b-973d-4144-9a0d-75e7b17d3446\u0027)",
"@odata.editLink": "deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionsForRule(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/scheduledActionConfigurations(\u0027181b800b-973d-4144-9a0d-75e7b17d3446\u0027)",
"id": "181b800b-973d-4144-9a0d-75e7b17d3446",
"gracePeriodHours": 6,
"actionType@odata.type": "#microsoft.graph.deviceComplianceActionType",
"actionType": "block",
"notificationTemplateId": "00000000-0000-0000-0000-000000000000",
"notificationMessageCCList@odata.type": "#Collection(String)",
"notificationMessageCCList": [
]
}
]
}
],
"deviceSettingStateSummaries@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/deviceSettingStateSummaries/$ref",
"deviceSettingStateSummaries@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/deviceSettingStateSummaries",
"deviceStatuses@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/deviceStatuses/$ref",
"deviceStatuses@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/deviceStatuses",
"deviceStatusOverview@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/deviceStatusOverview/$ref",
"deviceStatusOverview@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/deviceStatusOverview",
"userStatuses@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/userStatuses/$ref",
"userStatuses@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/userStatuses",
"userStatusOverview@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/userStatusOverview/$ref",
"userStatusOverview@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.windows10CompliancePolicy/userStatusOverview",
"#microsoft.graph.assign": {
"title": "microsoft.graph.assign",
"target": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.deviceCompliancePolicy/microsoft.graph.assign"
},
"#microsoft.graph.scheduleActionsForRules": {
"title": "microsoft.graph.scheduleActionsForRules",
"target": "https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies(\u0027c2e3c7dc-85ea-4d2a-b59c-0ca5eae4e470\u0027)/microsoft.graph.deviceCompliancePolicy/microsoft.graph.scheduleActionsForRules"
}
}

207
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/IntuneManagement/SettingsCatalog/Win365 - OIB - Device Security - D - Connectivity Settings - v1.0.json Normal file
View File

@@ -0,0 +1,207 @@
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies(assignments(),settings())/$entity",
"@odata.type": "#microsoft.graph.deviceManagementConfigurationPolicy",
"@odata.id": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)",
"createdDateTime@odata.type": "#DateTimeOffset",
"createdDateTime": "2024-08-22T17:50:37.0887785Z",
"creationSource": null,
"description": "",
"lastModifiedDateTime@odata.type": "#DateTimeOffset",
"lastModifiedDateTime": "2024-08-22T17:50:37.0887785Z",
"name": "Win365 - OIB - Device Security - D - Connectivity Settings - v1.0",
"platforms@odata.type": "#microsoft.graph.deviceManagementConfigurationPlatforms",
"platforms": "windows10",
"priorityMetaData": null,
"roleScopeTagIds@odata.type": "#Collection(String)",
"roleScopeTagIds": [
"0"
],
"settingCount": 5,
"technologies@odata.type": "#microsoft.graph.deviceManagementConfigurationTechnologies",
"technologies": "mdm",
"id": "88d3bb1c-c818-4314-9ad2-6c23a493253c",
"templateReference": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationPolicyTemplateReference",
"templateId": "",
"templateFamily@odata.type": "#microsoft.graph.deviceManagementConfigurationTemplateFamily",
"templateFamily": "none",
"templateDisplayName": null,
"templateDisplayVersion": null
},
"assignments@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/assignments",
"assignments@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/assignments/$ref",
"assignments@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/assignments",
"assignments": [
],
"settings@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings",
"settings@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings/$ref",
"settings@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings",
"settings": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00270\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00270\u0027)",
"id": "0",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport_ts_select_transport_type",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport_ts_select_transport_type_0",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
}
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00270\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00270\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00271\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00271\u0027)",
"id": "1",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_promptforpassworduponconnection",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_promptforpassworduponconnection_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00271\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00271\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00272\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00272\u0027)",
"id": "2",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_disconnectonlockmicrosoftidentityauthn",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_disconnectonlockmicrosoftidentityauthn_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00272\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00272\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00273\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00273\u0027)",
"id": "3",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_requiresecurerpccommunication",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_requiresecurerpccommunication_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00273\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00273\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00274\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00274\u0027)",
"id": "4",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel_ts_encryption_level",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel_ts_encryption_level_3",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
}
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00274\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/settings(\u00274\u0027)/settingDefinitions"
}
],
"#microsoft.graph.assign": {
"title": "microsoft.graph.assign",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/microsoft.graph.assign"
},
"#microsoft.graph.clearEnrollmentTimeDeviceMembershipTarget": {
"title": "microsoft.graph.clearEnrollmentTimeDeviceMembershipTarget",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/microsoft.graph.clearEnrollmentTimeDeviceMembershipTarget"
},
"#microsoft.graph.createCopy": {
"title": "microsoft.graph.createCopy",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/microsoft.graph.createCopy"
},
"#microsoft.graph.reorder": {
"title": "microsoft.graph.reorder",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/microsoft.graph.reorder"
},
"#microsoft.graph.retrieveEnrollmentTimeDeviceMembershipTarget": {
"title": "microsoft.graph.retrieveEnrollmentTimeDeviceMembershipTarget",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/microsoft.graph.retrieveEnrollmentTimeDeviceMembershipTarget"
},
"#microsoft.graph.setEnrollmentTimeDeviceMembershipTarget": {
"title": "microsoft.graph.setEnrollmentTimeDeviceMembershipTarget",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/microsoft.graph.setEnrollmentTimeDeviceMembershipTarget"
},
"#microsoft.graph.retrieveLatestUpgradeDefaultBaselinePolicy": {
"title": "microsoft.graph.retrieveLatestUpgradeDefaultBaselinePolicy",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u002788d3bb1c-c818-4314-9ad2-6c23a493253c\u0027)/microsoft.graph.retrieveLatestUpgradeDefaultBaselinePolicy"
}
}

260
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/IntuneManagement/SettingsCatalog/Win365 - OIB - Device Security - D - Resource Redirection - v1.0.json Normal file
View File

@@ -0,0 +1,260 @@
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies(assignments(),settings())/$entity",
"@odata.type": "#microsoft.graph.deviceManagementConfigurationPolicy",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)",
"createdDateTime@odata.type": "#DateTimeOffset",
"createdDateTime": "2024-08-22T17:37:42.7956888Z",
"creationSource": null,
"description": "",
"lastModifiedDateTime@odata.type": "#DateTimeOffset",
"lastModifiedDateTime": "2024-08-22T17:37:42.7956888Z",
"name": "Win365 - OIB - Device Security - D - Resource Redirection - v1.0",
"platforms@odata.type": "#microsoft.graph.deviceManagementConfigurationPlatforms",
"platforms": "windows10",
"priorityMetaData": null,
"roleScopeTagIds@odata.type": "#Collection(String)",
"roleScopeTagIds": [
"0"
],
"settingCount": 8,
"technologies@odata.type": "#microsoft.graph.deviceManagementConfigurationTechnologies",
"technologies": "mdm",
"id": "9fec1155-a997-4278-8957-fe9fce3883e5",
"templateReference": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationPolicyTemplateReference",
"templateId": "",
"templateFamily@odata.type": "#microsoft.graph.deviceManagementConfigurationTemplateFamily",
"templateFamily": "none",
"templateDisplayName": null,
"templateDisplayVersion": null
},
"assignments@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/assignments",
"assignments@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/assignments/$ref",
"assignments@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/assignments",
"assignments": [
],
"settings@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings",
"settings@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings/$ref",
"settings@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings",
"settings": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00270\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00270\u0027)",
"id": "0",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00270\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00270\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00271\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00271\u0027)",
"id": "1",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio_capture",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio_capture_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00271\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00271\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00272\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00272\u0027)",
"id": "2",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_time_zone",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_time_zone_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00272\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00272\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00273\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00273\u0027)",
"id": "3",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_com",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_com_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00273\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00273\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00274\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00274\u0027)",
"id": "4",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_donotallowdriveredirection",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_donotallowdriveredirection_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00274\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00274\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00275\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00275\u0027)",
"id": "5",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_lpt",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_lpt_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00275\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00275\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00276\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00276\u0027)",
"id": "6",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_pnp",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_pnp_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00276\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00276\u0027)/settingDefinitions"
},
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationSetting",
"@odata.id": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00277\u0027)",
"@odata.editLink": "deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00277\u0027)",
"id": "7",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection_1",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection_ts_sc_clipboard_restriction_text",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection_ts_sc_clipboard_restriction_text_0",
"children@odata.type": "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
"children": [
]
}
}
]
}
},
"settingDefinitions@odata.associationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00277\u0027)/settingDefinitions/$ref",
"settingDefinitions@odata.navigationLink": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/settings(\u00277\u0027)/settingDefinitions"
}
],
"#microsoft.graph.assign": {
"title": "microsoft.graph.assign",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/microsoft.graph.assign"
},
"#microsoft.graph.clearEnrollmentTimeDeviceMembershipTarget": {
"title": "microsoft.graph.clearEnrollmentTimeDeviceMembershipTarget",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/microsoft.graph.clearEnrollmentTimeDeviceMembershipTarget"
},
"#microsoft.graph.createCopy": {
"title": "microsoft.graph.createCopy",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/microsoft.graph.createCopy"
},
"#microsoft.graph.reorder": {
"title": "microsoft.graph.reorder",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/microsoft.graph.reorder"
},
"#microsoft.graph.retrieveEnrollmentTimeDeviceMembershipTarget": {
"title": "microsoft.graph.retrieveEnrollmentTimeDeviceMembershipTarget",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/microsoft.graph.retrieveEnrollmentTimeDeviceMembershipTarget"
},
"#microsoft.graph.setEnrollmentTimeDeviceMembershipTarget": {
"title": "microsoft.graph.setEnrollmentTimeDeviceMembershipTarget",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/microsoft.graph.setEnrollmentTimeDeviceMembershipTarget"
},
"#microsoft.graph.retrieveLatestUpgradeDefaultBaselinePolicy": {
"title": "microsoft.graph.retrieveLatestUpgradeDefaultBaselinePolicy",
"target": "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies(\u00279fec1155-a997-4278-8957-fe9fce3883e5\u0027)/microsoft.graph.retrieveLatestUpgradeDefaultBaselinePolicy"
}
}

111
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/NativeImport/Win365 - OIB - Device Security - D - Connectivity Settings - v1.0.json Normal file
View File

@@ -0,0 +1,111 @@
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies/$entity",
"createdDateTime": "2024-08-22T17:50:37.0887785Z",
"creationSource": null,
"description": "",
"lastModifiedDateTime": "2024-08-31T12:35:19.5860397Z",
"name": "Win365 - OIB - Device Security - D - Connectivity Settings - v1.0",
"platforms": "windows10",
"priorityMetaData": null,
"roleScopeTagIds": [
"0"
],
"settingCount": 5,
"technologies": "mdm",
"id": "88d3bb1c-c818-4314-9ad2-6c23a493253c",
"templateReference": {
"templateId": "",
"templateFamily": "none",
"templateDisplayName": null,
"templateDisplayVersion": null
},
"settings": [
{
"id": "0",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport_1",
"children": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport_ts_select_transport_type",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_select_transport_ts_select_transport_type_0",
"children": []
}
}
]
}
}
},
{
"id": "1",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_promptforpassworduponconnection",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_promptforpassworduponconnection_1",
"children": []
}
}
},
{
"id": "2",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_disconnectonlockmicrosoftidentityauthn",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_disconnectonlockmicrosoftidentityauthn_1",
"children": []
}
}
},
{
"id": "3",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_requiresecurerpccommunication",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_requiresecurerpccommunication_1",
"children": []
}
}
},
{
"id": "4",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel_1",
"children": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel_ts_encryption_level",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_clientconnectionencryptionlevel_ts_encryption_level_3",
"children": []
}
}
]
}
}
}
]
}

139
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/NativeImport/Win365 - OIB - Device Security - D - Resource Redirection - v1.0.json Normal file
View File

@@ -0,0 +1,139 @@
{
"@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/configurationPolicies/$entity",
"createdDateTime": "2024-08-22T17:37:42.7956888Z",
"creationSource": null,
"description": "",
"lastModifiedDateTime": "2024-08-31T12:35:30.4992276Z",
"name": "Win365 - OIB - Device Security - D - Resource Redirection - v1.0",
"platforms": "windows10",
"priorityMetaData": null,
"roleScopeTagIds": [
"0"
],
"settingCount": 8,
"technologies": "mdm",
"id": "9fec1155-a997-4278-8957-fe9fce3883e5",
"templateReference": {
"templateId": "",
"templateFamily": "none",
"templateDisplayName": null,
"templateDisplayVersion": null
},
"settings": [
{
"id": "0",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio_1",
"children": []
}
}
},
{
"id": "1",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio_capture",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_audio_capture_1",
"children": []
}
}
},
{
"id": "2",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_time_zone",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_time_zone_1",
"children": []
}
}
},
{
"id": "3",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_com",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_com_1",
"children": []
}
}
},
{
"id": "4",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_donotallowdriveredirection",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_donotallowdriveredirection_1",
"children": []
}
}
},
{
"id": "5",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_lpt",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_lpt_1",
"children": []
}
}
},
{
"id": "6",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_pnp",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_admx_terminalserver_ts_client_pnp_1",
"children": []
}
}
},
{
"id": "7",
"settingInstance": {
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection_1",
"children": [
{
"@odata.type": "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
"settingDefinitionId": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection_ts_sc_clipboard_restriction_text",
"settingInstanceTemplateReference": null,
"choiceSettingValue": {
"settingValueTemplateReference": null,
"value": "device_vendor_msft_policy_config_remotedesktopservices_limitservertoclientclipboardredirection_ts_sc_clipboard_restriction_text_0",
"children": []
}
}
]
}
}
}
]
}

65
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/README.md Normal file
View File

@@ -0,0 +1,65 @@
# OpenIntuneBaseline - Windows 365
## Intended Use-Case
The baseline has been designed for, and tested on the following:
### Device:
* Windows 11 Enterprise 23H2 Gallery Image
* W365 Provisioning Policy configuration:
* License Type - Enterprise
* Join Type - Microsoft Entra Joined
* Network - Microsoft Hosted Network
* Use Microsoft Entra single sign-on - Yes
### User:
* Cloud-Only or Hybrid Identity with Entra ID as IdP
* MFA configured via Conditional Access
* User is not an Administrator
### Licensing:
* M365 Business Premium or M365 E5/A5, or M365 E3/A3 + MDE P1/P2
<br>**OR**:
* Entra ID P1 or P2
* Office 365 E3/E5, A3/A5 or F3
* Intune P1
* Defender for Business or Endpoint P1/P2
* An appropriate Windows 365 Enterprise SKU
Access to the W365 host has been tested using the Windows App via a client also running the Windows OIB.
> [!NOTE]
> The Windows 365 OIB is designed to work as **an addition** to the [Windows OIB](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/tree/main/WINDOWS). It is recommended to assign the W365 host all Windows OIB policies with the exception of:
> * BitLocker
> * Device Health Compliance Policy
>
> The above can be achieved using group assignments or Intune filters.
> [!WARNING]
> The Windows 365 OIB is not designed to protect corporate data if accessed via a **non-corporate** device.
---
## Importing the Baseline:
Please reference [Importing the Baseline](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/wiki#importing-the-baseline) for information.
---
## Baseline Security Posture
Primary information regarding adherence to security frameworks can be found in the main [README](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/wiki#security-framework-adherence).
The Windows 365 OIB has been created with the following Microsoft documentation as guidance:
* https://learn.microsoft.com/en-us/windows-365/enterprise/configure-single-sign-on
* https://learn.microsoft.com/en-us/windows-365/enterprise/security-guidelines
* https://learn.microsoft.com/en-us/windows-365/enterprise/manage-rdp-device-redirections
* https://learn.microsoft.com/en-us/windows-365/enterprise/rdp-shortpath-public-networks
### Included Settings
* Connectivity configuration
* Resource redirection including restricting clipboard transfer from server to client
* W365-specific Device Health Compliance policy
All policies are Settings Catalog and will show in Devices>Configuration Profiles.
For a complete list of settings, please consult [SETTINGSOUTPUT](https://github.com/SkipToTheEndpoint/OpenIntuneBaseline/blob/main/WINDOWS365/SETTINGSOUTPUT.md).
---

207
intune/Device Management/WIndows/Baselines/OpenIntuneBaseline/WINDOWS365/SETTINGSOUTPUT.md Normal file
View File

@@ -0,0 +1,207 @@
# Intune documentation
*OS:* Windows 365
*Version:* v1.0
*Generated:* 2024-09-02
## Table of Contents
- [Device configuration](#section-1)
- [Settings Catalog](#section-2)
- [Win365 - OIB - Device Security - D - Connectivity Settings - v1.0](#section-3)
- [Win365 - OIB - Device Security - D - Resource Redirection - v1.0](#section-4)
<h1 id="section-1">Device configuration</h1>
<h2 id="section-2">Settings Catalog</h2>
<h3 id="section-3">Win365 - OIB - Device Security - D - Connectivity Settings - v1.0</h3>
<table class='table-settings'>
<tr class='table-header1'>
<td>Name</td>
<td>Value</td>
</tr>
<tr>
<td colspan="2" class='category-level1'>Basics</td>
</tr>
<tr class=''>
<td class='property-column1'>Name</td>
<td class='property-column2'>Win365 - OIB - Device Security - D - Connectivity Settings - v1.0</td>
</tr>
<tr class=''>
<td class='property-column1'>Description</td>
<td class='property-column2'></td>
</tr>
<tr class=''>
<td class='property-column1'>Profile type</td>
<td class='property-column2'>Settings catalog</td>
</tr>
<tr class=''>
<td class='property-column1'>Platform supported</td>
<td class='property-column2'>Windows 10 and later</td>
</tr>
<tr class=''>
<td class='property-column1'>Created</td>
<td class='property-column2'>22 August 2024 18:50:37</td>
</tr>
<tr class=''>
<td class='property-column1'>Last modified</td>
<td class='property-column2'>31 August 2024 13:35:19</td>
</tr>
<tr class=''>
<td class='property-column1'>Scope tags</td>
<td class='property-column2'>Default</td>
</tr>
</table>
###### Table 1. Basics - Win365 - OIB - Device Security - D - Connectivity Settings - v1.0
<table class='table-settings'>
<tr class='table-header1'>
<td>Name</td>
<td>Value</td>
</tr>
<tr>
<td colspan="2" class='category-level1'>Administrative Templates</td>
</tr>
<tr>
<td colspan="2" class='category-level2'>Connections</td>
</tr>
<tr class=''>
<td class='property-column1'>Select RDP transport protocols</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1' style='padding-left:10px !important;'>Select Transport Type (Device)</td>
<td class='property-column2'>Use both UDP and TCP</td>
</tr>
<tr>
<td colspan="2" class='category-level2'>Security</td>
</tr>
<tr class=''>
<td class='property-column1'>Always prompt for password upon connection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Disconnect remote session on lock for Microsoft identity platform authentication</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Require secure RPC communication</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Set client connection encryption level</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1' style='padding-left:10px !important;'>Encryption Level</td>
<td class='property-column2'>High Level</td>
</tr>
</table>
###### Table 2. Settings - Win365 - OIB - Device Security - D - Connectivity Settings - v1.0
<h3 id="section-4">Win365 - OIB - Device Security - D - Resource Redirection - v1.0</h3>
<table class='table-settings'>
<tr class='table-header1'>
<td>Name</td>
<td>Value</td>
</tr>
<tr>
<td colspan="2" class='category-level1'>Basics</td>
</tr>
<tr class=''>
<td class='property-column1'>Name</td>
<td class='property-column2'>Win365 - OIB - Device Security - D - Resource Redirection - v1.0</td>
</tr>
<tr class=''>
<td class='property-column1'>Description</td>
<td class='property-column2'></td>
</tr>
<tr class=''>
<td class='property-column1'>Profile type</td>
<td class='property-column2'>Settings catalog</td>
</tr>
<tr class=''>
<td class='property-column1'>Platform supported</td>
<td class='property-column2'>Windows 10 and later</td>
</tr>
<tr class=''>
<td class='property-column1'>Created</td>
<td class='property-column2'>22 August 2024 18:37:42</td>
</tr>
<tr class=''>
<td class='property-column1'>Last modified</td>
<td class='property-column2'>31 August 2024 13:35:30</td>
</tr>
<tr class=''>
<td class='property-column1'>Scope tags</td>
<td class='property-column2'>Default</td>
</tr>
</table>
###### Table 3. Basics - Win365 - OIB - Device Security - D - Resource Redirection - v1.0
<table class='table-settings'>
<tr class='table-header1'>
<td>Name</td>
<td>Value</td>
</tr>
<tr>
<td colspan="2" class='category-level1'>Administrative Templates</td>
</tr>
<tr>
<td colspan="2" class='category-level2'>Device and Resource Redirection</td>
</tr>
<tr class=''>
<td class='property-column1'>Allow audio and video playback redirection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Allow audio recording redirection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Allow time zone redirection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Do not allow COM port redirection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Do not allow drive redirection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Do not allow LPT port redirection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Do not allow supported Plug and Play device redirection</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1'>Restrict clipboard transfer from server to client</td>
<td class='property-column2'>Enabled</td>
</tr>
<tr class=''>
<td class='property-column1' style='padding-left:10px !important;'>Restrict clipboard transfer from server to client: (Device)</td>
<td class='property-column2'>Disable clipboard transfers from server to client</td>
</tr>
</table>
###### Table 4. Settings - Win365 - OIB - Device Security - D - Resource Redirection - v1.0