EasClientSecurityPolicy EasClientSecurityPolicy EasClientSecurityPolicy Class

Definition

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Modern mail apps evaluate and apply the EAS security policies. An EasClientSecurityPolicy object is constructed by the caller app to set policies received from the Exchange server or application.

public sealed class EasClientSecurityPolicy : IEasClientSecurityPolicypublic sealed class EasClientSecurityPolicy : IEasClientSecurityPolicyPublic NotInheritable Class EasClientSecurityPolicy Implements IEasClientSecurityPolicy
Attributes
Windows 10 requirements
Device family
Windows Desktop Extension SDK (introduced v10.0.10240.0)
API contract
Windows.Security.ExchangeActiveSyncProvisioning.EasContract (introduced v1)

Remarks

All of the property values for this class can be retrieved using get() only if the property values are previously set. Getting a policy value without previously setting it will result in HRESULT_FROM_WIN32(ERROR_NO_DATA) returned from the get() call.

Constructors

EasClientSecurityPolicy() EasClientSecurityPolicy() EasClientSecurityPolicy()

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Creates an instance of an object that allows the caller app to set policies received from the Exchange server for evaluation or application.

public EasClientSecurityPolicy()public EasClientSecurityPolicy()Public Sub New()
Attributes

Properties

DisallowConvenienceLogon DisallowConvenienceLogon DisallowConvenienceLogon

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or sets the ability to prevent convenience logons. DisallowConvenienceLogon is not defined in MS-ASPROV. It is mapped from MS-ASPROV AllowSimplePassword with respect to the Windows password policies.

When DevicePasswordEnabled is equal to TRUE, if AllowSimplePassword is TRUE, then DisallowConvenienceLogon should be set to FALSE. If AllowSimplePassword is FALSE, then DisallowConvenienceLogon should be set to TRUE.

public bool DisallowConvenienceLogon { get; set; }public bool DisallowConvenienceLogon { get; set; }Public ReadWrite Property DisallowConvenienceLogon As bool
Value
bool bool bool

TRUE prevents convenience logons.

Attributes

MaxInactivityTimeLock MaxInactivityTimeLock MaxInactivityTimeLock

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or sets the maximum length of time the computer can remain inactive before it is locked. The MS-ASPROV name is MaxInactivityTimeDeviceLock.

public TimeSpan MaxInactivityTimeLock { get; set; }public TimeSpan MaxInactivityTimeLock { get; set; }Public ReadWrite Property MaxInactivityTimeLock As TimeSpan
Value
TimeSpan TimeSpan TimeSpan

The length of time allows for inactivity before the computer is locked.

Attributes

MaxPasswordFailedAttempts MaxPasswordFailedAttempts MaxPasswordFailedAttempts

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or sets the maximum number of failed password attempts for logging on. The MS-ASPROV name is MaxDevicePasswordFailedAttempts.

The MaxPasswordFailedAttempts property is superseded by the MS-ASPROV DevicePasswordEnabled policy. If the caller received DevicePasswordEnabled equal to FALSE, do not set the MaxPasswordFailedAttempts property for evaluation or application. If the caller received DevicePasswordEnabled equal to TRUE, you can set the MaxPasswordFailedAttempts property for evaluation or application.

public byte MaxPasswordFailedAttempts { get; set; }public byte MaxPasswordFailedAttempts { get; set; }Public ReadWrite Property MaxPasswordFailedAttempts As byte
Value
byte byte byte

The range is between 4 and 16.

Attributes

MinPasswordComplexCharacters MinPasswordComplexCharacters MinPasswordComplexCharacters

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or sets the minimum number of complex characters that are required for a password. The MS-ASPROV name is MinDevicePasswordComplexCharacters.

If the caller app receives MS-ASPROV AlphanumericDevicePasswordRequired equal to TRUE, then MinPasswordComplexCharacters must be set to be equal or greater than 2 for evaluation and application.

The MinPasswordComplexCharacters property is superseded by the MS-ASPROV DevicePasswordEnabled policy. If the caller received DevicePasswordEnabled equal to FALSE, do not set the MinPasswordComplexCharacters property for evaluation or application. If the caller received DevicePasswordEnabled equal to TRUE, you can set the MinPasswordComplexCharacters property for evaluation or application.

public byte MinPasswordComplexCharacters { get; set; }public byte MinPasswordComplexCharacters { get; set; }Public ReadWrite Property MinPasswordComplexCharacters As byte
Value
byte byte byte

The range is between 1 and 4.

Attributes

MinPasswordLength MinPasswordLength MinPasswordLength

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or set the minimum length of password allowed. The MS-ASPROV name is MinPasswordLength.

The MinPasswordLength property is superseded by the MS-ASPROV DevicePasswordEnabled policy. If the caller received DevicePasswordEnabled equal to FALSE, do not set the MinPasswordLength property for evaluation or application. If the caller received DevicePasswordEnabled equal to TRUE, you can set the MinPasswordLength property for evaluation or application.

public byte MinPasswordLength { get; set; }public byte MinPasswordLength { get; set; }Public ReadWrite Property MinPasswordLength As byte
Value
byte byte byte

The range is between 1 and 16.

Attributes

PasswordExpiration PasswordExpiration PasswordExpiration

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or set the length of time that a password is valid. The MS-ASPROV name is DevicePasswordExpiration.

The PasswordExpiration property is superseded by the MS-ASPROV DevicePasswordEnabled policy. If the caller received DevicePasswordEnabled equal to FALSE, do not set the PasswordExpiration property for evaluation or application. If the caller received DevicePasswordEnabled equal to TRUE, you can set the PasswordExpiration property for evaluation or application.

public TimeSpan PasswordExpiration { get; set; }public TimeSpan PasswordExpiration { get; set; }Public ReadWrite Property PasswordExpiration As TimeSpan
Value
TimeSpan TimeSpan TimeSpan

The length of time before the password expires and must be reset.

Attributes

PasswordHistory PasswordHistory PasswordHistory

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or set the password information previously used. The MS-ASPROV name is DevicePasswordHistory.

The PasswordHistory property is superseded by the MS-ASPROV DevicePasswordEnabled policy. If the caller received DevicePasswordEnabled equal to FALSE, do not set the PasswordHistory property for evaluation or application. If the caller received DevicePasswordEnabled equal to TRUE, you can set the PasswordHistory property for evaluation or application.

public uint PasswordHistory { get; set; }public uint PasswordHistory { get; set; }Public ReadWrite Property PasswordHistory As uint
Value
uint uint uint

The password information that was previously used.

Attributes

RequireEncryption RequireEncryption RequireEncryption

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Gets or sets whether encryption is required. The MS-ASPROV name is RequireDeviceEncryption.

public bool RequireEncryption { get; set; }public bool RequireEncryption { get; set; }Public ReadWrite Property RequireEncryption As bool
Value
bool bool bool

TRUE means encryption is required.

Attributes

Methods

ApplyAsync() ApplyAsync() ApplyAsync()

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Applies the EAS policies in asynchronous mode once the user consents.ApplyAsync is called by a Windows Store app for mail any time the app wants to make the local computer compliant.

public IAsyncOperation<EasComplianceResults> ApplyAsync()public IAsyncOperation<EasComplianceResults> ApplyAsync()Public Function ApplyAsync() As IAsyncOperation( Of EasComplianceResults )
Returns

Returns the evaluation of the callback results, in asynchronous mode, back to the calling app.

Attributes

CheckCompliance() CheckCompliance() CheckCompliance()

Note

EasClientSecurityPolicy may be unavailable for releases after Windows 10.

Evaluates the EAS policies.CheckCompliance is called by a Windows Store app for mail any time the app wants to evaluate whether the local computer is compliant to the given EAS policies. Because this call doesn't involve any UI interactions, it is a synchronous call.

public EasComplianceResults CheckCompliance()public EasComplianceResults CheckCompliance()Public Function CheckCompliance() As EasComplianceResults
Returns

Returns the results of the compliance check, in synchronous mode.

Attributes