// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

syntax = "proto2";

option optimize_for = LITE_RUNTIME;

import "policy_common_definitions.proto";

package enterprise_management;

option go_package="chromium/policy/enterprise_management_proto";

// Everything below this comment will be synchronized between client and server
// repos ( go/cros-proto-sync ).

message DevicePolicyRefreshRateProto {
  // In milliseconds.
  optional int64 device_policy_refresh_rate = 1;
}

message UserWhitelistProto {
  // If a UserWhitelistProto is included in the ChromeDeviceSettingsProto but
  // the user_whitelist field is empty then no user can sign-in.
  repeated string user_whitelist = 1;
}

message UserAllowlistProto {
  // If a UserAllowlistProto is included in the ChromeDeviceSettingsProto but
  // the user_whitelist field is empty then no user can sign-in.
  repeated string user_allowlist = 1;
}

message AllowNewUsersProto {
  // Determines whether we allow arbitrary users to log into the device.
  // This interacts with the UserAllowlistProto as follows:
  // allow_new_users | user_allowlist     | anyone can log in
  //-----------------+--------------------+------------------
  //  present, true  | not present        | Yes
  //-----------------+--------------------+------------------
  //  present, true  | present            | Yes
  //-----------------+--------------------+------------------
  //  present, false | not present        | (Broken) Yes
  //-----------------+--------------------+------------------
  //  present, false | present            | No, W/L enforced
  //-----------------+--------------------+------------------
  //  not present    | not present        | Yes
  //-----------------+--------------------+------------------
  //  not present    | present, empty     | Yes
  //-----------------+--------------------+------------------
  //  not present    | present, non-empty | No, W/L enforced
  //-----------------+--------------------+------------------
  optional bool allow_new_users = 1 [default = true];
}

message GuestModeEnabledProto {
  // Determines if guests are allowed to log in to the device.
  optional bool guest_mode_enabled = 1 [default = true];
}

message ShowUserNamesOnSigninProto {
  // Determines if we show pods for existing users on the sign in screen.
  optional bool show_user_names = 1 [default = true];
}

message DataRoamingEnabledProto {
  // Determines if cellular data roaming is enabled.
  optional bool data_roaming_enabled = 1 [default = false];
}

message OBSOLETE_DeviceProxySettingsProto {
  // One of "direct", "auto_detect", "pac_script", "fixed_servers", "system"
  optional string OBSOLETE_proxy_mode = 1 [deprecated = true];
  optional string OBSOLETE_proxy_server = 2 [deprecated = true];
  optional string OBSOLETE_proxy_pac_url = 3 [deprecated = true];
  optional string OBSOLETE_proxy_bypass_list = 4 [deprecated = true];
}

// This is used by chromeos, make sure to do cleanup there before marking it as
// obsolette.
message CameraEnabledProto {
  optional bool camera_enabled = 1;
}

message MetricsEnabledProto {
  optional bool metrics_enabled = 1;
}

message ReleaseChannelProto {
  // One of "stable-channel", "beta-channel", or "dev-channel"
  optional string release_channel = 1;

  // The user can select the channel if |release_channel_delegated| is true.
  // The value of |release_channel| is only taken into account if
  // |release_channel_delegated| is set to false.
  optional bool release_channel_delegated = 2;

  // |release_lts_tag| is forwarded as the "ltshint" attribute to Omaha.
  optional string release_lts_tag = 3;
}

message DeviceOpenNetworkConfigurationProto {
  // The network configuration blob. This is a JSON string as specified by ONC.
  optional string open_network_configuration = 1;
}

message NetworkHostnameProto {
  // The device hostname template. It might contain following
  // patterns that would be substituted by the device:
  // ASSET_ID, SERIAL_NUM, MAC_ADDR, and string after substitution should
  // be a valid hostname.
  optional string device_hostname_template = 1;
}

message DeviceHindiInscriptLayoutEnabledProto {
  // Determines if Hindi Inscript Layout is available
  optional bool enabled = 1 [default = false];
}

message HostnameUserConfigurableProto {
  // Determines if user is allowed to configure the device hostname
  optional bool device_hostname_user_configurable = 1 [default = false];
}

// Policies to turn on portions of the device status reports.
// If changed, the default values have to be updated in
// chrome/browser/ash/policy/status_collector/device_status_collector.cc
// and
// chrome/browser/ash/policy/status_collector/child_status_collector.cc.
message DeviceReportingProto {
  optional bool report_version_info = 1 [default = true];
  optional bool report_activity_times = 2 [default = true];
  optional bool report_boot_mode = 3 [default = true];
  optional bool report_location = 4 [default = false];
  // The server side still retains this field for being backward compatible with
  // old versions of ChromeOS <= 95. See b/243958646.
  optional bool report_network_interfaces = 5
      [default = true, deprecated = true];
  optional bool report_users = 6 [default = true];
  // The server side still retains this field for being backward compatible with
  // old versions of ChromeOS <= 95. See b/243960946.
  optional bool report_hardware_status = 7 [default = true, deprecated = true];
  optional bool report_session_status = 8 [default = true];
  optional bool report_os_update_status = 10 [default = false];
  optional bool report_running_kiosk_app = 11 [default = false];
  optional bool report_power_status = 12 [default = false];
  optional bool report_storage_status = 13 [default = false];
  optional bool report_board_status = 14 [default = false];
  optional bool report_cpu_info = 15 [default = false];
  optional bool report_graphics_status = 16 [default = false];
  optional bool report_crash_report_info = 17 [default = false];
  optional bool report_timezone_info = 18 [default = false];
  optional bool report_memory_info = 19 [default = false];
  optional bool report_backlight_info = 20 [default = false];
  optional bool report_app_info = 21 [default = false];
  optional bool report_bluetooth_info = 22 [default = false];
  optional bool report_fan_info = 23 [default = false];
  optional bool report_vpd_info = 24 [default = false];
  optional bool report_system_info = 25 [default = false];
  optional bool report_print_jobs = 26 [default = false];
  optional bool report_login_logout = 27 [default = false];
  optional bool report_audio_status = 28 [default = true];
  optional bool report_network_configuration = 29 [default = true];
  optional bool report_network_status = 30 [default = true];
  optional bool report_security_status = 31 [default = false];
  optional bool report_crd_sessions = 36 [default = false];
  optional bool report_peripherals = 37 [default = false];
  optional bool report_network_events = 41 [default = false];
  optional bool report_runtime_counters = 42 [default = false];

  // Frequency to report device status, default to 3 hours.
  // If changed, the default value has to be updated in
  // chrome/browser/ash/policy/core/device_cloud_policy_manager_ash.cc.
  optional int64 device_status_frequency = 9 [default = 10800000];

  // Obsolete: This policy is not supported by the client starting with M-106.
  // This is a internal flag that will be used to control whether enable
  // granular device reporting is enabled
  optional bool enable_granular_reporting = 32
      [default = true, deprecated = true];

  // Network telemetry policies.
  optional int64 report_network_telemetry_collection_rate_ms = 33
      [default = 3600000];
  optional int64 report_network_telemetry_event_checking_rate_ms = 34
      [default = 600000];

  // Audio telemetry policy
  optional int64 report_device_audio_status_checking_rate_ms = 35
      [default = 600000];

  // Runtime counters telemetry policy.
  optional int64 device_report_runtime_counters_checking_rate_ms = 43
      [default = 86400000];

  optional StringList report_signal_strength_event_driven_telemetry = 38;

  // Device activity heartbeat policies.
  optional bool device_activity_heartbeat_enabled = 39 [default = false];
  optional int64 device_activity_heartbeat_collection_rate_ms = 40
      [default = 900000];
}

message EphemeralUsersEnabledProto {
  // Determines whether users should be treated as ephemeral. In ephemeral users
  // mode, no cryptohome is created for the user, but a tmpfs mount is used
  // instead such that upon logout all user state is discarded.
  //
  // Does not apply for device-local accounts with specified `ephemeral_mode`
  // that is equal to EPHEMERAL_MODE_DISABLE or EPHEMERAL_MODE_ENABLE.
  optional bool ephemeral_users_enabled = 1;
}

message DeviceKeylockerForStorageEncryptionEnabledProto {
  // Determines whether cryptohome uses Keylocker for storage encryption ciphers
  // when supported.
  optional bool enabled = 1;
}

// Details of an extension to install as part of the AppPack.
message OBSOLETE_AppPackEntryProto {
  optional string OBSOLETE_extension_id = 1 [deprecated = true];
  optional string OBSOLETE_update_url = 2 [deprecated = true];

  // This field was added but never used and there are no plans to support it
  // eventually either.
  optional bool OBSOLETE_online_only = 3 [deprecated = true];
}

message OBSOLETE_AppPackProto {
  // List of extensions to install as part of the AppPack.
  repeated OBSOLETE_AppPackEntryProto app_pack = 1 [deprecated = true];
}

// This is a special policy for kiosk/retail mode that specifies what apps
// should be pinned to the launcher. For regular accounts, pinned apps are
// controlled through user policy.
message OBSOLETE_PinnedAppsProto {
  // App IDs for the apps to pin.
  repeated string OBSOLETE_app_id = 1 [deprecated = true];
}

message OBSOLETE_ForcedLogoutTimeoutsProto {
  // All timeouts are specified in milliseconds.

  // Specifies the timeout before an idle user session is terminated.
  // If this field is omitted or set to 0, no logout on idle will be performed.
  optional int64 OBSOLETE_idle_logout_timeout = 1 [deprecated = true];

  // Specifies the duration of a warning countdown before the user is logged out
  // because of idleness as specified by the |idle_logout_timeout| value.
  // This field is only used if |idle_logout_timeout| != 0 is specified.
  optional int64 OBSOLETE_idle_logout_warning_duration = 2 [deprecated = true];
}

message OBSOLETE_ScreenSaverProto {
  // Specifies the extension ID which is to be used as a screen saver on the
  // login screen if no user activity is present. Only respected if the device
  // is in RETAIL mode.
  optional string OBSOLETE_screen_saver_extension_id = 1 [deprecated = true];

  // Specifies the timeout before the screen saver is activated. If this field
  // is omitted or set to 0, no screen-saver will be started.
  // Measured in milliseconds.
  optional int64 OBSOLETE_screen_saver_timeout = 2 [deprecated = true];
}

// Enterprise controls for auto-update behavior of Chrome OS.
message AutoUpdateSettingsProto {
  reserved 13;

  // True if we don't want the device to auto-update (target_version_prefix is
  // ignored in this case).
  optional bool update_disabled = 1;

  // Specifies the prefix of the target version we want the device to
  // update to, if it's on an older version. If the device is already on
  // a version with the given prefix, then there's no effect. If the device is
  // on a higher version, the behavior depends on |rollback_to_target_version|.
  // The format of this version can be one of the following:
  // ---------------------------------------------------------------------
  // "" (or not set at all): update to latest version available.
  // 1412.: update to any minor version of 1412 (e.g. 1412.24.34 or 1412.60.2)
  // 1412.2.: update to any minor version of 1412.2 (e.g. 1412.2.34 or 1412.2.2)
  // 1412.24.34: update to this specific version only
  // ---------------------------------------------------------------------
  optional string target_version_prefix = 2;

  // The Chrome browser version (e.g. "17.*") corresponding to the
  // target_version_prefix above. The target_version_prefix is the internal OS
  // version that external users normally are not aware of. This display_name
  // can be used by the devices to display a message to end-users about the auto
  // update setting.
  optional string target_version_display_name = 3;

  // Specifies the number of seconds up to which a device may randomly
  // delay its download of an update from the time the update was first pushed
  // out to the server. The device may wait a portion of this time in terms
  // of wall-clock-time and the remaining portion in terms of the number of
  // update checks. In any case, the scatter is upper bounded by a constant
  // amount of time so that a device does not ever get stuck waiting to download
  // an update forever.
  optional int64 scatter_factor_in_seconds = 4;

  // Enumerates network connection types.
  enum ConnectionType {
    CONNECTION_TYPE_ETHERNET = 0;
    CONNECTION_TYPE_WIFI = 1;
    CONNECTION_TYPE_WIMAX = 2;
    CONNECTION_TYPE_BLUETOOTH = 3;
    CONNECTION_TYPE_CELLULAR = 4;
  }

  // The types of connections that are OK to use for OS updates. OS updates
  // potentially put heavy strain on the connection due to their size and may
  // incur additional cost. Therefore, they are by default not enabled for
  // connection types that are considered expensive (currently only Cellular).
  repeated ConnectionType allowed_connection_types = 5;

  // This has been replaced by |reboot_after_update| below.
  optional bool OBSOLETE_reboot_after_update = 6 [deprecated = true];

  // True if AU payloads can be downloaded via HTTP. False otherwise.
  optional bool http_downloads_enabled = 7 [default = false];

  // True if the device should reboot automatically when an update has been
  // applied and a reboot is required to complete the update process.
  //
  // Note: Currently, automatic reboots are only enabled while the login screen
  // is being shown or a kiosk app session is in progress. This will change in
  // the future and the policy will always apply, regardless of whether a
  // session of any particular type is in progress or not.
  optional bool reboot_after_update = 8;

  // True if AU payloads may be shared with and consumed from other devices
  // on the LAN, using p2p. False otherwise.
  optional bool p2p_enabled = 9 [default = false];

  // The possible types of rollback.
  enum RollbackToTargetVersion {
    // No value set. Default is ROLLBACK_DISABLED.
    ROLLBACK_UNSPECIFIED = 0;
    // No rollback should happen if |target_version_prefix| specifies an older
    // version than the currently installed Chrome OS version. If this is the
    // case, the device will still respect |target_version_prefix|, so it will
    // not update Chrome OS.
    ROLLBACK_DISABLED = 1;
    // Deprecated. This option is not available or supported anymore.
    ROLLBACK_AND_POWERWASH = 2;
    // If |target_version_prefix| specifies an older version than the currently
    // installed ChromeOS version, the device should roll back to a ChromeOS
    // version starting with |target_version_prefix|.
    // The device is powerwashed but some data is preserved and recovered: OOBE
    // completion state, stats consent status, and device-wide network
    // configurations without certificates. When rolling back to M>=106, the
    // device re-enrolls automatically.
    ROLLBACK_AND_RESTORE_IF_POSSIBLE = 3;
  }

  // Specifies what should happen if |target_version_prefix| specifies an older
  // version than the currently installed Chrome OS version.
  optional RollbackToTargetVersion rollback_to_target_version = 10
      [default = ROLLBACK_DISABLED];

  // Specifies the number of Chrome milestones rollback should be allowed,
  // starting from the stable version at any time. Setting this policy prevents
  // firmware and kernel rollback protection to apply for at least this number
  // of milestones.
  optional int32 rollback_allowed_milestones = 11 [default = 0];

  // Specifies the time intervals during which the device is not allowed to do
  // automatic update checks. This is a JSON string, for details see
  // DeviceAutoUpdateTimeRestrictions.yaml.
  optional string disallowed_time_intervals = 12;

  // Specifies how much of the fleet to update per day as a json
  // string that contains a list of pairs <day, percentage>. For more
  // details and examples, see DeviceUpdateStagingSchedule.yaml.
  optional string staging_schedule = 14;

  // This token is forwarded to omaha by update_engine. If it is set, omaha may
  // serve a quick fix build identified by the token.
  //
  // This field is primarily used for quick fixes, but it is also used by the
  // Hotrod team to subdivide the Stable channel into cohorts.
  optional string device_quick_fix_build_token = 15;

  // Types of channel downgrade behavior.
  enum ChannelDowngradeBehavior {
    // Channel downgrade behavior unspecified. Default is
    // WAIT_FOR_VERSION_CATCH_UP.
    CHANNEL_DOWNGRADE_BEHAVIOR_UNSPECIFIED = 0;
    // On a channel downgrade, e.g. beta to stable, wait for the device's
    // version to become available on the new channel. No updates happen until
    // then. This is the default.
    WAIT_FOR_VERSION_CATCH_UP = 1;
    // Roll back and reset the device on a channel downgrade. This does a full
    // powerwash and tries to preserve wifi and enrollment.
    ROLLBACK = 2;
    // Allow the user to decide whether to wait or roll back and reset on a
    // user-initiated channel downgrade.
    ALLOW_USER_TO_CONFIGURE = 3;
  }

  // Specifies what should happen if the device channel is downgraded.
  optional ChannelDowngradeBehavior channel_downgrade_behavior = 16
      [default = WAIT_FOR_VERSION_CATCH_UP];

  // |target_version_selector| is forwarded as the "targetversionselector"
  // attribute to Omaha and is used by it if for minor version pinning. The
  // field is not and shall not be processed by the client.
  optional string target_version_selector = 17;
}

message OBSOLETE_StartUpUrlsProto {
  // Specifies the URLs to be loaded on login to the anonymous account used if
  // the device is in RETAIL mode.
  repeated string OBSOLETE_start_up_urls = 1 [deprecated = true];
}

message DeviceLoginScreenGeolocationAccessLevelProto {
  enum GeolocationAccessLevel {
    DISALLOWED = 0;
    ALLOWED = 1;
  }

  optional GeolocationAccessLevel geolocation_access_level = 1
      [default = ALLOWED];
}

message SystemTimezoneProto {
  // Specifies an owner-determined timezone that applies to the login screen and
  // all users. Valid values are listed in "timezone_settings.cc". Additionally,
  // timezones from the "IANA Time Zone Database" (e.g. listed on wikipedia)
  // that are equivalent to one of the timezones in "timezone_settings.cc" are
  // valid. In case of an invalid value, the setting is still activated with a
  // fallback timezone (currently "GMT"). In case of an empty string or if no
  // value is provided, the timezone device setting is inactive. In that case,
  // the currently active timezone will remain in use however users can change
  // the timezone and the change is persistent. Thus a change by one user
  // affects the login-screen and all other users.
  optional string timezone = 1;

  // This allows domain administrators to control the timezone settings for
  // their devices.
  enum AutomaticTimezoneDetectionType {
    USERS_DECIDE = 0;
    DISABLED = 1;
    IP_ONLY = 2;
    SEND_WIFI_ACCESS_POINTS = 3;
    SEND_ALL_LOCATION_INFO = 4;
  }

  optional AutomaticTimezoneDetectionType timezone_detection_type = 2;
}

message SystemUse24HourClockProto {
  // Specifies an owner-determined clock format that applies to the login
  // screen and is used as a default for all user sessions. Users can still
  // override the format to use for their account.
  //
  // True and false select a 24 and 12 hour clock format, respectively. The
  // default format for the case the setting is not present is 24 hour clock.
  optional bool use_24hour_clock = 1;
}

// Parameters for Kiosk App device-local accounts.
message KioskAppInfoProto {
  // Indicates the Kiosk App for the corresponding device-local account. The
  // string value should be a valid 32-character Chrome App identifier and
  // specifies the Kiosk App to download and run.
  optional string app_id = 1;

  // Optional extension update URL to download the Kiosk App package from. If
  // not specified, the app will be downloaded from the standard Chrome Web
  // Store update URL.
  optional string update_url = 2;
}

// Describes which Android application is to be launched.
message AndroidKioskAppInfoProto {
  // Package name (must be present).
  // In the event this is the only field that is specified, runtime may use
  // PackageManager.getLaunchIntentForPackage() to start the app. See
  // https://developer.android.com/reference/android/content/pm/PackageManager.html
  // Example of the package name: "com.android.camera". Do not include "app:"
  // prefix in the package name.
  optional string package_name = 1;

  // Class name (optional). If present, class name is to be combined with
  // package name to form a ComponentName. See
  // https://developer.android.com/reference/android/content/ComponentName.html
  optional string class_name = 2;

  // Action (optional). The third parameter required for creating an Intent.
  // If omitted, runtime may choose a reasonable default action
  // (e.g. android.intent.action.MAIN).
  // If package and action are specified, but not the class name, runtime may
  // use PackageManager.queryIntentActivity() to find out the class name.
  optional string action = 3;

  // Display name (optional).
  // User-friendly app name that should be used in Chrome UI where kiosk app
  // name is shown. Chrome side could override the string with an updated
  // value that it will get from Google Play when the app will be installed.
  optional string display_name = 4;
}

// Parameters for Web App-based device local accounts.
message WebKioskAppInfoProto {
  // Install url (must be present).
  // In case it is the only field provided, title and icon will be deduced
  // during first app launch.
  optional string url = 1;

  // Title (optional).
  // User-friendly app name that should be used in Chrome UI where kiosk app
  // name is shown. Chrome side could override the string with an updated
  // value that it will get during actual app launch.
  optional string title = 2;

  // Icon url (optional).
  // Is not used in the current Implementation. Will be used instead of the
  // placeholder icon that is displayed before the first successful app
  // launch.
  optional string icon_url = 3;
}

// Parameters for Isolated Web App kiosk device local accounts.
message IsolatedWebAppKioskInfoProto {
  // Signed Web Bundle ID (required).
  // A base32 [a-z2-7] string of 56 or 58 characters.
  // The public key of the Signed Web Bundle is used to create the Web Bundle ID
  // that identifies the IWA.
  optional string web_bundle_id = 1;

  // Update URL of the isolated app (required).
  // Specifies the app version and where to download the web bundle from.
  optional string update_manifest_url = 2;

  // The IWA release/update channel name (optional).
  // If unset, the "default" channel is used.
  optional string update_channel = 3;

  // A specific version number to install (optional).
  // ChromeOS will attempt to install this version if available on the current
  // update channel. Pinning prevents further app updates.
  // If unset, the IWA updates to the latest version on the current channel.
  optional string pinned_version = 4;

  // Enables downgrading to older versions of the IWA (optional).
  // Ignored if `pinned_version` is not specified.
  // If unset, defaults to false, i.e. downgrading is disabled for this IWA.
  optional bool allow_downgrades = 5;
}

// Describes a single device-local account.
message DeviceLocalAccountInfoProto {
  // Deprecated: Account identifier for a public session device-local account.
  // Old code didn't have the |type| field, so it can't handle new types of
  // device-local accounts gracefully (i.e. ignoring unsupported types). New
  // code should instead set type to ACCOUNT_TYPE_PUBLIC_SESSION and write the
  // identifier to the |account_id| field below. If the |type| field is present,
  // |deprecated_public_session_id| will be ignored.
  optional string deprecated_public_session_id = 1;

  // Identifier for the device-local account. This is an opaque identifier that
  // is used to distinguish different device-local accounts configured. All
  // configured accounts on a device must have unique identifiers.
  optional string account_id = 2;

  // LINT.IfChange
  // Indicates the type of device-local account.
  enum AccountType {
    // A login-less, policy-configured browsing session.
    ACCOUNT_TYPE_PUBLIC_SESSION = 0;
    // An account that serves as a container for a single full-screen
    // Chrome app.
    ACCOUNT_TYPE_KIOSK_APP = 1;
    // An account that serves as a container for a single full-screen
    // Android app. Deprecated.
    ACCOUNT_TYPE_KIOSK_ANDROID_APP = 2 [deprecated = true];
    // SAML public session account.
    ACCOUNT_TYPE_SAML_PUBLIC_SESSION = 3;
    // An account that serves as a container for a single full-screen Web App.
    ACCOUNT_TYPE_WEB_KIOSK_APP = 4;
    // An account that serves as a container for a single full-screen
    // Isolated Web App (IWA).
    ACCOUNT_TYPE_KIOSK_IWA = 5;
    // An account that serves as a container for a single full-screen
    // Android app running inside ARCVM. This is different from the deprecated
    // ACCOUNT_TYPE_KIOSK_ANDROID_APP as this will be used only for Project
    // Starline devices.
    ACCOUNT_TYPE_KIOSK_ARCVM = 6;
  }
  // Should keep ChromeServletUtil.toDimensionAccountType logic in sync with
  // AccountType enum.
  // LINT.ThenChange(//depot/google3/java/com/google/chrome/cros/dmserver/chrome/ChromeServletUtil.java)

  // The account type.
  optional AccountType type = 3;

  // Kiosk App parameters, relevant if |type| is ACCOUNT_TYPE_KIOSK_APP.
  optional KioskAppInfoProto kiosk_app = 4;

  // Kiosk App parameters, relevant if |type| is ACCOUNT_TYPE_KIOSK_ANDROID_APP
  optional AndroidKioskAppInfoProto android_kiosk_app = 5 [deprecated = true];

  // Web Kiosk App parameters, relevant if |type| is ACCOUNT_TYPE_WEB_KIOSK_APP
  optional WebKioskAppInfoProto web_kiosk_app = 6;

  enum EphemeralMode {
    // Default value. Same behaviour as
    // EPHEMERAL_MODE_FOLLOW_DEVICE_WIDE_POLICY value.
    EPHEMERAL_MODE_UNSET = 0;
    // Device-local account ephemeral mode controlled by
    // DeviceEphemeralUsersEnabled policy.
    //
    // Prefer this value over EPHEMERAL_MODE_UNSET to avoid errors when merging
    // child OU and parent OU protobufs on the service-side.
    EPHEMERAL_MODE_FOLLOW_DEVICE_WIDE_POLICY = 1;
    // Device-local account must be non-ephemeral.
    EPHEMERAL_MODE_DISABLE = 2;
    // Device-local account must be ephemeral.
    EPHEMERAL_MODE_ENABLE = 3;
  }

  // Configures whether the current device-local account should be ephemeral and
  // overrides the behaviour of DeviceEphemeralUsersEnabled policy for the
  // current device-local account iff
  //   1) `ephemeral_mode` is present AND
  //   2) `ephemeral_mode` value is equal EPHEMERAL_MODE_DISABLE
  //       or EPHEMERAL_MODE_ENABLE.
  //
  // Otherwise, DeviceEphemeralUsersEnabled policy is applied to the
  // current device-local account.
  //
  // Relevant if `type` is ACCOUNT_TYPE_KIOSK_APP,
  // ACCOUNT_TYPE_KIOSK_ANDROID_APP or ACCOUNT_TYPE_WEB_KIOSK_APP.
  optional EphemeralMode ephemeral_mode = 7;

  // Kiosk App parameters, relevant if |type| is ACCOUNT_TYPE_KIOSK_IWA.
  optional IsolatedWebAppKioskInfoProto isolated_kiosk_app = 8;

  // Kiosk App parameters, relevant if |type| is ACCOUNT_TYPE_KIOSK_ARCVM.
  // This is different from the deprecated android_kiosk_app field as this will
  // be used only for Project Starline devices.
  optional AndroidKioskAppInfoProto arcvm_kiosk_app = 9;
}

message DeviceLocalAccountsProto {
  // The list of device-local accounts (i.e. accounts without an associated
  // cloud-backed profile) that are available on the device.
  repeated DeviceLocalAccountInfoProto account = 1;

  // The identifier of the device-local account to which the device
  // should be logged in automatically.  Should be equal to one of the
  // ids in DeviceLocalAccountInfoProto.
  optional string auto_login_id = 2;

  // The amount of time, in milliseconds, that should elapse at the signin
  // screen without user interaction before automatically logging in.
  optional int64 auto_login_delay = 3;

  // Whether the keyboard shortcut to prevent zero-delay auto-login should be
  // enabled or not. By default, the user has 3 seconds to press a shortcut
  // to prevent auto-login, which is useful to sign-in to a regular user session
  // and configure the machine. If this policy is set to false then this
  // shortcut is disabled and there is no way to skip auto-login.
  optional bool enable_auto_login_bailout = 4 [default = true];

  // Whether network configuration should be offered or not when the device
  // does not have access to the Internet. If the policy is omitted or set to
  // true, the network configuration will be offered. Otherwise, only an error
  // message is displayed.
  // Note: If both this policy and enable_auto_login_bailout policy above is
  // set to false, there are chances that the device might become totally
  // unusable when there is no Internet access and has to go through the
  // recovery process.
  // If the device is offline at startup then the network configuration screen
  // is always shown, before auto-login kicks in.
  optional bool prompt_for_network_when_offline = 5 [default = true];
}

message ManagedGuestSessionPrivacyWarningsProto {
  // Enable the privacy warnings on both; the login screen of the managed-guest
  // session & inside the auto-launched managed-guest sessions.
  // If this policy is set to false, all the privacy warnings are deactivated.
  // If it's set to true or not set, then the privacy warnings will be shown by
  // default.
  optional bool enabled = 1 [default = true];
}

message AllowRedeemChromeOsRegistrationOffersProto {
  // Chrome OS Registration service provides way for chromeos device users
  // to redeem electronic offers provided by service provider.
  // This value determines if users are allowed to redeem offers through
  // Chrome OS Registration service.
  optional bool allow_redeem_offers = 1 [default = true];
}

message FeatureFlagsProto {
  // Specifies switches that should be passed to Google Chrome when it starts.
  // The specified switches are applied on the login screen only. Switches set
  // via this policy do not propagate into user sessions.
  // This is deprecated because it turned out that storing raw switches is
  // problematic since Chrome can't easily tie switches back to feature flags to
  // validate them. The |feature_flags| field below works in terms of feature
  // flag names (i.e. chrome://flags items) instead and supersedes |switches|.
  repeated string switches = 1 [deprecated = true];

  // Specifies feature flags (i.e. chrome://flags items) that should be enabled
  // when Chrome starts. The format of the individual entries matches the format
  // chrome://flags uses for internal bookkeeping, i.e. either the flag name as
  // listed on chrome://flags (for flags that only have a single choice besides
  // the default) or the flag name followed by the index of the chosen option,
  // separated by an '@' character (for flags with multiple choices). The
  // specified feature flags are applied on the login screen only and don't
  // propagate into the user session.
  repeated string feature_flags = 2;
}

message UptimeLimitProto {
  // This has been replaced by |uptime_limit| below.
  optional int64 OBSOLETE_uptime_limit = 1 [deprecated = true];

  // Sets the length of device uptime after which an automatic reboot is
  // scheduled. An automatic reboot is scheduled at the selected time but may be
  // delayed on the device by up to 24 hours, e.g. if a user is currently using
  // the device or an app/extension has requested reboots to be inhibited
  // temporarily. The policy value should be specified in seconds.
  //
  // Note: Currently, automatic reboots are only enabled while the login screen
  // is being shown or a kiosk app session is in progress. This will change in
  // the future and the policy will always apply, regardless of whether a
  // session of any particular type is in progress or not.
  optional int64 uptime_limit = 2;
}

message VariationsParameterProto {
  // The string for the restrict parameter to be appended to the Variations URL
  // when pinging the Variations server.
  optional string parameter = 1;
}

message AttestationSettingsProto {
  // Attestation involves proving that a cryptographic key is protected by a
  // legitimate Chrome OS TPM and reporting the operating mode of the platform.
  // This setting enables enterprise attestation features at a device level.  If
  // this is enabled a machine key will be generated and certified by the Chrome
  // OS CA.  If this setting is disabled, even users with attestation settings
  // enabled will not be able to use those features on the device.
  optional bool attestation_enabled = 1 [default = false];

  // Chrome OS devices can use remote attestation (Verified Access) to get a
  // certificate issued by the Chrome OS CA that asserts the device is eligible
  // to play protected content.  This process involves sending hardware
  // endorsement information to the Chrome OS CA which uniquely identifies the
  // device.  This setting allows this feature to be disabled for the device
  // regardless of any user-specific settings.
  optional bool content_protection_enabled = 2 [default = true];
}

message AccessibilitySettingsProto {
  // Sets the default state of the following accessibility features on the login
  // screen:
  //
  // 1) Large cursor: login_screen_default_large_cursor_enabled
  // 2) Spoken feedback: login_screen_default_spoken_feedback_enabled
  // 3) High contrast: login_screen_default_high_contrast_enabled
  // 4) Screen magnifier: login_screen_default_screen_magnifier_type
  // 5) Virtual keyboard: login_screen_default_virtual_keyboard_enabled
  //
  // Each acts as follows: If the corresponding policy is set to true, the
  // associated accessibility feature will be enabled when the login screen is
  // shown. If this policy is set to false, the accessibility feature will be
  // disabled when the login screen is shown. Users can temporarily override
  // this setting by enabling or disabling the corresponding accessibiilty
  // feature. However, the user's choice is not persistent and the default is
  // restored whenever the login screen is shown anew or the user remains idle
  // on the login screen for a minute. If this policy is left unset, the
  // corresponding accessibiilty feature is disabled when the login screen is
  // first shown. Users can enable or disable the corresponding accessibiilty
  // feature anytime and its status on the login screen is persisted between
  // users.

  optional bool login_screen_default_large_cursor_enabled = 1;
  optional bool login_screen_default_spoken_feedback_enabled = 2;
  optional bool login_screen_default_high_contrast_enabled = 3;

  // Enumerates the screen magnifier types.
  enum ScreenMagnifierType {
    // Screen magnifier disabled.
    SCREEN_MAGNIFIER_TYPE_NONE = 0;
    // Full-screen magnifier enabled.
    SCREEN_MAGNIFIER_TYPE_FULL = 1;
  }
  optional ScreenMagnifierType login_screen_default_screen_magnifier_type = 4;

  optional bool login_screen_default_virtual_keyboard_enabled = 5;

  // Sets the mandatory or default state, depending on the PolicyOptions, of the
  // following accessibility features on the login screen:
  //
  // 1) Large cursor: login_screen_large_cursor_enabled
  //    PolicyOptions: login_screen_large_cursor_enabled_options
  // 2) Spoken feedback: login_screen_spoken_feedback_enabled
  //    PolicyOptions: login_screen_spoken_feedback_enabled_options
  // 3) High contrast: login_screen_high_contrast_enabled
  //    PolicyOptions: login_screen_high_contrast_enabled_options
  // 4) Virtual keyboard: login_screen_virtual_keyboard_enabled
  //    PolicyOptions: login_screen_virtual_keyboard_enabled_options
  // 5) Dictation: login_screen_dictation_enabled
  //    PolicyOptions: login_screen_dictation_enabled_options
  // 6) Select to speak: login_screen_select_to_speak_enabled
  //    PolicyOptions: login_screen_select_to_speak_enabled_options
  // 7) Cursor highlight: login_screen_cursor_highlight_enabled
  //    PolicyOptions: login_screen_cursor_highlight_enabled_options
  // 8) Caret highlight: login_screen_caret_highlight_enabled
  //    PolicyOptions: login_screen_caret_highlight_enabled_options
  // 9) Mono audio: login_screen_mono_audio_enabled
  //    PolicyOptions: login_screen_mono_audio_enabled_options
  // 10) Autoclick: login_screen_autoclick_enabled
  //    PolicyOptions: login_screen_autoclick_enabled_options
  // 11) Sticky keys: login_screen_sticky_keys_enabled
  //    PolicyOptions: login_screen_sticky_keys_enabled_options
  // 12) Keyboard focus highlight: login_screen_keyboard_focus_highlight_enabled
  //    PolicyOptions: login_screen_keyboard_focus_highlight_enabled_options
  // 13) Screen magnifier: login_screen_screen_magnifier_type
  //    PolicyOptions: login_screen_screen_magnifier_type_options
  // 14) Show options in system tray menu:
  //    login_screen_show_options_in_system_tray_menu_enabled
  //    PolicyOptions: login_screen_sticky_keys_enabled_options
  // 15) Accessibility shortcuts: login_screen_shortcuts_enabled
  //    PolicyOptions: login_screen_shortcuts_enabled_options
  // 16) Face control: login_screen_face_gaze_enabled
  //    PolicyOptions: login_screen_face_gaze_enabled_options
  //
  // For all the aforementioned accessibility policies:
  //  - If this policy is set to true, the accessibility feature will be enabled
  //  when the login screen is shown.
  //  - If the policy is set to false, the accessibility feature will be
  //  disabled when the login screen is shown.
  //  - If the policy is left unset, the accessibility feature is disabled when
  //  the login screen is first shown.
  //  - If the PolicyOptions is set to mandatory, the user won't be able
  //  to change these settings.
  //  - If the PolicyOptions is set to recommended, the user can temporarily
  //  override this setting by enabling or disabling the accessibility feature.
  //  However, the user's choice is not persistent and the default is restored
  //  whenever the login screen is shown anew or the user remains idle on the
  //  login screen for a minute. Users can enable or disable the accessibility
  //  feature anytime and its status on the login screen is persisted between
  //  users.

  optional bool login_screen_large_cursor_enabled = 6;
  optional PolicyOptions login_screen_large_cursor_enabled_options = 7;

  optional bool login_screen_spoken_feedback_enabled = 8;
  optional PolicyOptions login_screen_spoken_feedback_enabled_options = 9;

  optional bool login_screen_high_contrast_enabled = 10;
  optional PolicyOptions login_screen_high_contrast_enabled_options = 11;

  optional bool login_screen_virtual_keyboard_enabled = 12;
  optional PolicyOptions login_screen_virtual_keyboard_enabled_options = 13;

  optional bool login_screen_dictation_enabled = 14;
  optional PolicyOptions login_screen_dictation_enabled_options = 15;

  optional bool login_screen_select_to_speak_enabled = 16;
  optional PolicyOptions login_screen_select_to_speak_enabled_options = 17;

  optional bool login_screen_cursor_highlight_enabled = 18;
  optional PolicyOptions login_screen_cursor_highlight_enabled_options = 19;

  optional bool login_screen_caret_highlight_enabled = 20;
  optional PolicyOptions login_screen_caret_highlight_enabled_options = 21;

  optional bool login_screen_mono_audio_enabled = 22;
  optional PolicyOptions login_screen_mono_audio_enabled_options = 23;

  optional bool login_screen_autoclick_enabled = 24;
  optional PolicyOptions login_screen_autoclick_enabled_options = 25;

  optional bool login_screen_sticky_keys_enabled = 26;
  optional PolicyOptions login_screen_sticky_keys_enabled_options = 27;

  optional bool login_screen_keyboard_focus_highlight_enabled = 28;
  optional PolicyOptions login_screen_keyboard_focus_highlight_enabled_options =
      29;

  optional int64 login_screen_screen_magnifier_type = 30;
  optional PolicyOptions login_screen_screen_magnifier_type_options = 31;

  optional bool login_screen_show_options_in_system_tray_menu_enabled = 32;
  optional PolicyOptions
      login_screen_show_options_in_system_tray_menu_enabled_options = 33;

  optional bool login_screen_shortcuts_enabled = 34;
  optional PolicyOptions login_screen_shortcuts_enabled_options = 35;

  optional bool login_screen_face_gaze_enabled = 36;
  optional PolicyOptions login_screen_face_gaze_enabled_options = 37;
}

message OBSOLETE_SupervisedUsersSettingsProto {
  // Defines whether supervised users can be created on the device.
  optional bool OBSOLETE_supervised_users_enabled = 1 [deprecated = true];
}

message LoginScreenPowerManagementProto {
  // Configures power management on the login screen. The policy should be
  // specified as a string that expresses the individual settings in JSON
  // format, conforming to the following schema:
  // {
  //   "type": "object",
  //   "properties": {
  //     "AC": {
  //       "description": "Power management settings applicable only when
  //                       running on AC power",
  //       "type": "object",
  //       "properties": {
  //         "Delays": {
  //           "type": "object",
  //           "properties": {
  //             "ScreenDim": {
  //               "description": "The length of time without user input after
  //                               which the screen is dimmed, in milliseconds",
  //               "type": "integer",
  //               "minimum": 0
  //             },
  //             "ScreenOff": {
  //               "description": "The length of time without user input after
  //                               which the screen is turned off, in
  //                               milliseconds",
  //               "type": "integer",
  //               "minimum": 0
  //             },
  //             "Idle": {
  //               "description": "The length of time without user input after
  //                               which the idle action is taken, in
  //                               milliseconds",
  //               "type": "integer",
  //               "minimum": 0
  //             }
  //           }
  //         },
  //         "IdleAction": {
  //           "description": "Action to take when the idle delay is reached",
  //           "enum": [ "Suspend", "Shutdown", "DoNothing" ]
  //         }
  //       }
  //     },
  //     "Battery": {
  //       "description": "Power management settings applicable only when
  //                       running on battery power",
  //       "type": "object",
  //       "properties": {
  //         "Delays": {
  //           "type": "object",
  //           "properties": {
  //             "ScreenDim": {
  //               "description": "The length of time without user input after
  //                               which the screen is dimmed, in milliseconds",
  //               "type": "integer",
  //               "minimum": 0
  //             },
  //             "ScreenOff": {
  //               "description": "The length of time without user input after
  //                               which the screen is turned off, in
  //                               milliseconds",
  //               "type": "integer",
  //               "minimum": 0
  //             },
  //             "Idle": {
  //               "description": "The length of time without user input after
  //                               which the idle action is taken, in
  //                               milliseconds",
  //               "type": "integer",
  //               "minimum": 0
  //             }
  //           }
  //         },
  //         "IdleAction": {
  //           "description": "Action to take when the idle delay is reached",
  //           "enum": [ "Suspend", "Shutdown", "DoNothing" ]
  //         }
  //       }
  //     },
  //     "LidCloseAction": {
  //       "description": "Action to take when the lid is closed",
  //       "enum": [ "Suspend", "Shutdown", "DoNothing" ]
  //     },
  //     "UserActivityScreenDimDelayScale": {
  //       "description": "Percentage by which the screen dim delay is scaled
  //                       when user activity is observed while the screen is
  //                       dimmed or soon after the screen has been turned off",
  //       "type": "integer",
  //       "minimum": 0
  //     }
  //   }
  // }
  optional string login_screen_power_management = 1;
}

message AutoCleanupSettigsProto {
  // Deprecated.  There is only one disk-full cleanup strategy: LRU.
  optional string clean_up_strategy = 1;
}

// Settings that control low-level functions of the system.
message SystemSettingsProto {
  // Whether developer mode is allowed on the device. If the device owner sets
  // this flag to true, the system will refuse to boot and show an error screen
  // when the developer switch is turned on.
  optional bool block_devmode = 1;
}

// Settings that control login for SAML users.
message SAMLSettingsProto {
  // Whether cookies set by a SAML IdP should be transferred to users' profiles
  // every time a user authenticates via SAML during login. If false, cookies
  // are transferred during each user's first login only.
  optional bool transfer_saml_cookies = 1;

  // Deprecated. This field has been moved to SAMLUsernameProto.
  optional string OBSOLETE_url_parameter_to_autofill_saml_username = 2
      [deprecated = true];
}

message SAMLUsernameProto {
  // If this policy is not configured or set to a blank string, users will have
  // to manually enter their username on SAML IdP page during online
  // authentication on the sign-in screen and the lock screen.
  // Otherwise, this string is expected to contain a url parameter name which
  // should be used on IdP's login page with user's email as a value to autofill
  // the username.
  optional string url_parameter_to_autofill_saml_username = 1;
}

message RebootOnShutdownProto {
  // Determines whether the device automatically reboots whenever the user shuts
  // it down. If this flag is set to true, shutdown is forbidden and UI elements
  // trigger a device reboot instead of a power off. This policy affects
  // shutdowns triggered from the UI only. If the user shuts down the device
  // using the power button, it will not automatically reboot, even if the
  // policy is enabled.
  optional bool reboot_on_shutdown = 1 [default = false];
}

// Settings that control whether a device would send heartbeat messages to GCM,
// and how frequently to send these.
message DeviceHeartbeatSettingsProto {
  // Whether the device should send heartbeat messages. The default is false.
  optional bool heartbeat_enabled = 1 [default = false];

  // How frequently devices send heartbeats back to server. The unit is in
  // milliseconds. The default is 2 minutes.
  optional int64 heartbeat_frequency = 2 [default = 120000];
}

message ExtensionCacheSizeProto {
  // Specifies the maximum extension cache size, in bytes. The default is 256
  // MiB. The minimum allowed value is 1 MiB, smaller values will get ignored.
  optional int64 extension_cache_size = 1;
}

message LoginScreenDomainAutoCompleteProto {
  // If this policy is not configured or set to a blank string,
  // no autocomplete option during user sign-in flow will be shown.
  // If this policy is set to a string representing a domain name, an
  // autocomplete option during user sign-in will be shown allowing the user
  // to type in only their user name without the domain name extension. The user
  // will be able to overwrite this domain name extension.
  optional string login_screen_domain_auto_complete = 1;
}

// Settings that control whether a device would send system logs to the server.
message DeviceLogUploadSettingsProto {
  // Whether the device should send system logs. The default is false.
  optional bool system_log_upload_enabled = 1 [default = false];
}

// This setting is controlled by the device policy DisplayRotationDefault.
// If the policy is set and therefore display_rotation_default contains a value,
// all displays will be rotated clockwise to the specified orientation at
// reboot, when first connected, or when the setting is changed.
// If the optional field |Rotation display_rotation_default = 1| is not present,
// no changes are done to the rotation.
message DisplayRotationDefaultProto {
  // This enum corresponds to gfx::Display::Rotation in ui/gfx/display.h.
  enum Rotation {
    ROTATE_0 = 0;
    ROTATE_90 = 1;
    ROTATE_180 = 2;
    ROTATE_270 = 3;
  }
  optional Rotation display_rotation_default = 1;
}

// This setting is controlled by the device policy
// DeviceLoginScreenPrivacyScreenEnabled.
message DeviceLoginScreenPrivacyScreenEnabledProto {
  optional bool enabled = 1 [default = false];
}

// This setting is configured by the device policy DeviceDisplayResolution.
// If |device_display_resolution| contains a value, then it's treated as a JSON
// object that uses the schema defined for DeviceDisplayResolution policy.
// Example of the policy value:
// {
//   "external_width": 1920,
//   "external_height": 1080,
//   "external_scale_percentage": 50,
//   "internal_scale_percentage": 150,
//   "recommended": true
// }
// It sets a 1920x1080 display mode for any external displays and
// scales them to 50%, also scales the built-in display to 150%.
// If "recommended" flag is set to true, user is able to override
// any settings via the settings page.
message DeviceDisplayResolutionProto {
  optional string device_display_resolution = 1;
}

// Settings that control whether to allow Chrome to be pinned to a specific
// version according to the auto-launched kiosk app’s requirement.
message AllowKioskAppControlChromeVersionProto {
  optional bool allow_kiosk_app_control_chrome_version = 1 [default = false];
}

// Settings that control the flow of the login authentication to be either via
// GAIA (default), or via an interstitial screen that can redirect to a SAML IdP
// endpoint or return back to the default GAIA flow.
message LoginAuthenticationBehaviorProto {
  enum LoginBehavior {
    GAIA = 0;
    SAML_INTERSTITIAL = 1;
  }

  optional LoginBehavior login_authentication_behavior = 1 [default = GAIA];
}

// Identifiers of a USB device or device family.
message UsbDeviceIdProto {
  // USB Vendor Identifier (aka idVendor).
  optional int32 vendor_id = 1;
  // USB Product Identifier (aka idProduct).
  optional int32 product_id = 2;
}

// This setting contains the list of USB devices to detach from the kernel
// drivers in order to use them in web applications.
// The list is used by the permission_broker daemon.
message UsbDetachableWhitelistProto {
  repeated UsbDeviceIdProto id = 1;
}

// Identifiers of a USB device or device family.
message UsbDeviceIdInclusiveProto {
  // USB Vendor Identifier (aka idVendor).
  optional int32 vendor_id = 1;
  // USB Product Identifier (aka idProduct).
  optional int32 product_id = 2;
}

// This setting contains the list of USB devices to detach from the kernel
// drivers in order to use them in web applications.
// The list is used by the permission_broker daemon.
message UsbDetachableAllowlistProto {
  repeated UsbDeviceIdInclusiveProto id = 1;
}

message AllowBluetoothProto {
  // Policy which controls whether Bluetooth is available.
  optional bool allow_bluetooth = 1 [default = true];
}

message DeviceWiFiAllowedProto {
  // Policy which controls the ability to connect to wireless networks.
  optional bool device_wifi_allowed = 1 [default = true];
}

// Settings that control whether a device can download hardware configuration
// files from the Quirks Server.
message DeviceQuirksDownloadEnabledProto {
  optional bool quirks_download_enabled = 1;
}

// A list of security origins for SAML login pages that are allowed to
// access the webcam.  No login pages will be allowed to access the
// webcam if the list is empty.
message LoginVideoCaptureAllowedUrlsProto {
  repeated string urls = 1;
}

// Settings that control whether a device can connect to a 802.11r enabled
// WiFi network.
message DeviceWiFiFastTransitionEnabledProto {
  optional bool device_wifi_fast_transition_enabled = 1;
}

message NetworkThrottlingEnabledProto {
  optional bool enabled = 1 [default = false];
  optional int32 upload_rate_kbits = 2 [default = 0];
  optional int32 download_rate_kbits = 3 [default = 0];
}

// A list of apps or extensions to install from the webstore on the login page.
// It is a list of strings, each string contains an extension ID and an update
// URL, delimited by a semicolon.
message DeviceLoginScreenExtensionsProto {
  repeated string device_login_screen_extensions = 1;
}

// A boolean indicate if manifest v2 extension is available.
message LoginScreenExtensionManifestV2AvailabilityProto {
  enum Availability {
    DEFAULT = 0;
    DISABLE = 1;
    ENABLE = 2;
    ENABLE_FOR_FORCED_EXTENSIONS = 3;
  }

  optional Availability login_screen_extension_manifest_v2_availability = 1;
}

// A list of allowed locales on the login screen.
message LoginScreenLocalesProto {
  repeated string login_screen_locales = 1;
}

// A list of allowed input methods on the login screen.
message LoginScreenInputMethodsProto {
  repeated string login_screen_input_methods = 1;
}

// The url and hash specified in JSON format that can be used to set the
// device-level wallpaper on the login screen before any user logs in.
message DeviceWallpaperImageProto {
  optional string device_wallpaper_image = 1;
}

message DeviceScreensaverLoginScreenIdleTimeoutSecondsProto {
  optional int64 device_screensaver_login_screen_idle_timeout_seconds = 1;
};

message DeviceScreensaverLoginScreenImageDisplayIntervalSecondsProto {
  optional int64
      device_screensaver_login_screen_image_display_interval_seconds = 1;
};

// A list of URLs referencing the images to be displayed on the
// sign-in screen screensaver.
message DeviceScreensaverLoginScreenImagesProto {
  repeated string device_screensaver_login_screen_images = 1;
};

message DeviceScreensaverLoginScreenEnabledProto {
  optional bool device_screensaver_login_screen_enabled = 1;
};

message DeviceSystemAecEnabledProto {
  optional bool device_system_aec_enabled = 1;
};

// Migration strategy for the case when ARC(N+) needs the ext4 encryption while
// the device used ecryptfs in the past.
message DeviceEcryptfsMigrationStrategyProto {
  enum MigrationStrategy {
    // Default value, unspecified.
    UNSET = 0;
    // ARC is not allowed, no data migration needed.
    DISALLOW_ARC = 1;
    // The data migration is allowed, opening the possibility to use ARC.
    ALLOW_MIGRATION = 2;
  }

  optional MigrationStrategy migration_strategy = 1;
}

// This setting controls how the on-board secure element hardware can be used
// to provide a second-factor authentication in addition to the TPM
// functionality.
message DeviceSecondFactorAuthenticationProto {
  enum U2fMode {
    // Default value, unspecified.
    UNSET = 0;
    // Feature disabled.
    DISABLED = 1;
    // U2F as defined by the FIDO Alliance specification:
    // https://fidoalliance.org/specs/fido-u2f-v1.1-id-20160915.zip
    U2F = 2;
    // U2F plus extensions for individual attestation certificate.
    U2F_EXTENDED = 3;
  }

  optional U2fMode mode = 1;
}

message CastReceiverNameProto {
  // The name advertised as a Google Cast destination by the device,
  // up to 24 characters. If the name is empty, the device name will
  // be used.
  optional string name = 1;
}

// Day of the week and time in milliseconds since the start of the day.
message WeeklyTimeProto {
  enum DayOfWeek {
    DAY_OF_WEEK_UNSPECIFIED = 0;
    MONDAY = 1;
    TUESDAY = 2;
    WEDNESDAY = 3;
    THURSDAY = 4;
    FRIDAY = 5;
    SATURDAY = 6;
    SUNDAY = 7;
  }
  // Day of week.
  optional DayOfWeek day_of_week = 1;
  // Time of day in milliseconds from beginning of the day.
  optional int32 time = 2;
}

// Start and end of an interval represented by WeeklyTimes
message WeeklyTimeIntervalProto {
  optional WeeklyTimeProto start = 1;
  optional WeeklyTimeProto end = 2;
}

// Allow less restricted using of Chromebooks that are managed by school,
// while the device is not at school ("OffHours").
message DeviceOffHoursProto {
  // List of intervals when ignored policies are not applied. These intervals
  // are in the timezone specified by the timezone string.
  repeated WeeklyTimeIntervalProto intervals = 1;
  // Timezone in the same format as SystemTimezoneProto.timezone.
  optional string timezone = 2;
  // List of policy proto tags which settings are ignored during OffHours
  // mode. List contains policy proto tags from ChromeDeviceSettingsProto
  // (i.e. proto tag = 1 means device_policy_refresh_rate policy).
  // Proto tags are used because they are consistent identifiers.
  // During OffHoursMode default settings of ignored policies are used.
  repeated int32 ignored_policy_proto_tags = 3;
}

// The url and hash specified in JSON format that can be used to retrieve
// the device-level printers configuration file.
message DeviceNativePrintersProto {
  // External policy blob encoded as JSON.
  optional string external_policy = 1;
}

// The policy which determines the type of access restriction that is applied to
// the devicel-level printers list.
message DeviceNativePrintersAccessModeProto {
  enum AccessMode {
    ACCESS_MODE_BLACKLIST = 0;  // Use NatvePrintersBlacklistProto.
    ACCESS_MODE_WHITELIST = 1;  // Use NaviePrintersWhitelistProto.
    ACCESS_MODE_ALL = 2;        // Allow access to all specified printers.
  }

  // The type of access which is applied to the device-level printer list.
  optional AccessMode access_mode = 1;
}

// A collection of ids defining the printers which are explicitly disallowed for
// the device.
message DeviceNativePrintersBlacklistProto {
  // A collection of ids for which are explicitly disallowed.
  repeated string blacklist = 1;
}

// A collection of ids defining the printers which are explicitly allowed for
// the device.
message DeviceNativePrintersWhitelistProto {
  // A collection of ids for the list of printers which are accessible.
  repeated string whitelist = 1;
}

// The url and hash specified in JSON format that can be used to retrieve
// the device-level printers configuration file.
message DevicePrintersProto {
  // External policy blob encoded as JSON.
  optional string external_policy = 1;
}

// A collection of ids for the list of print servers which are accessible.
// The policy which determines the type of access restriction that is applied to
// the devicel-level printers list.
message DevicePrintersAccessModeProto {
  enum AccessMode {
    ACCESS_MODE_BLOCKLIST = 0;  // Use DevicePrintersBlocklistProto.
    ACCESS_MODE_ALLOWLIST = 1;  // Use DevicePrintersAllowlistProto.
    ACCESS_MODE_ALL = 2;        // Allow access to all specified printers.
  }

  // The type of access which is applied to the device-level printer list.
  optional AccessMode access_mode = 1;
}

// A collection of ids defining the printers which are explicitly disallowed for
// the device.
message DevicePrintersBlocklistProto {
  // A collection of ids for which are explicitly disallowed.
  repeated string blocklist = 1;
}

// A collection of ids defining the printers which are explicitly allowed for
// the device.
message DevicePrintersAllowlistProto {
  // A collection of ids for the list of printers which are accessible.
  repeated string allowlist = 1;
}

// The url and hash specified in JSON format that can be used to retrieve
// the device-level external print servers configuration file.
message DeviceExternalPrintServersProto {
  // External policy blob encoded as JSON.
  optional string external_policy = 1;
}

// A collection of ids defining the external print servers which are explicitly
// allowed for the device.
message DeviceExternalPrintServersAllowlistProto {
  // A collection of ids for the list of print servers which are accessible.
  repeated string allowlist = 1;
}

// Settings to control the behavior of the TPM firmware update functionality.
message TPMFirmwareUpdateSettingsProto {
  // Whether the user is allowed to invoke the update via powerwash. This flow
  // performs a powerwash operation (which implies a TPM clear), followed by
  // installation of the TPM firmware update. As a result of the powerwash, all
  // writable data on the device will be cleared.
  optional bool allow_user_initiated_powerwash = 1;

  // Whether the user is allowed to invoke a variant of the update flow that
  // clears the TPM to install the firmware update, but preserves device-wide
  // state (including enrollment). User data will not be preserved in this flow.
  optional bool allow_user_initiated_preserve_device_state = 2;

  enum AutoUpdateMode {
    // No value set. Default is NEVER.
    AUTO_UPDATE_MODE_UNSPECIFIED = 0;
    // Don't auto update TPM firmware.
    NEVER = 1;
    // Update firmware at the next reboot after user acknowledges the update.
    USER_ACKNOWLEDGMENT = 2;
    // Update firmware at the next reboot.
    WITHOUT_ACKNOWLEDGMENT = 3;
    // Update firmware after enrollment.
    ENROLLMENT = 4;
  }

  // Controls how automatic firmware updates are enforced for vulnerable
  // firmware. All flows preserve local device state.
  optional AutoUpdateMode auto_update_mode = 3 [default = NEVER];
}

// Settings to control the minimum version that is allowed to sign in / stay
// in session. This is now deprecated from M82 onwards.
message OBSOLETE_MinimumRequiredVersionProto {
  // Value is chrome_version string, e.g. 61.0.3163.120
  // The client will use prefix matching to compare its version against the
  // value of this field.
  optional string OBSOLETE_chrome_version = 1 [deprecated = true];
}

// Specifies a list of rules to automatically select certificates on SAML IdP
// pages on the sign-in screen.
message DeviceLoginScreenAutoSelectCertificateForUrls {
  // Each entry is one rule, which must be a stringified JSON dictionary.
  // Each dictionary must have the form { "pattern": "$URL_PATTERN", "filter" :
  // $FILTER }. $FILTER restricts from which client certificates the browser
  // will automatically select. Independent of the filter, only certificates
  // will be selected that match the server's certificate request. If $FILTER
  // has the form { "ISSUER": { "CN": "$ISSUER_CN" } }, additionally only client
  // certificates are selected that are issued by a certificate with the
  // CommonName $ISSUER_CN. If $FILTER is the empty dictionary {}, the selection
  // of client certificates is not additionally restricted.
  repeated string login_screen_auto_select_certificate_rules = 1;
}

// Setting that controls whether unaffiliated users are allowed to use ARC
// (true by default)
message UnaffiliatedArcAllowedProto {
  optional bool unaffiliated_arc_allowed = 1;
}

// Allowed encryption types for requesting Kerberos tickets from Active
// Directory servers. Applies to Active Directory management mode only.
message DeviceKerberosEncryptionTypesProto {
  enum Types {
    ENC_TYPES_ALL = 0;     // AES + RC4_HMAC.
    ENC_TYPES_STRONG = 1;  // AES only.
    ENC_TYPES_LEGACY = 2;  // RC4_HMAC only.
    // Next ID to use: 3
  }

  optional Types types = 1 [default = ENC_TYPES_STRONG];
}

// Mirrors BacklightColor from the personalization_app.mojom
message KeyboardBacklightColorProto {
  enum BacklightColor {
    BACKLIGHT_UNSPECIFIED = 0;  // Default value for the keyboard color.
    BACKLIGHT_WHITE = 1;
    BACKLIGHT_RED = 2;
    BACKLIGHT_YELLOW = 3;
    BACKLIGHT_GREEN = 4;
    BACKLIGHT_BLUE = 5;
    BACKLIGHT_INDIGO = 6;
    BACKLIGHT_PURPLE = 7;

    BACKLIGHT_RAINBOW =
        100;  // Match values in personalization_app.mojom-shared.h
    // Next ID to use: 101
  }

  optional BacklightColor color = 1 [default = BACKLIGHT_UNSPECIFIED];
}

// Specifies how user policy from device GPOs interacts with user policy from
// user GPOs. In 'MERGE' mode, device GPOs take preference in case of conflicts.
// Applies to Active Directory management mode only.
message DeviceUserPolicyLoopbackProcessingModeProto {
  enum Mode {
    USER_POLICY_MODE_DEFAULT = 0;  // Only take user policy from user GPOs.
    USER_POLICY_MODE_MERGE = 1;    // Merge device GPOs on top of user GPOs.
    USER_POLICY_MODE_REPLACE = 2;  // Only take user policy from device GPOs.
    // Next ID to use: 3
  }

  optional Mode mode = 1 [default = USER_POLICY_MODE_DEFAULT];
}

// Specifies a list of origins. Each of the specified origins will run in its
// own process on the sign-in screen.
message OBSOLETE_DeviceLoginScreenIsolateOriginsProto {
  // A comma-separated list of the origins to be run in a separate process on
  // the sign-in screen.
  // If the value of this policy does not match the value of the user policy
  // IsolateOrigins, the chrome process will be restarted on user sign-in to
  // apply the value specified by the user policy.
  optional string OBSOLETE_isolate_origins = 1 [deprecated = true];
}

// Specifies if each site should run in its own process on the sign-in screen.
message OBSOLETE_DeviceLoginScreenSitePerProcessProto {
  // If true, each site will run in its own process on the sign-in screen.
  // If the value of this policy does not match the value of the user policy
  // SitePerProcess, the chrome process will be restarted on user sign-in to
  // apply the value specified by the user policy.
  optional bool OBSOLETE_site_per_process = 1 [deprecated = true];
}

// Setting to control if running virtual machines on Chrome OS is allowed.
message VirtualMachinesAllowedProto {
  optional bool virtual_machines_allowed = 1;
}

// Specifies if and how often Active Directory machine (computer) account
// passwords are changed in the AuthPolicy daemon in Chrome OS.
// Applies to Active Directory management mode only.
message DeviceMachinePasswordChangeRateProto {
  optional int32 rate_days = 1;
}

// Specifies how long cached Active Directory Group Policy Objects (GPOs) may be
// reused until they are re-downloaded (a version change also forces a
// re-download).
// Applies to Active Directory management mode only.
message DeviceGpoCacheLifetimeProto {
  optional int32 lifetime_hours = 1;
}

// Specifies how long cached Active Directory authentication data may be reused
// until it is refreshed. This can significantly speed up user authentication.
// Applies to Active Directory management mode only.
message DeviceAuthDataCacheLifetimeProto {
  optional int32 lifetime_hours = 1;
}

// Setting that controls whether unaffiliated users are allowed to run Crostini
// (true by default)
message DeviceUnaffiliatedCrostiniAllowedProto {
  optional bool device_unaffiliated_crostini_allowed = 1;
}

// Setting that controls whether PluginVm is allowed to run on this device.
message PluginVmAllowedProto {
  optional bool plugin_vm_allowed = 1;
}

// Setting that specifies PluginVm license key for this device.
message PluginVmLicenseKeyProto {
  optional string plugin_vm_license_key = 1;
}

// Setting that controls whether the device should reboot when user sign out.
message DeviceRebootOnUserSignoutProto {
  enum RebootOnSignoutMode {
    // No value set. Default is NEVER.
    REBOOT_ON_SIGNOUT_MODE_UNSPECIFIED = 0;
    // Do not reboot on signout.
    NEVER = 1;
    // Reboot on signout if an ARC session was active during the user session.
    ARC_SESSION = 2;
    // Always reboot on signout.
    ALWAYS = 3;
    // Reboot on signout if an ARC session was active or a VM was started
    // during the user session.
    VM_STARTED_OR_ARC_SESSION = 4;
  }

  optional RebootOnSignoutMode reboot_on_signout_mode = 1 [default = NEVER];
}

// Obsolete: This policy is not supported starting with M-122.
// Setting that controls whether wilco diagnostics and telemetry controller is
// allowed on this device.
// TODO(b/328547362): Add obsolete prefix after server-side usages are removed.
message DeviceWilcoDtcAllowedProto {
  optional bool device_wilco_dtc_allowed = 1;
}

// Obsolete: This policy is not supported starting with M-122.
// Setting that specifies wilco diagnostics and telemetry controller
// configuration for this device.
// TODO(b/328547362): Add obsolete prefix after server-side usages are removed.
message DeviceWilcoDtcConfigurationProto {
  optional string device_wilco_dtc_configuration = 1;
}

// Settings that control power peak shift policy.
message DevicePowerPeakShiftProto {
  // Setting that controls whether power peak shift is enabled on this device.
  // For details see DevicePowerPeakShiftEnabled.yaml.
  optional bool enabled = 1;

  // Setting that controls power peak shift battery threshold on this device.
  // For details see DevicePowerPeakShiftBatteryThreshold.yaml.
  optional int32 battery_threshold = 2;

  // Setting that controls power peak shift day configs on this device.
  // This is a JSON string, for details see DevicePowerPeakShiftDayConfig.yaml.
  optional string day_configs = 3;
}

// Settings that control boot on AC policy.
message DeviceBootOnAcProto {
  // Setting that controls whether boot on AC is enabled on this device.
  optional bool enabled = 1;
}

// Settings that control device's dock MAC address source.
message DeviceDockMacAddressSourceProto {
  enum Source {
    SOURCE_UNSPECIFIED = 0;
    // Device's designated dock MAC address.
    DEVICE_DOCK_MAC_ADDRESS = 1;
    // Device's built-in NIC MAC address.
    DEVICE_NIC_MAC_ADDRESS = 2;
    // Dock's built-in NIC MAC address.
    DOCK_NIC_MAC_ADDRESS = 3;
  }
  optional Source source = 1;
}

// Settings that control advanced battery charge mode policy.
message DeviceAdvancedBatteryChargeModeProto {
  // Setting that controls whether advanced battery charge mode is enabled on
  // this device.
  // For details see DeviceAdvancedBatteryChargeModeEnabled.yaml.
  optional bool enabled = 1;

  // Setting that controls advanced battery charge mode day config on this
  // device.
  // This is a JSON string, for details see
  // DeviceAdvancedBatteryChargeModeDayConfig.yaml.
  optional string day_configs = 2;
}

// Settings that control battery charge mode policy.
message DeviceBatteryChargeModeProto {
  enum BatteryChargeMode {
    MODE_UNSPECIFIED = 0;
    STANDARD = 1;
    EXPRESS_CHARGE = 2;
    PRIMARILY_AC_USE = 3;
    ADAPTIVE = 4;
    CUSTOM = 5;
  }

  // Setting that controls battery charge mode on this device.
  // For details see DeviceBatteryChargeMode.yaml.
  optional BatteryChargeMode battery_charge_mode = 1;

  // Percent at which charging starts when using CUSTOM.
  // For details see DeviceBatteryChargeCustomStartCharging.yaml.
  optional int32 custom_charge_start = 2;

  // Percent at which charging stops when using CUSTOM.
  // For details see DeviceBatteryChargeCustomStopCharging.yaml.
  optional int32 custom_charge_stop = 3;
}

// Settings that control USB power share policy.
message DeviceUsbPowerShareProto {
  // Setting that controls whether USB power share is enabled on this device.
  optional bool enabled = 1;
}

// Settings that control when a device will wake up and check for updates. These
// checks are recurring. In order to disable a set schedule the policy must be
// removed.
message DeviceScheduledUpdateCheckProto {
  // This is a JSON string, for details see DeviceScheduledUpdateCheck.yaml.
  optional string device_scheduled_update_check_settings = 1;
}

// Settings that control if the device is allowed to powerwash.
message DevicePowerwashAllowedProto {
  // Determines if powerwash is allowed on the device.
  optional bool device_powerwash_allowed = 1;
}

// Settings that controls which devices are whitelisted for certain urls to be
// used via the WebUSB API on the login screen.
message DeviceLoginScreenWebUsbAllowDevicesForUrlsProto {
  // This is a JSON string, for details see
  // DeviceLoginScreenWebUsbAllowDevicesForUrls.yaml.
  optional string device_login_screen_webusb_allow_devices_for_urls = 1;
}

// Settings that control the availability of System-proxy service and the web
// proxy credentials for system services connecting through System-proxy.
message SystemProxySettingsProto {
  // This is a JSON string, for details see SystemProxySettings.yaml.
  optional string system_proxy_settings = 1;
}

// Settings that control what certificates should be privisioned via DM server.
message RequiredClientCertificateForDeviceProto {
  // This is a JSON string, for details see
  // RequiredClientCertificateForDevice.yaml.
  optional string required_client_certificate_for_device = 1;
}

// Setting that controls whether ARC ADB sideloading is allowed for the device.
message DeviceCrostiniArcAdbSideloadingAllowedProto {
  enum AllowanceMode {
    DISALLOW = 0;
    DISALLOW_WITH_POWERWASH = 1;
    ALLOW_FOR_AFFILIATED_USERS = 2;
    // Next ID to use: 3
  }

  optional AllowanceMode mode = 1 [default = DISALLOW];
}

message DeviceShowLowDiskSpaceNotificationProto {
  optional bool device_show_low_disk_space_notification = 1;
}

// Setting that controls whether all Family Link accounts are allowed on the
// device additionally to the accounts listed in UserAllowlistProto.
message DeviceFamilyLinkAccountsAllowedProto {
  optional bool family_link_accounts_allowed = 1 [default = false];
}

// Setting that controls whether ARC data snapshotting is enabled for the device
// and time intervals of updating ARC data snapshot.
message OBSOLETE_DeviceArcDataSnapshotHoursProto {
  // This is a JSON string, for details see
  // DeviceArcDataSnapshotHours.yaml.
  optional string OBSOLETE_arc_data_snapshot_hours = 1 [deprecated = true];
}

// Setting that controls whether system-wide trace collection using the Perfetto
// system tracing service is allowed.
message DeviceSystemWideTracingEnabledProto {
  optional bool enabled = 1 [default = false];
}

// Setting that controls whether data access is enabled for Thunderbolt/USB4
// peripherals. This proto is no longer being used, please use
// DevicePciPeripheralDataAccessEnabledProtoV2.
message DevicePciPeripheralDataAccessEnabledProto {
  optional bool enabled = 1 [default = false];
}

// Setting that controls whether data access is enabled for Thunderbolt/USB4
// peripherals. This replaces DevicePciPeripheralDataAccessEnabledProto. Used
// only for the associated CrosSetting.
message DevicePciPeripheralDataAccessEnabledProtoV2 {
  optional bool enabled = 1;
}

// Setting that controls whether Borealis will be allowed on the device.
message OBSOLETE_DeviceBorealisAllowedProto {
  optional bool allowed = 1 [default = true];
}

message DeviceAllowedBluetoothServicesProto {
  // Policy which controls which service UUID is available.
  repeated string allowlist = 1;
}

// Policy that controls whether packet captures will be allowed on the device.
message DeviceDebugPacketCaptureAllowedProto {
  optional bool allowed = 1;
}

// Settings that control when a device will reboot. The reboots are
// recurring. In order to disable scheduled reboots the policy must be
// removed.
message DeviceScheduledRebootProto {
  // This is a JSON string, for details see DeviceScheduledReboot.yaml.
  optional string device_scheduled_reboot_settings = 1;
}

// Setting that controls whether restricted managed guest session is enabled on
// the device.
message DeviceRestrictedManagedGuestSessionEnabledProto {
  // If this policy is set to true, it will forcefully override certain
  // policies. If it's set to false or not set, then no policies will be
  // overridden.
  optional bool enabled = 1 [default = false];
}

// Setting that controls whether keyboard shortcuts mapping are consistent
// across all international keyboard layouts.
message DeviceI18nShortcutsEnabledProto {
  optional bool enabled = 1 [default = true];
}

// reven board collects hardware data of the device to provide relevant updates.
// Setting that controls whether device hardware data can be also used for other
// purposes.
message RevenDeviceHWDataUsageEnabledProto {
  optional bool hardware_data_usage_enabled = 1 [default = false];
}

// Setting that controls different configurations for the Encrypted Reporting
// Pipeline.
message EncryptedReportingPipelineConfigurationProto {
  // Controls overall functioning of Encrypted Reporting Pipeline: setting it to
  // false would disable the pipeline on a device
  optional bool enabled = 1 [default = true];
}

message DeviceReportXDREventsProto {
  optional bool enabled = 1 [default = false];
}

message DeviceLowBatterySoundProto {
  optional bool enabled = 1;
}

message DeviceChargingSoundsProto {
  optional bool enabled = 1;
}

message DeviceSwitchFunctionKeysBehaviorEnabledProto {
  optional bool enabled = 1;
}

message DeviceFlexHwDataForProductImprovementEnabledProto {
  // Enable sending hardware data specifically for product improvement on
  // managed ChromeOS Flex devices.
  optional bool enabled = 1 [default = true];
}

// Mirrors ExtendedFkeysModifier from the extended_fkeys_modifier.mojom
message OBSOLETE_ExtendedFkeysModifierProto {
  enum OBSOLETE_ExtendedFkeysModifier {
    OBSOLETE_DISABLED = 0;  // Default value for the F11/F12 settings.
    OBSOLETE_ALT = 1;
    OBSOLETE_SHIFT = 2;
    OBSOLETE_CTRL_SHIFT = 3;
  }

  optional OBSOLETE_ExtendedFkeysModifier OBSOLETE_modifier = 1
      [default = OBSOLETE_DISABLED];
}

message ChromeDeviceSettingsProto {
  reserved 61, 71, 90, 131;
  optional DevicePolicyRefreshRateProto device_policy_refresh_rate = 1;
  optional UserWhitelistProto user_whitelist = 2;
  optional GuestModeEnabledProto guest_mode_enabled = 3;
  optional OBSOLETE_DeviceProxySettingsProto device_proxy_settings = 4
      [deprecated = true];
  optional CameraEnabledProto camera_enabled = 5;
  optional ShowUserNamesOnSigninProto show_user_names = 6;
  optional DataRoamingEnabledProto data_roaming_enabled = 7;
  optional AllowNewUsersProto allow_new_users = 8;
  optional MetricsEnabledProto metrics_enabled = 9;
  optional ReleaseChannelProto release_channel = 10;
  optional DeviceOpenNetworkConfigurationProto open_network_configuration = 11;
  optional DeviceReportingProto device_reporting = 12;
  optional EphemeralUsersEnabledProto ephemeral_users_enabled = 13;
  optional OBSOLETE_AppPackProto app_pack = 14 [deprecated = true];
  optional OBSOLETE_ForcedLogoutTimeoutsProto forced_logout_timeouts = 15
      [deprecated = true];
  optional OBSOLETE_ScreenSaverProto login_screen_saver = 16
      [deprecated = true];
  optional AutoUpdateSettingsProto auto_update_settings = 17;
  optional OBSOLETE_StartUpUrlsProto start_up_urls = 18 [deprecated = true];
  optional OBSOLETE_PinnedAppsProto pinned_apps = 19 [deprecated = true];
  optional SystemTimezoneProto system_timezone = 20;
  optional DeviceLocalAccountsProto device_local_accounts = 21;
  optional AllowRedeemChromeOsRegistrationOffersProto allow_redeem_offers = 22;
  optional FeatureFlagsProto feature_flags = 23;
  optional UptimeLimitProto uptime_limit = 24;
  optional VariationsParameterProto variations_parameter = 25;
  optional AttestationSettingsProto attestation_settings = 26;
  optional AccessibilitySettingsProto accessibility_settings = 27;
  optional OBSOLETE_SupervisedUsersSettingsProto supervised_users_settings = 28
      [deprecated = true];
  optional LoginScreenPowerManagementProto login_screen_power_management = 29;
  optional SystemUse24HourClockProto use_24hour_clock = 30;
  optional AutoCleanupSettigsProto auto_clean_up_settings = 31;
  optional SystemSettingsProto system_settings = 32;
  optional SAMLSettingsProto saml_settings = 33;
  optional RebootOnShutdownProto reboot_on_shutdown = 34;
  optional DeviceHeartbeatSettingsProto device_heartbeat_settings = 35;
  optional ExtensionCacheSizeProto extension_cache_size = 36;
  optional LoginScreenDomainAutoCompleteProto
      login_screen_domain_auto_complete = 37;
  optional DeviceLogUploadSettingsProto device_log_upload_settings = 38;
  optional DisplayRotationDefaultProto display_rotation_default = 39;
  optional AllowKioskAppControlChromeVersionProto
      allow_kiosk_app_control_chrome_version = 40;
  optional LoginAuthenticationBehaviorProto login_authentication_behavior = 41;
  optional UsbDetachableWhitelistProto usb_detachable_whitelist = 42;
  optional AllowBluetoothProto allow_bluetooth = 43;
  optional DeviceQuirksDownloadEnabledProto quirks_download_enabled = 44;
  optional LoginVideoCaptureAllowedUrlsProto login_video_capture_allowed_urls =
      45;
  optional DeviceLoginScreenExtensionsProto device_login_screen_extensions = 46;
  optional NetworkThrottlingEnabledProto network_throttling = 47;
  optional DeviceWallpaperImageProto device_wallpaper_image = 48;
  optional LoginScreenLocalesProto login_screen_locales = 49;
  optional LoginScreenInputMethodsProto login_screen_input_methods = 50;
  optional DeviceEcryptfsMigrationStrategyProto
      device_ecryptfs_migration_strategy = 51 [deprecated = true];
  optional DeviceSecondFactorAuthenticationProto
      device_second_factor_authentication = 52;
  optional CastReceiverNameProto cast_receiver_name = 53;
  optional DeviceOffHoursProto device_off_hours = 54;
  optional DeviceNativePrintersProto native_device_printers = 55;
  optional DeviceNativePrintersAccessModeProto
      native_device_printers_access_mode = 56;
  optional DeviceNativePrintersBlacklistProto native_device_printers_blacklist =
      57;
  optional DeviceNativePrintersWhitelistProto native_device_printers_whitelist =
      58;
  optional TPMFirmwareUpdateSettingsProto tpm_firmware_update_settings = 59;
  optional OBSOLETE_MinimumRequiredVersionProto minimum_required_version = 60
      [deprecated = true];
  optional DeviceLoginScreenAutoSelectCertificateForUrls
      device_login_screen_auto_select_certificate_for_urls = 62;
  optional UnaffiliatedArcAllowedProto unaffiliated_arc_allowed = 63;
  optional NetworkHostnameProto network_hostname = 64;
  optional DeviceKerberosEncryptionTypesProto device_kerberos_encryption_types =
      65;
  optional DeviceUserPolicyLoopbackProcessingModeProto
      device_user_policy_loopback_processing_mode = 66;
  optional OBSOLETE_DeviceLoginScreenIsolateOriginsProto
      device_login_screen_isolate_origins = 67 [deprecated = true];
  optional OBSOLETE_DeviceLoginScreenSitePerProcessProto
      device_login_screen_site_per_process = 68 [deprecated = true];
  optional VirtualMachinesAllowedProto virtual_machines_allowed = 69;
  optional DeviceMachinePasswordChangeRateProto
      device_machine_password_change_rate = 70;
  optional DeviceUnaffiliatedCrostiniAllowedProto
      device_unaffiliated_crostini_allowed = 72;
  optional DeviceWiFiFastTransitionEnabledProto
      device_wifi_fast_transition_enabled = 73;
  optional DeviceDisplayResolutionProto device_display_resolution = 74;
  optional PluginVmAllowedProto plugin_vm_allowed = 75;
  optional DeviceGpoCacheLifetimeProto device_gpo_cache_lifetime = 76;
  optional DeviceAuthDataCacheLifetimeProto device_auth_data_cache_lifetime =
      77;
  optional PluginVmLicenseKeyProto plugin_vm_license_key = 78;
  optional DeviceRebootOnUserSignoutProto device_reboot_on_user_signout = 79;
  optional DeviceWilcoDtcAllowedProto device_wilco_dtc_allowed = 80
      [deprecated = true];
  optional DeviceWilcoDtcConfigurationProto device_wilco_dtc_configuration = 81
      [deprecated = true];
  optional DeviceWiFiAllowedProto device_wifi_allowed = 82;
  optional DevicePowerPeakShiftProto device_power_peak_shift = 83;
  optional DeviceBootOnAcProto device_boot_on_ac = 84;
  optional DeviceDockMacAddressSourceProto device_dock_mac_address_source = 85;
  optional DeviceAdvancedBatteryChargeModeProto
      device_advanced_battery_charge_mode = 86;
  optional DeviceBatteryChargeModeProto device_battery_charge_mode = 87;
  optional DeviceUsbPowerShareProto device_usb_power_share = 88;
  optional DeviceScheduledUpdateCheckProto device_scheduled_update_check = 89;
  optional DevicePowerwashAllowedProto device_powerwash_allowed = 91;
  optional DeviceLoginScreenWebUsbAllowDevicesForUrlsProto
      device_login_screen_webusb_allow_devices_for_urls = 92;
  optional BooleanPolicyProto device_login_screen_system_info_enforced = 93;
  optional StringListPolicyProto device_web_based_attestation_allowed_urls = 94;
  optional BooleanPolicyProto device_show_numeric_keyboard_for_password = 95;
  optional BooleanPolicyProto login_screen_primary_mouse_button_switch = 96;
  optional StringPolicyProto device_minimum_version = 97;
  optional SystemProxySettingsProto system_proxy_settings = 98;
  optional IntegerPolicyProto device_chrome_variations_type = 99;
  optional DeviceLoginScreenPrivacyScreenEnabledProto
      device_login_screen_privacy_screen_enabled = 100;
  optional RequiredClientCertificateForDeviceProto
      required_client_certificate_for_device = 101;
  optional DeviceCrostiniArcAdbSideloadingAllowedProto
      device_crostini_arc_adb_sideloading_allowed = 102;
  optional StringPolicyProto device_minimum_version_aue_message = 103;
  optional ManagedGuestSessionPrivacyWarningsProto
      managed_guest_session_privacy_warnings = 104;
  optional DeviceExternalPrintServersProto external_print_servers = 105;
  optional DeviceExternalPrintServersAllowlistProto
      external_print_servers_allowlist = 106;
  optional DevicePrintersAccessModeProto device_printers_access_mode = 107;
  optional DevicePrintersBlocklistProto device_printers_blocklist = 108;
  optional DevicePrintersAllowlistProto device_printers_allowlist = 109;
  optional DevicePrintersProto device_printers = 110;
  optional DeviceShowLowDiskSpaceNotificationProto
      device_show_low_disk_space_notification = 111;
  optional UserAllowlistProto user_allowlist = 112;
  optional UsbDetachableAllowlistProto usb_detachable_allowlist = 113;
  optional DeviceFamilyLinkAccountsAllowedProto family_link_accounts_allowed =
      114;
  optional OBSOLETE_DeviceArcDataSnapshotHoursProto arc_data_snapshot_hours =
      115 [deprecated = true];
  optional BooleanPolicyProto device_allow_mgs_to_store_display_properties =
      116;
  optional DeviceSystemWideTracingEnabledProto
      device_system_wide_tracing_enabled = 117;
  optional DevicePciPeripheralDataAccessEnabledProto
      device_pci_peripheral_data_access_enabled = 118;
  optional OBSOLETE_DeviceBorealisAllowedProto device_borealis_allowed = 119
      [deprecated = true];
  optional DeviceAllowedBluetoothServicesProto
      device_allowed_bluetooth_services = 120;
  optional DeviceDebugPacketCaptureAllowedProto
      device_debug_packet_capture_allowed = 121;
  optional DeviceScheduledRebootProto device_scheduled_reboot = 122;
  optional DevicePciPeripheralDataAccessEnabledProtoV2
      device_pci_peripheral_data_access_enabled_v2 = 123;
  optional DeviceRestrictedManagedGuestSessionEnabledProto
      device_restricted_managed_guest_session_enabled = 124;
  optional HostnameUserConfigurableProto hostname_user_configurable = 125;
  optional BooleanPolicyProto
      login_screen_prompt_on_multiple_matching_certificates = 126;
  optional BooleanPolicyProto kiosk_crx_manifest_update_url_ignored = 127;
  optional DeviceI18nShortcutsEnabledProto device_i18n_shortcuts_enabled = 128;
  optional BooleanPolicyProto chromad_to_cloud_migration_enabled = 129;
  optional RevenDeviceHWDataUsageEnabledProto hardware_data_usage_enabled = 130;
  optional DeviceKeylockerForStorageEncryptionEnabledProto
      keylocker_for_storage_encryption_enabled = 132;
  optional BooleanPolicyProto device_run_automatic_cleanup_on_login = 133;
  optional EncryptedReportingPipelineConfigurationProto
      device_encrypted_reporting_pipeline_enabled = 134;
  optional SAMLUsernameProto saml_username = 135;
  optional StringListPolicyProto
      device_login_screen_context_aware_access_signals_allowlist = 136;
  optional StringPolicyProto device_printing_client_name_template = 137;
  optional DeviceReportXDREventsProto device_report_xdr_events = 138;
  optional KeyboardBacklightColorProto keyboard_backlight_color = 139;
  optional DeviceHindiInscriptLayoutEnabledProto
      device_hindi_inscript_layout_enabled = 140;
  optional LoginScreenExtensionManifestV2AvailabilityProto
      login_screen_extension_manifest_v2_availability = 141;
  optional DeviceScreensaverLoginScreenEnabledProto
      device_screensaver_login_screen_enabled = 142;
  optional DeviceScreensaverLoginScreenIdleTimeoutSecondsProto
      device_screensaver_login_screen_idle_timeout_seconds = 143;
  optional DeviceScreensaverLoginScreenImageDisplayIntervalSecondsProto
      device_screensaver_login_screen_image_display_interval_seconds = 144;
  optional DeviceScreensaverLoginScreenImagesProto
      device_screensaver_login_screen_images = 145;
  optional DeviceSystemAecEnabledProto device_system_aec_enabled = 146;
  optional DeviceLoginScreenGeolocationAccessLevelProto
      device_login_screen_geolocation_access_level = 147;
  optional StringPolicyProto device_login_screen_webhid_allow_devices_for_urls =
      148;
  optional DeviceLowBatterySoundProto device_low_battery_sound = 149;
  optional DeviceChargingSoundsProto device_charging_sounds = 150;
  optional StringListPolicyProto device_authentication_url_blocklist = 151;
  optional StringListPolicyProto device_authentication_url_allowlist = 152;
  optional DeviceSwitchFunctionKeysBehaviorEnabledProto
      device_switch_function_keys_behavior_enabled = 153;
  optional StringListPolicyProto device_dlc_predownload_list = 154;
  optional BooleanPolicyProto device_ephemeral_network_policies_enabled = 155;
  optional OBSOLETE_ExtendedFkeysModifierProto extended_fkeys_modifier = 156
      [deprecated = true];
  optional DeviceFlexHwDataForProductImprovementEnabledProto
      device_flex_hw_data_for_product_improvement_enabled = 157;
  // New rules for device policies (see
  // go/device-policy-generation-future-proofing):
  // * All device policies should use common types (see
  //   policy_common_definitions.proto).
  // * Field names should be the policy name (no underscores).
  // * Field ID should be the policy ID.
  optional BooleanPolicyProto DeviceHardwareVideoDecodingEnabled = 1185;
  optional BooleanPolicyProto DeviceLoginScreenTouchVirtualKeyboardEnabled =
      1194;
  optional BooleanPolicyProto DeviceExtendedAutoUpdateEnabled = 1195;
  optional StringPolicyProto DeviceWeeklyScheduledSuspend = 1209;
  optional IntegerPolicyProto DeviceAuthenticationFlowAutoReloadInterval = 1247;
  optional BooleanPolicyProto DeviceExtensionsSystemLogEnabled = 1252;
  optional BooleanPolicyProto DeviceAllowEnterpriseRemoteAccessConnections =
      1268;
  optional BooleanPolicyProto DevicePostQuantumKeyAgreementEnabled = 1276;
  optional StringPolicyProto DeviceRestrictionSchedule = 1290;
  optional BooleanPolicyProto DeviceNativeClientForceAllowed = 1314
      [deprecated = true];
  optional IntegerPolicyProto DevicePowerBatteryChargingOptimization = 1319;
  optional BooleanPolicyProto DeviceFlexArcPreloadEnabled = 1320;
  optional BooleanPolicyProto DeviceUserInitiatedFirmwareUpdatesEnabled = 1356;
}