-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsettings.json
57 lines (44 loc) · 2.29 KB
/
settings.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
{
// REQUIRED PARAMETERS
// The application ID that is in the Partner tenant.
// The application must be a multi-tenant application
// The application must have the user_impersonation permission in Microsoft Partner Center (app ID fa3d9a0c-3fb0-42cc-9193-47c7ecd2edbd)
"PARTNER_APP_ID": "",
// The application ID that is in the Client tenant.
// If the application does not exist, the application will be created.
// It is ideal to keep the application ID the same as PARTNER_APP_ID,
// else the technician will need to re-authenticate.
"CLIENT_APP_ID": "",
// If the application does not exist,
// the following name will be used to create the application
"CLIENT_APP_NAME": "",
// OPTIONAL PARAMETERS
// Make both applications use the device code flow.
// This will prompt the technician to type in a code to https://microsoft.com/devicelogin
// This is the more secure option, in theory, because technicians
// do not sign in to client machines. By default, this is disabled.
// Both applications must have device code flow enabled (App registration > Authentication)
// for this to work. If partner and client app IDs are the same, only the partner app registration
// needs device code flow enabled.
"DEVICE_CODE_AUTH": true,
// Use the following to set a default group tag.
// Setting FORCE_DEF_GROUP_TAG to true will force the group tag specified
// and bypass user input.
"DEFAULT_GROUP_TAG": "",
"FORCE_DEF_GROUP_TAG": true,
// Use the following to set a default client tenant.
// You can specify a tenant ID or a domain belonging to the tenant
// Setting FORCE_DEF_TENANT to true will force the tenant specified
// and bypass user input.
"DEFAULT_TENANT": "",
"FORCE_DEF_TENANT": false,
// Enable the ability to assign users.
// https://learn.microsoft.com/en-us/autopilot/tutorial/user-driven/azure-ad-join-assign-device-to-user
// Note that, due to least privilege, users cannot be verified present
// in the client tenant.
"ENABLE_ASSIGN_USER": false,
// Set a timer to allow Intune to soak, in seconds.
// This makes it easier to reboot directly into the Autopilot interface.
// Set to 0 to disable. Default is 300 (5 minutes).
"SOAK_TIME": 300
}