创建 windowsInformationProtectionPolicyCreate windowsInformationProtectionPolicy

命名空间:microsoft.graphNamespace: microsoft.graph

注意: 适用于 Intune 的 Microsoft Graph API 需要适用于租户的活动 Intune 许可证Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant.

创建新的 windowsInformationProtectionPolicy 对象。Create a new windowsInformationProtectionPolicy object.

先决条件Prerequisites

要调用此 API,需要以下权限之一。要了解详细信息,包括如何选择权限的信息,请参阅权限One of the following permissions is required to call this API. To learn more, including how to choose permissions, see Permissions.

权限类型Permission type 权限(从最高特权到最低特权)Permissions (from most to least privileged)
委派(工作或学校帐户)Delegated (work or school account) DeviceManagementApps.ReadWrite.AllDeviceManagementApps.ReadWrite.All
委派(个人 Microsoft 帐户)Delegated (personal Microsoft account) 不支持。Not supported.
应用程序Application 不支持。Not supported.

HTTP 请求HTTP Request

POST /deviceAppManagement/windowsInformationProtectionPolicies

请求标头Request headers

标头Header Value
AuthorizationAuthorization Bearer <token>。必需。Bearer <token> Required.
接受Accept application/jsonapplication/json

请求正文Request body

在请求正文中,提供 windowsInformationProtectionPolicy 对象的 JSON 表示形式。In the request body, supply a JSON representation for the windowsInformationProtectionPolicy object.

下表显示创建 windowsInformationProtectionPolicy 时所需的属性。The following table shows the properties that are required when you create the windowsInformationProtectionPolicy.

属性Property 类型Type 说明Description
displayNamedisplayName 字符串String 策略显示名称。Policy display name. 继承自 managedAppPolicyInherited from managedAppPolicy
descriptiondescription StringString 策略的说明。The policy's description. 继承自 managedAppPolicyInherited from managedAppPolicy
createdDateTimecreatedDateTime DateTimeOffsetDateTimeOffset 创建策略的日期和时间。The date and time the policy was created. 继承自 managedAppPolicyInherited from managedAppPolicy
lastModifiedDateTimelastModifiedDateTime DateTimeOffsetDateTimeOffset 上次修改策略的时间。Last time the policy was modified. 继承自 managedAppPolicyInherited from managedAppPolicy
idid 字符串String 实体的键。Key of the entity. 继承自 managedAppPolicyInherited from managedAppPolicy
versionversion StringString 实体的版本。Version of the entity. 继承自 managedAppPolicyInherited from managedAppPolicy
enforcementLevelenforcementLevel windowsInformationProtectionEnforcementLevelwindowsInformationProtectionEnforcementLevel WIP 强制等级。若要获取从WindowsInformationProtection继承的受支持值的枚举定义,请参阅。WIP enforcement level.See the Enum definition for supported values Inherited from windowsInformationProtection. 可取值为:noProtectionencryptAndAuditOnlyencryptAuditAndPromptencryptAuditAndBlockPossible values are: noProtection, encryptAndAuditOnly, encryptAuditAndPrompt, encryptAuditAndBlock.
enterpriseDomainenterpriseDomain StringString 主企业域。继承自 windowsInformationProtectionPrimary enterprise domain Inherited from windowsInformationProtection
enterpriseProtectedDomainNamesenterpriseProtectedDomainNames windowsInformationProtectionResourceCollection 集合windowsInformationProtectionResourceCollection collection 要保护的企业域列表。继承自 windowsInformationProtectionList of enterprise domains to be protected Inherited from windowsInformationProtection
protectionUnderLockConfigRequiredprotectionUnderLockConfigRequired BooleanBoolean 指定是否应配置锁定功能下的保护(也称为 PIN 下的加密)。继承自 windowsInformationProtectionSpecifies whether the protection under lock feature (also known as encrypt under pin) should be configured Inherited from windowsInformationProtection
dataRecoveryCertificatedataRecoveryCertificate windowsInformationProtectionDataRecoveryCertificatewindowsInformationProtectionDataRecoveryCertificate 指定可用于加密文件数据恢复的恢复证书。Specifies a recovery certificate that can be used for data recovery of encrypted files. 这与用于加密文件系统 (EFS) 的数据恢复代理 (DRA) 证书相同。继承自 windowsInformationProtectionThis is the same as the data recovery agent(DRA) certificate for encrypting file system(EFS) Inherited from windowsInformationProtection
revokeOnUnenrollDisabledrevokeOnUnenrollDisabled BooleanBoolean 此策略控制设备从管理服务中取消注册时是否撤销 WIP 密钥。This policy controls whether to revoke the WIP keys when a device unenrolls from the management service. 如果设置为 1(不撤销密钥),则不会撤销密钥,并且用户在取消注册后可继续访问受保护的文件。If set to 1 (Don't revoke keys), the keys will not be revoked and the user will continue to have access to protected files after unenrollment. 如果未撤销密钥,随后将不会撤销文件清除。If the keys are not revoked, there will be no revoked file cleanup subsequently. 继承自 windowsInformationProtectionInherited from windowsInformationProtection
rightsManagementServicesTemplateIdrightsManagementServicesTemplateId GuidGuid 用于 RMS 加密的 TemplateID GUID。TemplateID GUID to use for RMS encryption. RMS 模板允许 IT 管理员配置有关谁有权访问受 RMS 保护的文件以及他们可以访问多长时间的详细信息。继承自 windowsInformationProtectionThe RMS template allows the IT admin to configure the details about who has access to RMS-protected file and how long they have access Inherited from windowsInformationProtection
azureRightsManagementServicesAllowedazureRightsManagementServicesAllowed BooleanBoolean 指定是否允许 WIP 使用 Azure RMS 加密。继承自 windowsInformationProtectionSpecifies whether to allow Azure RMS encryption for WIP Inherited from windowsInformationProtection
iconsVisibleiconsVisible BooleanBoolean 确定是否在“开始”菜单的资源管理器和仅企业应用磁贴中向受 WIP 保护的文件的图标添加覆盖图。Determines whether overlays are added to icons for WIP protected files in Explorer and enterprise only app tiles in the Start menu. 从 Windows 10 版本 1703 开始,此设置还配置 WIP 图标在受 WIP 保护的应用的标题栏中的可见性。继承自 windowsInformationProtectionStarting in Windows 10, version 1703 this setting also configures the visibility of the WIP icon in the title bar of a WIP-protected app Inherited from windowsInformationProtection
protectedAppsprotectedApps windowsInformationProtectionApp 集合windowsInformationProtectionApp collection 受保护的应用程序可以访问企业数据,并且由这些应用程序处理的数据受加密保护。继承自 windowsInformationProtectionProtected applications can access enterprise data and the data handled by those applications are protected with encryption Inherited from windowsInformationProtection
exemptAppsexemptApps windowsInformationProtectionApp 集合windowsInformationProtectionApp collection 豁免应用程序还可以访问企业数据,但由这些应用程序处理的数据不受保护。Exempt applications can also access enterprise data, but the data handled by those applications are not protected. 这是因为一些关键的企业应用程序可能与加密数据存在兼容性问题。This is because some critical enterprise applications may have compatibility problems with encrypted data. 继承自 windowsInformationProtectionInherited from windowsInformationProtection
enterpriseNetworkDomainNamesenterpriseNetworkDomainNames windowsInformationProtectionResourceCollection 集合windowsInformationProtectionResourceCollection collection 这是构成企业边界的域列表。This is the list of domains that comprise the boundaries of the enterprise. 发送到某设备的来自这些域之一的数据将被视为企业数据并受到保护。这些位置将被视为共享企业数据的安全目标。继承自 windowsInformationProtectionData from one of these domains that is sent to a device will be considered enterprise data and protected These locations will be considered a safe destination for enterprise data to be shared to Inherited from windowsInformationProtection
enterpriseProxiedDomainsenterpriseProxiedDomains windowsInformationProtectionProxiedDomainCollection 集合windowsInformationProtectionProxiedDomainCollection collection 包含需要保护的托管在云中的企业资源域列表。Contains a list of Enterprise resource domains hosted in the cloud that need to be protected. 与这些资源的连接被视为企业数据。Connections to these resources are considered enterprise data. 如果代理与云资源配对,则到云资源的流量将通过表示的代理服务器(在端口 80 上)通过企业网络进行路由。If a proxy is paired with a cloud resource, traffic to the cloud resource will be routed through the enterprise network via the denoted proxy server (on Port 80). 用于此目的的代理服务器也必须使用 EnterpriseInternalProxyServers 策略进行配置。继承自 windowsInformationProtectionA proxy server used for this purpose must also be configured using the EnterpriseInternalProxyServers policy Inherited from windowsInformationProtection
enterpriseIPRangesenterpriseIPRanges windowsInformationProtectionIPRangeCollection 集合windowsInformationProtectionIPRangeCollection collection 设置定义企业网络中计算机的企业 IP 范围。Sets the enterprise IP ranges that define the computers in the enterprise network. 来自这些计算机的数据将被视为企业的一部分并受保护。Data that comes from those computers will be considered part of the enterprise and protected. 这些位置将被视为共享企业数据的安全目标。继承自 windowsInformationProtectionThese locations will be considered a safe destination for enterprise data to be shared to Inherited from windowsInformationProtection
enterpriseIPRangesAreAuthoritativeenterpriseIPRangesAreAuthoritative BooleanBoolean 用于通知客户端接受已配置的列表,并且不使用启发式方法来尝试查找其他子网的布尔值。Boolean value that tells the client to accept the configured list and not to use heuristics to attempt to find other subnets. 默认值为 false。继承自 windowsInformationProtectionDefault is false Inherited from windowsInformationProtection
enterpriseProxyServersenterpriseProxyServers windowsInformationProtectionResourceCollection 集合windowsInformationProtectionResourceCollection collection 这是代理服务器的列表。This is a list of proxy servers. 任何不在此列表中的服务器都被视为非企业服务器。继承自 windowsInformationProtectionAny server not on this list is considered non-enterprise Inherited from windowsInformationProtection
enterpriseInternalProxyServersenterpriseInternalProxyServers windowsInformationProtectionResourceCollection 集合windowsInformationProtectionResourceCollection collection 这是逗号分隔的内部代理服务器列表。This is the comma-separated list of internal proxy servers. 例如,“157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59”。For example, "157.54.14.28, 157.54.11.118, 10.202.14.167, 157.53.14.163, 157.69.210.59". 这些代理已由管理员配置为连接到 Internet 上的特定资源。These proxies have been configured by the admin to connect to specific resources on the Internet. 它们被视为企业版网络位置。They are considered to be enterprise network locations. 仅在配置 EnterpriseProxiedDomains 策略时利用代理,强制流量通过这些代理传输到匹配的域。继承自 windowsInformationProtectionThe proxies are only leveraged in configuring the EnterpriseProxiedDomains policy to force traffic to the matched domains through these proxies Inherited from windowsInformationProtection
enterpriseProxyServersAreAuthoritativeenterpriseProxyServersAreAuthoritative BooleanBoolean 用于通知客户端接受已配置的代理列表,并且不尝试检测其他工作代理的布尔值。Boolean value that tells the client to accept the configured list of proxies and not try to detect other work proxies. 默认值为 false。继承自 windowsInformationProtectionDefault is false Inherited from windowsInformationProtection
neutralDomainResourcesneutralDomainResources windowsInformationProtectionResourceCollection 集合windowsInformationProtectionResourceCollection collection 可用于工作或个人资源的域名列表。继承自 windowsInformationProtectionList of domain names that can used for work or personal resource Inherited from windowsInformationProtection
indexingEncryptedStoresOrItemsBlockedindexingEncryptedStoresOrItemsBlocked BooleanBoolean 此开关用于 Windows Search 索引器,以允许或禁止建立项目索引。继承自 windowsInformationProtectionThis switch is for the Windows Search Indexer, to allow or disallow indexing of items Inherited from windowsInformationProtection
smbAutoEncryptedFileExtensionssmbAutoEncryptedFileExtensions windowsInformationProtectionResourceCollection 集合windowsInformationProtectionResourceCollection collection 指定文件扩展名列表,以便从公司边界内的 SMB 共享复制时加密具有这些扩展名的文件。继承自 windowsInformationProtectionSpecifies a list of file extensions, so that files with these extensions are encrypted when copying from an SMB share within the corporate boundary Inherited from windowsInformationProtection
isAssignedisAssigned BooleanBoolean 指示策略是否部署到任何包含组。Indicates if the policy is deployed to any inclusion groups or not. 继承自 windowsInformationProtectionInherited from windowsInformationProtection
revokeOnMdmHandoffDisabledrevokeOnMdmHandoffDisabled BooleanBoolean RS2 中的新属性,待定文档New property in RS2, pending documentation
mdmEnrollmentUrlmdmEnrollmentUrl StringString MDM 的注册 URLEnrollment url for the MDM
windowsHelloForBusinessBlockedwindowsHelloForBusinessBlocked BooleanBoolean 将 Windows Hello 企业版设置为登录 Windows 的方法的布尔值。Boolean value that sets Windows Hello for Business as a method for signing into Windows.
pinMinimumLengthpinMinimumLength Int32Int32 整数值,用于设置 PIN 所需的最少字符数。Integer value that sets the minimum number of characters required for the PIN. 默认值为 4。Default value is 4. 可以为此策略设置配置的最小数量为 4。The lowest number you can configure for this policy setting is 4. 可以配置的最大数量必须小于最大 PIN 长度策略设置中配置的数量或 127(以最低者为准)。The largest number you can configure must be less than the number configured in the Maximum PIN length policy setting or the number 127, whichever is the lowest.
pinUppercaseLetterspinUppercaseLetters windowsInformationProtectionPinCharacterRequirementswindowsInformationProtectionPinCharacterRequirements 整数值,用于配置 Windows Hello 企业版 PIN 中的大写字母的使用。Integer value that configures the use of uppercase letters in the Windows Hello for Business PIN. 默认值为 NotAllow。Default is NotAllow. 可取值为:notAllowrequireAtLeastOneallowPossible values are: notAllow, requireAtLeastOne, allow.
pinLowercaseLetterspinLowercaseLetters windowsInformationProtectionPinCharacterRequirementswindowsInformationProtectionPinCharacterRequirements 整数值,用于配置 Windows Hello 企业版 PIN 中的小写字母的使用。Integer value that configures the use of lowercase letters in the Windows Hello for Business PIN. 默认值为 NotAllow。Default is NotAllow. 可取值为:notAllowrequireAtLeastOneallowPossible values are: notAllow, requireAtLeastOne, allow.
pinSpecialCharacterspinSpecialCharacters windowsInformationProtectionPinCharacterRequirementswindowsInformationProtectionPinCharacterRequirements 整数值,用于配置 Windows Hello 企业版 PIN 中的特殊字母的使用。Integer value that configures the use of special characters in the Windows Hello for Business PIN. Windows Hello 企业版 PIN 手势的有效特殊字符包括:!Valid special characters for Windows Hello for Business PIN gestures include: ! " # $ % & ' ( ) * + , - ." # $ % & ' ( ) * + , - . / : ; < = > ?/ : ; < = > ? @ [ \ ]^ _ ` { } ~. @ [ \ ] ^ _ ` { } ~. 默认值为 NotAllow。Default is NotAllow. 可取值为:notAllowrequireAtLeastOneallowPossible values are: notAllow, requireAtLeastOne, allow.
pinExpirationDayspinExpirationDays Int32Int32 整数值指定在系统要求用户更改 PIN 之前可以使用 PIN 的时间段(以天为单位)。Integer value specifies the period of time (in days) that a PIN can be used before the system requires the user to change it. 可以为此策略设置配置的最大数量为 730。The largest number you can configure for this policy setting is 730. 可以为此策略设置配置的最小数量为 0。The lowest number you can configure for this policy setting is 0. 如果此策略设置为 0,则用户的 PIN 永远不会过期。If this policy is set to 0, then the user's PIN will never expire. 此节点在 Windows 10 版本 1511 中添加。This node was added in Windows 10, version 1511. 默认值为 0。Default is 0.
numberOfPastPinsRememberednumberOfPastPinsRemembered Int32Int32 整数值,用于指定可以关联到无法重用的用户帐户的过去 PIN 的数量。Integer value that specifies the number of past PINs that can be associated to a user account that can't be reused. 可以为此策略设置配置的最大数量为 50。The largest number you can configure for this policy setting is 50. 可以为此策略设置配置的最小数量为 0。The lowest number you can configure for this policy setting is 0. 如果此策略设置为 0,则不需要存储以前的 PIN。If this policy is set to 0, then storage of previous PINs is not required. 此节点在 Windows 10 版本 1511 中添加。This node was added in Windows 10, version 1511. 默认值为 0。Default is 0.
passwordMaximumAttemptCountpasswordMaximumAttemptCount Int32Int32 在擦除设备之前允许的身份验证失败次数。The number of authentication failures allowed before the device will be wiped. 值为 0 将禁用设备擦除功能。A value of 0 disables device wipe functionality. 范围是一个整数 X,其中对于台式机 4 <= X <= 16,对于移动设备 0 <= X <= 999。Range is an integer X where 4 <= X <= 16 for desktop and 0 <= X <= 999 for mobile devices.
minutesOfInactivityBeforeDeviceLockminutesOfInactivityBeforeDeviceLock Int32Int32 指定设备闲置后将导致设备变为 PIN 或密码锁定的允许的最长时间(以分钟为单位)。Specifies the maximum amount of time (in minutes) allowed after the device is idle that will cause the device to become PIN or password locked. 范围是整数 X,其中 0 < = X < = 999。Range is an integer X where 0 <= X <= 999.
daysWithoutContactBeforeUnenrolldaysWithoutContactBeforeUnenroll Int32Int32 擦除应用数据之前的脱机间隔时间(天)Offline interval before app data is wiped (days)

响应Response

如果成功,此方法将在响应正文中返回 201 Created 响应代码和 windowsInformationProtectionPolicy 对象。If successful, this method returns a 201 Created response code and a windowsInformationProtectionPolicy object in the response body.

示例Example

请求Request

下面是一个请求示例。Here is an example of the request.

POST https://graph.microsoft.com/v1.0/deviceAppManagement/windowsInformationProtectionPolicies
Content-type: application/json
Content-length: 4405

{
  "@odata.type": "#microsoft.graph.windowsInformationProtectionPolicy",
  "displayName": "Display Name value",
  "description": "Description value",
  "version": "Version value",
  "enforcementLevel": "encryptAndAuditOnly",
  "enterpriseDomain": "Enterprise Domain value",
  "enterpriseProtectedDomainNames": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "protectionUnderLockConfigRequired": true,
  "dataRecoveryCertificate": {
    "@odata.type": "microsoft.graph.windowsInformationProtectionDataRecoveryCertificate",
    "subjectName": "Subject Name value",
    "description": "Description value",
    "expirationDateTime": "2016-12-31T23:57:57.2481234-08:00",
    "certificate": "Y2VydGlmaWNhdGU="
  },
  "revokeOnUnenrollDisabled": true,
  "rightsManagementServicesTemplateId": "abf7b16f-b16f-abf7-6fb1-f7ab6fb1f7ab",
  "azureRightsManagementServicesAllowed": true,
  "iconsVisible": true,
  "protectedApps": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionStoreApp",
      "displayName": "Display Name value",
      "description": "Description value",
      "publisherName": "Publisher Name value",
      "productName": "Product Name value",
      "denied": true
    }
  ],
  "exemptApps": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionStoreApp",
      "displayName": "Display Name value",
      "description": "Description value",
      "publisherName": "Publisher Name value",
      "productName": "Product Name value",
      "denied": true
    }
  ],
  "enterpriseNetworkDomainNames": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "enterpriseProxiedDomains": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionProxiedDomainCollection",
      "displayName": "Display Name value",
      "proxiedDomains": [
        {
          "@odata.type": "microsoft.graph.proxiedDomain",
          "ipAddressOrFQDN": "Ip Address Or FQDN value",
          "proxy": "Proxy value"
        }
      ]
    }
  ],
  "enterpriseIPRanges": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionIPRangeCollection",
      "displayName": "Display Name value",
      "ranges": [
        {
          "@odata.type": "microsoft.graph.iPv6Range",
          "lowerAddress": "Lower Address value",
          "upperAddress": "Upper Address value"
        }
      ]
    }
  ],
  "enterpriseIPRangesAreAuthoritative": true,
  "enterpriseProxyServers": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "enterpriseInternalProxyServers": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "enterpriseProxyServersAreAuthoritative": true,
  "neutralDomainResources": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "indexingEncryptedStoresOrItemsBlocked": true,
  "smbAutoEncryptedFileExtensions": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "isAssigned": true,
  "revokeOnMdmHandoffDisabled": true,
  "mdmEnrollmentUrl": "https://example.com/mdmEnrollmentUrl/",
  "windowsHelloForBusinessBlocked": true,
  "pinMinimumLength": 0,
  "pinUppercaseLetters": "requireAtLeastOne",
  "pinLowercaseLetters": "requireAtLeastOne",
  "pinSpecialCharacters": "requireAtLeastOne",
  "pinExpirationDays": 1,
  "numberOfPastPinsRemembered": 10,
  "passwordMaximumAttemptCount": 11,
  "minutesOfInactivityBeforeDeviceLock": 3,
  "daysWithoutContactBeforeUnenroll": 0
}

响应Response

下面是一个响应示例。注意:为了简单起见,可能会将此处所示的响应对象截断。将从实际调用中返回所有属性。Here is an example of the response. Note: The response object shown here may be truncated for brevity. All of the properties will be returned from an actual call.

HTTP/1.1 201 Created
Content-Type: application/json
Content-Length: 4577

{
  "@odata.type": "#microsoft.graph.windowsInformationProtectionPolicy",
  "displayName": "Display Name value",
  "description": "Description value",
  "createdDateTime": "2017-01-01T00:02:43.5775965-08:00",
  "lastModifiedDateTime": "2017-01-01T00:00:35.1329464-08:00",
  "id": "6397be61-be61-6397-61be-976361be9763",
  "version": "Version value",
  "enforcementLevel": "encryptAndAuditOnly",
  "enterpriseDomain": "Enterprise Domain value",
  "enterpriseProtectedDomainNames": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "protectionUnderLockConfigRequired": true,
  "dataRecoveryCertificate": {
    "@odata.type": "microsoft.graph.windowsInformationProtectionDataRecoveryCertificate",
    "subjectName": "Subject Name value",
    "description": "Description value",
    "expirationDateTime": "2016-12-31T23:57:57.2481234-08:00",
    "certificate": "Y2VydGlmaWNhdGU="
  },
  "revokeOnUnenrollDisabled": true,
  "rightsManagementServicesTemplateId": "abf7b16f-b16f-abf7-6fb1-f7ab6fb1f7ab",
  "azureRightsManagementServicesAllowed": true,
  "iconsVisible": true,
  "protectedApps": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionStoreApp",
      "displayName": "Display Name value",
      "description": "Description value",
      "publisherName": "Publisher Name value",
      "productName": "Product Name value",
      "denied": true
    }
  ],
  "exemptApps": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionStoreApp",
      "displayName": "Display Name value",
      "description": "Description value",
      "publisherName": "Publisher Name value",
      "productName": "Product Name value",
      "denied": true
    }
  ],
  "enterpriseNetworkDomainNames": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "enterpriseProxiedDomains": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionProxiedDomainCollection",
      "displayName": "Display Name value",
      "proxiedDomains": [
        {
          "@odata.type": "microsoft.graph.proxiedDomain",
          "ipAddressOrFQDN": "Ip Address Or FQDN value",
          "proxy": "Proxy value"
        }
      ]
    }
  ],
  "enterpriseIPRanges": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionIPRangeCollection",
      "displayName": "Display Name value",
      "ranges": [
        {
          "@odata.type": "microsoft.graph.iPv6Range",
          "lowerAddress": "Lower Address value",
          "upperAddress": "Upper Address value"
        }
      ]
    }
  ],
  "enterpriseIPRangesAreAuthoritative": true,
  "enterpriseProxyServers": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "enterpriseInternalProxyServers": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "enterpriseProxyServersAreAuthoritative": true,
  "neutralDomainResources": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "indexingEncryptedStoresOrItemsBlocked": true,
  "smbAutoEncryptedFileExtensions": [
    {
      "@odata.type": "microsoft.graph.windowsInformationProtectionResourceCollection",
      "displayName": "Display Name value",
      "resources": [
        "Resources value"
      ]
    }
  ],
  "isAssigned": true,
  "revokeOnMdmHandoffDisabled": true,
  "mdmEnrollmentUrl": "https://example.com/mdmEnrollmentUrl/",
  "windowsHelloForBusinessBlocked": true,
  "pinMinimumLength": 0,
  "pinUppercaseLetters": "requireAtLeastOne",
  "pinLowercaseLetters": "requireAtLeastOne",
  "pinSpecialCharacters": "requireAtLeastOne",
  "pinExpirationDays": 1,
  "numberOfPastPinsRemembered": 10,
  "passwordMaximumAttemptCount": 11,
  "minutesOfInactivityBeforeDeviceLock": 3,
  "daysWithoutContactBeforeUnenroll": 0
}