< Back
Update-DeviceAppManagement_DefaultManagedAppProtections
Post
NAME Update-DeviceAppManagement_DefaultManagedAppProtections
SYNOPSIS
Updates a "microsoft.graph.defaultManagedAppProtection".
SYNTAX
Update-DeviceAppManagement_DefaultManagedAppProtections -defaultManagedAppProtectionId <string>
[-allowedDataStorageLocations <string[]>] [-allowedInboundDataTransferSources <string>]
[-allowedOutboundClipboardSharingLevel <string>] [-allowedOutboundDataTransferDestinations <string>]
[-appDataEncryptionType <string>] [-apps <object[]>] [-contactSyncBlocked <bool>] [-createdDateTime
<DateTimeOffset>] [-customSettings <object[]>] [-dataBackupBlocked <bool>] [-deployedAppCount <int>]
[-deploymentSummary <object>] [-description <string>] [-deviceComplianceRequired <bool>]
[-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>] [-disableAppPinIfDevicePinIsSet <bool>] [-displayName
<string>] [-encryptAppData <bool>] [-faceIdBlocked <bool>] [-fingerprintBlocked <bool>] [-lastModifiedDateTime
<DateTimeOffset>] [-managedBrowserToOpenLinksRequired <bool>] [-maximumPinRetries <int>] [-minimumPinLength <int>]
[-minimumRequiredAppVersion <string>] [-minimumRequiredOsVersion <string>] [-minimumRequiredPatchVersion <string>]
[-minimumRequiredSdkVersion <string>] [-minimumWarningAppVersion <string>] [-minimumWarningOsVersion <string>]
[-minimumWarningPatchVersion <string>] [-organizationalCredentialsRequired <bool>] [-periodBeforePinReset
<TimeSpan>] [-periodOfflineBeforeAccessCheck <TimeSpan>] [-periodOfflineBeforeWipeIsEnforced <TimeSpan>]
[-periodOnlineBeforeAccessCheck <TimeSpan>] [-pinCharacterSet <string>] [-pinRequired <bool>] [-printBlocked
<bool>] [-saveAsBlocked <bool>] [-screenCaptureBlocked <bool>] [-simplePinBlocked <bool>] [-version <string>]
[<CommonParameters>]
Update-DeviceAppManagement_DefaultManagedAppProtections -defaultManagedAppProtectionId <string> -ODataType
<string> [-allowedDataStorageLocations <string[]>] [-allowedInboundDataTransferSources <string>]
[-allowedOutboundClipboardSharingLevel <string>] [-allowedOutboundDataTransferDestinations <string>]
[-appDataEncryptionType <string>] [-apps <object[]>] [-contactSyncBlocked <bool>] [-createdDateTime
<DateTimeOffset>] [-customSettings <object[]>] [-dataBackupBlocked <bool>] [-deployedAppCount <int>]
[-deploymentSummary <object>] [-description <string>] [-deviceComplianceRequired <bool>]
[-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>] [-disableAppPinIfDevicePinIsSet <bool>] [-displayName
<string>] [-encryptAppData <bool>] [-faceIdBlocked <bool>] [-fingerprintBlocked <bool>] [-lastModifiedDateTime
<DateTimeOffset>] [-managedBrowserToOpenLinksRequired <bool>] [-maximumPinRetries <int>] [-minimumPinLength <int>]
[-minimumRequiredAppVersion <string>] [-minimumRequiredOsVersion <string>] [-minimumRequiredPatchVersion <string>]
[-minimumRequiredSdkVersion <string>] [-minimumWarningAppVersion <string>] [-minimumWarningOsVersion <string>]
[-minimumWarningPatchVersion <string>] [-organizationalCredentialsRequired <bool>] [-periodBeforePinReset
<TimeSpan>] [-periodOfflineBeforeAccessCheck <TimeSpan>] [-periodOfflineBeforeWipeIsEnforced <TimeSpan>]
[-periodOnlineBeforeAccessCheck <TimeSpan>] [-pinCharacterSet <string>] [-pinRequired <bool>] [-printBlocked
<bool>] [-saveAsBlocked <bool>] [-screenCaptureBlocked <bool>] [-simplePinBlocked <bool>] [-version <string>]
[<CommonParameters>]
DESCRIPTION
Updates a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections" collection.
Default managed app policies.
Graph Call: PATCH ~/deviceAppManagement/defaultManagedAppProtections
PARAMETERS
-defaultManagedAppProtectionId <string>
The ID for a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections"
collection.
Required? true
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-appDataEncryptionType <string>
The "appDataEncryptionType" property, of type "microsoft.graph.managedAppDataEncryptionType".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Type of encryption which should be used for data in a managed app. (iOS Only)
Valid values: 'useDeviceSettings', 'afterDeviceRestart', 'whenDeviceLockedExceptOpenFiles', 'whenDeviceLocked'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-screenCaptureBlocked <bool>
The "screenCaptureBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether screen capture is blocked. (Android only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-encryptAppData <bool>
The "encryptAppData" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether managed-app data should be encrypted. (Android only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>
The "disableAppEncryptionIfDeviceEncryptionIsEnabled" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android
only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredSdkVersion <string>
The "minimumRequiredSdkVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will block the managed app from accessing company data. (iOS Only)
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-customSettings <object[]>
The "customSettings" property, of type "microsoft.graph.keyValuePair".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
A set of string key and string value pairs to be sent to the affected users, unalterned by this service
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-deployedAppCount <int>
The "deployedAppCount" property, of type "Edm.Int32".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Count of apps to which the current policy is deployed.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredPatchVersion <string>
The "minimumRequiredPatchVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Define the oldest required Android security patch level a user can have to gain secure access to the app.
(Android only)
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumWarningPatchVersion <string>
The "minimumWarningPatchVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Define the oldest recommended Android security patch level a user can have for secure access to the app.
(Android only)
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-faceIdBlocked <bool>
The "faceIdBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-apps <object[]>
The "apps" property, of type "microsoft.graph.managedMobileApp".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
List of apps to which the policy is deployed.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-deploymentSummary <object>
The "deploymentSummary" property, of type "microsoft.graph.managedAppPolicyDeploymentSummary".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Navigation property to deployment summary of the configuration.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-periodOfflineBeforeAccessCheck <TimeSpan>
The "periodOfflineBeforeAccessCheck" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The period after which access is checked when the device is not connected to the internet.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-periodOnlineBeforeAccessCheck <TimeSpan>
The "periodOnlineBeforeAccessCheck" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The period after which access is checked when the device is connected to the internet.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-allowedInboundDataTransferSources <string>
The "allowedInboundDataTransferSources" property, of type "microsoft.graph.managedAppDataTransferLevel".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Sources from which data is allowed to be transferred.
Valid values: 'allApps', 'managedApps', 'none'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-allowedOutboundDataTransferDestinations <string>
The "allowedOutboundDataTransferDestinations" property, of type "microsoft.graph.managedAppDataTransferLevel".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Destinations to which data is allowed to be transferred.
Valid values: 'allApps', 'managedApps', 'none'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-organizationalCredentialsRequired <bool>
The "organizationalCredentialsRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether organizational credentials are required for app use.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-allowedOutboundClipboardSharingLevel <string>
The "allowedOutboundClipboardSharingLevel" property, of type "microsoft.graph.managedAppClipboardSharingLevel".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The level to which the clipboard may be shared between apps on the managed device.
Valid values: 'allApps', 'managedAppsWithPasteIn', 'managedApps', 'blocked'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-dataBackupBlocked <bool>
The "dataBackupBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether the backup of a managed app's data is blocked.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-deviceComplianceRequired <bool>
The "deviceComplianceRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether device compliance is required.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-managedBrowserToOpenLinksRequired <bool>
The "managedBrowserToOpenLinksRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether internet links should be opened in the managed browser app.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-saveAsBlocked <bool>
The "saveAsBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether users may use the "Save As" menu item to save a copy of protected files.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-periodOfflineBeforeWipeIsEnforced <TimeSpan>
The "periodOfflineBeforeWipeIsEnforced" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The amount of time an app is allowed to remain disconnected from the internet before all managed data it is
wiped.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-pinRequired <bool>
The "pinRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether an app-level pin is required.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-maximumPinRetries <int>
The "maximumPinRetries" property, of type "Edm.Int32".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-simplePinBlocked <bool>
The "simplePinBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether simplePin is blocked.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-minimumPinLength <int>
The "minimumPinLength" property, of type "Edm.Int32".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Minimum pin length required for an app-level pin if PinRequired is set to True
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-pinCharacterSet <string>
The "pinCharacterSet" property, of type "microsoft.graph.managedAppPinCharacterSet".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Character set which may be used for an app-level pin if PinRequired is set to True.
Valid values: 'numeric', 'alphanumericAndSymbol'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-periodBeforePinReset <TimeSpan>
The "periodBeforePinReset" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
TimePeriod before the all-level pin must be reset if PinRequired is set to True.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-allowedDataStorageLocations <string[]>
The "allowedDataStorageLocations" property, of type "microsoft.graph.managedAppDataStorageLocation".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Data storage locations where a user may store managed data.
Valid values: 'oneDriveForBusiness', 'sharePoint', 'localStorage'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-contactSyncBlocked <bool>
The "contactSyncBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether contacts can be synced to the user's device.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-printBlocked <bool>
The "printBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether printing is allowed from managed apps.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-fingerprintBlocked <bool>
The "fingerprintBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-disableAppPinIfDevicePinIsSet <bool>
The "disableAppPinIfDevicePinIsSet" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether use of the app pin is required if the device pin is set.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredOsVersion <string>
The "minimumRequiredOsVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will block the managed app from accessing company data.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumWarningOsVersion <string>
The "minimumWarningOsVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will result in warning message on the managed app from accessing
company data.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredAppVersion <string>
The "minimumRequiredAppVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will block the managed app from accessing company data.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumWarningAppVersion <string>
The "minimumWarningAppVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will result in warning message on the managed app.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-displayName <string>
The "displayName" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Policy display name.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-description <string>
The "description" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The policy's description.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-createdDateTime <DateTimeOffset>
The "createdDateTime" property, of type "Edm.DateTimeOffset".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The date and time the policy was created.
Required? false
Position? named
Default value 1/1/0001 12:00:00 AM +00:00
Accept pipeline input? false
Accept wildcard characters? false
-lastModifiedDateTime <DateTimeOffset>
The "lastModifiedDateTime" property, of type "Edm.DateTimeOffset".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Last time the policy was modified.
Required? false
Position? named
Default value 1/1/0001 12:00:00 AM +00:00
Accept pipeline input? false
Accept wildcard characters? false
-version <string>
The "version" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Version of the entity.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ODataType <string>
The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.
Required? true
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-@odata.type <string>
The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.
This is an alias of the ODataType parameter.
Required? true
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
System.String
The ID for a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections"
collection.
System.String
The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.
OUTPUTS
RELATED LINKS
GitHub Repository https://github.com/Microsoft/Intune-PowerShell-SDK
SYNOPSIS
Updates a "microsoft.graph.defaultManagedAppProtection".
SYNTAX
Update-DeviceAppManagement_DefaultManagedAppProtections -defaultManagedAppProtectionId <string>
[-allowedDataStorageLocations <string[]>] [-allowedInboundDataTransferSources <string>]
[-allowedOutboundClipboardSharingLevel <string>] [-allowedOutboundDataTransferDestinations <string>]
[-appDataEncryptionType <string>] [-apps <object[]>] [-contactSyncBlocked <bool>] [-createdDateTime
<DateTimeOffset>] [-customSettings <object[]>] [-dataBackupBlocked <bool>] [-deployedAppCount <int>]
[-deploymentSummary <object>] [-description <string>] [-deviceComplianceRequired <bool>]
[-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>] [-disableAppPinIfDevicePinIsSet <bool>] [-displayName
<string>] [-encryptAppData <bool>] [-faceIdBlocked <bool>] [-fingerprintBlocked <bool>] [-lastModifiedDateTime
<DateTimeOffset>] [-managedBrowserToOpenLinksRequired <bool>] [-maximumPinRetries <int>] [-minimumPinLength <int>]
[-minimumRequiredAppVersion <string>] [-minimumRequiredOsVersion <string>] [-minimumRequiredPatchVersion <string>]
[-minimumRequiredSdkVersion <string>] [-minimumWarningAppVersion <string>] [-minimumWarningOsVersion <string>]
[-minimumWarningPatchVersion <string>] [-organizationalCredentialsRequired <bool>] [-periodBeforePinReset
<TimeSpan>] [-periodOfflineBeforeAccessCheck <TimeSpan>] [-periodOfflineBeforeWipeIsEnforced <TimeSpan>]
[-periodOnlineBeforeAccessCheck <TimeSpan>] [-pinCharacterSet <string>] [-pinRequired <bool>] [-printBlocked
<bool>] [-saveAsBlocked <bool>] [-screenCaptureBlocked <bool>] [-simplePinBlocked <bool>] [-version <string>]
[<CommonParameters>]
Update-DeviceAppManagement_DefaultManagedAppProtections -defaultManagedAppProtectionId <string> -ODataType
<string> [-allowedDataStorageLocations <string[]>] [-allowedInboundDataTransferSources <string>]
[-allowedOutboundClipboardSharingLevel <string>] [-allowedOutboundDataTransferDestinations <string>]
[-appDataEncryptionType <string>] [-apps <object[]>] [-contactSyncBlocked <bool>] [-createdDateTime
<DateTimeOffset>] [-customSettings <object[]>] [-dataBackupBlocked <bool>] [-deployedAppCount <int>]
[-deploymentSummary <object>] [-description <string>] [-deviceComplianceRequired <bool>]
[-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>] [-disableAppPinIfDevicePinIsSet <bool>] [-displayName
<string>] [-encryptAppData <bool>] [-faceIdBlocked <bool>] [-fingerprintBlocked <bool>] [-lastModifiedDateTime
<DateTimeOffset>] [-managedBrowserToOpenLinksRequired <bool>] [-maximumPinRetries <int>] [-minimumPinLength <int>]
[-minimumRequiredAppVersion <string>] [-minimumRequiredOsVersion <string>] [-minimumRequiredPatchVersion <string>]
[-minimumRequiredSdkVersion <string>] [-minimumWarningAppVersion <string>] [-minimumWarningOsVersion <string>]
[-minimumWarningPatchVersion <string>] [-organizationalCredentialsRequired <bool>] [-periodBeforePinReset
<TimeSpan>] [-periodOfflineBeforeAccessCheck <TimeSpan>] [-periodOfflineBeforeWipeIsEnforced <TimeSpan>]
[-periodOnlineBeforeAccessCheck <TimeSpan>] [-pinCharacterSet <string>] [-pinRequired <bool>] [-printBlocked
<bool>] [-saveAsBlocked <bool>] [-screenCaptureBlocked <bool>] [-simplePinBlocked <bool>] [-version <string>]
[<CommonParameters>]
DESCRIPTION
Updates a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections" collection.
Default managed app policies.
Graph Call: PATCH ~/deviceAppManagement/defaultManagedAppProtections
PARAMETERS
-defaultManagedAppProtectionId <string>
The ID for a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections"
collection.
Required? true
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-appDataEncryptionType <string>
The "appDataEncryptionType" property, of type "microsoft.graph.managedAppDataEncryptionType".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Type of encryption which should be used for data in a managed app. (iOS Only)
Valid values: 'useDeviceSettings', 'afterDeviceRestart', 'whenDeviceLockedExceptOpenFiles', 'whenDeviceLocked'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-screenCaptureBlocked <bool>
The "screenCaptureBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether screen capture is blocked. (Android only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-encryptAppData <bool>
The "encryptAppData" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether managed-app data should be encrypted. (Android only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>
The "disableAppEncryptionIfDeviceEncryptionIsEnabled" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android
only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredSdkVersion <string>
The "minimumRequiredSdkVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will block the managed app from accessing company data. (iOS Only)
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-customSettings <object[]>
The "customSettings" property, of type "microsoft.graph.keyValuePair".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
A set of string key and string value pairs to be sent to the affected users, unalterned by this service
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-deployedAppCount <int>
The "deployedAppCount" property, of type "Edm.Int32".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Count of apps to which the current policy is deployed.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredPatchVersion <string>
The "minimumRequiredPatchVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Define the oldest required Android security patch level a user can have to gain secure access to the app.
(Android only)
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumWarningPatchVersion <string>
The "minimumWarningPatchVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Define the oldest recommended Android security patch level a user can have for secure access to the app.
(Android only)
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-faceIdBlocked <bool>
The "faceIdBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only)
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-apps <object[]>
The "apps" property, of type "microsoft.graph.managedMobileApp".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
List of apps to which the policy is deployed.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-deploymentSummary <object>
The "deploymentSummary" property, of type "microsoft.graph.managedAppPolicyDeploymentSummary".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Navigation property to deployment summary of the configuration.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-periodOfflineBeforeAccessCheck <TimeSpan>
The "periodOfflineBeforeAccessCheck" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The period after which access is checked when the device is not connected to the internet.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-periodOnlineBeforeAccessCheck <TimeSpan>
The "periodOnlineBeforeAccessCheck" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The period after which access is checked when the device is connected to the internet.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-allowedInboundDataTransferSources <string>
The "allowedInboundDataTransferSources" property, of type "microsoft.graph.managedAppDataTransferLevel".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Sources from which data is allowed to be transferred.
Valid values: 'allApps', 'managedApps', 'none'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-allowedOutboundDataTransferDestinations <string>
The "allowedOutboundDataTransferDestinations" property, of type "microsoft.graph.managedAppDataTransferLevel".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Destinations to which data is allowed to be transferred.
Valid values: 'allApps', 'managedApps', 'none'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-organizationalCredentialsRequired <bool>
The "organizationalCredentialsRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether organizational credentials are required for app use.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-allowedOutboundClipboardSharingLevel <string>
The "allowedOutboundClipboardSharingLevel" property, of type "microsoft.graph.managedAppClipboardSharingLevel".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The level to which the clipboard may be shared between apps on the managed device.
Valid values: 'allApps', 'managedAppsWithPasteIn', 'managedApps', 'blocked'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-dataBackupBlocked <bool>
The "dataBackupBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether the backup of a managed app's data is blocked.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-deviceComplianceRequired <bool>
The "deviceComplianceRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether device compliance is required.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-managedBrowserToOpenLinksRequired <bool>
The "managedBrowserToOpenLinksRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether internet links should be opened in the managed browser app.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-saveAsBlocked <bool>
The "saveAsBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether users may use the "Save As" menu item to save a copy of protected files.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-periodOfflineBeforeWipeIsEnforced <TimeSpan>
The "periodOfflineBeforeWipeIsEnforced" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The amount of time an app is allowed to remain disconnected from the internet before all managed data it is
wiped.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-pinRequired <bool>
The "pinRequired" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether an app-level pin is required.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-maximumPinRetries <int>
The "maximumPinRetries" property, of type "Edm.Int32".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-simplePinBlocked <bool>
The "simplePinBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether simplePin is blocked.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-minimumPinLength <int>
The "minimumPinLength" property, of type "Edm.Int32".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Minimum pin length required for an app-level pin if PinRequired is set to True
Required? false
Position? named
Default value 0
Accept pipeline input? false
Accept wildcard characters? false
-pinCharacterSet <string>
The "pinCharacterSet" property, of type "microsoft.graph.managedAppPinCharacterSet".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Character set which may be used for an app-level pin if PinRequired is set to True.
Valid values: 'numeric', 'alphanumericAndSymbol'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-periodBeforePinReset <TimeSpan>
The "periodBeforePinReset" property, of type "Edm.Duration".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
TimePeriod before the all-level pin must be reset if PinRequired is set to True.
Required? false
Position? named
Default value 00:00:00
Accept pipeline input? false
Accept wildcard characters? false
-allowedDataStorageLocations <string[]>
The "allowedDataStorageLocations" property, of type "microsoft.graph.managedAppDataStorageLocation".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Data storage locations where a user may store managed data.
Valid values: 'oneDriveForBusiness', 'sharePoint', 'localStorage'
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-contactSyncBlocked <bool>
The "contactSyncBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether contacts can be synced to the user's device.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-printBlocked <bool>
The "printBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether printing is allowed from managed apps.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-fingerprintBlocked <bool>
The "fingerprintBlocked" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-disableAppPinIfDevicePinIsSet <bool>
The "disableAppPinIfDevicePinIsSet" property, of type "Edm.Boolean".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Indicates whether use of the app pin is required if the device pin is set.
Required? false
Position? named
Default value False
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredOsVersion <string>
The "minimumRequiredOsVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will block the managed app from accessing company data.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumWarningOsVersion <string>
The "minimumWarningOsVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will result in warning message on the managed app from accessing
company data.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumRequiredAppVersion <string>
The "minimumRequiredAppVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will block the managed app from accessing company data.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-minimumWarningAppVersion <string>
The "minimumWarningAppVersion" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Versions less than the specified version will result in warning message on the managed app.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-displayName <string>
The "displayName" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Policy display name.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-description <string>
The "description" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The policy's description.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-createdDateTime <DateTimeOffset>
The "createdDateTime" property, of type "Edm.DateTimeOffset".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
The date and time the policy was created.
Required? false
Position? named
Default value 1/1/0001 12:00:00 AM +00:00
Accept pipeline input? false
Accept wildcard characters? false
-lastModifiedDateTime <DateTimeOffset>
The "lastModifiedDateTime" property, of type "Edm.DateTimeOffset".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Last time the policy was modified.
Required? false
Position? named
Default value 1/1/0001 12:00:00 AM +00:00
Accept pipeline input? false
Accept wildcard characters? false
-version <string>
The "version" property, of type "Edm.String".
This property is on the "microsoft.graph.defaultManagedAppProtection" type.
Version of the entity.
Required? false
Position? named
Default value
Accept pipeline input? false
Accept wildcard characters? false
-ODataType <string>
The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.
Required? true
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
-@odata.type <string>
The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.
This is an alias of the ODataType parameter.
Required? true
Position? named
Default value
Accept pipeline input? true (ByPropertyName)
Accept wildcard characters? false
<CommonParameters>
This cmdlet supports the common parameters: Verbose, Debug,
ErrorAction, ErrorVariable, WarningAction, WarningVariable,
OutBuffer, PipelineVariable, and OutVariable. For more information, see
about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).
INPUTS
System.String
The ID for a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections"
collection.
System.String
The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.
OUTPUTS
RELATED LINKS
GitHub Repository https://github.com/Microsoft/Intune-PowerShell-SDK