通过JSON(oData)模板

时间:2017-04-11 23:21:30

标签: azure-active-directory azure-ad-graph-api intune

我正在尝试创建一个JSON模板,通过Graph api创建Intune(基于Office 365)策略。我可以为某些URI创建策略,例如条款和条件,但其他URI。我尝试为odata创建

microsoft.graph.iosEasEmailProfileConfiguration

它没有给出错误400。 我想知道它是否适用于任何人以及如何

2 个答案:

答案 0 :(得分:0)

如果您在MS Graph API中遇到400个错误,则可以使用Azure支持创建一个案例。

我没有尝试你提到的那个。但是,在使用可怜的Microsoft Graph API文档将我的头撞在墙上几周之后,我已经找到了其中几个。

合规政策:

POST https://graph.microsoft.com/v1.0/deviceManagement/deviceCompliancePolicies 

   {
    "@odata.type": "microsoft.graph.androidCompliancePolicy",
    "displayName": "Android",
    "passwordRequired": true,
    "passwordMinimumLength": 4,
    "passwordRequiredType": "numericComplex",
    "passwordMinutesOfInactivityBeforeLock": 15,
    "storageRequireEncryption": true,
    "scheduledActionsForRule":[{"ruleName":"Mark device noncompliaant","scheduledActionConfigurations":[{"actionType":"block","gracePeriodHours":72,"notificationTemplateId":""}]}]
    }

设备配置政策:

POST https://graph.microsoft.com/v1.0/deviceManagement/deviceConfigurations 

{
            "@odata.type": "#microsoft.graph.androidGeneralDeviceConfiguration",
            "description": "",
            "displayName": "Device restriction - Android",
            "passwordBlockFingerprintUnlock": false,
            "passwordBlockTrustAgents": false,
            "passwordExpirationDays": null,
            "passwordMinimumLength": 4,
            "passwordMinutesOfInactivityBeforeScreenTimeout": 15,
            "passwordPreviousPasswordBlockCount": null,
            "passwordSignInFailureCountBeforeFactoryReset": 11,
            "passwordRequiredType": "numericComplex",
            "passwordRequired": true,
            "storageRequireDeviceEncryption": true
}

我还想出了品牌,群组,设置MDM权限,设置更新环以及添加Windows hello设置。

但我无法弄清楚如何为组分配合规性策略。 MS Graph API文档中的示例只会引发错误。

我也无法在Graph API中找到我可以在Intune中进行condidtional访问的位置以及我如何控制Azure AD中的设备设置。

答案 1 :(得分:0)

您可以使用以下示例有效内容对设备管理/设备配置执行 POST 

{
    "id": "00000000-0000-0000-0000-000000000000",
    "displayName": "profile name",
    "description": "profile description",
    "scopeTags": [],
    "@odata.type": "#microsoft.graph.iosEasEmailProfileConfiguration",
    "blockMovingMessagesToOtherEmailAccounts": false,
    "blockSendingEmailFromThirdPartyApps": false,
    "blockSyncingRecentlyUsedEmailAddresses": false,
    "durationOfEmailToSync": "userDefined",
    "requireSmime": false,
    "requireSsl": true,
    "hostName": "outlook.microsoft.com",
    "accountName": "Account name",
    "usernameSource": "userPrincipalName",
    "emailAddressSource": "userPrincipalName",
    "authenticationMethod": "usernameAndPassword"
}
相关问题
最新问题