< Back

Update-DeviceAppManagement_DefaultManagedAppProtections

Sat Jan 18, 2020 2:09 pm

NAME Update-DeviceAppManagement_DefaultManagedAppProtections



SYNOPSIS

Updates a "microsoft.graph.defaultManagedAppProtection".





SYNTAX

Update-DeviceAppManagement_DefaultManagedAppProtections -defaultManagedAppProtectionId <string>

[-allowedDataStorageLocations <string[]>] [-allowedInboundDataTransferSources <string>]

[-allowedOutboundClipboardSharingLevel <string>] [-allowedOutboundDataTransferDestinations <string>]

[-appDataEncryptionType <string>] [-apps <object[]>] [-contactSyncBlocked <bool>] [-createdDateTime

<DateTimeOffset>] [-customSettings <object[]>] [-dataBackupBlocked <bool>] [-deployedAppCount <int>]

[-deploymentSummary <object>] [-description <string>] [-deviceComplianceRequired <bool>]

[-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>] [-disableAppPinIfDevicePinIsSet <bool>] [-displayName

<string>] [-encryptAppData <bool>] [-faceIdBlocked <bool>] [-fingerprintBlocked <bool>] [-lastModifiedDateTime

<DateTimeOffset>] [-managedBrowserToOpenLinksRequired <bool>] [-maximumPinRetries <int>] [-minimumPinLength <int>]

[-minimumRequiredAppVersion <string>] [-minimumRequiredOsVersion <string>] [-minimumRequiredPatchVersion <string>]

[-minimumRequiredSdkVersion <string>] [-minimumWarningAppVersion <string>] [-minimumWarningOsVersion <string>]

[-minimumWarningPatchVersion <string>] [-organizationalCredentialsRequired <bool>] [-periodBeforePinReset

<TimeSpan>] [-periodOfflineBeforeAccessCheck <TimeSpan>] [-periodOfflineBeforeWipeIsEnforced <TimeSpan>]

[-periodOnlineBeforeAccessCheck <TimeSpan>] [-pinCharacterSet <string>] [-pinRequired <bool>] [-printBlocked

<bool>] [-saveAsBlocked <bool>] [-screenCaptureBlocked <bool>] [-simplePinBlocked <bool>] [-version <string>]

[<CommonParameters>]



Update-DeviceAppManagement_DefaultManagedAppProtections -defaultManagedAppProtectionId <string> -ODataType

<string> [-allowedDataStorageLocations <string[]>] [-allowedInboundDataTransferSources <string>]

[-allowedOutboundClipboardSharingLevel <string>] [-allowedOutboundDataTransferDestinations <string>]

[-appDataEncryptionType <string>] [-apps <object[]>] [-contactSyncBlocked <bool>] [-createdDateTime

<DateTimeOffset>] [-customSettings <object[]>] [-dataBackupBlocked <bool>] [-deployedAppCount <int>]

[-deploymentSummary <object>] [-description <string>] [-deviceComplianceRequired <bool>]

[-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>] [-disableAppPinIfDevicePinIsSet <bool>] [-displayName

<string>] [-encryptAppData <bool>] [-faceIdBlocked <bool>] [-fingerprintBlocked <bool>] [-lastModifiedDateTime

<DateTimeOffset>] [-managedBrowserToOpenLinksRequired <bool>] [-maximumPinRetries <int>] [-minimumPinLength <int>]

[-minimumRequiredAppVersion <string>] [-minimumRequiredOsVersion <string>] [-minimumRequiredPatchVersion <string>]

[-minimumRequiredSdkVersion <string>] [-minimumWarningAppVersion <string>] [-minimumWarningOsVersion <string>]

[-minimumWarningPatchVersion <string>] [-organizationalCredentialsRequired <bool>] [-periodBeforePinReset

<TimeSpan>] [-periodOfflineBeforeAccessCheck <TimeSpan>] [-periodOfflineBeforeWipeIsEnforced <TimeSpan>]

[-periodOnlineBeforeAccessCheck <TimeSpan>] [-pinCharacterSet <string>] [-pinRequired <bool>] [-printBlocked

<bool>] [-saveAsBlocked <bool>] [-screenCaptureBlocked <bool>] [-simplePinBlocked <bool>] [-version <string>]

[<CommonParameters>]





DESCRIPTION

Updates a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections" collection.



Default managed app policies.



Graph Call: PATCH ~/deviceAppManagement/defaultManagedAppProtections





PARAMETERS

-defaultManagedAppProtectionId <string>

The ID for a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections"

collection.



Required? true

Position? named

Default value

Accept pipeline input? true (ByPropertyName)

Accept wildcard characters? false



-appDataEncryptionType <string>

The "appDataEncryptionType" property, of type "microsoft.graph.managedAppDataEncryptionType".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Type of encryption which should be used for data in a managed app. (iOS Only)



Valid values: 'useDeviceSettings', 'afterDeviceRestart', 'whenDeviceLockedExceptOpenFiles', 'whenDeviceLocked'



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-screenCaptureBlocked <bool>

The "screenCaptureBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether screen capture is blocked. (Android only)



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-encryptAppData <bool>

The "encryptAppData" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether managed-app data should be encrypted. (Android only)



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-disableAppEncryptionIfDeviceEncryptionIsEnabled <bool>

The "disableAppEncryptionIfDeviceEncryptionIsEnabled" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



When this setting is enabled, app level encryption is disabled if device level encryption is enabled. (Android

only)



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-minimumRequiredSdkVersion <string>

The "minimumRequiredSdkVersion" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Versions less than the specified version will block the managed app from accessing company data. (iOS Only)



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-customSettings <object[]>

The "customSettings" property, of type "microsoft.graph.keyValuePair".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



A set of string key and string value pairs to be sent to the affected users, unalterned by this service



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-deployedAppCount <int>

The "deployedAppCount" property, of type "Edm.Int32".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Count of apps to which the current policy is deployed.



Required? false

Position? named

Default value 0

Accept pipeline input? false

Accept wildcard characters? false



-minimumRequiredPatchVersion <string>

The "minimumRequiredPatchVersion" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Define the oldest required Android security patch level a user can have to gain secure access to the app.

(Android only)



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-minimumWarningPatchVersion <string>

The "minimumWarningPatchVersion" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Define the oldest recommended Android security patch level a user can have for secure access to the app.

(Android only)



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-faceIdBlocked <bool>

The "faceIdBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether use of the FaceID is allowed in place of a pin if PinRequired is set to True. (iOS Only)



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-apps <object[]>

The "apps" property, of type "microsoft.graph.managedMobileApp".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



List of apps to which the policy is deployed.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-deploymentSummary <object>

The "deploymentSummary" property, of type "microsoft.graph.managedAppPolicyDeploymentSummary".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Navigation property to deployment summary of the configuration.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-periodOfflineBeforeAccessCheck <TimeSpan>

The "periodOfflineBeforeAccessCheck" property, of type "Edm.Duration".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



The period after which access is checked when the device is not connected to the internet.



Required? false

Position? named

Default value 00:00:00

Accept pipeline input? false

Accept wildcard characters? false



-periodOnlineBeforeAccessCheck <TimeSpan>

The "periodOnlineBeforeAccessCheck" property, of type "Edm.Duration".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



The period after which access is checked when the device is connected to the internet.



Required? false

Position? named

Default value 00:00:00

Accept pipeline input? false

Accept wildcard characters? false



-allowedInboundDataTransferSources <string>

The "allowedInboundDataTransferSources" property, of type "microsoft.graph.managedAppDataTransferLevel".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Sources from which data is allowed to be transferred.



Valid values: 'allApps', 'managedApps', 'none'



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-allowedOutboundDataTransferDestinations <string>

The "allowedOutboundDataTransferDestinations" property, of type "microsoft.graph.managedAppDataTransferLevel".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Destinations to which data is allowed to be transferred.



Valid values: 'allApps', 'managedApps', 'none'



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-organizationalCredentialsRequired <bool>

The "organizationalCredentialsRequired" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether organizational credentials are required for app use.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-allowedOutboundClipboardSharingLevel <string>

The "allowedOutboundClipboardSharingLevel" property, of type "microsoft.graph.managedAppClipboardSharingLevel".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



The level to which the clipboard may be shared between apps on the managed device.



Valid values: 'allApps', 'managedAppsWithPasteIn', 'managedApps', 'blocked'



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-dataBackupBlocked <bool>

The "dataBackupBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether the backup of a managed app's data is blocked.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-deviceComplianceRequired <bool>

The "deviceComplianceRequired" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether device compliance is required.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-managedBrowserToOpenLinksRequired <bool>

The "managedBrowserToOpenLinksRequired" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether internet links should be opened in the managed browser app.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-saveAsBlocked <bool>

The "saveAsBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether users may use the "Save As" menu item to save a copy of protected files.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-periodOfflineBeforeWipeIsEnforced <TimeSpan>

The "periodOfflineBeforeWipeIsEnforced" property, of type "Edm.Duration".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



The amount of time an app is allowed to remain disconnected from the internet before all managed data it is

wiped.



Required? false

Position? named

Default value 00:00:00

Accept pipeline input? false

Accept wildcard characters? false



-pinRequired <bool>

The "pinRequired" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether an app-level pin is required.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-maximumPinRetries <int>

The "maximumPinRetries" property, of type "Edm.Int32".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Maximum number of incorrect pin retry attempts before the managed app is either blocked or wiped.



Required? false

Position? named

Default value 0

Accept pipeline input? false

Accept wildcard characters? false



-simplePinBlocked <bool>

The "simplePinBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether simplePin is blocked.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-minimumPinLength <int>

The "minimumPinLength" property, of type "Edm.Int32".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Minimum pin length required for an app-level pin if PinRequired is set to True



Required? false

Position? named

Default value 0

Accept pipeline input? false

Accept wildcard characters? false



-pinCharacterSet <string>

The "pinCharacterSet" property, of type "microsoft.graph.managedAppPinCharacterSet".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Character set which may be used for an app-level pin if PinRequired is set to True.



Valid values: 'numeric', 'alphanumericAndSymbol'



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-periodBeforePinReset <TimeSpan>

The "periodBeforePinReset" property, of type "Edm.Duration".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



TimePeriod before the all-level pin must be reset if PinRequired is set to True.



Required? false

Position? named

Default value 00:00:00

Accept pipeline input? false

Accept wildcard characters? false



-allowedDataStorageLocations <string[]>

The "allowedDataStorageLocations" property, of type "microsoft.graph.managedAppDataStorageLocation".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Data storage locations where a user may store managed data.



Valid values: 'oneDriveForBusiness', 'sharePoint', 'localStorage'



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-contactSyncBlocked <bool>

The "contactSyncBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether contacts can be synced to the user's device.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-printBlocked <bool>

The "printBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether printing is allowed from managed apps.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-fingerprintBlocked <bool>

The "fingerprintBlocked" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether use of the fingerprint reader is allowed in place of a pin if PinRequired is set to True.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-disableAppPinIfDevicePinIsSet <bool>

The "disableAppPinIfDevicePinIsSet" property, of type "Edm.Boolean".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Indicates whether use of the app pin is required if the device pin is set.



Required? false

Position? named

Default value False

Accept pipeline input? false

Accept wildcard characters? false



-minimumRequiredOsVersion <string>

The "minimumRequiredOsVersion" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Versions less than the specified version will block the managed app from accessing company data.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-minimumWarningOsVersion <string>

The "minimumWarningOsVersion" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Versions less than the specified version will result in warning message on the managed app from accessing

company data.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-minimumRequiredAppVersion <string>

The "minimumRequiredAppVersion" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Versions less than the specified version will block the managed app from accessing company data.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-minimumWarningAppVersion <string>

The "minimumWarningAppVersion" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Versions less than the specified version will result in warning message on the managed app.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-displayName <string>

The "displayName" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Policy display name.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-description <string>

The "description" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



The policy's description.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-createdDateTime <DateTimeOffset>

The "createdDateTime" property, of type "Edm.DateTimeOffset".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



The date and time the policy was created.



Required? false

Position? named

Default value 1/1/0001 12:00:00 AM +00:00

Accept pipeline input? false

Accept wildcard characters? false



-lastModifiedDateTime <DateTimeOffset>

The "lastModifiedDateTime" property, of type "Edm.DateTimeOffset".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Last time the policy was modified.



Required? false

Position? named

Default value 1/1/0001 12:00:00 AM +00:00

Accept pipeline input? false

Accept wildcard characters? false



-version <string>

The "version" property, of type "Edm.String".



This property is on the "microsoft.graph.defaultManagedAppProtection" type.



Version of the entity.



Required? false

Position? named

Default value

Accept pipeline input? false

Accept wildcard characters? false



-ODataType <string>

The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.



Required? true

Position? named

Default value

Accept pipeline input? true (ByPropertyName)

Accept wildcard characters? false



-@odata.type <string>

The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.



This is an alias of the ODataType parameter.



Required? true

Position? named

Default value

Accept pipeline input? true (ByPropertyName)

Accept wildcard characters? false



<CommonParameters>

This cmdlet supports the common parameters: Verbose, Debug,

ErrorAction, ErrorVariable, WarningAction, WarningVariable,

OutBuffer, PipelineVariable, and OutVariable. For more information, see

about_CommonParameters (https:/go.microsoft.com/fwlink/?LinkID=113216).



INPUTS

System.String

The ID for a "microsoft.graph.defaultManagedAppProtection" object in the "defaultManagedAppProtections"

collection.



System.String

The value provided in a search result (i.e. GET on a collection) in the "@odata.type" property.





OUTPUTS





RELATED LINKS

GitHub Repository https://github.com/Microsoft/Intune-PowerShell-SDK