1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
// Code generated by msgraph-generate.go DO NOT EDIT.
package msgraph
// BitLockerFixedDrivePolicy undocumented
type BitLockerFixedDrivePolicy struct {
// Object is the base model of BitLockerFixedDrivePolicy
Object
// EncryptionMethod Select the encryption method for fixed drives.
EncryptionMethod *BitLockerEncryptionMethod `json:"encryptionMethod,omitempty"`
// RequireEncryptionForWriteAccess This policy setting determines whether BitLocker protection is required for fixed data drives to be writable on a computer.
RequireEncryptionForWriteAccess *bool `json:"requireEncryptionForWriteAccess,omitempty"`
// RecoveryOptions This policy setting allows you to control how BitLocker-protected fixed data drives are recovered in the absence of the required credentials. This policy setting is applied when you turn on BitLocker.
RecoveryOptions *BitLockerRecoveryOptions `json:"recoveryOptions,omitempty"`
}
// BitLockerRecoveryOptions undocumented
type BitLockerRecoveryOptions struct {
// Object is the base model of BitLockerRecoveryOptions
Object
// BlockDataRecoveryAgent Indicates whether to block certificate-based data recovery agent.
BlockDataRecoveryAgent *bool `json:"blockDataRecoveryAgent,omitempty"`
// RecoveryPasswordUsage Indicates whether users are allowed or required to generate a 48-digit recovery password for fixed or system disk.
RecoveryPasswordUsage *ConfigurationUsage `json:"recoveryPasswordUsage,omitempty"`
// RecoveryKeyUsage Indicates whether users are allowed or required to generate a 256-bit recovery key for fixed or system disk.
RecoveryKeyUsage *ConfigurationUsage `json:"recoveryKeyUsage,omitempty"`
// HideRecoveryOptions Indicates whether or not to allow showing recovery options in BitLocker Setup Wizard for fixed or system disk.
HideRecoveryOptions *bool `json:"hideRecoveryOptions,omitempty"`
// EnableRecoveryInformationSaveToStore Indicates whether or not to allow BitLocker recovery information to store in AD DS.
EnableRecoveryInformationSaveToStore *bool `json:"enableRecoveryInformationSaveToStore,omitempty"`
// RecoveryInformationToStore Configure what pieces of BitLocker recovery information are stored to AD DS.
RecoveryInformationToStore *BitLockerRecoveryInformationType `json:"recoveryInformationToStore,omitempty"`
// EnableBitLockerAfterRecoveryInformationToStore Indicates whether or not to enable BitLocker until recovery information is stored in AD DS.
EnableBitLockerAfterRecoveryInformationToStore *bool `json:"enableBitLockerAfterRecoveryInformationToStore,omitempty"`
}
// BitLockerRemovableDrivePolicy undocumented
type BitLockerRemovableDrivePolicy struct {
// Object is the base model of BitLockerRemovableDrivePolicy
Object
// EncryptionMethod Select the encryption method for removable drives.
EncryptionMethod *BitLockerEncryptionMethod `json:"encryptionMethod,omitempty"`
// RequireEncryptionForWriteAccess Indicates whether to block write access to devices configured in another organization. If requireEncryptionForWriteAccess is false, this value does not affect.
RequireEncryptionForWriteAccess *bool `json:"requireEncryptionForWriteAccess,omitempty"`
// BlockCrossOrganizationWriteAccess This policy setting determines whether BitLocker protection is required for removable data drives to be writable on a computer.
BlockCrossOrganizationWriteAccess *bool `json:"blockCrossOrganizationWriteAccess,omitempty"`
}
// BitLockerSystemDrivePolicy undocumented
type BitLockerSystemDrivePolicy struct {
// Object is the base model of BitLockerSystemDrivePolicy
Object
// EncryptionMethod Select the encryption method for operating system drives.
EncryptionMethod *BitLockerEncryptionMethod `json:"encryptionMethod,omitempty"`
// StartupAuthenticationRequired Require additional authentication at startup.
StartupAuthenticationRequired *bool `json:"startupAuthenticationRequired,omitempty"`
// StartupAuthenticationBlockWithoutTpmChip Indicates whether to allow BitLocker without a compatible TPM (requires a password or a startup key on a USB flash drive).
StartupAuthenticationBlockWithoutTpmChip *bool `json:"startupAuthenticationBlockWithoutTpmChip,omitempty"`
// StartupAuthenticationTpmUsage Indicates if TPM startup is allowed/required/disallowed.
StartupAuthenticationTpmUsage *ConfigurationUsage `json:"startupAuthenticationTpmUsage,omitempty"`
// StartupAuthenticationTpmPinUsage Indicates if TPM startup pin is allowed/required/disallowed.
StartupAuthenticationTpmPinUsage *ConfigurationUsage `json:"startupAuthenticationTpmPinUsage,omitempty"`
// StartupAuthenticationTpmKeyUsage Indicates if TPM startup key is allowed/required/disallowed.
StartupAuthenticationTpmKeyUsage *ConfigurationUsage `json:"startupAuthenticationTpmKeyUsage,omitempty"`
// StartupAuthenticationTpmPinAndKeyUsage Indicates if TPM startup pin key and key are allowed/required/disallowed.
StartupAuthenticationTpmPinAndKeyUsage *ConfigurationUsage `json:"startupAuthenticationTpmPinAndKeyUsage,omitempty"`
// MinimumPinLength Indicates the minimum length of startup pin. Valid values 4 to 20
MinimumPinLength *int `json:"minimumPinLength,omitempty"`
// RecoveryOptions Allows to recover BitLocker encrypted operating system drives in the absence of the required startup key information. This policy setting is applied when you turn on BitLocker.
RecoveryOptions *BitLockerRecoveryOptions `json:"recoveryOptions,omitempty"`
// PrebootRecoveryEnableMessageAndURL Enable pre-boot recovery message and Url. If requireStartupAuthentication is false, this value does not affect.
PrebootRecoveryEnableMessageAndURL *bool `json:"prebootRecoveryEnableMessageAndUrl,omitempty"`
// PrebootRecoveryMessage Defines a custom recovery message.
PrebootRecoveryMessage *string `json:"prebootRecoveryMessage,omitempty"`
// PrebootRecoveryURL Defines a custom recovery URL.
PrebootRecoveryURL *string `json:"prebootRecoveryUrl,omitempty"`
}
|
