search

microsoft / mdatp-devicecontrol

Microsoft Defender for Endpoint Device Control tools, samples, and resources.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-control-removable-storage-protection?view=o365-worldwide
MIT License
43 stars 36 forks source link

mdatp-devicecontrol #13

Closed castelan91 closed 1 year ago

castelan91 commented 1 year ago

device_control_policy_schema.json throws errors with the object type when I tried to use on JAMF

bryan-lipinski commented 1 year ago

device_control_policy_schema.json is not intended to be used with JAMF directly. The schema is to enable users to validate the v2 Device Control policy JSON prior to deployment with JAMF using a site like https://www.jsonschemavalidator.net/.

The v1 policy was directly embedded within the MDE Settings as described here. This made things fairly complicated in a few ways.

The v2 implementation takes a different approach adding one level of indirection. The v2 policy JSON can be copied as a string into the 'Device Control'\'Policy' preference in the MDE Preferences configuration profile. The new 'Policy' field has already been added to schema.json in the mdatp-xplat repo to make this even simpler.