Create windowsWiredNetworkConfiguration
Namespace: microsoft.graph
Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported.
Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.
Create a new windowsWiredNetworkConfiguration object.
This API is available in the following national cloud deployments.
| Global service | US Government L4 | US Government L5 (DOD) | China operated by 21Vianet |
|---|---|---|---|
| ✅ | ✅ | ✅ | ✅ |
Permissions
One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | DeviceManagementConfiguration.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
| Application | DeviceManagementConfiguration.ReadWrite.All |
HTTP Request
POST /deviceManagement/deviceConfigurations
POST /deviceManagement/deviceConfigurations/{deviceConfigurationId}/microsoft.graph.windowsDomainJoinConfiguration/networkAccessConfigurations
Request headers
| Header | Value |
|---|---|
| Authorization | Bearer {token}. Required. Learn more about authentication and authorization. |
| Accept | application/json |
Request body
In the request body, supply a JSON representation for the windowsWiredNetworkConfiguration object.
The following table shows the properties that are required when you create the windowsWiredNetworkConfiguration.
| Property | Type | Description |
|---|---|---|
| id | String | Key of the entity. Inherited from deviceConfiguration |
| lastModifiedDateTime | DateTimeOffset | DateTime the object was last modified. Inherited from deviceConfiguration |
| roleScopeTagIds | String collection | List of Scope Tags for this Entity instance. Inherited from deviceConfiguration |
| supportsScopeTags | Boolean | Indicates whether or not the underlying Device Configuration supports the assignment of scope tags. Assigning to the ScopeTags property is not allowed when this value is false and entities will not be visible to scoped users. This occurs for Legacy policies created in Silverlight and can be resolved by deleting and recreating the policy in the Azure Portal. This property is read-only. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsEdition | deviceManagementApplicabilityRuleOsEdition | The OS edition applicability for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleOsVersion | deviceManagementApplicabilityRuleOsVersion | The OS version applicability rule for this Policy. Inherited from deviceConfiguration |
| deviceManagementApplicabilityRuleDeviceMode | deviceManagementApplicabilityRuleDeviceMode | The device mode applicability rule for this Policy. Inherited from deviceConfiguration |
| createdDateTime | DateTimeOffset | DateTime the object was created. Inherited from deviceConfiguration |
| description | String | Admin provided description of the Device Configuration. Inherited from deviceConfiguration |
| displayName | String | Admin provided name of the device configuration. Inherited from deviceConfiguration |
| version | Int32 | Version of the device configuration. Inherited from deviceConfiguration |
| authenticationType | wiredNetworkAuthenticationType | Specify whether to authenticate the user, the device, either, or to use guest authentication (none). If you're using certificate authentication, make sure the certificate type matches the authentication type. Possible values are: none, user, machine, machineOrUser, guest. Possible values are: none, user, machine, machineOrUser, guest, unknownFutureValue. |
| cacheCredentials | Boolean | When TRUE, caches user credentials on the device so that users don't need to keep entering them each time they connect. When FALSE, do not cache credentials. Default value is FALSE. |
| authenticationPeriodInSeconds | Int32 | Specify the number of seconds for the client to wait after an authentication attempt before failing. Valid range 1-3600. |
| authenticationRetryDelayPeriodInSeconds | Int32 | Specify the number of seconds between a failed authentication and the next authentication attempt. Valid range 1-3600. |
| eapolStartPeriodInSeconds | Int32 | Specify the number of seconds to wait before sending an EAPOL (Extensible Authentication Protocol over LAN) Start message. Valid range 1-3600. |
| maximumEAPOLStartMessages | Int32 | Specify the maximum number of EAPOL (Extensible Authentication Protocol over LAN) Start messages to be sent before returning failure. Valid range 1-100. |
| maximumAuthenticationFailures | Int32 | Specify the maximum authentication failures allowed for a set of credentials. Valid range 1-100. |
| enforce8021X | Boolean | When TRUE, the automatic configuration service for wired networks requires the use of 802.1X for port authentication. When FALSE, 802.1X is not required. Default value is FALSE. |
| authenticationBlockPeriodInMinutes | Int32 | Specify the duration for which automatic authentication attempts will be blocked from occuring after a failed authentication attempt. |
| eapType | eapType | Extensible Authentication Protocol (EAP). Indicates the type of EAP protocol set on the Wi-Fi endpoint (router). Possible values are: eapTls, leap, eapSim, eapTtls, peap, eapFast, teap. Possible values are: eapTls, leap, eapSim, eapTtls, peap, eapFast, teap. |
| trustedServerCertificateNames | String collection | Specify trusted server certificate names. |
| authenticationMethod | wiredNetworkAuthenticationMethod | Specify the authentication method. Possible values are: certificate, usernameAndPassword, derivedCredential. Possible values are: certificate, usernameAndPassword, derivedCredential, unknownFutureValue. |
| secondaryAuthenticationMethod | wiredNetworkAuthenticationMethod | Specify the secondary authentication method. Possible values are: certificate, usernameAndPassword, derivedCredential. Possible values are: certificate, usernameAndPassword, derivedCredential, unknownFutureValue. |
| innerAuthenticationProtocolForEAPTTLS | nonEapAuthenticationMethodForEapTtlsType | Specify inner authentication protocol for EAP TTLS. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, microsoftChapVersionTwo. Possible values are: unencryptedPassword, challengeHandshakeAuthenticationProtocol, microsoftChap, microsoftChapVersionTwo. |
| outerIdentityPrivacyTemporaryValue | String | Specify the string to replace usernames for privacy when using EAP TTLS or PEAP. |
| performServerValidation | Boolean | When TRUE, enables verification of server's identity by validating the certificate when EAP type is selected as PEAP. When FALSE, the certificate is not validated. Default value is TRUE. |
| disableUserPromptForServerValidation | Boolean | When TRUE, prevents the user from being prompted to authorize new servers for trusted certification authorities when EAP type is selected as PEAP. When FALSE, does not prevent the user from being prompted. Default value is FALSE. |
| requireCryptographicBinding | Boolean | When TRUE, enables cryptographic binding when EAP type is selected as PEAP. When FALSE, does not enable cryptogrpahic binding. Default value is TRUE. |
| forceFIPSCompliance | Boolean | When TRUE, forces FIPS compliance. When FALSE, does not enable FIPS compliance. Default value is FALSE. |
Response
If successful, this method returns a 201 Created response code and a windowsWiredNetworkConfiguration object in the response body.
Example
Request
Here is an example of the request.
POST https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations
Content-type: application/json
Content-length: 1920
{
"@odata.type": "#microsoft.graph.windowsWiredNetworkConfiguration",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"windows10EnterpriseN"
],
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "Min OSVersion value",
"maxOSVersion": "Max OSVersion value",
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "sModeConfiguration",
"name": "Name value",
"ruleType": "exclude"
},
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"authenticationType": "user",
"cacheCredentials": true,
"authenticationPeriodInSeconds": 13,
"authenticationRetryDelayPeriodInSeconds": 7,
"eapolStartPeriodInSeconds": 9,
"maximumEAPOLStartMessages": 9,
"maximumAuthenticationFailures": 13,
"enforce8021X": true,
"authenticationBlockPeriodInMinutes": 2,
"eapType": "leap",
"trustedServerCertificateNames": [
"Trusted Server Certificate Names value"
],
"authenticationMethod": "usernameAndPassword",
"secondaryAuthenticationMethod": "usernameAndPassword",
"innerAuthenticationProtocolForEAPTTLS": "challengeHandshakeAuthenticationProtocol",
"outerIdentityPrivacyTemporaryValue": "Outer Identity Privacy Temporary Value value",
"performServerValidation": true,
"disableUserPromptForServerValidation": true,
"requireCryptographicBinding": true,
"forceFIPSCompliance": true
}
Response
Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.
HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 2092
{
"@odata.type": "#microsoft.graph.windowsWiredNetworkConfiguration",
"id": "ec132acd-2acd-ec13-cd2a-13eccd2a13ec",
"lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
"roleScopeTagIds": [
"Role Scope Tag Ids value"
],
"supportsScopeTags": true,
"deviceManagementApplicabilityRuleOsEdition": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsEdition",
"osEditionTypes": [
"windows10EnterpriseN"
],
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleOsVersion": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleOsVersion",
"minOSVersion": "Min OSVersion value",
"maxOSVersion": "Max OSVersion value",
"name": "Name value",
"ruleType": "exclude"
},
"deviceManagementApplicabilityRuleDeviceMode": {
"@odata.type": "microsoft.graph.deviceManagementApplicabilityRuleDeviceMode",
"deviceMode": "sModeConfiguration",
"name": "Name value",
"ruleType": "exclude"
},
"createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
"description": "Description value",
"displayName": "Display Name value",
"version": 7,
"authenticationType": "user",
"cacheCredentials": true,
"authenticationPeriodInSeconds": 13,
"authenticationRetryDelayPeriodInSeconds": 7,
"eapolStartPeriodInSeconds": 9,
"maximumEAPOLStartMessages": 9,
"maximumAuthenticationFailures": 13,
"enforce8021X": true,
"authenticationBlockPeriodInMinutes": 2,
"eapType": "leap",
"trustedServerCertificateNames": [
"Trusted Server Certificate Names value"
],
"authenticationMethod": "usernameAndPassword",
"secondaryAuthenticationMethod": "usernameAndPassword",
"innerAuthenticationProtocolForEAPTTLS": "challengeHandshakeAuthenticationProtocol",
"outerIdentityPrivacyTemporaryValue": "Outer Identity Privacy Temporary Value value",
"performServerValidation": true,
"disableUserPromptForServerValidation": true,
"requireCryptographicBinding": true,
"forceFIPSCompliance": true
}
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for