| Package | Description |
|---|---|
| odata.msgraph.client.beta.entity |
| Modifier and Type | Method and Description |
|---|---|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardAllowFileSaveOnHost(Boolean applicationGuardAllowFileSaveOnHost)
“Allow users to download files from Edge in the application guard container and
save them on the host file system”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardAllowPersistence(Boolean applicationGuardAllowPersistence)
“Allow persisting user generated data inside the App Guard Containter (favorites,
cookies, web passwords, etc.)”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardAllowPrintToLocalPrinters(Boolean applicationGuardAllowPrintToLocalPrinters)
“Allow printing to Local Printers from Container”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardAllowPrintToNetworkPrinters(Boolean applicationGuardAllowPrintToNetworkPrinters)
“Allow printing to Network Printers from Container”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardAllowPrintToPDF(Boolean applicationGuardAllowPrintToPDF)
“Allow printing to PDF from Container”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardAllowPrintToXPS(Boolean applicationGuardAllowPrintToXPS)
“Allow printing to XPS from Container”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardAllowVirtualGPU(Boolean applicationGuardAllowVirtualGPU)
“Allow application guard to use virtual GPU”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardBlockClipboardSharing(ApplicationGuardBlockClipboardSharingType applicationGuardBlockClipboardSharing)
“Block clipboard to share data from Host to Container, or from Container to Host,
or both ways, or neither ways.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardBlockFileTransfer(ApplicationGuardBlockFileTransferType applicationGuardBlockFileTransfer)
“Block clipboard to transfer image file, text file or neither of them”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardBlockNonEnterpriseContent(Boolean applicationGuardBlockNonEnterpriseContent)
“Block enterprise sites to load non-enterprise content, such as third party plug-
ins”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardEnabled(Boolean applicationGuardEnabled)
“Enable Windows Defender Application Guard”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardEnabledOptions(ApplicationGuardEnabledOptions applicationGuardEnabledOptions)
“Enable Windows Defender Application Guard for newer Windows builds”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.applicationGuardForceAuditing(Boolean applicationGuardForceAuditing)
“Force auditing will persist Windows logs and events to meet security/compliance
criteria (sample events are user login-logoff, use of privilege rights, software
installation, system changes, etc.)”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.appLockerApplicationControl(AppLockerApplicationControlType appLockerApplicationControl)
“Enables the Admin to choose what types of app to allow on devices.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerAllowStandardUserEncryption(Boolean bitLockerAllowStandardUserEncryption)
“Allows the admin to allow standard users to enable encrpytion during Azure AD
Join.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerDisableWarningForOtherDiskEncryption(Boolean bitLockerDisableWarningForOtherDiskEncryption)
“Allows the Admin to disable the warning prompt for other disk encryption on the
user machines.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerEnableStorageCardEncryptionOnMobile(Boolean bitLockerEnableStorageCardEncryptionOnMobile)
“Allows the admin to require encryption to be turned on using BitLocker.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerEncryptDevice(Boolean bitLockerEncryptDevice)
“Allows the admin to require encryption to be turned on using BitLocker.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerFixedDrivePolicy(BitLockerFixedDrivePolicy bitLockerFixedDrivePolicy)
“BitLocker Fixed Drive Policy.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerRecoveryPasswordRotation(BitLockerRecoveryPasswordRotationType bitLockerRecoveryPasswordRotation)
“This setting initiates a client-driven recovery password rotation after an OS
drive recovery (either by using bootmgr or WinRE).”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerRemovableDrivePolicy(BitLockerRemovableDrivePolicy bitLockerRemovableDrivePolicy)
“BitLocker Removable Drive Policy.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.bitLockerSystemDrivePolicy(BitLockerSystemDrivePolicy bitLockerSystemDrivePolicy)
“BitLocker System Drive Policy.”
|
static Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.builderWindows10EndpointProtectionConfiguration()
Returns a builder which is used to create a new
instance of this class (given that this class is immutable).
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.createdDateTime(OffsetDateTime createdDateTime) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAdditionalGuardedFolders(List<String> defenderAdditionalGuardedFolders)
“List of folder paths to be added to the list of protected folders”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAdditionalGuardedFoldersNextLink(String defenderAdditionalGuardedFoldersNextLink)
“List of folder paths to be added to the list of protected folders”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAdobeReaderLaunchChildProcess(DefenderProtectionType defenderAdobeReaderLaunchChildProcess)
“Value indicating the behavior of Adobe Reader from creating child processes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAdvancedRansomewareProtectionType(DefenderProtectionType defenderAdvancedRansomewareProtectionType)
“Value indicating use of advanced protection against ransomeware”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowBehaviorMonitoring(Boolean defenderAllowBehaviorMonitoring)
“Allows or disallows Windows Defender Behavior Monitoring functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowCloudProtection(Boolean defenderAllowCloudProtection)
“To best protect your PC, Windows Defender will send information to Microsoft
about any problems it finds.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowEndUserAccess(Boolean defenderAllowEndUserAccess)
“Allows or disallows user access to the Windows Defender UI.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowIntrusionPreventionSystem(Boolean defenderAllowIntrusionPreventionSystem)
“Allows or disallows Windows Defender Intrusion Prevention functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowOnAccessProtection(Boolean defenderAllowOnAccessProtection)
“Allows or disallows Windows Defender On Access Protection functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowRealTimeMonitoring(Boolean defenderAllowRealTimeMonitoring)
“Allows or disallows Windows Defender Realtime Monitoring functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowScanArchiveFiles(Boolean defenderAllowScanArchiveFiles)
“Allows or disallows scanning of archives.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowScanDownloads(Boolean defenderAllowScanDownloads)
“Allows or disallows Windows Defender IOAVP Protection functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowScanNetworkFiles(Boolean defenderAllowScanNetworkFiles)
“Allows or disallows a scanning of network files.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowScanRemovableDrivesDuringFullScan(Boolean defenderAllowScanRemovableDrivesDuringFullScan)
“Allows or disallows a full scan of removable drives.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAllowScanScriptsLoadedInInternetExplorer(Boolean defenderAllowScanScriptsLoadedInInternetExplorer)
“Allows or disallows Windows Defender Script Scanning functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAttackSurfaceReductionExcludedPaths(List<String> defenderAttackSurfaceReductionExcludedPaths)
“List of exe files and folders to be excluded from attack surface reduction rules”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderAttackSurfaceReductionExcludedPathsNextLink(String defenderAttackSurfaceReductionExcludedPathsNextLink)
“List of exe files and folders to be excluded from attack surface reduction rules”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderBlockEndUserAccess(Boolean defenderBlockEndUserAccess)
“Allows or disallows user access to the Windows Defender UI.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderCheckForSignaturesBeforeRunningScan(Boolean defenderCheckForSignaturesBeforeRunningScan)
“This policy setting allows you to manage whether a check for new virus and
spyware definitions will occur before running a scan.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderCloudBlockLevel(DefenderCloudBlockLevelType defenderCloudBlockLevel)
“Added in Windows 10, version 1709.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderCloudExtendedTimeoutInSeconds(Integer defenderCloudExtendedTimeoutInSeconds)
“Added in Windows 10, version 1709.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDaysBeforeDeletingQuarantinedMalware(Integer defenderDaysBeforeDeletingQuarantinedMalware)
“Time period (in days) that quarantine items will be stored on the system.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDetectedMalwareActions(DefenderDetectedMalwareActions defenderDetectedMalwareActions)
“Allows an administrator to specify any valid threat severity levels and the
corresponding default action ID to take.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableBehaviorMonitoring(Boolean defenderDisableBehaviorMonitoring)
“Allows or disallows Windows Defender Behavior Monitoring functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableCatchupFullScan(Boolean defenderDisableCatchupFullScan)
“This policy setting allows you to configure catch-up scans for scheduled full
scans.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableCatchupQuickScan(Boolean defenderDisableCatchupQuickScan)
“This policy setting allows you to configure catch-up scans for scheduled quick
scans.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableCloudProtection(Boolean defenderDisableCloudProtection)
“To best protect your PC, Windows Defender will send information to Microsoft
about any problems it finds.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableIntrusionPreventionSystem(Boolean defenderDisableIntrusionPreventionSystem)
“Allows or disallows Windows Defender Intrusion Prevention functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableOnAccessProtection(Boolean defenderDisableOnAccessProtection)
“Allows or disallows Windows Defender On Access Protection functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableRealTimeMonitoring(Boolean defenderDisableRealTimeMonitoring)
“Allows or disallows Windows Defender Realtime Monitoring functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableScanArchiveFiles(Boolean defenderDisableScanArchiveFiles)
“Allows or disallows scanning of archives.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableScanDownloads(Boolean defenderDisableScanDownloads)
“Allows or disallows Windows Defender IOAVP Protection functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableScanNetworkFiles(Boolean defenderDisableScanNetworkFiles)
“Allows or disallows a scanning of network files.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableScanRemovableDrivesDuringFullScan(Boolean defenderDisableScanRemovableDrivesDuringFullScan)
“Allows or disallows a full scan of removable drives.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderDisableScanScriptsLoadedInInternetExplorer(Boolean defenderDisableScanScriptsLoadedInInternetExplorer)
“Allows or disallows Windows Defender Script Scanning functionality.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderEmailContentExecution(DefenderProtectionType defenderEmailContentExecution)
“Value indicating if execution of executable content (exe, dll, ps, js, vbs, etc)
should be dropped from email (webmail/mail-client)”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderEmailContentExecutionType(DefenderAttackSurfaceType defenderEmailContentExecutionType)
“Value indicating if execution of executable content (exe, dll, ps, js, vbs, etc)
should be dropped from email (webmail/mail-client)”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderEnableLowCpuPriority(Boolean defenderEnableLowCpuPriority)
“This policy setting allows you to enable or disable low CPU priority for
scheduled scans.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderEnableScanIncomingMail(Boolean defenderEnableScanIncomingMail)
“Allows or disallows scanning of email.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderEnableScanMappedNetworkDrivesDuringFullScan(Boolean defenderEnableScanMappedNetworkDrivesDuringFullScan)
“Allows or disallows a full scan of mapped network drives.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderExploitProtectionXml(byte[] defenderExploitProtectionXml)
“Xml content containing information regarding exploit protection details.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderExploitProtectionXmlFileName(String defenderExploitProtectionXmlFileName)
“Name of the file from which DefenderExploitProtectionXml was obtained.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderFileExtensionsToExclude(List<String> defenderFileExtensionsToExclude)
“File extensions to exclude from scans and real time protection.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderFileExtensionsToExcludeNextLink(String defenderFileExtensionsToExcludeNextLink)
“File extensions to exclude from scans and real time protection.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderFilesAndFoldersToExclude(List<String> defenderFilesAndFoldersToExclude)
“Files and folder to exclude from scans and real time protection.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderFilesAndFoldersToExcludeNextLink(String defenderFilesAndFoldersToExcludeNextLink)
“Files and folder to exclude from scans and real time protection.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderGuardedFoldersAllowedAppPaths(List<String> defenderGuardedFoldersAllowedAppPaths)
“List of paths to exe that are allowed to access protected folders”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderGuardedFoldersAllowedAppPathsNextLink(String defenderGuardedFoldersAllowedAppPathsNextLink)
“List of paths to exe that are allowed to access protected folders”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderGuardMyFoldersType(FolderProtectionType defenderGuardMyFoldersType)
“Value indicating the behavior of protected folders”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderNetworkProtectionType(DefenderProtectionType defenderNetworkProtectionType)
“Value indicating the behavior of NetworkProtection”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeAppsExecutableContentCreationOrLaunch(DefenderProtectionType defenderOfficeAppsExecutableContentCreationOrLaunch)
“Value indicating the behavior of Office applications/macros creating or
launching executable content”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeAppsExecutableContentCreationOrLaunchType(DefenderAttackSurfaceType defenderOfficeAppsExecutableContentCreationOrLaunchType)
“Value indicating the behavior of Office applications/macros creating or
launching executable content”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeAppsLaunchChildProcess(DefenderProtectionType defenderOfficeAppsLaunchChildProcess)
“Value indicating the behavior of Office application launching child processes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeAppsLaunchChildProcessType(DefenderAttackSurfaceType defenderOfficeAppsLaunchChildProcessType)
“Value indicating the behavior of Office application launching child processes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeAppsOtherProcessInjection(DefenderProtectionType defenderOfficeAppsOtherProcessInjection)
“Value indicating the behavior of Office applications injecting into other
processes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeAppsOtherProcessInjectionType(DefenderAttackSurfaceType defenderOfficeAppsOtherProcessInjectionType)
“Value indicating the behavior of Office applications injecting into other
processes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeCommunicationAppsLaunchChildProcess(DefenderProtectionType defenderOfficeCommunicationAppsLaunchChildProcess)
“Value indicating the behavior of Office communication applications, including
Microsoft Outlook, from creating child processes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeMacroCodeAllowWin32Imports(DefenderProtectionType defenderOfficeMacroCodeAllowWin32Imports)
“Value indicating the behavior of Win32 imports from Macro code in Office”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderOfficeMacroCodeAllowWin32ImportsType(DefenderAttackSurfaceType defenderOfficeMacroCodeAllowWin32ImportsType)
“Value indicating the behavior of Win32 imports from Macro code in Office”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderPotentiallyUnwantedAppAction(DefenderProtectionType defenderPotentiallyUnwantedAppAction)
“Added in Windows 10, version 1607.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderPreventCredentialStealingType(DefenderProtectionType defenderPreventCredentialStealingType)
“Value indicating if credential stealing from the Windows local security
authority subsystem is permitted”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderProcessCreation(DefenderProtectionType defenderProcessCreation)
“Value indicating response to process creations originating from PSExec and WMI
commands”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderProcessCreationType(DefenderAttackSurfaceType defenderProcessCreationType)
“Value indicating response to process creations originating from PSExec and WMI
commands”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderProcessesToExclude(List<String> defenderProcessesToExclude)
“Processes to exclude from scans and real time protection.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderProcessesToExcludeNextLink(String defenderProcessesToExcludeNextLink)
“Processes to exclude from scans and real time protection.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScanDirection(DefenderRealtimeScanDirection defenderScanDirection)
“Controls which sets of files should be monitored.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScanMaxCpuPercentage(Integer defenderScanMaxCpuPercentage)
“Represents the average CPU load factor for the Windows Defender scan (in percent
).
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScanType(DefenderScanType defenderScanType)
“Selects whether to perform a quick scan or full scan.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScheduledQuickScanTime(LocalTime defenderScheduledQuickScanTime)
“Selects the time of day that the Windows Defender quick scan should run.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScheduledScanDay(WeeklySchedule defenderScheduledScanDay)
“Selects the day that the Windows Defender scan should run.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScheduledScanTime(LocalTime defenderScheduledScanTime)
“Selects the time of day that the Windows Defender scan should run.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScriptDownloadedPayloadExecution(DefenderProtectionType defenderScriptDownloadedPayloadExecution)
“Value indicating the behavior of js/vbs executing payload downloaded from
Internet”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScriptDownloadedPayloadExecutionType(DefenderAttackSurfaceType defenderScriptDownloadedPayloadExecutionType)
“Value indicating the behavior of js/vbs executing payload downloaded from
Internet”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScriptObfuscatedMacroCode(DefenderProtectionType defenderScriptObfuscatedMacroCode)
“Value indicating the behavior of obfuscated js/vbs/ps/macro code”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderScriptObfuscatedMacroCodeType(DefenderAttackSurfaceType defenderScriptObfuscatedMacroCodeType)
“Value indicating the behavior of obfuscated js/vbs/ps/macro code”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterBlockExploitProtectionOverride(Boolean defenderSecurityCenterBlockExploitProtectionOverride)
“Indicates whether or not to block user from overriding Exploit Protection
settings.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableAccountUI(Boolean defenderSecurityCenterDisableAccountUI)
“Used to disable the display of the account protection area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableAppBrowserUI(Boolean defenderSecurityCenterDisableAppBrowserUI)
“Used to disable the display of the app and browser protection area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableClearTpmUI(Boolean defenderSecurityCenterDisableClearTpmUI)
“Used to disable the display of the Clear TPM button.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableFamilyUI(Boolean defenderSecurityCenterDisableFamilyUI)
“Used to disable the display of the family options area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableHardwareUI(Boolean defenderSecurityCenterDisableHardwareUI)
“Used to disable the display of the hardware protection area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableHealthUI(Boolean defenderSecurityCenterDisableHealthUI)
“Used to disable the display of the device performance and health area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableNetworkUI(Boolean defenderSecurityCenterDisableNetworkUI)
“Used to disable the display of the firewall and network protection area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableNotificationAreaUI(Boolean defenderSecurityCenterDisableNotificationAreaUI)
“Used to disable the display of the notification area control.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableRansomwareUI(Boolean defenderSecurityCenterDisableRansomwareUI)
“Used to disable the display of the ransomware protection area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableSecureBootUI(Boolean defenderSecurityCenterDisableSecureBootUI)
“Used to disable the display of the secure boot area under Device security.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableTroubleshootingUI(Boolean defenderSecurityCenterDisableTroubleshootingUI)
“Used to disable the display of the security process troubleshooting under Device
security.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableVirusUI(Boolean defenderSecurityCenterDisableVirusUI)
“Used to disable the display of the virus and threat protection area.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI(Boolean defenderSecurityCenterDisableVulnerableTpmFirmwareUpdateUI)
“Used to disable the display of update TPM Firmware when a vulnerable firmware is
detected.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterHelpEmail(String defenderSecurityCenterHelpEmail)
“The email address that is displayed to users.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterHelpPhone(String defenderSecurityCenterHelpPhone)
“The phone number or Skype ID that is displayed to users.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterHelpURL(String defenderSecurityCenterHelpURL)
“The help portal URL this is displayed to users.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterITContactDisplay(DefenderSecurityCenterITContactDisplayType defenderSecurityCenterITContactDisplay)
“Configure where to display IT contact information to end users.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterNotificationsFromApp(DefenderSecurityCenterNotificationsFromAppType defenderSecurityCenterNotificationsFromApp)
“Notifications to show from the displayed areas of app”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSecurityCenterOrganizationDisplayName(String defenderSecurityCenterOrganizationDisplayName)
“The company name that is displayed to the users.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSignatureUpdateIntervalInHours(Integer defenderSignatureUpdateIntervalInHours)
“Specifies the interval (in hours) that will be used to check for signatures, so
instead of using the ScheduleDay and ScheduleTime the check for new signatures
will be set according to the interval.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderSubmitSamplesConsentType(DefenderSubmitSamplesConsentType defenderSubmitSamplesConsentType)
“Checks for the user consent level in Windows Defender to send data.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderUntrustedExecutable(DefenderProtectionType defenderUntrustedExecutable)
“Value indicating response to executables that don't meet a prevalence, age, or
trusted list criteria”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderUntrustedExecutableType(DefenderAttackSurfaceType defenderUntrustedExecutableType)
“Value indicating response to executables that don't meet a prevalence, age, or
trusted list criteria”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderUntrustedUSBProcess(DefenderProtectionType defenderUntrustedUSBProcess)
“Value indicating response to untrusted and unsigned processes that run from USB”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.defenderUntrustedUSBProcessType(DefenderAttackSurfaceType defenderUntrustedUSBProcessType)
“Value indicating response to untrusted and unsigned processes that run from USB”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.description(String description) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceGuardEnableSecureBootWithDMA(Boolean deviceGuardEnableSecureBootWithDMA)
“This property will be deprecated in May 2019 and will be replaced with property
DeviceGuardSecureBootWithDMA.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceGuardEnableVirtualizationBasedSecurity(Boolean deviceGuardEnableVirtualizationBasedSecurity)
“Turns On Virtualization Based Security(VBS).”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceGuardLaunchSystemGuard(Enablement deviceGuardLaunchSystemGuard)
“Allows the IT admin to configure the launch of System Guard.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceGuardLocalSystemAuthorityCredentialGuardSettings(DeviceGuardLocalSystemAuthorityCredentialGuardType deviceGuardLocalSystemAuthorityCredentialGuardSettings)
“Turn on Credential Guard when Platform Security Level with Secure Boot and
Virtualization Based Security are both enabled.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceGuardSecureBootWithDMA(SecureBootWithDMAType deviceGuardSecureBootWithDMA)
“Specifies whether Platform Security Level is enabled at next reboot.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceManagementApplicabilityRuleDeviceMode(DeviceManagementApplicabilityRuleDeviceMode deviceManagementApplicabilityRuleDeviceMode) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceManagementApplicabilityRuleOsEdition(DeviceManagementApplicabilityRuleOsEdition deviceManagementApplicabilityRuleOsEdition) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.deviceManagementApplicabilityRuleOsVersion(DeviceManagementApplicabilityRuleOsVersion deviceManagementApplicabilityRuleOsVersion) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.displayName(String displayName) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.dmaGuardDeviceEnumerationPolicy(DmaGuardDeviceEnumerationPolicyType dmaGuardDeviceEnumerationPolicy)
“This policy is intended to provide additional security against external DMA
capable devices.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallBlockStatefulFTP(Boolean firewallBlockStatefulFTP)
“Blocks stateful FTP connections to the device”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallCertificateRevocationListCheckMethod(FirewallCertificateRevocationListCheckMethodType firewallCertificateRevocationListCheckMethod)
“Specify how the certificate revocation list is to be enforced”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallIdleTimeoutForSecurityAssociationInSeconds(Integer firewallIdleTimeoutForSecurityAssociationInSeconds)
“Configures the idle timeout for security associations, in seconds, from 300 to
3600 inclusive.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallIPSecExemptionsAllowDHCP(Boolean firewallIPSecExemptionsAllowDHCP)
“Configures IPSec exemptions to allow both IPv4 and IPv6 DHCP traffic”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallIPSecExemptionsAllowICMP(Boolean firewallIPSecExemptionsAllowICMP)
“Configures IPSec exemptions to allow ICMP”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallIPSecExemptionsAllowNeighborDiscovery(Boolean firewallIPSecExemptionsAllowNeighborDiscovery)
“Configures IPSec exemptions to allow neighbor discovery IPv6 ICMP type-codes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallIPSecExemptionsAllowRouterDiscovery(Boolean firewallIPSecExemptionsAllowRouterDiscovery)
“Configures IPSec exemptions to allow router discovery IPv6 ICMP type-codes”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallMergeKeyingModuleSettings(Boolean firewallMergeKeyingModuleSettings)
“If an authentication set is not fully supported by a keying module, direct the
module to ignore only unsupported authentication suites rather than the entire
set”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallPacketQueueingMethod(FirewallPacketQueueingMethodType firewallPacketQueueingMethod)
“Configures how packet queueing should be applied in the tunnel gateway scenario”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallPreSharedKeyEncodingMethod(FirewallPreSharedKeyEncodingMethodType firewallPreSharedKeyEncodingMethod)
“Select the preshared key encoding to be used”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallProfileDomain(WindowsFirewallNetworkProfile firewallProfileDomain)
“Configures the firewall profile settings for domain networks”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallProfilePrivate(WindowsFirewallNetworkProfile firewallProfilePrivate)
“Configures the firewall profile settings for private networks”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallProfilePublic(WindowsFirewallNetworkProfile firewallProfilePublic)
“Configures the firewall profile settings for public networks”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallRules(List<WindowsFirewallRule> firewallRules)
“Configures the firewall rule settings.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.firewallRulesNextLink(String firewallRulesNextLink)
“Configures the firewall rule settings.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.id(String id) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.lanManagerAuthenticationLevel(LanManagerAuthenticationLevel lanManagerAuthenticationLevel)
“This security setting determines which challenge/response authentication
protocol is used for network logons.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.lanManagerWorkstationDisableInsecureGuestLogons(Boolean lanManagerWorkstationDisableInsecureGuestLogons)
“If enabled,the SMB client will allow insecure guest logons.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.lastModifiedDateTime(OffsetDateTime lastModifiedDateTime) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAdministratorAccountName(String localSecurityOptionsAdministratorAccountName)
“Define a different account name to be associated with the security identifier (
SID) for the account “Administrator”.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAdministratorElevationPromptBehavior(LocalSecurityOptionsAdministratorElevationPromptBehaviorType localSecurityOptionsAdministratorElevationPromptBehavior)
“Define the behavior of the elevation prompt for admins in Admin Approval Mode.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares(Boolean localSecurityOptionsAllowAnonymousEnumerationOfSAMAccountsAndShares)
“This security setting determines whether to allows anonymous users to perform
certain activities, such as enumerating the names of domain accounts and network
shares.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowPKU2UAuthenticationRequests(Boolean localSecurityOptionsAllowPKU2UAuthenticationRequests)
“Block PKU2U authentication requests to this device to use online identities.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager(String localSecurityOptionsAllowRemoteCallsToSecurityAccountsManager)
“Edit the default Security Descriptor Definition Language string to allow or deny
users and groups to make remote calls to the SAM.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool(Boolean localSecurityOptionsAllowRemoteCallsToSecurityAccountsManagerHelperBool)
“UI helper boolean for
LocalSecurityOptionsAllowRemoteCallsToSecurityAccountsManager entity”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn(Boolean localSecurityOptionsAllowSystemToBeShutDownWithoutHavingToLogOn)
“This security setting determines whether a computer can be shut down without
having to log on to Windows.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowUIAccessApplicationElevation(Boolean localSecurityOptionsAllowUIAccessApplicationElevation)
“Allow UIAccess apps to prompt for elevation without using the secure desktop.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowUIAccessApplicationsForSecureLocations(Boolean localSecurityOptionsAllowUIAccessApplicationsForSecureLocations)
“Allow UIAccess apps to prompt for elevation without using the secure desktop.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsAllowUndockWithoutHavingToLogon(Boolean localSecurityOptionsAllowUndockWithoutHavingToLogon)
“Prevent a portable computer from being undocked without having to log in.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsBlockMicrosoftAccounts(Boolean localSecurityOptionsBlockMicrosoftAccounts)
“Prevent users from adding new Microsoft accounts to this computer.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsBlockRemoteLogonWithBlankPassword(Boolean localSecurityOptionsBlockRemoteLogonWithBlankPassword)
“Enable Local accounts that are not password protected to log on from locations
other than the physical device.Default is enabled”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsBlockRemoteOpticalDriveAccess(Boolean localSecurityOptionsBlockRemoteOpticalDriveAccess)
“Enabling this settings allows only interactively logged on user to access CD-ROM
media.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsBlockUsersInstallingPrinterDrivers(Boolean localSecurityOptionsBlockUsersInstallingPrinterDrivers)
“Restrict installing printer drivers as part of connecting to a shared printer to
admins only.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsClearVirtualMemoryPageFile(Boolean localSecurityOptionsClearVirtualMemoryPageFile)
“This security setting determines whether the virtual memory pagefile is cleared
when the system is shut down.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsClientDigitallySignCommunicationsAlways(Boolean localSecurityOptionsClientDigitallySignCommunicationsAlways)
“This security setting determines whether packet signing is required by the SMB
client component.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers(Boolean localSecurityOptionsClientSendUnencryptedPasswordToThirdPartySMBServers)
“If this security setting is enabled, the Server Message Block (SMB) redirector
is allowed to send plaintext passwords to non-Microsoft SMB servers that do not
support password encryption during authentication.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation(Boolean localSecurityOptionsDetectApplicationInstallationsAndPromptForElevation)
“App installations requiring elevated privileges will prompt for admin
credentials.Default is enabled”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDisableAdministratorAccount(Boolean localSecurityOptionsDisableAdministratorAccount)
“Determines whether the Local Administrator account is enabled or disabled.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees(Boolean localSecurityOptionsDisableClientDigitallySignCommunicationsIfServerAgrees)
“This security setting determines whether the SMB client attempts to negotiate
SMB packet signing.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDisableGuestAccount(Boolean localSecurityOptionsDisableGuestAccount)
“Determines if the Guest account is enabled or disabled.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDisableServerDigitallySignCommunicationsAlways(Boolean localSecurityOptionsDisableServerDigitallySignCommunicationsAlways)
“This security setting determines whether packet signing is required by the SMB
server component.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees(Boolean localSecurityOptionsDisableServerDigitallySignCommunicationsIfClientAgrees)
“This security setting determines whether the SMB server will negotiate SMB
packet signing with clients that request it.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts(Boolean localSecurityOptionsDoNotAllowAnonymousEnumerationOfSAMAccounts)
“This security setting determines what additional permissions will be granted for
anonymous connections to the computer.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDoNotRequireCtrlAltDel(Boolean localSecurityOptionsDoNotRequireCtrlAltDel)
“Require CTRL+ALT+DEL to be pressed before a user can log on.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange(Boolean localSecurityOptionsDoNotStoreLANManagerHashValueOnNextPasswordChange)
“This security setting determines if, at the next password change, the LAN
Manager (LM) hash value for the new password is stored.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser(LocalSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUserType localSecurityOptionsFormatAndEjectOfRemovableMediaAllowedUser)
“Define who is allowed to format and eject removable NTFS media.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsGuestAccountName(String localSecurityOptionsGuestAccountName)
“Define a different account name to be associated with the security identifier (
SID) for the account “Guest”.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsHideLastSignedInUser(Boolean localSecurityOptionsHideLastSignedInUser)
“Do not display the username of the last person who signed in on this device.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsHideUsernameAtSignIn(Boolean localSecurityOptionsHideUsernameAtSignIn)
“Do not display the username of the person signing in to this device after
credentials are entered and before the device’s desktop is shown.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsInformationDisplayedOnLockScreen(LocalSecurityOptionsInformationDisplayedOnLockScreenType localSecurityOptionsInformationDisplayedOnLockScreen)
“Configure the user information that is displayed when the session is locked.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsInformationShownOnLockScreen(LocalSecurityOptionsInformationShownOnLockScreenType localSecurityOptionsInformationShownOnLockScreen)
“Configure the user information that is displayed when the session is locked.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsLogOnMessageText(String localSecurityOptionsLogOnMessageText)
“Set message text for users attempting to log in.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsLogOnMessageTitle(String localSecurityOptionsLogOnMessageTitle)
“Set message title for users attempting to log in.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsMachineInactivityLimit(Integer localSecurityOptionsMachineInactivityLimit)
“Define maximum minutes of inactivity on the interactive desktop’s login screen
until the screen saver runs.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsMachineInactivityLimitInMinutes(Integer localSecurityOptionsMachineInactivityLimitInMinutes)
“Define maximum minutes of inactivity on the interactive desktop’s login screen
until the screen saver runs.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients(LocalSecurityOptionsMinimumSessionSecurity localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedClients)
“This security setting allows a client to require the negotiation of 128-bit
encryption and/or NTLMv2 session security.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers(LocalSecurityOptionsMinimumSessionSecurity localSecurityOptionsMinimumSessionSecurityForNtlmSspBasedServers)
“This security setting allows a server to require the negotiation of 128-bit
encryption and/or NTLMv2 session security.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsOnlyElevateSignedExecutables(Boolean localSecurityOptionsOnlyElevateSignedExecutables)
“Enforce PKI certification path validation for a given executable file before it
is permitted to run.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares(Boolean localSecurityOptionsRestrictAnonymousAccessToNamedPipesAndShares)
“By default, this security setting restricts anonymous access to shares and pipes
to the settings for named pipes that can be accessed anonymously and Shares that
can be accessed anonymously”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsSmartCardRemovalBehavior(LocalSecurityOptionsSmartCardRemovalBehaviorType localSecurityOptionsSmartCardRemovalBehavior)
“This security setting determines what happens when the smart card for a logged-
on user is removed from the smart card reader.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsStandardUserElevationPromptBehavior(LocalSecurityOptionsStandardUserElevationPromptBehaviorType localSecurityOptionsStandardUserElevationPromptBehavior)
“Define the behavior of the elevation prompt for standard users.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation(Boolean localSecurityOptionsSwitchToSecureDesktopWhenPromptingForElevation)
“Enable all elevation requests to go to the interactive user's desktop rather
than the secure desktop.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsUseAdminApprovalMode(Boolean localSecurityOptionsUseAdminApprovalMode)
“Defines whether the built-in admin account uses Admin Approval Mode or runs all
apps with full admin privileges.Default is enabled”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsUseAdminApprovalModeForAdministrators(Boolean localSecurityOptionsUseAdminApprovalModeForAdministrators)
“Define whether Admin Approval Mode and all UAC policy settings are enabled,
default is enabled”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations(Boolean localSecurityOptionsVirtualizeFileAndRegistryWriteFailuresToPerUserLocations)
“Virtualize file and registry write failures to per user locations”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.roleScopeTagIds(List<String> roleScopeTagIds) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.roleScopeTagIdsNextLink(String roleScopeTagIdsNextLink) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.smartScreenBlockOverrideForFiles(Boolean smartScreenBlockOverrideForFiles)
“Allows IT Admins to control whether users can can ignore SmartScreen warnings
and run malicious files.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.smartScreenEnableInShell(Boolean smartScreenEnableInShell)
“Allows IT Admins to configure SmartScreen for Windows.”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.supportsScopeTags(Boolean supportsScopeTags) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsAccessCredentialManagerAsTrustedCaller(DeviceManagementUserRightsSetting userRightsAccessCredentialManagerAsTrustedCaller)
“This user right is used by Credential Manager during Backup/Restore.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsActAsPartOfTheOperatingSystem(DeviceManagementUserRightsSetting userRightsActAsPartOfTheOperatingSystem)
“This user right allows a process to impersonate any user without authentication.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsAllowAccessFromNetwork(DeviceManagementUserRightsSetting userRightsAllowAccessFromNetwork)
“This user right determines which users and groups are allowed to connect to the
computer over the network.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsBackupData(DeviceManagementUserRightsSetting userRightsBackupData)
“This user right determines which users can bypass file, directory, registry, and
other persistent objects permissions when backing up files and directories.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsBlockAccessFromNetwork(DeviceManagementUserRightsSetting userRightsBlockAccessFromNetwork)
“This user right determines which users and groups are block from connecting to
the computer over the network.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsChangeSystemTime(DeviceManagementUserRightsSetting userRightsChangeSystemTime)
“This user right determines which users and groups can change the time and date
on the internal clock of the computer.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsCreateGlobalObjects(DeviceManagementUserRightsSetting userRightsCreateGlobalObjects)
“This security setting determines whether users can create global objects that
are available to all sessions.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsCreatePageFile(DeviceManagementUserRightsSetting userRightsCreatePageFile)
“This user right determines which users and groups can call an internal API to
create and change the size of a page file.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsCreatePermanentSharedObjects(DeviceManagementUserRightsSetting userRightsCreatePermanentSharedObjects)
“This user right determines which accounts can be used by processes to create a
directory object using the object manager.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsCreateSymbolicLinks(DeviceManagementUserRightsSetting userRightsCreateSymbolicLinks)
“This user right determines if the user can create a symbolic link from the
computer to which they are logged on.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsCreateToken(DeviceManagementUserRightsSetting userRightsCreateToken)
“This user right determines which users/groups can be used by processes to create
a token that can then be used to get access to any local resources when the
process uses an internal API to create an access token.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsDebugPrograms(DeviceManagementUserRightsSetting userRightsDebugPrograms)
“This user right determines which users can attach a debugger to any process or
to the kernel.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsDelegation(DeviceManagementUserRightsSetting userRightsDelegation)
“This user right determines which users can set the Trusted for Delegation
setting on a user or computer object.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsDenyLocalLogOn(DeviceManagementUserRightsSetting userRightsDenyLocalLogOn)
“This user right determines which users cannot log on to the computer.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsGenerateSecurityAudits(DeviceManagementUserRightsSetting userRightsGenerateSecurityAudits)
“This user right determines which accounts can be used by a process to add
entries to the security log.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsImpersonateClient(DeviceManagementUserRightsSetting userRightsImpersonateClient)
“Assigning this user right to a user allows programs running on behalf of that
user to impersonate a client.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsIncreaseSchedulingPriority(DeviceManagementUserRightsSetting userRightsIncreaseSchedulingPriority)
“This user right determines which accounts can use a process with Write Property
access to another process to increase the execution priority assigned to the
other process.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsLoadUnloadDrivers(DeviceManagementUserRightsSetting userRightsLoadUnloadDrivers)
“This user right determines which users can dynamically load and unload device
drivers or other code in to kernel mode.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsLocalLogOn(DeviceManagementUserRightsSetting userRightsLocalLogOn)
“This user right determines which users can log on to the computer.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsLockMemory(DeviceManagementUserRightsSetting userRightsLockMemory)
“This user right determines which accounts can use a process to keep data in
physical memory, which prevents the system from paging the data to virtual
memory on disk.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsManageAuditingAndSecurityLogs(DeviceManagementUserRightsSetting userRightsManageAuditingAndSecurityLogs)
“This user right determines which users can specify object access auditing
options for individual resources, such as files, Active Directory objects, and
registry keys.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsManageVolumes(DeviceManagementUserRightsSetting userRightsManageVolumes)
“This user right determines which users and groups can run maintenance tasks on a
volume, such as remote defragmentation.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsModifyFirmwareEnvironment(DeviceManagementUserRightsSetting userRightsModifyFirmwareEnvironment)
“This user right determines who can modify firmware environment values.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsModifyObjectLabels(DeviceManagementUserRightsSetting userRightsModifyObjectLabels)
“This user right determines which user accounts can modify the integrity label of
objects, such as files, registry keys, or processes owned by other users.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsProfileSingleProcess(DeviceManagementUserRightsSetting userRightsProfileSingleProcess)
“This user right determines which users can use performance monitoring tools to
monitor the performance of system processes.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsRemoteDesktopServicesLogOn(DeviceManagementUserRightsSetting userRightsRemoteDesktopServicesLogOn)
“This user right determines which users and groups are prohibited from logging on
as a Remote Desktop Services client.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsRemoteShutdown(DeviceManagementUserRightsSetting userRightsRemoteShutdown)
“This user right determines which users are allowed to shut down a computer from
a remote location on the network.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsRestoreData(DeviceManagementUserRightsSetting userRightsRestoreData)
“This user right determines which users can bypass file, directory, registry, and
other persistent objects permissions when restoring backed up files and
directories, and determines which users can set any valid security principal as
the owner of an object.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.userRightsTakeOwnership(DeviceManagementUserRightsSetting userRightsTakeOwnership)
“This user right determines which users can take ownership of any securable
object in the system, including Active Directory objects, files and folders,
printers, registry keys, processes, and threads.
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.version(Integer version) |
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.windowsDefenderTamperProtection(WindowsDefenderTamperProtectionOptions windowsDefenderTamperProtection)
“Configure windows defender TamperProtection settings”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.xboxServicesAccessoryManagementServiceStartupMode(ServiceStartType xboxServicesAccessoryManagementServiceStartupMode)
“This setting determines whether the Accessory management service's start type is
Automatic(2), Manual(3), Disabled(4).
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.xboxServicesEnableXboxGameSaveTask(Boolean xboxServicesEnableXboxGameSaveTask)
“This setting determines whether xbox game save is enabled (1) or disabled (0).”
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.xboxServicesLiveAuthManagerServiceStartupMode(ServiceStartType xboxServicesLiveAuthManagerServiceStartupMode)
“This setting determines whether Live Auth Manager service's start type is
Automatic(2), Manual(3), Disabled(4).
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.xboxServicesLiveGameSaveServiceStartupMode(ServiceStartType xboxServicesLiveGameSaveServiceStartupMode)
“This setting determines whether Live Game save service's start type is Automatic
(2), Manual(3), Disabled(4).
|
Windows10EndpointProtectionConfiguration.Builder |
Windows10EndpointProtectionConfiguration.Builder.xboxServicesLiveNetworkingServiceStartupMode(ServiceStartType xboxServicesLiveNetworkingServiceStartupMode)
“This setting determines whether Networking service's start type is Automatic(2),
Manual(3), Disabled(4).
|
Copyright © 2018–2020. All rights reserved.