This documentation is for WSO2 Enterprise Mobility Manager 2.1.0. View documentation for the latest release.
Resource Definition to Add a Windows Policy - Enterprise Mobility Manager 2.1.0 - WSO2 Documentation
||
Skip to end of metadata
Go to start of metadata

A sample resource definition, together with details on the information that is added in the JSON are as follows:

Sample definition JSON to add a policy

The following are sample configurations that can be used in a JSON to add a policy on Windows devices:

{
	"policyName": "TEST",
	"compliance": "enforce",
	"ownershipType": "BYOD",
	"profile": {
    	"profileName": "TEST",
    	"deviceType": {
        	"id": 2
    	},
    	"profileFeaturesList": [
        	{
             	"featureCode": "PASSCODE_POLICY",
             	"deviceTypeId": 2,
             	"content": {
                 	"allowSimple": true,
                 	"requireAlphanumeric": true,
                 	"minLength": "4",
                 	"minComplexChars": "1",
                 	"maxPINAgeInDays": "2",
                 	"pinHistory": "2",
                 	"maxFailedAttempts": "9",
                 	"enablePassword": "true"
             	}

        	}

    	]
	},
	"roles": [
    	"ANY"
	]
}
{
	"policyName": "TEST",
	"compliance": "enforce",
	"ownershipType": "BYOD",
	"profile": {
    	"profileName": "TEST",
    	"deviceType": {
        	"id": 2
    	},
    	"profileFeaturesList": [
        	{
            	"featureCode": "CAMERA",
            	"deviceTypeId": 2,
            	"content": {
                	"enabled": true
            	}
        	}
    	]
	},
	"roles": [
    	"ANY"
	]
}
{
	"policyName": "TEST",
	"compliance": "enforce",
	"ownershipType": "BYOD",
	"profile": {
    	"profileName": "TEST",
    	"deviceType": {
        	"id": 2
    	},
    	"profileFeaturesList": [
        	{
            	"featureCode": "ENCRYPT_STORAGE",
            	"deviceTypeId": 2,
            	"content": {
                	"encrypted": true
            	}
        	}
     	]
	},
	"roles": [
    	"ANY"
	]
}

 

Property definitions

Property

Description

Data Type

Example

policyName

The name of the policy that is applied to the Windows device.YesN/AString 

compliance

The action that the monitoring task takes when a policy is violated. The following are the three types of actions that can be applied: Enforce,Warn,Monitor.

YesN/AStringEnforce

ownershipType

The ownership type of the device. The ownership type named cope is not supported when working with Windows 8.1.YesBYODStringBYOD

profile

Profile details.YesN/A  
profileName The name of the profile being added.YesN/AStringMarketing profile
deviceType The code used to define the type of the device platform. The code 2 is used to define the Windows platform.Yes2Integer2
profileFeaturesList The list of features that belong to the selected profile.YesN/A  
rolesThe role that this passcode can be applied to. If you wish to apply this policy to any policy, state ANY. Otherwise, specify the respective name of the role.YesN/A ANY

profileFeaturesList - common

Property

Description

Data Type

Example

featureCodeThe code that defines the policy you wish to add. The available feature codes are as follows: PASSCODE_POLICY, CAMERA and ENCRYPT_STORAGE.Yes StringPASSCODE_POLICY
deviceTypeIdThe code used to define the type of the device platform. The code 2 is used to define the Windows platform.Yes2Integer2
contentThe list of parameters that define the policy. For more information, see profileFeaturesList - policy based.Yes N/A 

profileFeaturesList - policy based

Passcode Policy

Property

Description

Data Type

Example

maxFailedAttemptsThe maximum number of times the end-user can enter his/her device passcode incorrectly. EMM will take different courses of action based on the OS when  the failed attempts exceed the maximum failed attempts. YesN/AInteger3
minLengthThe minimum number of alphanumerical values that the end-user can enter as his/her passcode. However, if the "Allow Simple" option is set, this rule will be overridden and the user will be allowed to have a passcode of even one alphanumerical value.YesN/AInteger4
pinHistoryThe end-user will not be allowed to reuse a passcode that he/she previously entered until he/she exceeds the set pin history length (e.g., if the pin history length is 3 and your passcode currently is 21345, you can not enter 21345 as the passcode in the next three consecutive passcode rotation cycles ).YesN/AInteger3
minComplexCharsThe minimum number of special characters (e.g., @ # etc.) that the end-user will have to enter in his/her passcode. However, if the "Allow Simple" option is set, this rule will be overridden and the user will be allowed to have a passcode without a single complex character.YesN/AInteger1
maxPINAgeInDaysThe number of days after which the device owner has to change his/her passcode.YesN/AInteger60
requireAlphanumericWhether or not it is mandatory for the end-user to have a mix of digits and characters in his/her passcode.YesfalseBooleantrue
allowSimple

If this field is set to "true", the device owner will be able to have a simple passcode (e.g., a, 123,abc, a1bc) and the following criteria in the passcode policy will not be applicable:

  • Minimum length
  • Minimum complex characters

If you wish to apply a passcode policy that requires the user to comply to a passcode policy with a minimum number of complex characters, uncheck the "Allow Simple Values" option via the UI or set this field to "false" when working with the REST API.

YesfalseBooleantrue
enablePasswordSpecifies if the device lock is enabled.YesfalseBooleantrue

Camera Enable/Disable

Property

Description

Data Type

Example

enabled

Enable of disable the camera on the specified Windows devices.YestrueBoolean

false

Encrypt Storage

Property

Description

Data Type

Example

encrypted

Enable or disable storage encryption on Windows devices.

Yes

true

Boolean

false

  • No labels