Merge pull request #1001 from microsoft/Dev

Release 1.20.1223.1
microsoft · Dec 23, 2020 · 3afdc86 · 3afdc86
2 parents 8d378f2 + 7d26a24
commit 3afdc86
Show file tree

Hide file tree

Showing 21 changed files with 2,313 additions and 1,102 deletions.
diff --git a/.github/workflows/Unit Tests.yml b/.github/workflows/Unit Tests.yml
@@ -5,7 +5,7 @@ jobs:
   # This workflow contains a single job called "build"
   UnitTests:
     # The type of runner that the job will run on
-    runs-on: self-hosted
+    runs-on: windows-latest
 
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,27 @@
 # Change log for Microsoft365DSC
 
+# 1.20.1223.1
+
+* SPOHubSite
+  * Changed Export logic to make the url parameterized
+  * Updated Get method to prevent throwing an exception
+    when the specified site doesn't exist
+* SPOSite
+  * Updated logic to not process the HubUrl parameter
+    when this is equal to the Url parameter.
+  * Updated export logic to not export the HubUrl
+    parameter when this is equal to the Url parameter.
+  * Fixed issue with incorrectly applying the LocaleId
+* SPOSiteAuditSettings
+  * Changed Export logic to make the url parameterized
+* SPOSiteGroup
+  * Changed Export logic to make the url parameterized
+  * Updated logic to output more explainable troubleshooting
+    messages
+* M365DscReverse
+  * Added the GlobalAccount Parameter to the example
+    that is outputted after using the Export GUI
+
 # 1.20.1216.1
 
 * AADConditionalAccessPolicy

diff --git a/...les/Microsoft365DSC/DSCResources/MSFT_EXOMalwareFilterRule/MSFT_EXOMalwareFilterRule.psm1 b/...les/Microsoft365DSC/DSCResources/MSFT_EXOMalwareFilterRule/MSFT_EXOMalwareFilterRule.psm1
@@ -18,8 +18,8 @@ function Get-TargetResource
         $Enabled,
 
         [Parameter()]
-        [System.String]
-        $ExceptIfRecipientDomainIs,
+        [System.String[]]
+        $ExceptIfRecipientDomainIs = @(),
 
         [Parameter()]
         [System.String[]]
@@ -38,8 +38,8 @@ function Get-TargetResource
         $Priority,
 
         [Parameter()]
-        [System.String]
-        $RecipientDomainIs,
+        [System.String[]]
+        $RecipientDomainIs = @(),
 
         [Parameter()]
         [System.String[]]
@@ -181,8 +181,8 @@ function Set-TargetResource
         $Enabled,
 
         [Parameter()]
-        [System.String]
-        $ExceptIfRecipientDomainIs,
+        [System.String[]]
+        $ExceptIfRecipientDomainIs = @(),
 
         [Parameter()]
         [System.String[]]
@@ -201,8 +201,8 @@ function Set-TargetResource
         $Priority,
 
         [Parameter()]
-        [System.String]
-        $RecipientDomainIs,
+        [System.String[]]
+        $RecipientDomainIs = @(),
 
         [Parameter()]
         [System.String[]]
@@ -302,8 +302,8 @@ function Test-TargetResource
         $Enabled,
 
         [Parameter()]
-        [System.String]
-        $ExceptIfRecipientDomainIs,
+        [System.String[]]
+        $ExceptIfRecipientDomainIs = @(),
 
         [Parameter()]
         [System.String[]]
@@ -322,8 +322,8 @@ function Test-TargetResource
         $Priority,
 
         [Parameter()]
-        [System.String]
-        $RecipientDomainIs,
+        [System.String[]]
+        $RecipientDomainIs = @(),
 
         [Parameter()]
         [System.String[]]

diff --git a/...crosoft365DSC/DSCResources/MSFT_EXOMalwareFilterRule/MSFT_EXOMalwareFilterRule.schema.mof b/...crosoft365DSC/DSCResources/MSFT_EXOMalwareFilterRule/MSFT_EXOMalwareFilterRule.schema.mof
@@ -5,12 +5,12 @@ class MSFT_EXOMalwareFilterRule : OMI_BaseResource
     [Key, Description("The Identity parameter specifies the EXO resource you want to modify.")] String Identity;
     [Write, Description("The Comments parameter specifies informative comments for the rule, such as what the rule is used for or how it has changed over time. The length of the comment can't exceed 1024 characters.")] String Comments;
     [Write, Description("The Enabled parameter enables or disables the malware filter rule. Valid input for this parameter is $true or $false. The default value is $true.")] Boolean Enabled;
-    [Write, Description("The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.")] String ExceptIfRecipientDomainIs;
+    [Write, Description("The ExceptIfRecipientDomainIs parameter specifies an exception that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.")] String ExceptIfRecipientDomainIs[];
     [Write, Description("The ExceptIfSentTo parameter specifies an exception that looks for recipients in messages. You can use any value that uniquely identifies the recipient.")] String ExceptIfSentTo[];
     [Write, Description("The ExceptIfSentToMemberOf parameter specifies an exception that looks for messages sent to members of groups. You can use any value that uniquely identifies the group.")] String ExceptIfSentToMemberOf[];
     [Write, Description("The MalwareFilterPolicy parameter specifies the malware filter policy to apply to messages that match the conditions defined by this malware filter rule.")] String MalwareFilterPolicy;
     [Write, Description("The Priority parameter specifies a priority value for the rule that determines the order of rule processing. A lower integer value indicates a higher priority, the value 0 is the highest priority, and rules can't have the same priority value.")] String Priority;
-    [Write, Description("The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.")] String RecipientDomainIs;
+    [Write, Description("The RecipientDomainIs parameter specifies a condition that looks for recipients with email address in the specified domains. You can specify multiple domains separated by commas.")] String RecipientDomainIs[];
     [Write, Description("The SentTo parameter specifies a condition that looks for recipients in messages. You can use any value that uniquely identifies the recipient.")] String SentTo[];
     [Write, Description("The SentToMemberOf parameter specifies a condition that looks for messages sent to members of distribution groups, dynamic distribution groups, or mail-enabled security groups. You can use any value that uniquely identifies the group.")] String SentToMemberOf[];
     [Write, Description("Specifies if the Malware Filter Rule should exist."), ValueMap{"Present","Absent"}, Values{"Present","Absent"}] String Ensure;

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.psm1
@@ -32,6 +32,10 @@ function Get-TargetResource
         [Boolean]
         $EnableForInternalSenders,
 
+        [Parameter()]
+        [Boolean]
+        $EnableSafeLinksForTeams = $false,
+
         [Parameter()]
         [Boolean]
         $IsEnabled,
@@ -127,6 +131,7 @@ function Get-TargetResource
                 DoNotRewriteUrls         = $SafeLinksPolicy.DoNotRewriteUrls
                 DoNotTrackUserClicks     = $SafeLinksPolicy.DoNotTrackUserClicks
                 EnableForInternalSenders = $SafeLinksPolicy.EnableForInternalSenders
+                EnableSafeLinksForTeams  = $SafeLinksPolicy.EnableSafeLinksForTeams
                 IsEnabled                = $SafeLinksPolicy.IsEnabled
                 ScanUrls                 = $SafeLinksPolicy.ScanUrls
                 Ensure                   = 'Present'
@@ -197,6 +202,10 @@ function Set-TargetResource
         [Boolean]
         $EnableForInternalSenders,
 
+        [Parameter()]
+        [Boolean]
+        $EnableSafeLinksForTeams = $false,
+
         [Parameter()]
         [Boolean]
         $IsEnabled,
@@ -311,6 +320,10 @@ function Test-TargetResource
         [Boolean]
         $EnableForInternalSenders,
 
+        [Parameter()]
+        [Boolean]
+        $EnableSafeLinksForTeams = $false,
+
         [Parameter()]
         [Boolean]
         $IsEnabled,

diff --git a/...s/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.schema.mof b/...s/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/MSFT_EXOSafeLinksPolicy.schema.mof
@@ -9,6 +9,7 @@ class MSFT_EXOSafeLinksPolicy : OMI_BaseResource
     [Write, Description("The DoNotRewriteUrls parameter specifies a URL that's skipped by Safe Links scanning. You can specify multiple values separated by commas.")] String DoNotRewriteUrls[];
     [Write, Description("The DoNotTrackUserClicks parameter specifies whether to track user clicks related to links in email messages. Valid values are: $true: User clicks aren't tracked. This is the default value. $false: User clicks are tracked.")] Boolean DoNotTrackUserClicks;
     [Write, Description("EnableForInternalSenders $true or $false")] Boolean EnableForInternalSenders;
+    [Write, Description("The EnableSafeLinksForTeams parameter specifies whether Safe Links is enabled for Microsoft Teams. Valid values are: $true: Safe Links is enabled for Teams. If a protected user clicks a malicious link in a Teams conversation, group chat, or from channels, a warning page will appear in the default web browser. $false: Safe Links isn't enabled for Teams. This is the default value.")] Boolean EnableSafeLinksForTeams;
     [Write, Description("This parameter specifies whether the rule or policy is enabled. ")] Boolean IsEnabled;
     [Write, Description("The ScanUrls parameter specifies whether to enable or disable the scanning of links in email messages. Valid values are: $true: Scanning links in email messages is enabled. $false: Scanning links in email messages is disabled. This is the default value.")] Boolean ScanUrls;
     [Write, Description("Credentials of the Exchange Global Admin"), EmbeddedInstance("MSFT_Credential")] string GlobalAdminAccount;

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/readme.md b/Modules/Microsoft365DSC/DSCResources/MSFT_EXOSafeLinksPolicy/readme.md
@@ -69,6 +69,15 @@ EnableForInternalSenders
 - Description: This parameter specifies whether the policy is enabled
   for internal senders. $true or $false
 
+EnableSafeLinksForTeams
+
+- Required: No
+- Description: The EnableSafeLinksForTeams parameter specifies whether Safe Links
+  is enabled for Microsoft Teams. Valid values are:
+  $true: Safe Links is enabled for Teams. If a protected user clicks a malicious link in
+  a Teams conversation, group chat, or from channels, a warning page will appear in the default web browser.
+  $false: Safe Links isn't enabled for Teams. This is the default value.
+
 IsEnabled
 
 - Required: No

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOApp/MSFT_SPOApp.psm1
@@ -376,7 +376,7 @@ function Export-TargetResource
                     $Results = Get-TargetResource @Params
                     $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode `
                         -Results $Results
-                    $dscContent = Get-M365DSCExportContentForResource -ResourceName $ResourceName `
+                    $dscContent += Get-M365DSCExportContentForResource -ResourceName $ResourceName `
                         -ConnectionMode $ConnectionMode `
                         -ModulePath $PSScriptRoot `
                         -Results $Results `

diff --git a/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.psm1 b/Modules/Microsoft365DSC/DSCResources/MSFT_SPOHubSite/MSFT_SPOHubSite.psm1
@@ -82,7 +82,7 @@ function Get-TargetResource
     try
     {
         Write-Verbose -Message "Getting hub site collection $Url"
-        $site = Get-PnPTenantSite -Url $Url
+        $site = Get-PnPTenantSite -Url $Url -ErrorAction SilentlyContinue
         if ($null -eq $site)
         {
             Write-Verbose -Message "The specified Site Collection doesn't already exist."
@@ -580,6 +580,22 @@ function Export-TargetResource
         $i = 1
         Write-Host "`r`n" -NoNewline
 
+        $principal = "" # Principal represents the "NetBios" name of the tenant (e.g. the M365DSC part of M365DSC.onmicrosoft.com)
+        if ($null -ne $GlobalAdminAccount -and $GlobalAdminAccount.UserName.Contains("@"))
+        {
+            $organization = $GlobalAdminAccount.UserName.Split("@")[1]
+
+            if ($organization.IndexOf(".") -gt 0)
+            {
+                $principal = $organization.Split(".")[0]
+            }
+        }
+        else
+        {
+            $organization = $TenantId
+            $principal = $organization.Split(".")[0]
+        }
+
         $dscContent = ''
         foreach ($hub in $hubSites)
         {
@@ -598,11 +614,21 @@ function Export-TargetResource
             $Results = Get-TargetResource @Params
             $Results = Update-M365DSCExportAuthenticationResults -ConnectionMode $ConnectionMode `
                 -Results $Results
-            $dscContent += Get-M365DSCExportContentForResource -ResourceName $ResourceName `
+            $partialContent = Get-M365DSCExportContentForResource -ResourceName $ResourceName `
                 -ConnectionMode $ConnectionMode `
                 -ModulePath $PSScriptRoot `
                 -Results $Results `
                 -GlobalAdminAccount $GlobalAdminAccount
+
+            # Make the Url parameterized
+            if ($partialContent.ToLower().Contains($organization.ToLower()) -or `
+                    $partialContent.ToLower().Contains($principal.ToLower()))
+            {
+                $partialContent = $partialContent -ireplace [regex]::Escape('https://' + $principal + '.sharepoint.com/'), "https://`$(`$OrganizationName.Split('.')[0]).sharepoint.com/"
+                $partialContent = $partialContent -ireplace [regex]::Escape("@" + $organization), "@`$(`$OrganizationName)"
+            }
+            $dscContent += $partialContent
+
             Write-Host $Global:M365DSCEmojiGreenCheckMark
             $i++
         }