Skip to content

Commit

Permalink
Merge pull request #3809 from microsoft/Dev
Browse files Browse the repository at this point in the history
Release 1.23.1018.1
  • Loading branch information
NikCharlebois authored Oct 18, 2023
2 parents 7853dc4 + b6231fa commit 033187e
Show file tree
Hide file tree
Showing 142 changed files with 2,988 additions and 429 deletions.
26 changes: 25 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,27 @@
# Change log for Microsoft365DSC

# 1.23.1018.1

* AADAuthenticationMethodPolicyAuthenticator
* Fixes an issue with the Get method when an assigned group
was deleted.
* AADConditionalAccessPolicy
* Added support for the SigninFrequencyInterval parameter.
* EXODistributionGroup
* Changes the export logic to use PrimarySMTPAddress if provided.
* IntuneAntivirusPolicyWindows10SettingCatalog
* Added "-All" parameter to retrieve all settings from a template.
FIXES [#3722](https://github.com/microsoft/Microsoft365DSC/issues/3722)
* TeamsGroupPolicyAssignment
* Fixes the export of CsGroup, when the display name of a group is included in
another display name.
FIXES [#3736](https://github.com/microsoft/Microsoft365DSC/issues/3736)
* TeamsUserPolicyAssignment
* Initial release.
FIXES [#3777](https://github.com/microsoft/Microsoft365DSC/issues/3777)
* MISC
* Fixes fancy quotes in complex objects for extraction.

# 1.23.1011.1

* AADRoleEligibilityScheduleRequest
Expand All @@ -9,6 +31,8 @@
* Added support for retrieved groups as calendar delegates.
* EXODistributionGroup
* Fixes the export of group membership to use Identity.
* IntuneDeviceConfigurationPolicyWindows10
* Support setting assignment groups by display name
* TeamsUpdateManagementPolicy
* Add support for the new acceptable value for UseNewTeamsClient
(NewTeamsAsDefault).
Expand All @@ -28,7 +52,7 @@
were not managed correctly.
FIXES [#3639](https://github.com/microsoft/Microsoft365DSC/issues/3639)
* AADEntitlementManagementConnectedOrganization
* Fixed [[#3738](https://github.com/microsoft/Microsoft365DSC/issues/3738)]
* FIXES [[#3738](https://github.com/microsoft/Microsoft365DSC/issues/3738)]
* EXOCalendarProcessing
* Initial release.
* EXODistributionGroup
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,12 @@ class MSFT_AADAuthenticationMethodPolicyIncludeTarget
[Write, Description("The kind of entity targeted. Possible values are: user, group."), ValueMap{"user","group","unknownFutureValue"}, Values{"user","group","unknownFutureValue"}] String TargetType;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphExcludeTarget
{
[Write, Description("The object identifier of an Azure AD user or group.")] String Id;
[Write, Description("The type of the authentication method target. Possible values are: user, group, unknownFutureValue."), ValueMap{"user","group","unknownFutureValue"}, Values{"user","group","unknownFutureValue"}] String TargetType;
};
[ClassVersion("1.0.0")]
class MSFT_MicrosoftGraphAuthenticationMethodsRegistrationCampaignIncludeTarget
{
[Write, Description("The object identifier of an Azure AD user or group.")] String Id;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -247,8 +247,12 @@ function Get-TargetResource
$myExcludeTargets = @{}
if ($currentExcludeTargets.id -ne 'all_users')
{
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $currentExcludeTargets.id
$myExcludeTargets.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
$myExcludeTargetsDisplayName = Get-MgGroup -GroupId $currentExcludeTargets.id -ErrorAction SilentlyContinue

if ($null -ne $myIncludeTargetsDisplayName)
{
$myExcludeTargets.Add('Id', $myExcludeTargetsDisplayName.DisplayName)
}
}
else
{
Expand All @@ -271,8 +275,11 @@ function Get-TargetResource
$myIncludeTargets = @{}
if ($currentIncludeTargets.id -ne 'all_users')
{
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $currentIncludeTargets.id
$myIncludeTargets.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
$myIncludeTargetsDisplayName = Get-MgGroup -GroupId $currentIncludeTargets.id -ErrorAction SilentlyContinue
if ($null -ne $myIncludeTargetsDisplayName)
{
$myIncludeTargets.Add('Id', $myIncludeTargetsDisplayName.DisplayName)
}
}
else
{
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -159,6 +159,11 @@ function Get-TargetResource
[System.Boolean]
$SignInFrequencyIsEnabled,

[Parameter()]
[ValidateSet('timeBased', 'everyTime', 'unknownFutureValue')]
[System.String]
$SignInFrequencyInterval,

[Parameter()]
[ValidateSet('Always', 'Never', '')]
[System.String]
Expand Down Expand Up @@ -525,10 +530,12 @@ function Get-TargetResource
if ($Policy.SessionControls.SignInFrequency.IsEnabled)
{
$SignInFrequencyType = [System.String]$Policy.SessionControls.SignInFrequency.Type
$SignInFrequencyIntervalValue = [System.String]$Policy.SessionControls.SignInFrequency.FrequencyInterval
}
else
{
$SignInFrequencyType = $null
$SignInFrequencyIntervalValue = $null
}
if ($Policy.SessionControls.PersistentBrowser.IsEnabled)
{
Expand Down Expand Up @@ -626,6 +633,7 @@ function Get-TargetResource
SignInFrequencyValue = $Policy.SessionControls.SignInFrequency.Value
#no translation or conversion needed, $null returned if undefined
SignInFrequencyType = [System.String]$Policy.SessionControls.SignInFrequency.Type
SignInFrequencyInterval = $SignInFrequencyIntervalValue
#no translation needed
PersistentBrowserIsEnabled = $false -or $Policy.SessionControls.PersistentBrowser.IsEnabled
#make false if undefined, true if true
Expand Down Expand Up @@ -807,6 +815,11 @@ function Set-TargetResource
[System.Boolean]
$SignInFrequencyIsEnabled,

[Parameter()]
[ValidateSet('timeBased', 'everyTime', 'unknownFutureValue')]
[System.String]
$SignInFrequencyInterval,

[Parameter()]
[ValidateSet('Always', 'Never', '')]
[System.String]
Expand Down Expand Up @@ -1421,16 +1434,32 @@ function Set-TargetResource
if ($SignInFrequencyIsEnabled)
{
$SigninFrequencyProp = @{
IsEnabled = $true
Type = $null
Value = $null
isEnabled = $true
type = $null
value = $null
frequencyInterval = $null
}

$sessioncontrols.Add('SignInFrequency', $SigninFrequencyProp)
#create and provision SignInFrequency object if used
$sessioncontrols.SignInFrequency.IsEnabled = $true
$sessioncontrols.SignInFrequency.Type = $SignInFrequencyType
$sessioncontrols.SignInFrequency.Value = $SignInFrequencyValue
$sessioncontrols.SignInFrequency.isEnabled = $true
if ($SignInFrequencyType -ne '')
{
$sessioncontrols.SignInFrequency.type = $SignInFrequencyType
}
else
{
$sessioncontrols.SignInFrequency.Remove("type") | Out-Null
}
if ($SignInFrequencyValue -gt 0)
{
$sessioncontrols.SignInFrequency.value = $SignInFrequencyValue
}
else
{
$sessioncontrols.SignInFrequency.Remove("value") | Out-Null
}
$sessioncontrols.SignInFrequency.frequencyInterval = $SignInFrequencyInterval
}
if ($PersistentBrowserIsEnabled)
{
Expand Down Expand Up @@ -1670,6 +1699,11 @@ function Test-TargetResource
[System.Boolean]
$SignInFrequencyIsEnabled,

[Parameter()]
[ValidateSet('timeBased', 'everyTime', 'unknownFutureValue')]
[System.String]
$SignInFrequencyInterval,

[Parameter()]
[ValidateSet('Always', 'Never', '')]
[System.String]
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ class MSFT_AADConditionalAccessPolicy : OMI_BaseResource
[Write, Description("Client Device Platforms out of scope of the Policy.")] String ExcludePlatforms[];
[Write, Description("AAD Named Locations in scope of the Policy.")] String IncludeLocations[];
[Write, Description("AAD Named Locations out of scope of the Policy.")] String ExcludeLocations[];
[Write, Description("Client Device Filter mode of the Policy."), ValueMap{"include","exclude"}, Values{"include","exclude"}] String DeviceFilterMode;
[Write, Description("Client Device Filter mode of the Policy."), ValueMap{"include","exclude"}, Values{"include","exclude"}] String DeviceFilterMode;
[Write, Description("Client Device Filter rule of the Policy.")] String DeviceFilterRule;
[Write, Description("AAD Identity Protection User Risk Levels in scope of the Policy.")] String UserRiskLevels[];
[Write, Description("AAD Identity Protection Sign-in Risk Levels in scope of the Policy.")] String SignInRiskLevels[];
Expand All @@ -38,6 +38,7 @@ class MSFT_AADConditionalAccessPolicy : OMI_BaseResource
[Write, Description("Custom Controls assigned to the grant property of this policy.")] String CustomAuthenticationFactors[];
[Write, Description("Sign in frequency unit (days/hours) to be interpreted by the policy."), ValueMap{"Days","Hours",""}, Values{"Days","Hours",""}] String SignInFrequencyType;
[Write, Description("Specifies, whether sign-in frequency is enforced by the Policy.")] Boolean SignInFrequencyIsEnabled;
[Write, Description("Sign in frequency interval. Possible values are: timeBased, everyTime and unknownFutureValue."), ValueMap{"timeBased","everyTime","unknownFutureValue"}, Values{"timeBased","everyTime","unknownFutureValue"}] String SignInFrequencyInterval;
[Write, Description("Specifies, whether Browser Persistence is controlled by the Policy.")] Boolean PersistentBrowserIsEnabled;
[Write, Description("Specifies, what Browser Persistence control is enforced by the Policy."), ValueMap{"Always","Never",""}, Values{"Always","Never",""}] String PersistentBrowserMode;
[Write, Description("Name of the associated authentication strength policy.")] String AuthenticationStrength;
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -247,13 +247,37 @@ function Get-TargetResource
{
if ($null -ne $Script:exportedInstances -and $Script:ExportMode)
{
$distributionGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity}
$distributionGroupMembers = Get-DistributionGroupMember -Identity $Identity -ErrorAction Stop -ResultSize Unlimited
if ($null -ne $PrimarySmtpAddress)
{
$distributionGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.PrimarySmtpAddress -eq $PrimarySmtpAddress}
$distributionGroupMembers = Get-DistributionGroupMember -Identity $PrimarySmtpAddress `
-ErrorAction 'Stop' `
-ResultSize 'Unlimited'
}
else
{
$distributionGroup = $Script:exportedInstances | Where-Object -FilterScript {$_.Identity -eq $Identity}
$distributionGroupMembers = Get-DistributionGroupMember -Identity $Identity `
-ErrorAction 'Stop' `
-ResultSize 'Unlimited'
}
}
else
{
$distributionGroup = Get-DistributionGroup -Identity $Identity -ErrorAction Stop
$distributionGroupMembers = Get-DistributionGroupMember -Identity $Identity -ErrorAction Stop -ResultSize Unlimited
if ($null -ne $PrimarySmtpAddress)
{
$distributionGroup = Get-DistributionGroup -Identity $PrimarySmtpAddress -ErrorAction Stop
$distributionGroupMembers = Get-DistributionGroupMember -Identity $PrimarySmtpAddress `
-ErrorAction 'Stop' `
-ResultSize 'Unlimited'
}
else
{
$distributionGroup = Get-DistributionGroup -Identity $Identity -ErrorAction Stop
$distributionGroupMembers = Get-DistributionGroupMember -Identity $Identity `
-ErrorAction 'Stop' `
-ResultSize 'Unlimited'
}
}

if ($null -eq $distributionGroup)
Expand Down Expand Up @@ -645,6 +669,7 @@ function Set-TargetResource
}
$currentParameters.Remove('OrganizationalUnit') | Out-Null
$currentParameters.Remove('Type') | Out-Null
$currentParameters.Remove('Members') | Out-Null

if ($EmailAddresses.Length -gt 0)
{
Expand All @@ -661,7 +686,7 @@ function Set-TargetResource
{
$currentParameters.Identity = $newGroup.Identity
}
Set-DistributionGroup @currentParameters
Set-DistributionGroup @currentParameters -BypassSecurityGroupManagerCheck
}
}

Expand Down Expand Up @@ -984,6 +1009,7 @@ function Export-TargetResource
Write-Host " |---[$i/$($Script:exportedInstances.Count)] $($distributionGroup.Identity)" -NoNewline
$params = @{
Identity = $distributionGroup.Identity
PrimarySmtpAddress = $distributionGroup.PrimarySmtpAddress
Name = $distributionGroup.Name
Credential = $Credential
ApplicationId = $ApplicationId
Expand Down
Binary file not shown.
Original file line number Diff line number Diff line change
Expand Up @@ -1795,7 +1795,7 @@ function Format-M365DSCIntuneSettingCatalogPolicySettings

$settings = @()

$templateSettings = Get-MgBetaDeviceManagementConfigurationPolicyTemplateSettingTemplate -DeviceManagementConfigurationPolicyTemplateId $templateReferenceId
$templateSettings = Get-MgBetaDeviceManagementConfigurationPolicyTemplateSettingTemplate -DeviceManagementConfigurationPolicyTemplateId $templateReferenceId -All

#write-verbose -Message ( $DSCParams|out-string)

Expand Down
Binary file not shown.
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
[ClassVersion("1.0.0.0")]
class MSFT_DeviceManagementConfigurationPolicyAssignments
{
[Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType;
[Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType;
[Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId;
[Write, Description("The group Id that is the target of the assignment.")] String groupId;
[Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId;
[Write, Description("The type of the target assignment."), ValueMap{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}, Values{"#microsoft.graph.groupAssignmentTarget","#microsoft.graph.allLicensedUsersAssignmentTarget","#microsoft.graph.allDevicesAssignmentTarget","#microsoft.graph.exclusionGroupAssignmentTarget","#microsoft.graph.configurationManagerCollectionAssignmentTarget"}] String dataType;
[Write, Description("The type of filter of the target assignment i.e. Exclude or Include. Possible values are:none, include, exclude."), ValueMap{"none","include","exclude"}, Values{"none","include","exclude"}] String deviceAndAppManagementAssignmentFilterType;
[Write, Description("The Id of the filter for the target assignment.")] String deviceAndAppManagementAssignmentFilterId;
[Write, Description("The group Id that is the target of the assignment.")] String groupId;
[Write, Description("The group Display Name that is the target of the assignment.")] String groupDisplayName;
[Write, Description("The collection Id that is the target of the assignment.(ConfigMgr)")] String collectionId;
};

[ClassVersion("1.0.0")]
Expand Down
Binary file not shown.
Loading

0 comments on commit 033187e

Please sign in to comment.