Package com.microsoft.graph.models

Class WindowsInformationProtection

java.lang.Object
com.microsoft.graph.models.Entity
com.microsoft.graph.models.ManagedAppPolicy
com.microsoft.graph.models.WindowsInformationProtection
All Implemented Interfaces:
com.microsoft.kiota.serialization.AdditionalDataHolder, com.microsoft.kiota.serialization.Parsable, com.microsoft.kiota.store.BackedModel
Direct Known Subclasses:
MdmWindowsInformationProtectionPolicy, WindowsInformationProtectionPolicy
@Generated("com.microsoft.kiota") public class WindowsInformationProtection extends ManagedAppPolicy implements com.microsoft.kiota.serialization.Parsable
Policy for Windows information protection to configure detailed management settings

  • Constructor Details

    • WindowsInformationProtection

      public WindowsInformationProtection()
      Instantiates a new WindowsInformationProtection and sets the default values.

  • Method Details

    • createFromDiscriminatorValue

      @Nonnull public static WindowsInformationProtection createFromDiscriminatorValue(@Nonnull com.microsoft.kiota.serialization.ParseNode parseNode)
      Creates a new instance of the appropriate class based on discriminator value
      Parameters:
      parseNode - The parse node to use to read the discriminator value and create the object
      Returns:
      a WindowsInformationProtection

    • getAssignments

      @Nullable public List<TargetedManagedAppPolicyAssignment> getAssignments()
      Gets the assignments property value. Navigation property to list of security groups targeted for policy.
      Returns:
      a List<TargetedManagedAppPolicyAssignment>

    • getAzureRightsManagementServicesAllowed

      @Nullable public Boolean getAzureRightsManagementServicesAllowed()
      Gets the azureRightsManagementServicesAllowed property value. Specifies whether to allow Azure RMS encryption for WIP
      Returns:
      a Boolean

    • getDataRecoveryCertificate

      @Nullable public WindowsInformationProtectionDataRecoveryCertificate getDataRecoveryCertificate()
      Gets the dataRecoveryCertificate property value. Specifies a recovery certificate that can be used for data recovery of encrypted files. This is the same as the data recovery agent(DRA) certificate for encrypting file system(EFS)
      Returns:
      a WindowsInformationProtectionDataRecoveryCertificate

    • getEnforcementLevel

      @Nullable public WindowsInformationProtectionEnforcementLevel getEnforcementLevel()
      Gets the enforcementLevel property value. Possible values for WIP Protection enforcement levels
      Returns:
      a WindowsInformationProtectionEnforcementLevel

    • getEnterpriseDomain

      @Nullable public String getEnterpriseDomain()
      Gets the enterpriseDomain property value. Primary enterprise domain
      Returns:
      a String

    • getEnterpriseInternalProxyServers

      @Nullable public List<WindowsInformationProtectionResourceCollection> getEnterpriseInternalProxyServers()
      Gets the enterpriseInternalProxyServers property value. This is the comma-separated list of internal proxy servers. For example, '157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59'. These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the EnterpriseProxiedDomains policy to force traffic to the matched domains through these proxies
      Returns:
      a List<WindowsInformationProtectionResourceCollection>

    • getEnterpriseIPRanges

      @Nullable public List<WindowsInformationProtectionIPRangeCollection> getEnterpriseIPRanges()
      Gets the enterpriseIPRanges property value. Sets the enterprise IP ranges that define the computers in the enterprise network. Data that comes from those computers will be considered part of the enterprise and protected. These locations will be considered a safe destination for enterprise data to be shared to
      Returns:
      a List<WindowsInformationProtectionIPRangeCollection>

    • getEnterpriseIPRangesAreAuthoritative

      @Nullable public Boolean getEnterpriseIPRangesAreAuthoritative()
      Gets the enterpriseIPRangesAreAuthoritative property value. Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets. Default is false
      Returns:
      a Boolean

    • getEnterpriseNetworkDomainNames

      @Nullable public List<WindowsInformationProtectionResourceCollection> getEnterpriseNetworkDomainNames()
      Gets the enterpriseNetworkDomainNames property value. This is the list of domains that comprise the boundaries of the enterprise. Data from one of these domains that is sent to a device will be considered enterprise data and protected These locations will be considered a safe destination for enterprise data to be shared to
      Returns:
      a List<WindowsInformationProtectionResourceCollection>

    • getEnterpriseProtectedDomainNames

      @Nullable public List<WindowsInformationProtectionResourceCollection> getEnterpriseProtectedDomainNames()
      Gets the enterpriseProtectedDomainNames property value. List of enterprise domains to be protected
      Returns:
      a List<WindowsInformationProtectionResourceCollection>

    • getEnterpriseProxiedDomains

      @Nullable public List<WindowsInformationProtectionProxiedDomainCollection> getEnterpriseProxiedDomains()
      Gets the enterpriseProxiedDomains property value. Contains a list of Enterprise resource domains hosted in the cloud that need to be protected. Connections to these resources are considered enterprise data. If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). A proxy server used for this purpose must also be configured using the EnterpriseInternalProxyServers policy
      Returns:
      a List<WindowsInformationProtectionProxiedDomainCollection>

    • getEnterpriseProxyServers

      @Nullable public List<WindowsInformationProtectionResourceCollection> getEnterpriseProxyServers()
      Gets the enterpriseProxyServers property value. This is a list of proxy servers. Any server not on this list is considered non-enterprise
      Returns:
      a List<WindowsInformationProtectionResourceCollection>

    • getEnterpriseProxyServersAreAuthoritative

      @Nullable public Boolean getEnterpriseProxyServersAreAuthoritative()
      Gets the enterpriseProxyServersAreAuthoritative property value. Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies. Default is false
      Returns:
      a Boolean

    • getExemptAppLockerFiles

      @Nullable public List<WindowsInformationProtectionAppLockerFile> getExemptAppLockerFiles()
      Gets the exemptAppLockerFiles property value. Another way to input exempt apps through xml files
      Returns:
      a List<WindowsInformationProtectionAppLockerFile>

    • getExemptApps

      @Nullable public List<WindowsInformationProtectionApp> getExemptApps()
      Gets the exemptApps property value. Exempt applications can also access enterprise data, but the data handled by those applications are not protected. This is because some critical enterprise applications may have compatibility problems with encrypted data.
      Returns:
      a List<WindowsInformationProtectionApp>

    • getFieldDeserializers

      @Nonnull public Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>> getFieldDeserializers()
      The deserialization information for the current model
      Specified by:
      getFieldDeserializers in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      getFieldDeserializers in class ManagedAppPolicy
      Returns:
      a Map<String,Consumer<com.microsoft.kiota.serialization.ParseNode>>

    • getIconsVisible

      @Nullable public Boolean getIconsVisible()
      Gets the iconsVisible property value. Determines whether overlays are added to icons for WIP protected files in Explorer and enterprise only app tiles in the Start menu. Starting in Windows 10, version 1703 this setting also configures the visibility of the WIP icon in the title bar of a WIP-protected app
      Returns:
      a Boolean

    • getIndexingEncryptedStoresOrItemsBlocked

      @Nullable public Boolean getIndexingEncryptedStoresOrItemsBlocked()
      Gets the indexingEncryptedStoresOrItemsBlocked property value. This switch is for the Windows Search Indexer, to allow or disallow indexing of items
      Returns:
      a Boolean

    • getIsAssigned

      @Nullable public Boolean getIsAssigned()
      Gets the isAssigned property value. Indicates if the policy is deployed to any inclusion groups or not.
      Returns:
      a Boolean

    • getNeutralDomainResources

      @Nullable public List<WindowsInformationProtectionResourceCollection> getNeutralDomainResources()
      Gets the neutralDomainResources property value. List of domain names that can used for work or personal resource
      Returns:
      a List<WindowsInformationProtectionResourceCollection>

    • getProtectedAppLockerFiles

      @Nullable public List<WindowsInformationProtectionAppLockerFile> getProtectedAppLockerFiles()
      Gets the protectedAppLockerFiles property value. Another way to input protected apps through xml files
      Returns:
      a List<WindowsInformationProtectionAppLockerFile>

    • getProtectedApps

      @Nullable public List<WindowsInformationProtectionApp> getProtectedApps()
      Gets the protectedApps property value. Protected applications can access enterprise data and the data handled by those applications are protected with encryption
      Returns:
      a List<WindowsInformationProtectionApp>

    • getProtectionUnderLockConfigRequired

      @Nullable public Boolean getProtectionUnderLockConfigRequired()
      Gets the protectionUnderLockConfigRequired property value. Specifies whether the protection under lock feature (also known as encrypt under pin) should be configured
      Returns:
      a Boolean

    • getRevokeOnUnenrollDisabled

      @Nullable public Boolean getRevokeOnUnenrollDisabled()
      Gets the revokeOnUnenrollDisabled property value. This policy controls whether to revoke the WIP keys when a device unenrolls from the management service. If set to 1 (Don't revoke keys), the keys will not be revoked and the user will continue to have access to protected files after unenrollment. If the keys are not revoked, there will be no revoked file cleanup subsequently.
      Returns:
      a Boolean

    • getRightsManagementServicesTemplateId

      @Nullable public UUID getRightsManagementServicesTemplateId()
      Gets the rightsManagementServicesTemplateId property value. TemplateID GUID to use for RMS encryption. The RMS template allows the IT admin to configure the details about who has access to RMS-protected file and how long they have access
      Returns:
      a UUID

    • getSmbAutoEncryptedFileExtensions

      @Nullable public List<WindowsInformationProtectionResourceCollection> getSmbAutoEncryptedFileExtensions()
      Gets the smbAutoEncryptedFileExtensions property value. Specifies a list of file extensions, so that files with these extensions are encrypted when copying from an SMB share within the corporate boundary
      Returns:
      a List<WindowsInformationProtectionResourceCollection>

    • serialize

      public void serialize(@Nonnull com.microsoft.kiota.serialization.SerializationWriter writer)
      Serializes information the current object
      Specified by:
      serialize in interface com.microsoft.kiota.serialization.Parsable
      Overrides:
      serialize in class ManagedAppPolicy
      Parameters:
      writer - Serialization writer to use to serialize this model

    • setAssignments

      public void setAssignments(@Nullable List<TargetedManagedAppPolicyAssignment> value)
      Sets the assignments property value. Navigation property to list of security groups targeted for policy.
      Parameters:
      value - Value to set for the assignments property.

    • setAzureRightsManagementServicesAllowed

      public void setAzureRightsManagementServicesAllowed(@Nullable Boolean value)
      Sets the azureRightsManagementServicesAllowed property value. Specifies whether to allow Azure RMS encryption for WIP
      Parameters:
      value - Value to set for the azureRightsManagementServicesAllowed property.

    • setDataRecoveryCertificate

      public void setDataRecoveryCertificate(@Nullable WindowsInformationProtectionDataRecoveryCertificate value)
      Sets the dataRecoveryCertificate property value. Specifies a recovery certificate that can be used for data recovery of encrypted files. This is the same as the data recovery agent(DRA) certificate for encrypting file system(EFS)
      Parameters:
      value - Value to set for the dataRecoveryCertificate property.

    • setEnforcementLevel

      public void setEnforcementLevel(@Nullable WindowsInformationProtectionEnforcementLevel value)
      Sets the enforcementLevel property value. Possible values for WIP Protection enforcement levels
      Parameters:
      value - Value to set for the enforcementLevel property.

    • setEnterpriseDomain

      public void setEnterpriseDomain(@Nullable String value)
      Sets the enterpriseDomain property value. Primary enterprise domain
      Parameters:
      value - Value to set for the enterpriseDomain property.

    • setEnterpriseInternalProxyServers

      public void setEnterpriseInternalProxyServers(@Nullable List<WindowsInformationProtectionResourceCollection> value)
      Sets the enterpriseInternalProxyServers property value. This is the comma-separated list of internal proxy servers. For example, '157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59'. These proxies have been configured by the admin to connect to specific resources on the Internet. They are considered to be enterprise network locations. The proxies are only leveraged in configuring the EnterpriseProxiedDomains policy to force traffic to the matched domains through these proxies
      Parameters:
      value - Value to set for the enterpriseInternalProxyServers property.

    • setEnterpriseIPRanges

      public void setEnterpriseIPRanges(@Nullable List<WindowsInformationProtectionIPRangeCollection> value)
      Sets the enterpriseIPRanges property value. Sets the enterprise IP ranges that define the computers in the enterprise network. Data that comes from those computers will be considered part of the enterprise and protected. These locations will be considered a safe destination for enterprise data to be shared to
      Parameters:
      value - Value to set for the enterpriseIPRanges property.

    • setEnterpriseIPRangesAreAuthoritative

      public void setEnterpriseIPRangesAreAuthoritative(@Nullable Boolean value)
      Sets the enterpriseIPRangesAreAuthoritative property value. Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets. Default is false
      Parameters:
      value - Value to set for the enterpriseIPRangesAreAuthoritative property.

    • setEnterpriseNetworkDomainNames

      public void setEnterpriseNetworkDomainNames(@Nullable List<WindowsInformationProtectionResourceCollection> value)
      Sets the enterpriseNetworkDomainNames property value. This is the list of domains that comprise the boundaries of the enterprise. Data from one of these domains that is sent to a device will be considered enterprise data and protected These locations will be considered a safe destination for enterprise data to be shared to
      Parameters:
      value - Value to set for the enterpriseNetworkDomainNames property.

    • setEnterpriseProtectedDomainNames

      public void setEnterpriseProtectedDomainNames(@Nullable List<WindowsInformationProtectionResourceCollection> value)
      Sets the enterpriseProtectedDomainNames property value. List of enterprise domains to be protected
      Parameters:
      value - Value to set for the enterpriseProtectedDomainNames property.

    • setEnterpriseProxiedDomains

      public void setEnterpriseProxiedDomains(@Nullable List<WindowsInformationProtectionProxiedDomainCollection> value)
      Sets the enterpriseProxiedDomains property value. Contains a list of Enterprise resource domains hosted in the cloud that need to be protected. Connections to these resources are considered enterprise data. If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). A proxy server used for this purpose must also be configured using the EnterpriseInternalProxyServers policy
      Parameters:
      value - Value to set for the enterpriseProxiedDomains property.

    • setEnterpriseProxyServers

      public void setEnterpriseProxyServers(@Nullable List<WindowsInformationProtectionResourceCollection> value)
      Sets the enterpriseProxyServers property value. This is a list of proxy servers. Any server not on this list is considered non-enterprise
      Parameters:
      value - Value to set for the enterpriseProxyServers property.

    • setEnterpriseProxyServersAreAuthoritative

      public void setEnterpriseProxyServersAreAuthoritative(@Nullable Boolean value)
      Sets the enterpriseProxyServersAreAuthoritative property value. Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies. Default is false
      Parameters:
      value - Value to set for the enterpriseProxyServersAreAuthoritative property.

    • setExemptAppLockerFiles

      public void setExemptAppLockerFiles(@Nullable List<WindowsInformationProtectionAppLockerFile> value)
      Sets the exemptAppLockerFiles property value. Another way to input exempt apps through xml files
      Parameters:
      value - Value to set for the exemptAppLockerFiles property.

    • setExemptApps

      public void setExemptApps(@Nullable List<WindowsInformationProtectionApp> value)
      Sets the exemptApps property value. Exempt applications can also access enterprise data, but the data handled by those applications are not protected. This is because some critical enterprise applications may have compatibility problems with encrypted data.
      Parameters:
      value - Value to set for the exemptApps property.

    • setIconsVisible

      public void setIconsVisible(@Nullable Boolean value)
      Sets the iconsVisible property value. Determines whether overlays are added to icons for WIP protected files in Explorer and enterprise only app tiles in the Start menu. Starting in Windows 10, version 1703 this setting also configures the visibility of the WIP icon in the title bar of a WIP-protected app
      Parameters:
      value - Value to set for the iconsVisible property.

    • setIndexingEncryptedStoresOrItemsBlocked

      public void setIndexingEncryptedStoresOrItemsBlocked(@Nullable Boolean value)
      Sets the indexingEncryptedStoresOrItemsBlocked property value. This switch is for the Windows Search Indexer, to allow or disallow indexing of items
      Parameters:
      value - Value to set for the indexingEncryptedStoresOrItemsBlocked property.

    • setIsAssigned

      public void setIsAssigned(@Nullable Boolean value)
      Sets the isAssigned property value. Indicates if the policy is deployed to any inclusion groups or not.
      Parameters:
      value - Value to set for the isAssigned property.

    • setNeutralDomainResources

      public void setNeutralDomainResources(@Nullable List<WindowsInformationProtectionResourceCollection> value)
      Sets the neutralDomainResources property value. List of domain names that can used for work or personal resource
      Parameters:
      value - Value to set for the neutralDomainResources property.

    • setProtectedAppLockerFiles

      public void setProtectedAppLockerFiles(@Nullable List<WindowsInformationProtectionAppLockerFile> value)
      Sets the protectedAppLockerFiles property value. Another way to input protected apps through xml files
      Parameters:
      value - Value to set for the protectedAppLockerFiles property.

    • setProtectedApps

      public void setProtectedApps(@Nullable List<WindowsInformationProtectionApp> value)
      Sets the protectedApps property value. Protected applications can access enterprise data and the data handled by those applications are protected with encryption
      Parameters:
      value - Value to set for the protectedApps property.

    • setProtectionUnderLockConfigRequired

      public void setProtectionUnderLockConfigRequired(@Nullable Boolean value)
      Sets the protectionUnderLockConfigRequired property value. Specifies whether the protection under lock feature (also known as encrypt under pin) should be configured
      Parameters:
      value - Value to set for the protectionUnderLockConfigRequired property.

    • setRevokeOnUnenrollDisabled

      public void setRevokeOnUnenrollDisabled(@Nullable Boolean value)
      Sets the revokeOnUnenrollDisabled property value. This policy controls whether to revoke the WIP keys when a device unenrolls from the management service. If set to 1 (Don't revoke keys), the keys will not be revoked and the user will continue to have access to protected files after unenrollment. If the keys are not revoked, there will be no revoked file cleanup subsequently.
      Parameters:
      value - Value to set for the revokeOnUnenrollDisabled property.

    • setRightsManagementServicesTemplateId

      public void setRightsManagementServicesTemplateId(@Nullable UUID value)
      Sets the rightsManagementServicesTemplateId property value. TemplateID GUID to use for RMS encryption. The RMS template allows the IT admin to configure the details about who has access to RMS-protected file and how long they have access
      Parameters:
      value - Value to set for the rightsManagementServicesTemplateId property.

    • setSmbAutoEncryptedFileExtensions

      public void setSmbAutoEncryptedFileExtensions(@Nullable List<WindowsInformationProtectionResourceCollection> value)
      Sets the smbAutoEncryptedFileExtensions property value. Specifies a list of file extensions, so that files with these extensions are encrypted when copying from an SMB share within the corporate boundary
      Parameters:
      value - Value to set for the smbAutoEncryptedFileExtensions property.