PATCH https://graph.microsoft.com/v1.0/deviceManagement/deviceConfigurations/{deviceConfigurationId}
Content-type: application/json
Content-length: 4245
{
"@odata.type": "#microsoft.graph.windows10EndpointProtectionConfiguration",
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"firewallBlockStatefulFTP": true,
"firewallIdleTimeoutForSecurityAssociationInSeconds": 2,
"firewallPreSharedKeyEncodingMethod": "none",
"firewallIPSecExemptionsAllowNeighborDiscovery": true,
"firewallIPSecExemptionsAllowICMP": true,
"firewallIPSecExemptionsAllowRouterDiscovery": true,
"firewallIPSecExemptionsAllowDHCP": true,
"firewallCertificateRevocationListCheckMethod": "none",
"firewallMergeKeyingModuleSettings": true,
"firewallPacketQueueingMethod": "disabled",
"firewallProfileDomain": {
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
"firewallEnabled": "blocked",
"stealthModeBlocked": true,
"incomingTrafficBlocked": true,
"unicastResponsesToMulticastBroadcastsBlocked": true,
"inboundNotificationsBlocked": true,
"authorizedApplicationRulesFromGroupPolicyMerged": true,
"globalPortRulesFromGroupPolicyMerged": true,
"connectionSecurityRulesFromGroupPolicyMerged": true,
"outboundConnectionsBlocked": true,
"inboundConnectionsBlocked": true,
"securedPacketExemptionAllowed": true,
"policyRulesFromGroupPolicyMerged": true
},
"firewallProfilePublic": {
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
"firewallEnabled": "blocked",
"stealthModeBlocked": true,
"incomingTrafficBlocked": true,
"unicastResponsesToMulticastBroadcastsBlocked": true,
"inboundNotificationsBlocked": true,
"authorizedApplicationRulesFromGroupPolicyMerged": true,
"globalPortRulesFromGroupPolicyMerged": true,
"connectionSecurityRulesFromGroupPolicyMerged": true,
"outboundConnectionsBlocked": true,
"inboundConnectionsBlocked": true,
"securedPacketExemptionAllowed": true,
"policyRulesFromGroupPolicyMerged": true
},
"firewallProfilePrivate": {
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",
"firewallEnabled": "blocked",
"stealthModeBlocked": true,
"incomingTrafficBlocked": true,
"unicastResponsesToMulticastBroadcastsBlocked": true,
"inboundNotificationsBlocked": true,
"authorizedApplicationRulesFromGroupPolicyMerged": true,
"globalPortRulesFromGroupPolicyMerged": true,
"connectionSecurityRulesFromGroupPolicyMerged": true,
"outboundConnectionsBlocked": true,
"inboundConnectionsBlocked": true,
"securedPacketExemptionAllowed": true,
"policyRulesFromGroupPolicyMerged": true
},
"defenderAttackSurfaceReductionExcludedPaths": [
"Defender Attack Surface Reduction Excluded Paths value"
],
"defenderGuardedFoldersAllowedAppPaths": [
"Defender Guarded Folders Allowed App Paths value"
],
"defenderAdditionalGuardedFolders": [
"Defender Additional Guarded Folders value"
],
"defenderExploitProtectionXml": "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==",
"defenderExploitProtectionXmlFileName": "Defender Exploit Protection Xml File Name value",
"defenderSecurityCenterBlockExploitProtectionOverride": true,
"appLockerApplicationControl": "enforceComponentsAndStoreApps",
"smartScreenEnableInShell": true,
"smartScreenBlockOverrideForFiles": true,
"applicationGuardEnabled": true,
"applicationGuardBlockFileTransfer": "blockImageAndTextFile",
"applicationGuardBlockNonEnterpriseContent": true,
"applicationGuardAllowPersistence": true,
"applicationGuardForceAuditing": true,
"applicationGuardBlockClipboardSharing": "blockBoth",
"applicationGuardAllowPrintToPDF": true,
"applicationGuardAllowPrintToXPS": true,
"applicationGuardAllowPrintToLocalPrinters": true,
"applicationGuardAllowPrintToNetworkPrinters": true,
"bitLockerDisableWarningForOtherDiskEncryption": true,
"bitLockerEnableStorageCardEncryptionOnMobile": true,
"bitLockerEncryptDevice": true,
"bitLockerRemovableDrivePolicy": {
"@odata.type": "microsoft.graph.bitLockerRemovableDrivePolicy",
"encryptionMethod": "aesCbc256",
"requireEncryptionForWriteAccess": true,
"blockCrossOrganizationWriteAccess": true
}
}
// Code snippets are only available for the latest version. Current version is 5.x
// Dependencies
using Microsoft.Graph.Models;
var requestBody = new Windows10EndpointProtectionConfiguration
{
OdataType = "#microsoft.graph.windows10EndpointProtectionConfiguration",
Description = "Description value",
DisplayName = "Display Name value",
Version = 7,
FirewallBlockStatefulFTP = true,
FirewallIdleTimeoutForSecurityAssociationInSeconds = 2,
FirewallPreSharedKeyEncodingMethod = FirewallPreSharedKeyEncodingMethodType.None,
FirewallIPSecExemptionsAllowNeighborDiscovery = true,
FirewallIPSecExemptionsAllowICMP = true,
FirewallIPSecExemptionsAllowRouterDiscovery = true,
FirewallIPSecExemptionsAllowDHCP = true,
FirewallCertificateRevocationListCheckMethod = FirewallCertificateRevocationListCheckMethodType.None,
FirewallMergeKeyingModuleSettings = true,
FirewallPacketQueueingMethod = FirewallPacketQueueingMethodType.Disabled,
FirewallProfileDomain = new WindowsFirewallNetworkProfile
{
OdataType = "microsoft.graph.windowsFirewallNetworkProfile",
FirewallEnabled = StateManagementSetting.Blocked,
StealthModeBlocked = true,
IncomingTrafficBlocked = true,
UnicastResponsesToMulticastBroadcastsBlocked = true,
InboundNotificationsBlocked = true,
AuthorizedApplicationRulesFromGroupPolicyMerged = true,
GlobalPortRulesFromGroupPolicyMerged = true,
ConnectionSecurityRulesFromGroupPolicyMerged = true,
OutboundConnectionsBlocked = true,
InboundConnectionsBlocked = true,
SecuredPacketExemptionAllowed = true,
PolicyRulesFromGroupPolicyMerged = true,
},
FirewallProfilePublic = new WindowsFirewallNetworkProfile
{
OdataType = "microsoft.graph.windowsFirewallNetworkProfile",
FirewallEnabled = StateManagementSetting.Blocked,
StealthModeBlocked = true,
IncomingTrafficBlocked = true,
UnicastResponsesToMulticastBroadcastsBlocked = true,
InboundNotificationsBlocked = true,
AuthorizedApplicationRulesFromGroupPolicyMerged = true,
GlobalPortRulesFromGroupPolicyMerged = true,
ConnectionSecurityRulesFromGroupPolicyMerged = true,
OutboundConnectionsBlocked = true,
InboundConnectionsBlocked = true,
SecuredPacketExemptionAllowed = true,
PolicyRulesFromGroupPolicyMerged = true,
},
FirewallProfilePrivate = new WindowsFirewallNetworkProfile
{
OdataType = "microsoft.graph.windowsFirewallNetworkProfile",
FirewallEnabled = StateManagementSetting.Blocked,
StealthModeBlocked = true,
IncomingTrafficBlocked = true,
UnicastResponsesToMulticastBroadcastsBlocked = true,
InboundNotificationsBlocked = true,
AuthorizedApplicationRulesFromGroupPolicyMerged = true,
GlobalPortRulesFromGroupPolicyMerged = true,
ConnectionSecurityRulesFromGroupPolicyMerged = true,
OutboundConnectionsBlocked = true,
InboundConnectionsBlocked = true,
SecuredPacketExemptionAllowed = true,
PolicyRulesFromGroupPolicyMerged = true,
},
DefenderAttackSurfaceReductionExcludedPaths = new List<string>
{
"Defender Attack Surface Reduction Excluded Paths value",
},
DefenderGuardedFoldersAllowedAppPaths = new List<string>
{
"Defender Guarded Folders Allowed App Paths value",
},
DefenderAdditionalGuardedFolders = new List<string>
{
"Defender Additional Guarded Folders value",
},
DefenderExploitProtectionXml = Convert.FromBase64String("ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA=="),
DefenderExploitProtectionXmlFileName = "Defender Exploit Protection Xml File Name value",
DefenderSecurityCenterBlockExploitProtectionOverride = true,
AppLockerApplicationControl = AppLockerApplicationControlType.EnforceComponentsAndStoreApps,
SmartScreenEnableInShell = true,
SmartScreenBlockOverrideForFiles = true,
ApplicationGuardEnabled = true,
ApplicationGuardBlockFileTransfer = ApplicationGuardBlockFileTransferType.BlockImageAndTextFile,
ApplicationGuardBlockNonEnterpriseContent = true,
ApplicationGuardAllowPersistence = true,
ApplicationGuardForceAuditing = true,
ApplicationGuardBlockClipboardSharing = ApplicationGuardBlockClipboardSharingType.BlockBoth,
ApplicationGuardAllowPrintToPDF = true,
ApplicationGuardAllowPrintToXPS = true,
ApplicationGuardAllowPrintToLocalPrinters = true,
ApplicationGuardAllowPrintToNetworkPrinters = true,
BitLockerDisableWarningForOtherDiskEncryption = true,
BitLockerEnableStorageCardEncryptionOnMobile = true,
BitLockerEncryptDevice = true,
BitLockerRemovableDrivePolicy = new BitLockerRemovableDrivePolicy
{
OdataType = "microsoft.graph.bitLockerRemovableDrivePolicy",
EncryptionMethod = BitLockerEncryptionMethod.AesCbc256,
RequireEncryptionForWriteAccess = true,
BlockCrossOrganizationWriteAccess = true,
},
};
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=csharp
var result = await graphClient.DeviceManagement.DeviceConfigurations["{deviceConfiguration-id}"].PatchAsync(requestBody);
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
mgc device-management device-configurations patch --device-configuration-id {deviceConfiguration-id} --body '{\
"@odata.type": "#microsoft.graph.windows10EndpointProtectionConfiguration",\
"description": "Description value",\
"displayName": "Display Name value",\
"version": 7,\
"firewallBlockStatefulFTP": true,\
"firewallIdleTimeoutForSecurityAssociationInSeconds": 2,\
"firewallPreSharedKeyEncodingMethod": "none",\
"firewallIPSecExemptionsAllowNeighborDiscovery": true,\
"firewallIPSecExemptionsAllowICMP": true,\
"firewallIPSecExemptionsAllowRouterDiscovery": true,\
"firewallIPSecExemptionsAllowDHCP": true,\
"firewallCertificateRevocationListCheckMethod": "none",\
"firewallMergeKeyingModuleSettings": true,\
"firewallPacketQueueingMethod": "disabled",\
"firewallProfileDomain": {\
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",\
"firewallEnabled": "blocked",\
"stealthModeBlocked": true,\
"incomingTrafficBlocked": true,\
"unicastResponsesToMulticastBroadcastsBlocked": true,\
"inboundNotificationsBlocked": true,\
"authorizedApplicationRulesFromGroupPolicyMerged": true,\
"globalPortRulesFromGroupPolicyMerged": true,\
"connectionSecurityRulesFromGroupPolicyMerged": true,\
"outboundConnectionsBlocked": true,\
"inboundConnectionsBlocked": true,\
"securedPacketExemptionAllowed": true,\
"policyRulesFromGroupPolicyMerged": true\
},\
"firewallProfilePublic": {\
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",\
"firewallEnabled": "blocked",\
"stealthModeBlocked": true,\
"incomingTrafficBlocked": true,\
"unicastResponsesToMulticastBroadcastsBlocked": true,\
"inboundNotificationsBlocked": true,\
"authorizedApplicationRulesFromGroupPolicyMerged": true,\
"globalPortRulesFromGroupPolicyMerged": true,\
"connectionSecurityRulesFromGroupPolicyMerged": true,\
"outboundConnectionsBlocked": true,\
"inboundConnectionsBlocked": true,\
"securedPacketExemptionAllowed": true,\
"policyRulesFromGroupPolicyMerged": true\
},\
"firewallProfilePrivate": {\
"@odata.type": "microsoft.graph.windowsFirewallNetworkProfile",\
"firewallEnabled": "blocked",\
"stealthModeBlocked": true,\
"incomingTrafficBlocked": true,\
"unicastResponsesToMulticastBroadcastsBlocked": true,\
"inboundNotificationsBlocked": true,\
"authorizedApplicationRulesFromGroupPolicyMerged": true,\
"globalPortRulesFromGroupPolicyMerged": true,\
"connectionSecurityRulesFromGroupPolicyMerged": true,\
"outboundConnectionsBlocked": true,\
"inboundConnectionsBlocked": true,\
"securedPacketExemptionAllowed": true,\
"policyRulesFromGroupPolicyMerged": true\
},\
"defenderAttackSurfaceReductionExcludedPaths": [\
"Defender Attack Surface Reduction Excluded Paths value"\
],\
"defenderGuardedFoldersAllowedAppPaths": [\
"Defender Guarded Folders Allowed App Paths value"\
],\
"defenderAdditionalGuardedFolders": [\
"Defender Additional Guarded Folders value"\
],\
"defenderExploitProtectionXml": "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==",\
"defenderExploitProtectionXmlFileName": "Defender Exploit Protection Xml File Name value",\
"defenderSecurityCenterBlockExploitProtectionOverride": true,\
"appLockerApplicationControl": "enforceComponentsAndStoreApps",\
"smartScreenEnableInShell": true,\
"smartScreenBlockOverrideForFiles": true,\
"applicationGuardEnabled": true,\
"applicationGuardBlockFileTransfer": "blockImageAndTextFile",\
"applicationGuardBlockNonEnterpriseContent": true,\
"applicationGuardAllowPersistence": true,\
"applicationGuardForceAuditing": true,\
"applicationGuardBlockClipboardSharing": "blockBoth",\
"applicationGuardAllowPrintToPDF": true,\
"applicationGuardAllowPrintToXPS": true,\
"applicationGuardAllowPrintToLocalPrinters": true,\
"applicationGuardAllowPrintToNetworkPrinters": true,\
"bitLockerDisableWarningForOtherDiskEncryption": true,\
"bitLockerEnableStorageCardEncryptionOnMobile": true,\
"bitLockerEncryptDevice": true,\
"bitLockerRemovableDrivePolicy": {\
"@odata.type": "microsoft.graph.bitLockerRemovableDrivePolicy",\
"encryptionMethod": "aesCbc256",\
"requireEncryptionForWriteAccess": true,\
"blockCrossOrganizationWriteAccess": true\
}\
}\
'
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
// Code snippets are only available for the latest major version. Current major version is $v1.*
// Dependencies
import (
"context"
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
graphmodels "github.com/microsoftgraph/msgraph-sdk-go/models"
//other-imports
)
requestBody := graphmodels.NewDeviceConfiguration()
description := "Description value"
requestBody.SetDescription(&description)
displayName := "Display Name value"
requestBody.SetDisplayName(&displayName)
version := int32(7)
requestBody.SetVersion(&version)
firewallBlockStatefulFTP := true
requestBody.SetFirewallBlockStatefulFTP(&firewallBlockStatefulFTP)
firewallIdleTimeoutForSecurityAssociationInSeconds := int32(2)
requestBody.SetFirewallIdleTimeoutForSecurityAssociationInSeconds(&firewallIdleTimeoutForSecurityAssociationInSeconds)
firewallPreSharedKeyEncodingMethod := graphmodels.NONE_FIREWALLPRESHAREDKEYENCODINGMETHODTYPE
requestBody.SetFirewallPreSharedKeyEncodingMethod(&firewallPreSharedKeyEncodingMethod)
firewallIPSecExemptionsAllowNeighborDiscovery := true
requestBody.SetFirewallIPSecExemptionsAllowNeighborDiscovery(&firewallIPSecExemptionsAllowNeighborDiscovery)
firewallIPSecExemptionsAllowICMP := true
requestBody.SetFirewallIPSecExemptionsAllowICMP(&firewallIPSecExemptionsAllowICMP)
firewallIPSecExemptionsAllowRouterDiscovery := true
requestBody.SetFirewallIPSecExemptionsAllowRouterDiscovery(&firewallIPSecExemptionsAllowRouterDiscovery)
firewallIPSecExemptionsAllowDHCP := true
requestBody.SetFirewallIPSecExemptionsAllowDHCP(&firewallIPSecExemptionsAllowDHCP)
firewallCertificateRevocationListCheckMethod := graphmodels.NONE_FIREWALLCERTIFICATEREVOCATIONLISTCHECKMETHODTYPE
requestBody.SetFirewallCertificateRevocationListCheckMethod(&firewallCertificateRevocationListCheckMethod)
firewallMergeKeyingModuleSettings := true
requestBody.SetFirewallMergeKeyingModuleSettings(&firewallMergeKeyingModuleSettings)
firewallPacketQueueingMethod := graphmodels.DISABLED_FIREWALLPACKETQUEUEINGMETHODTYPE
requestBody.SetFirewallPacketQueueingMethod(&firewallPacketQueueingMethod)
firewallProfileDomain := graphmodels.NewWindowsFirewallNetworkProfile()
firewallEnabled := graphmodels.BLOCKED_STATEMANAGEMENTSETTING
firewallProfileDomain.SetFirewallEnabled(&firewallEnabled)
stealthModeBlocked := true
firewallProfileDomain.SetStealthModeBlocked(&stealthModeBlocked)
incomingTrafficBlocked := true
firewallProfileDomain.SetIncomingTrafficBlocked(&incomingTrafficBlocked)
unicastResponsesToMulticastBroadcastsBlocked := true
firewallProfileDomain.SetUnicastResponsesToMulticastBroadcastsBlocked(&unicastResponsesToMulticastBroadcastsBlocked)
inboundNotificationsBlocked := true
firewallProfileDomain.SetInboundNotificationsBlocked(&inboundNotificationsBlocked)
authorizedApplicationRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetAuthorizedApplicationRulesFromGroupPolicyMerged(&authorizedApplicationRulesFromGroupPolicyMerged)
globalPortRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetGlobalPortRulesFromGroupPolicyMerged(&globalPortRulesFromGroupPolicyMerged)
connectionSecurityRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetConnectionSecurityRulesFromGroupPolicyMerged(&connectionSecurityRulesFromGroupPolicyMerged)
outboundConnectionsBlocked := true
firewallProfileDomain.SetOutboundConnectionsBlocked(&outboundConnectionsBlocked)
inboundConnectionsBlocked := true
firewallProfileDomain.SetInboundConnectionsBlocked(&inboundConnectionsBlocked)
securedPacketExemptionAllowed := true
firewallProfileDomain.SetSecuredPacketExemptionAllowed(&securedPacketExemptionAllowed)
policyRulesFromGroupPolicyMerged := true
firewallProfileDomain.SetPolicyRulesFromGroupPolicyMerged(&policyRulesFromGroupPolicyMerged)
requestBody.SetFirewallProfileDomain(firewallProfileDomain)
firewallProfilePublic := graphmodels.NewWindowsFirewallNetworkProfile()
firewallEnabled := graphmodels.BLOCKED_STATEMANAGEMENTSETTING
firewallProfilePublic.SetFirewallEnabled(&firewallEnabled)
stealthModeBlocked := true
firewallProfilePublic.SetStealthModeBlocked(&stealthModeBlocked)
incomingTrafficBlocked := true
firewallProfilePublic.SetIncomingTrafficBlocked(&incomingTrafficBlocked)
unicastResponsesToMulticastBroadcastsBlocked := true
firewallProfilePublic.SetUnicastResponsesToMulticastBroadcastsBlocked(&unicastResponsesToMulticastBroadcastsBlocked)
inboundNotificationsBlocked := true
firewallProfilePublic.SetInboundNotificationsBlocked(&inboundNotificationsBlocked)
authorizedApplicationRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetAuthorizedApplicationRulesFromGroupPolicyMerged(&authorizedApplicationRulesFromGroupPolicyMerged)
globalPortRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetGlobalPortRulesFromGroupPolicyMerged(&globalPortRulesFromGroupPolicyMerged)
connectionSecurityRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetConnectionSecurityRulesFromGroupPolicyMerged(&connectionSecurityRulesFromGroupPolicyMerged)
outboundConnectionsBlocked := true
firewallProfilePublic.SetOutboundConnectionsBlocked(&outboundConnectionsBlocked)
inboundConnectionsBlocked := true
firewallProfilePublic.SetInboundConnectionsBlocked(&inboundConnectionsBlocked)
securedPacketExemptionAllowed := true
firewallProfilePublic.SetSecuredPacketExemptionAllowed(&securedPacketExemptionAllowed)
policyRulesFromGroupPolicyMerged := true
firewallProfilePublic.SetPolicyRulesFromGroupPolicyMerged(&policyRulesFromGroupPolicyMerged)
requestBody.SetFirewallProfilePublic(firewallProfilePublic)
firewallProfilePrivate := graphmodels.NewWindowsFirewallNetworkProfile()
firewallEnabled := graphmodels.BLOCKED_STATEMANAGEMENTSETTING
firewallProfilePrivate.SetFirewallEnabled(&firewallEnabled)
stealthModeBlocked := true
firewallProfilePrivate.SetStealthModeBlocked(&stealthModeBlocked)
incomingTrafficBlocked := true
firewallProfilePrivate.SetIncomingTrafficBlocked(&incomingTrafficBlocked)
unicastResponsesToMulticastBroadcastsBlocked := true
firewallProfilePrivate.SetUnicastResponsesToMulticastBroadcastsBlocked(&unicastResponsesToMulticastBroadcastsBlocked)
inboundNotificationsBlocked := true
firewallProfilePrivate.SetInboundNotificationsBlocked(&inboundNotificationsBlocked)
authorizedApplicationRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetAuthorizedApplicationRulesFromGroupPolicyMerged(&authorizedApplicationRulesFromGroupPolicyMerged)
globalPortRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetGlobalPortRulesFromGroupPolicyMerged(&globalPortRulesFromGroupPolicyMerged)
connectionSecurityRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetConnectionSecurityRulesFromGroupPolicyMerged(&connectionSecurityRulesFromGroupPolicyMerged)
outboundConnectionsBlocked := true
firewallProfilePrivate.SetOutboundConnectionsBlocked(&outboundConnectionsBlocked)
inboundConnectionsBlocked := true
firewallProfilePrivate.SetInboundConnectionsBlocked(&inboundConnectionsBlocked)
securedPacketExemptionAllowed := true
firewallProfilePrivate.SetSecuredPacketExemptionAllowed(&securedPacketExemptionAllowed)
policyRulesFromGroupPolicyMerged := true
firewallProfilePrivate.SetPolicyRulesFromGroupPolicyMerged(&policyRulesFromGroupPolicyMerged)
requestBody.SetFirewallProfilePrivate(firewallProfilePrivate)
defenderAttackSurfaceReductionExcludedPaths := []string {
"Defender Attack Surface Reduction Excluded Paths value",
}
requestBody.SetDefenderAttackSurfaceReductionExcludedPaths(defenderAttackSurfaceReductionExcludedPaths)
defenderGuardedFoldersAllowedAppPaths := []string {
"Defender Guarded Folders Allowed App Paths value",
}
requestBody.SetDefenderGuardedFoldersAllowedAppPaths(defenderGuardedFoldersAllowedAppPaths)
defenderAdditionalGuardedFolders := []string {
"Defender Additional Guarded Folders value",
}
requestBody.SetDefenderAdditionalGuardedFolders(defenderAdditionalGuardedFolders)
defenderExploitProtectionXml := []byte("zGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==")
requestBody.SetDefenderExploitProtectionXml(&defenderExploitProtectionXml)
defenderExploitProtectionXmlFileName := "Defender Exploit Protection Xml File Name value"
requestBody.SetDefenderExploitProtectionXmlFileName(&defenderExploitProtectionXmlFileName)
defenderSecurityCenterBlockExploitProtectionOverride := true
requestBody.SetDefenderSecurityCenterBlockExploitProtectionOverride(&defenderSecurityCenterBlockExploitProtectionOverride)
appLockerApplicationControl := graphmodels.ENFORCECOMPONENTSANDSTOREAPPS_APPLOCKERAPPLICATIONCONTROLTYPE
requestBody.SetAppLockerApplicationControl(&appLockerApplicationControl)
smartScreenEnableInShell := true
requestBody.SetSmartScreenEnableInShell(&smartScreenEnableInShell)
smartScreenBlockOverrideForFiles := true
requestBody.SetSmartScreenBlockOverrideForFiles(&smartScreenBlockOverrideForFiles)
applicationGuardEnabled := true
requestBody.SetApplicationGuardEnabled(&applicationGuardEnabled)
applicationGuardBlockFileTransfer := graphmodels.BLOCKIMAGEANDTEXTFILE_APPLICATIONGUARDBLOCKFILETRANSFERTYPE
requestBody.SetApplicationGuardBlockFileTransfer(&applicationGuardBlockFileTransfer)
applicationGuardBlockNonEnterpriseContent := true
requestBody.SetApplicationGuardBlockNonEnterpriseContent(&applicationGuardBlockNonEnterpriseContent)
applicationGuardAllowPersistence := true
requestBody.SetApplicationGuardAllowPersistence(&applicationGuardAllowPersistence)
applicationGuardForceAuditing := true
requestBody.SetApplicationGuardForceAuditing(&applicationGuardForceAuditing)
applicationGuardBlockClipboardSharing := graphmodels.BLOCKBOTH_APPLICATIONGUARDBLOCKCLIPBOARDSHARINGTYPE
requestBody.SetApplicationGuardBlockClipboardSharing(&applicationGuardBlockClipboardSharing)
applicationGuardAllowPrintToPDF := true
requestBody.SetApplicationGuardAllowPrintToPDF(&applicationGuardAllowPrintToPDF)
applicationGuardAllowPrintToXPS := true
requestBody.SetApplicationGuardAllowPrintToXPS(&applicationGuardAllowPrintToXPS)
applicationGuardAllowPrintToLocalPrinters := true
requestBody.SetApplicationGuardAllowPrintToLocalPrinters(&applicationGuardAllowPrintToLocalPrinters)
applicationGuardAllowPrintToNetworkPrinters := true
requestBody.SetApplicationGuardAllowPrintToNetworkPrinters(&applicationGuardAllowPrintToNetworkPrinters)
bitLockerDisableWarningForOtherDiskEncryption := true
requestBody.SetBitLockerDisableWarningForOtherDiskEncryption(&bitLockerDisableWarningForOtherDiskEncryption)
bitLockerEnableStorageCardEncryptionOnMobile := true
requestBody.SetBitLockerEnableStorageCardEncryptionOnMobile(&bitLockerEnableStorageCardEncryptionOnMobile)
bitLockerEncryptDevice := true
requestBody.SetBitLockerEncryptDevice(&bitLockerEncryptDevice)
bitLockerRemovableDrivePolicy := graphmodels.NewBitLockerRemovableDrivePolicy()
encryptionMethod := graphmodels.AESCBC256_BITLOCKERENCRYPTIONMETHOD
bitLockerRemovableDrivePolicy.SetEncryptionMethod(&encryptionMethod)
requireEncryptionForWriteAccess := true
bitLockerRemovableDrivePolicy.SetRequireEncryptionForWriteAccess(&requireEncryptionForWriteAccess)
blockCrossOrganizationWriteAccess := true
bitLockerRemovableDrivePolicy.SetBlockCrossOrganizationWriteAccess(&blockCrossOrganizationWriteAccess)
requestBody.SetBitLockerRemovableDrivePolicy(bitLockerRemovableDrivePolicy)
// To initialize your graphClient, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=go
deviceConfigurations, err := graphClient.DeviceManagement().DeviceConfigurations().ByDeviceConfigurationId("deviceConfiguration-id").Patch(context.Background(), requestBody, nil)
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
// Code snippets are only available for the latest version. Current version is 6.x
GraphServiceClient graphClient = new GraphServiceClient(requestAdapter);
Windows10EndpointProtectionConfiguration deviceConfiguration = new Windows10EndpointProtectionConfiguration();
deviceConfiguration.setOdataType("#microsoft.graph.windows10EndpointProtectionConfiguration");
deviceConfiguration.setDescription("Description value");
deviceConfiguration.setDisplayName("Display Name value");
deviceConfiguration.setVersion(7);
deviceConfiguration.setFirewallBlockStatefulFTP(true);
deviceConfiguration.setFirewallIdleTimeoutForSecurityAssociationInSeconds(2);
deviceConfiguration.setFirewallPreSharedKeyEncodingMethod(FirewallPreSharedKeyEncodingMethodType.None);
deviceConfiguration.setFirewallIPSecExemptionsAllowNeighborDiscovery(true);
deviceConfiguration.setFirewallIPSecExemptionsAllowICMP(true);
deviceConfiguration.setFirewallIPSecExemptionsAllowRouterDiscovery(true);
deviceConfiguration.setFirewallIPSecExemptionsAllowDHCP(true);
deviceConfiguration.setFirewallCertificateRevocationListCheckMethod(FirewallCertificateRevocationListCheckMethodType.None);
deviceConfiguration.setFirewallMergeKeyingModuleSettings(true);
deviceConfiguration.setFirewallPacketQueueingMethod(FirewallPacketQueueingMethodType.Disabled);
WindowsFirewallNetworkProfile firewallProfileDomain = new WindowsFirewallNetworkProfile();
firewallProfileDomain.setOdataType("microsoft.graph.windowsFirewallNetworkProfile");
firewallProfileDomain.setFirewallEnabled(StateManagementSetting.Blocked);
firewallProfileDomain.setStealthModeBlocked(true);
firewallProfileDomain.setIncomingTrafficBlocked(true);
firewallProfileDomain.setUnicastResponsesToMulticastBroadcastsBlocked(true);
firewallProfileDomain.setInboundNotificationsBlocked(true);
firewallProfileDomain.setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
firewallProfileDomain.setGlobalPortRulesFromGroupPolicyMerged(true);
firewallProfileDomain.setConnectionSecurityRulesFromGroupPolicyMerged(true);
firewallProfileDomain.setOutboundConnectionsBlocked(true);
firewallProfileDomain.setInboundConnectionsBlocked(true);
firewallProfileDomain.setSecuredPacketExemptionAllowed(true);
firewallProfileDomain.setPolicyRulesFromGroupPolicyMerged(true);
deviceConfiguration.setFirewallProfileDomain(firewallProfileDomain);
WindowsFirewallNetworkProfile firewallProfilePublic = new WindowsFirewallNetworkProfile();
firewallProfilePublic.setOdataType("microsoft.graph.windowsFirewallNetworkProfile");
firewallProfilePublic.setFirewallEnabled(StateManagementSetting.Blocked);
firewallProfilePublic.setStealthModeBlocked(true);
firewallProfilePublic.setIncomingTrafficBlocked(true);
firewallProfilePublic.setUnicastResponsesToMulticastBroadcastsBlocked(true);
firewallProfilePublic.setInboundNotificationsBlocked(true);
firewallProfilePublic.setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
firewallProfilePublic.setGlobalPortRulesFromGroupPolicyMerged(true);
firewallProfilePublic.setConnectionSecurityRulesFromGroupPolicyMerged(true);
firewallProfilePublic.setOutboundConnectionsBlocked(true);
firewallProfilePublic.setInboundConnectionsBlocked(true);
firewallProfilePublic.setSecuredPacketExemptionAllowed(true);
firewallProfilePublic.setPolicyRulesFromGroupPolicyMerged(true);
deviceConfiguration.setFirewallProfilePublic(firewallProfilePublic);
WindowsFirewallNetworkProfile firewallProfilePrivate = new WindowsFirewallNetworkProfile();
firewallProfilePrivate.setOdataType("microsoft.graph.windowsFirewallNetworkProfile");
firewallProfilePrivate.setFirewallEnabled(StateManagementSetting.Blocked);
firewallProfilePrivate.setStealthModeBlocked(true);
firewallProfilePrivate.setIncomingTrafficBlocked(true);
firewallProfilePrivate.setUnicastResponsesToMulticastBroadcastsBlocked(true);
firewallProfilePrivate.setInboundNotificationsBlocked(true);
firewallProfilePrivate.setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
firewallProfilePrivate.setGlobalPortRulesFromGroupPolicyMerged(true);
firewallProfilePrivate.setConnectionSecurityRulesFromGroupPolicyMerged(true);
firewallProfilePrivate.setOutboundConnectionsBlocked(true);
firewallProfilePrivate.setInboundConnectionsBlocked(true);
firewallProfilePrivate.setSecuredPacketExemptionAllowed(true);
firewallProfilePrivate.setPolicyRulesFromGroupPolicyMerged(true);
deviceConfiguration.setFirewallProfilePrivate(firewallProfilePrivate);
LinkedList<String> defenderAttackSurfaceReductionExcludedPaths = new LinkedList<String>();
defenderAttackSurfaceReductionExcludedPaths.add("Defender Attack Surface Reduction Excluded Paths value");
deviceConfiguration.setDefenderAttackSurfaceReductionExcludedPaths(defenderAttackSurfaceReductionExcludedPaths);
LinkedList<String> defenderGuardedFoldersAllowedAppPaths = new LinkedList<String>();
defenderGuardedFoldersAllowedAppPaths.add("Defender Guarded Folders Allowed App Paths value");
deviceConfiguration.setDefenderGuardedFoldersAllowedAppPaths(defenderGuardedFoldersAllowedAppPaths);
LinkedList<String> defenderAdditionalGuardedFolders = new LinkedList<String>();
defenderAdditionalGuardedFolders.add("Defender Additional Guarded Folders value");
deviceConfiguration.setDefenderAdditionalGuardedFolders(defenderAdditionalGuardedFolders);
byte[] defenderExploitProtectionXml = Base64.getDecoder().decode("ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==");
deviceConfiguration.setDefenderExploitProtectionXml(defenderExploitProtectionXml);
deviceConfiguration.setDefenderExploitProtectionXmlFileName("Defender Exploit Protection Xml File Name value");
deviceConfiguration.setDefenderSecurityCenterBlockExploitProtectionOverride(true);
deviceConfiguration.setAppLockerApplicationControl(AppLockerApplicationControlType.EnforceComponentsAndStoreApps);
deviceConfiguration.setSmartScreenEnableInShell(true);
deviceConfiguration.setSmartScreenBlockOverrideForFiles(true);
deviceConfiguration.setApplicationGuardEnabled(true);
deviceConfiguration.setApplicationGuardBlockFileTransfer(ApplicationGuardBlockFileTransferType.BlockImageAndTextFile);
deviceConfiguration.setApplicationGuardBlockNonEnterpriseContent(true);
deviceConfiguration.setApplicationGuardAllowPersistence(true);
deviceConfiguration.setApplicationGuardForceAuditing(true);
deviceConfiguration.setApplicationGuardBlockClipboardSharing(ApplicationGuardBlockClipboardSharingType.BlockBoth);
deviceConfiguration.setApplicationGuardAllowPrintToPDF(true);
deviceConfiguration.setApplicationGuardAllowPrintToXPS(true);
deviceConfiguration.setApplicationGuardAllowPrintToLocalPrinters(true);
deviceConfiguration.setApplicationGuardAllowPrintToNetworkPrinters(true);
deviceConfiguration.setBitLockerDisableWarningForOtherDiskEncryption(true);
deviceConfiguration.setBitLockerEnableStorageCardEncryptionOnMobile(true);
deviceConfiguration.setBitLockerEncryptDevice(true);
BitLockerRemovableDrivePolicy bitLockerRemovableDrivePolicy = new BitLockerRemovableDrivePolicy();
bitLockerRemovableDrivePolicy.setOdataType("microsoft.graph.bitLockerRemovableDrivePolicy");
bitLockerRemovableDrivePolicy.setEncryptionMethod(BitLockerEncryptionMethod.AesCbc256);
bitLockerRemovableDrivePolicy.setRequireEncryptionForWriteAccess(true);
bitLockerRemovableDrivePolicy.setBlockCrossOrganizationWriteAccess(true);
deviceConfiguration.setBitLockerRemovableDrivePolicy(bitLockerRemovableDrivePolicy);
DeviceConfiguration result = graphClient.deviceManagement().deviceConfigurations().byDeviceConfigurationId("{deviceConfiguration-id}").patch(deviceConfiguration);
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
const options = {
authProvider,
};
const client = Client.init(options);
const deviceConfiguration = {
'@odata.type': '#microsoft.graph.windows10EndpointProtectionConfiguration',
description: 'Description value',
displayName: 'Display Name value',
version: 7,
firewallBlockStatefulFTP: true,
firewallIdleTimeoutForSecurityAssociationInSeconds: 2,
firewallPreSharedKeyEncodingMethod: 'none',
firewallIPSecExemptionsAllowNeighborDiscovery: true,
firewallIPSecExemptionsAllowICMP: true,
firewallIPSecExemptionsAllowRouterDiscovery: true,
firewallIPSecExemptionsAllowDHCP: true,
firewallCertificateRevocationListCheckMethod: 'none',
firewallMergeKeyingModuleSettings: true,
firewallPacketQueueingMethod: 'disabled',
firewallProfileDomain: {
'@odata.type': 'microsoft.graph.windowsFirewallNetworkProfile',
firewallEnabled: 'blocked',
stealthModeBlocked: true,
incomingTrafficBlocked: true,
unicastResponsesToMulticastBroadcastsBlocked: true,
inboundNotificationsBlocked: true,
authorizedApplicationRulesFromGroupPolicyMerged: true,
globalPortRulesFromGroupPolicyMerged: true,
connectionSecurityRulesFromGroupPolicyMerged: true,
outboundConnectionsBlocked: true,
inboundConnectionsBlocked: true,
securedPacketExemptionAllowed: true,
policyRulesFromGroupPolicyMerged: true
},
firewallProfilePublic: {
'@odata.type': 'microsoft.graph.windowsFirewallNetworkProfile',
firewallEnabled: 'blocked',
stealthModeBlocked: true,
incomingTrafficBlocked: true,
unicastResponsesToMulticastBroadcastsBlocked: true,
inboundNotificationsBlocked: true,
authorizedApplicationRulesFromGroupPolicyMerged: true,
globalPortRulesFromGroupPolicyMerged: true,
connectionSecurityRulesFromGroupPolicyMerged: true,
outboundConnectionsBlocked: true,
inboundConnectionsBlocked: true,
securedPacketExemptionAllowed: true,
policyRulesFromGroupPolicyMerged: true
},
firewallProfilePrivate: {
'@odata.type': 'microsoft.graph.windowsFirewallNetworkProfile',
firewallEnabled: 'blocked',
stealthModeBlocked: true,
incomingTrafficBlocked: true,
unicastResponsesToMulticastBroadcastsBlocked: true,
inboundNotificationsBlocked: true,
authorizedApplicationRulesFromGroupPolicyMerged: true,
globalPortRulesFromGroupPolicyMerged: true,
connectionSecurityRulesFromGroupPolicyMerged: true,
outboundConnectionsBlocked: true,
inboundConnectionsBlocked: true,
securedPacketExemptionAllowed: true,
policyRulesFromGroupPolicyMerged: true
},
defenderAttackSurfaceReductionExcludedPaths: [
'Defender Attack Surface Reduction Excluded Paths value'
],
defenderGuardedFoldersAllowedAppPaths: [
'Defender Guarded Folders Allowed App Paths value'
],
defenderAdditionalGuardedFolders: [
'Defender Additional Guarded Folders value'
],
defenderExploitProtectionXml: 'ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==',
defenderExploitProtectionXmlFileName: 'Defender Exploit Protection Xml File Name value',
defenderSecurityCenterBlockExploitProtectionOverride: true,
appLockerApplicationControl: 'enforceComponentsAndStoreApps',
smartScreenEnableInShell: true,
smartScreenBlockOverrideForFiles: true,
applicationGuardEnabled: true,
applicationGuardBlockFileTransfer: 'blockImageAndTextFile',
applicationGuardBlockNonEnterpriseContent: true,
applicationGuardAllowPersistence: true,
applicationGuardForceAuditing: true,
applicationGuardBlockClipboardSharing: 'blockBoth',
applicationGuardAllowPrintToPDF: true,
applicationGuardAllowPrintToXPS: true,
applicationGuardAllowPrintToLocalPrinters: true,
applicationGuardAllowPrintToNetworkPrinters: true,
bitLockerDisableWarningForOtherDiskEncryption: true,
bitLockerEnableStorageCardEncryptionOnMobile: true,
bitLockerEncryptDevice: true,
bitLockerRemovableDrivePolicy: {
'@odata.type': 'microsoft.graph.bitLockerRemovableDrivePolicy',
encryptionMethod: 'aesCbc256',
requireEncryptionForWriteAccess: true,
blockCrossOrganizationWriteAccess: true
}
};
await client.api('/deviceManagement/deviceConfigurations/{deviceConfigurationId}')
.update(deviceConfiguration);
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
<?php
use Microsoft\Graph\GraphServiceClient;
use Microsoft\Graph\Generated\Models\Windows10EndpointProtectionConfiguration;
use Microsoft\Graph\Generated\Models\FirewallPreSharedKeyEncodingMethodType;
use Microsoft\Graph\Generated\Models\FirewallCertificateRevocationListCheckMethodType;
use Microsoft\Graph\Generated\Models\FirewallPacketQueueingMethodType;
use Microsoft\Graph\Generated\Models\WindowsFirewallNetworkProfile;
use Microsoft\Graph\Generated\Models\StateManagementSetting;
use Microsoft\Graph\Generated\Models\AppLockerApplicationControlType;
use Microsoft\Graph\Generated\Models\ApplicationGuardBlockFileTransferType;
use Microsoft\Graph\Generated\Models\ApplicationGuardBlockClipboardSharingType;
use Microsoft\Graph\Generated\Models\BitLockerRemovableDrivePolicy;
use Microsoft\Graph\Generated\Models\BitLockerEncryptionMethod;
$graphServiceClient = new GraphServiceClient($tokenRequestContext, $scopes);
$requestBody = new Windows10EndpointProtectionConfiguration();
$requestBody->setOdataType('#microsoft.graph.windows10EndpointProtectionConfiguration');
$requestBody->setDescription('Description value');
$requestBody->setDisplayName('Display Name value');
$requestBody->setVersion(7);
$requestBody->setFirewallBlockStatefulFTP(true);
$requestBody->setFirewallIdleTimeoutForSecurityAssociationInSeconds(2);
$requestBody->setFirewallPreSharedKeyEncodingMethod(new FirewallPreSharedKeyEncodingMethodType('none'));
$requestBody->setFirewallIPSecExemptionsAllowNeighborDiscovery(true);
$requestBody->setFirewallIPSecExemptionsAllowICMP(true);
$requestBody->setFirewallIPSecExemptionsAllowRouterDiscovery(true);
$requestBody->setFirewallIPSecExemptionsAllowDHCP(true);
$requestBody->setFirewallCertificateRevocationListCheckMethod(new FirewallCertificateRevocationListCheckMethodType('none'));
$requestBody->setFirewallMergeKeyingModuleSettings(true);
$requestBody->setFirewallPacketQueueingMethod(new FirewallPacketQueueingMethodType('disabled'));
$firewallProfileDomain = new WindowsFirewallNetworkProfile();
$firewallProfileDomain->setOdataType('microsoft.graph.windowsFirewallNetworkProfile');
$firewallProfileDomain->setFirewallEnabled(new StateManagementSetting('blocked'));
$firewallProfileDomain->setStealthModeBlocked(true);
$firewallProfileDomain->setIncomingTrafficBlocked(true);
$firewallProfileDomain->setUnicastResponsesToMulticastBroadcastsBlocked(true);
$firewallProfileDomain->setInboundNotificationsBlocked(true);
$firewallProfileDomain->setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
$firewallProfileDomain->setGlobalPortRulesFromGroupPolicyMerged(true);
$firewallProfileDomain->setConnectionSecurityRulesFromGroupPolicyMerged(true);
$firewallProfileDomain->setOutboundConnectionsBlocked(true);
$firewallProfileDomain->setInboundConnectionsBlocked(true);
$firewallProfileDomain->setSecuredPacketExemptionAllowed(true);
$firewallProfileDomain->setPolicyRulesFromGroupPolicyMerged(true);
$requestBody->setFirewallProfileDomain($firewallProfileDomain);
$firewallProfilePublic = new WindowsFirewallNetworkProfile();
$firewallProfilePublic->setOdataType('microsoft.graph.windowsFirewallNetworkProfile');
$firewallProfilePublic->setFirewallEnabled(new StateManagementSetting('blocked'));
$firewallProfilePublic->setStealthModeBlocked(true);
$firewallProfilePublic->setIncomingTrafficBlocked(true);
$firewallProfilePublic->setUnicastResponsesToMulticastBroadcastsBlocked(true);
$firewallProfilePublic->setInboundNotificationsBlocked(true);
$firewallProfilePublic->setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
$firewallProfilePublic->setGlobalPortRulesFromGroupPolicyMerged(true);
$firewallProfilePublic->setConnectionSecurityRulesFromGroupPolicyMerged(true);
$firewallProfilePublic->setOutboundConnectionsBlocked(true);
$firewallProfilePublic->setInboundConnectionsBlocked(true);
$firewallProfilePublic->setSecuredPacketExemptionAllowed(true);
$firewallProfilePublic->setPolicyRulesFromGroupPolicyMerged(true);
$requestBody->setFirewallProfilePublic($firewallProfilePublic);
$firewallProfilePrivate = new WindowsFirewallNetworkProfile();
$firewallProfilePrivate->setOdataType('microsoft.graph.windowsFirewallNetworkProfile');
$firewallProfilePrivate->setFirewallEnabled(new StateManagementSetting('blocked'));
$firewallProfilePrivate->setStealthModeBlocked(true);
$firewallProfilePrivate->setIncomingTrafficBlocked(true);
$firewallProfilePrivate->setUnicastResponsesToMulticastBroadcastsBlocked(true);
$firewallProfilePrivate->setInboundNotificationsBlocked(true);
$firewallProfilePrivate->setAuthorizedApplicationRulesFromGroupPolicyMerged(true);
$firewallProfilePrivate->setGlobalPortRulesFromGroupPolicyMerged(true);
$firewallProfilePrivate->setConnectionSecurityRulesFromGroupPolicyMerged(true);
$firewallProfilePrivate->setOutboundConnectionsBlocked(true);
$firewallProfilePrivate->setInboundConnectionsBlocked(true);
$firewallProfilePrivate->setSecuredPacketExemptionAllowed(true);
$firewallProfilePrivate->setPolicyRulesFromGroupPolicyMerged(true);
$requestBody->setFirewallProfilePrivate($firewallProfilePrivate);
$requestBody->setDefenderAttackSurfaceReductionExcludedPaths(['Defender Attack Surface Reduction Excluded Paths value', ]);
$requestBody->setDefenderGuardedFoldersAllowedAppPaths(['Defender Guarded Folders Allowed App Paths value', ]);
$requestBody->setDefenderAdditionalGuardedFolders(['Defender Additional Guarded Folders value', ]);
$requestBody->setDefenderExploitProtectionXml(\GuzzleHttp\Psr7\Utils::streamFor(base64_decode('ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA==')));
$requestBody->setDefenderExploitProtectionXmlFileName('Defender Exploit Protection Xml File Name value');
$requestBody->setDefenderSecurityCenterBlockExploitProtectionOverride(true);
$requestBody->setAppLockerApplicationControl(new AppLockerApplicationControlType('enforceComponentsAndStoreApps'));
$requestBody->setSmartScreenEnableInShell(true);
$requestBody->setSmartScreenBlockOverrideForFiles(true);
$requestBody->setApplicationGuardEnabled(true);
$requestBody->setApplicationGuardBlockFileTransfer(new ApplicationGuardBlockFileTransferType('blockImageAndTextFile'));
$requestBody->setApplicationGuardBlockNonEnterpriseContent(true);
$requestBody->setApplicationGuardAllowPersistence(true);
$requestBody->setApplicationGuardForceAuditing(true);
$requestBody->setApplicationGuardBlockClipboardSharing(new ApplicationGuardBlockClipboardSharingType('blockBoth'));
$requestBody->setApplicationGuardAllowPrintToPDF(true);
$requestBody->setApplicationGuardAllowPrintToXPS(true);
$requestBody->setApplicationGuardAllowPrintToLocalPrinters(true);
$requestBody->setApplicationGuardAllowPrintToNetworkPrinters(true);
$requestBody->setBitLockerDisableWarningForOtherDiskEncryption(true);
$requestBody->setBitLockerEnableStorageCardEncryptionOnMobile(true);
$requestBody->setBitLockerEncryptDevice(true);
$bitLockerRemovableDrivePolicy = new BitLockerRemovableDrivePolicy();
$bitLockerRemovableDrivePolicy->setOdataType('microsoft.graph.bitLockerRemovableDrivePolicy');
$bitLockerRemovableDrivePolicy->setEncryptionMethod(new BitLockerEncryptionMethod('aesCbc256'));
$bitLockerRemovableDrivePolicy->setRequireEncryptionForWriteAccess(true);
$bitLockerRemovableDrivePolicy->setBlockCrossOrganizationWriteAccess(true);
$requestBody->setBitLockerRemovableDrivePolicy($bitLockerRemovableDrivePolicy);
$result = $graphServiceClient->deviceManagement()->deviceConfigurations()->byDeviceConfigurationId('deviceConfiguration-id')->patch($requestBody)->wait();
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
Import-Module Microsoft.Graph.DeviceManagement
$params = @{
"@odata.type" = "#microsoft.graph.windows10EndpointProtectionConfiguration"
description = "Description value"
displayName = "Display Name value"
version = 7
firewallBlockStatefulFTP = $true
firewallIdleTimeoutForSecurityAssociationInSeconds =
firewallPreSharedKeyEncodingMethod = "none"
firewallIPSecExemptionsAllowNeighborDiscovery = $true
firewallIPSecExemptionsAllowICMP = $true
firewallIPSecExemptionsAllowRouterDiscovery = $true
firewallIPSecExemptionsAllowDHCP = $true
firewallCertificateRevocationListCheckMethod = "none"
firewallMergeKeyingModuleSettings = $true
firewallPacketQueueingMethod = "disabled"
firewallProfileDomain = @{
"@odata.type" = "microsoft.graph.windowsFirewallNetworkProfile"
firewallEnabled = "blocked"
stealthModeBlocked = $true
incomingTrafficBlocked = $true
unicastResponsesToMulticastBroadcastsBlocked = $true
inboundNotificationsBlocked = $true
authorizedApplicationRulesFromGroupPolicyMerged = $true
globalPortRulesFromGroupPolicyMerged = $true
connectionSecurityRulesFromGroupPolicyMerged = $true
outboundConnectionsBlocked = $true
inboundConnectionsBlocked = $true
securedPacketExemptionAllowed = $true
policyRulesFromGroupPolicyMerged = $true
}
firewallProfilePublic = @{
"@odata.type" = "microsoft.graph.windowsFirewallNetworkProfile"
firewallEnabled = "blocked"
stealthModeBlocked = $true
incomingTrafficBlocked = $true
unicastResponsesToMulticastBroadcastsBlocked = $true
inboundNotificationsBlocked = $true
authorizedApplicationRulesFromGroupPolicyMerged = $true
globalPortRulesFromGroupPolicyMerged = $true
connectionSecurityRulesFromGroupPolicyMerged = $true
outboundConnectionsBlocked = $true
inboundConnectionsBlocked = $true
securedPacketExemptionAllowed = $true
policyRulesFromGroupPolicyMerged = $true
}
firewallProfilePrivate = @{
"@odata.type" = "microsoft.graph.windowsFirewallNetworkProfile"
firewallEnabled = "blocked"
stealthModeBlocked = $true
incomingTrafficBlocked = $true
unicastResponsesToMulticastBroadcastsBlocked = $true
inboundNotificationsBlocked = $true
authorizedApplicationRulesFromGroupPolicyMerged = $true
globalPortRulesFromGroupPolicyMerged = $true
connectionSecurityRulesFromGroupPolicyMerged = $true
outboundConnectionsBlocked = $true
inboundConnectionsBlocked = $true
securedPacketExemptionAllowed = $true
policyRulesFromGroupPolicyMerged = $true
}
defenderAttackSurfaceReductionExcludedPaths = @(
"Defender Attack Surface Reduction Excluded Paths value"
)
defenderGuardedFoldersAllowedAppPaths = @(
"Defender Guarded Folders Allowed App Paths value"
)
defenderAdditionalGuardedFolders = @(
"Defender Additional Guarded Folders value"
)
defenderExploitProtectionXml = "ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA=="
defenderExploitProtectionXmlFileName = "Defender Exploit Protection Xml File Name value"
defenderSecurityCenterBlockExploitProtectionOverride = $true
appLockerApplicationControl = "enforceComponentsAndStoreApps"
smartScreenEnableInShell = $true
smartScreenBlockOverrideForFiles = $true
applicationGuardEnabled = $true
applicationGuardBlockFileTransfer = "blockImageAndTextFile"
applicationGuardBlockNonEnterpriseContent = $true
applicationGuardAllowPersistence = $true
applicationGuardForceAuditing = $true
applicationGuardBlockClipboardSharing = "blockBoth"
applicationGuardAllowPrintToPDF = $true
applicationGuardAllowPrintToXPS = $true
applicationGuardAllowPrintToLocalPrinters = $true
applicationGuardAllowPrintToNetworkPrinters = $true
bitLockerDisableWarningForOtherDiskEncryption = $true
bitLockerEnableStorageCardEncryptionOnMobile = $true
bitLockerEncryptDevice = $true
bitLockerRemovableDrivePolicy = @{
"@odata.type" = "microsoft.graph.bitLockerRemovableDrivePolicy"
encryptionMethod = "aesCbc256"
requireEncryptionForWriteAccess = $true
blockCrossOrganizationWriteAccess = $true
}
}
Update-MgDeviceManagementDeviceConfiguration -DeviceConfigurationId $deviceConfigurationId -BodyParameter $params
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
# Code snippets are only available for the latest version. Current version is 1.x
from msgraph import GraphServiceClient
from msgraph.generated.models.windows10_endpoint_protection_configuration import Windows10EndpointProtectionConfiguration
from msgraph.generated.models.firewall_pre_shared_key_encoding_method_type import FirewallPreSharedKeyEncodingMethodType
from msgraph.generated.models.firewall_certificate_revocation_list_check_method_type import FirewallCertificateRevocationListCheckMethodType
from msgraph.generated.models.firewall_packet_queueing_method_type import FirewallPacketQueueingMethodType
from msgraph.generated.models.windows_firewall_network_profile import WindowsFirewallNetworkProfile
from msgraph.generated.models.state_management_setting import StateManagementSetting
from msgraph.generated.models.app_locker_application_control_type import AppLockerApplicationControlType
from msgraph.generated.models.application_guard_block_file_transfer_type import ApplicationGuardBlockFileTransferType
from msgraph.generated.models.application_guard_block_clipboard_sharing_type import ApplicationGuardBlockClipboardSharingType
from msgraph.generated.models.bit_locker_removable_drive_policy import BitLockerRemovableDrivePolicy
from msgraph.generated.models.bit_locker_encryption_method import BitLockerEncryptionMethod
# To initialize your graph_client, see https://learn.microsoft.com/en-us/graph/sdks/create-client?from=snippets&tabs=python
request_body = Windows10EndpointProtectionConfiguration(
odata_type = "#microsoft.graph.windows10EndpointProtectionConfiguration",
description = "Description value",
display_name = "Display Name value",
version = 7,
firewall_block_stateful_f_t_p = True,
firewall_idle_timeout_for_security_association_in_seconds = 2,
firewall_pre_shared_key_encoding_method = FirewallPreSharedKeyEncodingMethodType.None,
firewall_i_p_sec_exemptions_allow_neighbor_discovery = True,
firewall_i_p_sec_exemptions_allow_i_c_m_p = True,
firewall_i_p_sec_exemptions_allow_router_discovery = True,
firewall_i_p_sec_exemptions_allow_d_h_c_p = True,
firewall_certificate_revocation_list_check_method = FirewallCertificateRevocationListCheckMethodType.None,
firewall_merge_keying_module_settings = True,
firewall_packet_queueing_method = FirewallPacketQueueingMethodType.Disabled,
firewall_profile_domain = WindowsFirewallNetworkProfile(
odata_type = "microsoft.graph.windowsFirewallNetworkProfile",
firewall_enabled = StateManagementSetting.Blocked,
stealth_mode_blocked = True,
incoming_traffic_blocked = True,
unicast_responses_to_multicast_broadcasts_blocked = True,
inbound_notifications_blocked = True,
authorized_application_rules_from_group_policy_merged = True,
global_port_rules_from_group_policy_merged = True,
connection_security_rules_from_group_policy_merged = True,
outbound_connections_blocked = True,
inbound_connections_blocked = True,
secured_packet_exemption_allowed = True,
policy_rules_from_group_policy_merged = True,
),
firewall_profile_public = WindowsFirewallNetworkProfile(
odata_type = "microsoft.graph.windowsFirewallNetworkProfile",
firewall_enabled = StateManagementSetting.Blocked,
stealth_mode_blocked = True,
incoming_traffic_blocked = True,
unicast_responses_to_multicast_broadcasts_blocked = True,
inbound_notifications_blocked = True,
authorized_application_rules_from_group_policy_merged = True,
global_port_rules_from_group_policy_merged = True,
connection_security_rules_from_group_policy_merged = True,
outbound_connections_blocked = True,
inbound_connections_blocked = True,
secured_packet_exemption_allowed = True,
policy_rules_from_group_policy_merged = True,
),
firewall_profile_private = WindowsFirewallNetworkProfile(
odata_type = "microsoft.graph.windowsFirewallNetworkProfile",
firewall_enabled = StateManagementSetting.Blocked,
stealth_mode_blocked = True,
incoming_traffic_blocked = True,
unicast_responses_to_multicast_broadcasts_blocked = True,
inbound_notifications_blocked = True,
authorized_application_rules_from_group_policy_merged = True,
global_port_rules_from_group_policy_merged = True,
connection_security_rules_from_group_policy_merged = True,
outbound_connections_blocked = True,
inbound_connections_blocked = True,
secured_packet_exemption_allowed = True,
policy_rules_from_group_policy_merged = True,
),
defender_attack_surface_reduction_excluded_paths = [
"Defender Attack Surface Reduction Excluded Paths value",
],
defender_guarded_folders_allowed_app_paths = [
"Defender Guarded Folders Allowed App Paths value",
],
defender_additional_guarded_folders = [
"Defender Additional Guarded Folders value",
],
defender_exploit_protection_xml = base64.urlsafe_b64decode("ZGVmZW5kZXJFeHBsb2l0UHJvdGVjdGlvblhtbA=="),
defender_exploit_protection_xml_file_name = "Defender Exploit Protection Xml File Name value",
defender_security_center_block_exploit_protection_override = True,
app_locker_application_control = AppLockerApplicationControlType.EnforceComponentsAndStoreApps,
smart_screen_enable_in_shell = True,
smart_screen_block_override_for_files = True,
application_guard_enabled = True,
application_guard_block_file_transfer = ApplicationGuardBlockFileTransferType.BlockImageAndTextFile,
application_guard_block_non_enterprise_content = True,
application_guard_allow_persistence = True,
application_guard_force_auditing = True,
application_guard_block_clipboard_sharing = ApplicationGuardBlockClipboardSharingType.BlockBoth,
application_guard_allow_print_to_p_d_f = True,
application_guard_allow_print_to_x_p_s = True,
application_guard_allow_print_to_local_printers = True,
application_guard_allow_print_to_network_printers = True,
bit_locker_disable_warning_for_other_disk_encryption = True,
bit_locker_enable_storage_card_encryption_on_mobile = True,
bit_locker_encrypt_device = True,
bit_locker_removable_drive_policy = BitLockerRemovableDrivePolicy(
odata_type = "microsoft.graph.bitLockerRemovableDrivePolicy",
encryption_method = BitLockerEncryptionMethod.AesCbc256,
require_encryption_for_write_access = True,
block_cross_organization_write_access = True,
),
)
result = await graph_client.device_management.device_configurations.by_device_configuration_id('deviceConfiguration-id').patch(request_body)
プロジェクトに SDK を追加し、authProvider インスタンスを作成する方法の詳細については、SDK のドキュメントを参照してください。
以下は、応答の例です。 注: 簡潔にするために、ここに示す応答オブジェクトは切り詰められている場合があります。 実際の呼び出しではすべてのプロパティが返されます。