更新 iosScepCertificateProfile

命名空间:microsoft.graph

重要: Microsoft /beta 版本下的 Graph API 可能会发生更改;不支持生产使用。

注意:适用于 Intune 的 Microsoft Graph API 需要适用于租户的活动 Intune 许可证

更新 iosScepCertificateProfile 对象的属性。

此 API 可用于以下国家级云部署

全局服务 美国政府 L4 美国政府 L5 (DOD) 由世纪互联运营的中国

权限

要调用此 API,需要以下权限之一。 若要了解详细信息,包括如何选择权限的信息,请参阅权限

权限类型 权限(从最低特权到最高特权)
委派(工作或学校帐户) DeviceManagementConfiguration.ReadWrite.All
委派(个人 Microsoft 帐户) 不支持。
应用程序 DeviceManagementConfiguration.ReadWrite.All

HTTP 请求

PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/groupAssignments/{deviceConfigurationGroupAssignmentId}/deviceConfiguration
PATCH /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations/{deviceConfigurationId}

请求标头

标头
Authorization 持有者 {token}。 必填。 详细了解 身份验证和授权
接受 application/json

请求正文

在请求正文中,提供 iosScepCertificateProfile 对象的 JSON 表示形式。

下表显示了创建 iosScepCertificateProfile 时所需的属性。

属性 类型 说明
id String 实体的键。 继承自 deviceConfiguration
lastModifiedDateTime DateTimeOffset 上次修改对象的日期/时间。 继承自 deviceConfiguration
roleScopeTagIds 字符串集合 此实体实例的范围标记列表。 继承自 deviceConfiguration
supportsScopeTags 布尔值 指示基础设备配置是否支持分配范围标记。 如果此值为 false,并且实体对限定范围的用户不可见,则不允许向 ScopeTags 属性分配。 这发生在 Silverlight 中创建的旧策略,可以通过在 Azure 门户中删除并重新创建策略来解决。 此属性是只读的。 继承自 deviceConfiguration
deviceManagementApplicabilityRuleOsEdition deviceManagementApplicabilityRuleOsEdition 此策略的 OS 版本适用性。 继承自 deviceConfiguration
deviceManagementApplicabilityRuleOsVersion deviceManagementApplicabilityRuleOsVersion 此策略的 OS 版本适用性规则。 继承自 deviceConfiguration
deviceManagementApplicabilityRuleDeviceMode deviceManagementApplicabilityRuleDeviceMode 此策略的设备模式适用性规则。 继承自 deviceConfiguration
createdDateTime DateTimeOffset 创建对象的日期/时间。 继承自 deviceConfiguration
description String 管理员提供的设备配置的说明。 继承自 deviceConfiguration
displayName String 管理员提供的设备配置的名称。 继承自 deviceConfiguration
version Int32 设备配置的版本。 继承自 deviceConfiguration
renewalThresholdPercentage Int32 证书续订阈值百分比。 有效值 1 到 99 继承自 iosCertificateProfileBase
subjectNameFormat appleSubjectNameFormat 证书使用者名称格式。 继承自 iosCertificateProfileBase。 可取值为:commonNamecommonNameAsEmailcustomcommonNameIncludingEmailcommonNameAsIMEIcommonNameAsSerialNumber
subjectAlternativeNameType subjectAlternativeNameType 证书使用者可选名称类型。 继承自 iosCertificateProfileBase。 可取值为:noneemailAddressuserPrincipalNamecustomAzureADAttributedomainNameServiceuniversalResourceIdentifier
certificateValidityPeriodValue Int32 证书有效期的值。 继承自 iosCertificateProfileBase
certificateValidityPeriodScale certificateValidityPeriodScale 缩放证书有效期。 继承自 iosCertificateProfileBase。 可取值为:daysmonthsyears
scepServerUrls 字符串集合 SCEP 服务器 URL () 。
subjectNameFormatString String 用于 SubjectNameFormat = Custom 的自定义格式。 示例:CN={{EmailAddress}},E={{EmailAddress}},OU=企业用户,O=Contoso Corporation,L=Redmond,ST=WA,C=US
keyUsage keyUsages SCEP 密钥用法。 可取值为:keyEnciphermentdigitalSignature
keySize keySize SCEP 密钥大小。 可取值为:size1024size2048size4096
extendedKeyUsages extendedKeyUsage 集合 扩展密钥用法 (EKU) 设置。 该集合最多可包含 500 个元素。
subjectAlternativeNameFormatString String 定义 AAD 特性的自定义字符串。
certificateStore certificateStore 目标存储证书。 可取值为:usermachine
customSubjectAlternativeNames customSubjectAlternativeName 集合 自定义使用者可选名称设置。 OnPremisesUserPrincipalName 变量以及此处所述的其他变量都受支持: https://go.microsoft.com/fwlink/?LinkId=2027630。 该集合最多可包含 500 个元素。

响应

如果成功,此方法在响应正文中返回响应 200 OK 代码和更新的 iosScepCertificateProfile 对象。

示例

请求

下面是一个请求示例。

PATCH https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/{deviceConfigurationId}
Content-type: application/json
Content-length: 1932

{
  "@odata.type": "#microsoft.graph.iosScepCertificateProfile",
  "roleScopeTagIds": [
    "Role Scope Tag Ids value"
  ],
  "supportsScopeTags": true,
  "deviceManagementApplicabilityRuleOsEdition": {
    "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
    "osEditionTypes": [
      "windows10EnterpriseN"
    ],
    "name": "Name value",
    "ruleType": "exclude"
  },
  "deviceManagementApplicabilityRuleOsVersion": {
    "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
    "minOSVersion": "Min OSVersion value",
    "maxOSVersion": "Max OSVersion value",
    "name": "Name value",
    "ruleType": "exclude"
  },
  "deviceManagementApplicabilityRuleDeviceMode": {
    "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
    "deviceMode": "sModeConfiguration",
    "name": "Name value",
    "ruleType": "exclude"
  },
  "description": "Description value",
  "displayName": "Display Name value",
  "version": 7,
  "renewalThresholdPercentage": 10,
  "subjectNameFormat": "commonNameAsEmail",
  "subjectAlternativeNameType": "emailAddress",
  "certificateValidityPeriodValue": 14,
  "certificateValidityPeriodScale": "months",
  "scepServerUrls": [
    "Scep Server Urls value"
  ],
  "subjectNameFormatString": "Subject Name Format String value",
  "keyUsage": "digitalSignature",
  "keySize": "size2048",
  "extendedKeyUsages": [
    {
      "@odata.type": "microsoft.graph.extendedKeyUsage",
      "name": "Name value",
      "objectIdentifier": "Object Identifier value"
    }
  ],
  "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
  "certificateStore": "machine",
  "customSubjectAlternativeNames": [
    {
      "@odata.type": "microsoft.graph.customSubjectAlternativeName",
      "sanType": "emailAddress",
      "name": "Name value"
    }
  ]
}

响应

下面是一个响应示例。 注意:为简洁起见,可能会截断此处显示的响应对象。 将从实际调用中返回所有属性。

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 2104

{
  "@odata.type": "#microsoft.graph.iosScepCertificateProfile",
  "id": "0deb8dbf-8dbf-0deb-bf8d-eb0dbf8deb0d",
  "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
  "roleScopeTagIds": [
    "Role Scope Tag Ids value"
  ],
  "supportsScopeTags": true,
  "deviceManagementApplicabilityRuleOsEdition": {
    "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
    "osEditionTypes": [
      "windows10EnterpriseN"
    ],
    "name": "Name value",
    "ruleType": "exclude"
  },
  "deviceManagementApplicabilityRuleOsVersion": {
    "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
    "minOSVersion": "Min OSVersion value",
    "maxOSVersion": "Max OSVersion value",
    "name": "Name value",
    "ruleType": "exclude"
  },
  "deviceManagementApplicabilityRuleDeviceMode": {
    "@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
    "deviceMode": "sModeConfiguration",
    "name": "Name value",
    "ruleType": "exclude"
  },
  "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
  "description": "Description value",
  "displayName": "Display Name value",
  "version": 7,
  "renewalThresholdPercentage": 10,
  "subjectNameFormat": "commonNameAsEmail",
  "subjectAlternativeNameType": "emailAddress",
  "certificateValidityPeriodValue": 14,
  "certificateValidityPeriodScale": "months",
  "scepServerUrls": [
    "Scep Server Urls value"
  ],
  "subjectNameFormatString": "Subject Name Format String value",
  "keyUsage": "digitalSignature",
  "keySize": "size2048",
  "extendedKeyUsages": [
    {
      "@odata.type": "microsoft.graph.extendedKeyUsage",
      "name": "Name value",
      "objectIdentifier": "Object Identifier value"
    }
  ],
  "subjectAlternativeNameFormatString": "Subject Alternative Name Format String value",
  "certificateStore": "machine",
  "customSubjectAlternativeNames": [
    {
      "@odata.type": "microsoft.graph.customSubjectAlternativeName",
      "sanType": "emailAddress",
      "name": "Name value"
    }
  ]
}