Hello,
I not sure if anyone has worked this out or if its even possible. I am trying to add a custom schema for Microsoft Defender ATP "com.microsoft.wdav" to Jamf. I have worked out most of the setting which are required for the plist. The problem which I have got stuck on is how do you change an object type based on a selection. The below JSON will allow folders to be whitelisted but I need to be able to change the exclusions array from 3 fields ($type, isDirectory and path) to 2 fields ($type, name) based on if it's a folder or file.
Add advise is welcome.
{
"title": "com.microsoft.wdav",
"description": "Preference Domain: com.microsoft.wdav, Application: Microsoft Defender ATP",
"type": "object",
"properties": {
"antivirusEngine": {
"properties": {
"allowedThreats": {
"type": "array",
"items": {
"type": "object",
"properties": {
"$type": {
"type": "string"
},
"isDirectory": {
"type": "boolean"
},
"path": {
"type": "string"
}
},
"required": [
"$type",
"isDirectory",
"path"
]
}
},
"enableRealTimeProtection": {
"type": "boolean",
"default": "true",
"description": "Specify whether to enable real-time protection, which scans files as they are accessed."
},
"passiveMode": {
"type": "boolean",
"default": "false",
"description": "Specify whether the antivirus engine runs in passive mode."
},
"exclusionsMergePolicy": {
"type": "string",
"default": "merge",
"description": "Specify the merge policy for exclusions. This can be a combination of administrator-defined and user-defined exclusions (merge) or only administrator-defined exclusions (admin_only). This setting can be used to restrict local users from defining their own exclusions."
},
"exclusions": {
"description ": "Specify entities excluded from being scanned. Exclusions can be specified by full paths, extensions, or file names.",
"type": "array",
"items": {
"type": "object",
"properties": {
"$type": {
"type": "string"
},
"isDirectory": {
"type": "boolean"
},
"path": {
"type": "string"
}
},
"required": [
"$type",
"isDirectory",
"path"
]
}
},
"threatTypeSettings": {
"type": "array",
"items": {
"type": "object",
"properties": {
"$type": {
"type": "string"
},
"path": {
"type": "string"
}
},
"required": [
"$type",
"path"
]
}
}
}
},
"cloudservice": {
"properties": {
"automaticSampleSubmission": {
"type": "boolean",
"default": "true",
"description": "Determines whether suspicious samples (that are likely to contain threats) are sent to Microsoft. You are prompted if the submitted file is likely to contain personal information."
},
"diagnosticLevel": {
"type": "string",
"default": "optional",
"description": "Diagnostic data is used to keep Microsoft Defender ATP secure and up-to-date, detect, diagnose and fix problems, and also make product improvements. This setting determines the level of diagnostics sent by Microsoft Defender ATP to Microsoft."
},
"enabled": {
"type": "boolean",
"default": "true"
}
}
}
}
}